Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F97B22944D3711EEAEC1C322C4F9AE02.roa
File: F97B22944D3711EEAEC1C322C4F9AE02.roa (raw, json)
Hash identifier: 6NSN62yA02Qqpf2z1C9C/st/OIQUiiZCrTn+C1PpWEc=
Subject key identifier: B5:0B:B5:CD:07:EC:4B:64:E5:AB:F9:9A:60:2E:C8:F2:C2:1E:43:53
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 062E
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F97B22944D3711EEAEC1C322C4F9AE02.roa
Signing time: Tue 03 Sep 2024 01:14:14 +0000
ROA not before: Tue 03 Sep 2024 01:14:14 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 201217
IP address blocks: 43.255.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Sep 2024 23:25:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1582 (0x62e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 3 01:14:14 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66d662e6-990c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d3:34:54:15:2a:bc:5c:fa:01:5a:7e:15:01:
03:b8:97:63:df:b0:7e:01:3a:fb:7d:d1:53:a4:dd:
d8:e6:d9:15:36:5b:61:fa:91:1e:79:a3:14:e6:1b:
94:98:cc:08:13:91:95:17:da:e5:3a:70:b3:e3:38:
c2:4d:07:8c:a8:3d:93:b7:f6:5d:c4:95:10:4f:07:
4b:ba:a6:7d:52:86:f2:4e:92:d2:8b:5c:b0:33:8c:
26:b1:0a:2e:d1:80:23:34:e2:c0:08:a1:a4:e0:99:
3d:fe:f3:79:b9:f1:ca:84:e6:71:1e:45:77:cc:13:
5c:19:26:b5:86:e7:df:72:ad:aa:47:bc:11:97:ee:
40:23:35:dd:6f:5d:78:5b:d8:80:43:6d:4e:a6:79:
80:48:70:69:9f:1f:4e:8a:58:bd:a5:d2:ba:3a:74:
c0:60:0a:a5:32:93:95:1c:f6:80:34:c2:80:dc:d3:
42:a2:48:e0:00:2c:19:97:3f:0b:ce:70:24:f5:f3:
57:c2:25:57:bd:68:2f:65:5f:c9:54:2f:35:dc:3d:
63:02:43:c2:47:c5:07:38:cb:ce:4a:25:95:22:00:
c6:1a:48:e5:3e:ce:d4:f1:5a:ac:4c:0c:31:2f:03:
c2:e2:5e:9a:da:19:29:5e:98:f5:10:22:c9:13:f0:
51:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:0B:B5:CD:07:EC:4B:64:E5:AB:F9:9A:60:2E:C8:F2:C2:1E:43:53
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F97B22944D3711EEAEC1C322C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.121.0/24
Signature Algorithm: sha256WithRSAEncryption
93:3f:80:d2:81:c6:6e:7a:9a:00:62:14:d3:c1:c3:71:57:28:
5e:b0:7e:b2:40:69:9e:f8:3a:2c:47:35:79:10:35:f3:d7:44:
54:67:0c:e7:9c:99:e0:77:06:ca:b7:7b:b4:e5:e8:36:a5:c9:
9e:df:2e:a5:a1:2a:1d:71:fb:64:17:ea:f6:21:bb:1f:99:ac:
a8:cf:92:2f:a1:db:00:d9:22:12:cc:43:b0:76:74:b0:cc:d6:
68:b9:09:6c:bb:97:37:8f:dc:74:c3:8e:d3:42:ce:c5:8f:b0:
bb:e0:57:b8:ed:41:08:fe:05:ba:77:58:10:44:f0:9b:8b:44:
d1:39:12:78:be:01:57:40:38:bc:aa:ee:42:86:bf:ff:56:86:
04:15:c7:2a:f6:0d:3e:2c:ad:a9:0e:4c:fd:f2:4b:37:d8:89:
ed:e4:c4:14:42:58:fd:ae:44:6a:c3:11:ef:50:ad:0a:04:d9:
72:11:12:82:c9:90:9d:cc:18:18:01:fc:90:33:2b:89:b4:34:
fd:0f:f8:38:c0:43:4f:e0:19:1f:e6:ad:09:df:b4:76:4d:72:
36:82:ae:99:0d:25:4e:67:14:9e:f9:d1:36:06:6c:11:bf:ad:
af:50:7c:f3:8f:13:ec:4e:3f:44:3f:06:2f:de:c5:d2:32:71:
ab:0d:91:e2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjQwOTAzMDExNDE0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2NjJlNi05OTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn9M0VBUqvFz6AVp+FQEDuJdj37B+ATr7fdFTpN3Y5tkVNlth+pEeeaMU5huU
mMwIE5GVF9rlOnCz4zjCTQeMqD2Tt/ZdxJUQTwdLuqZ9UobyTpLSi1ywM4wmsQou
0YAjNOLACKGk4Jk9/vN5ufHKhOZxHkV3zBNcGSa1huffcq2qR7wRl+5AIzXdb114
W9iAQ21OpnmASHBpnx9Oili9pdK6OnTAYAqlMpOVHPaANMKA3NNCokjgACwZlz8L
znAk9fNXwiVXvWgvZV/JVC813D1jAkPCR8UHOMvOSiWVIgDGGkjlPs7U8VqsTAwx
LwPC4l6a2hkpXpj1ECLJE/BRUwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLULtc0H
7Etk5av5mmAuyPLCHkNTMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRjk3QjIyOTQ0
RDM3MTFFRUFFQzFDMzIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/3kwDQYJKoZIhvcNAQELBQADggEBAJM/gNKBxm56mgBi
FNPBw3FXKF6wfrJAaZ74OixHNXkQNfPXRFRnDOecmeB3Bsq3e7Tl6DalyZ7fLqWh
Kh1x+2QX6vYhux+ZrKjPki+h2wDZIhLMQ7B2dLDM1mi5CWy7lzeP3HTDjtNCzsWP
sLvgV7jtQQj+Bbp3WBBE8JuLRNE5Eni+AVdAOLyq7kKGv/9WhgQVxyr2DT4srakO
TP3ySzfYie3kxBRCWP2uRGrDEe9QrQoE2XIREoLJkJ3MGBgB/JAzK4m0NP0P+DjA
Q0/gGR/mrQnftHZNcjaCrpkNJU5nFJ750TYGbBG/ra9QfPOPE+xOP0Q/Bi/exdIy
casNkeI=
-----END CERTIFICATE-----
Generated at Mon Sep 30 02:01:09 2024 by rpki-client on console-ams.rpki-client.org