Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/FA5B99004D3711EEAEC1C322C4F9AE02.roa
File: FA5B99004D3711EEAEC1C322C4F9AE02.roa (raw, json)
Hash identifier: w/fCoTmgskEIJhHpseik5GftGnzzWZK89mgLP6vxpdY=
Subject key identifier: 0D:AC:1A:09:E3:CE:B6:13:3E:8E:E6:1F:0A:26:B3:34:00:4A:8B:F8
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 04D2
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/FA5B99004D3711EEAEC1C322C4F9AE02.roa
Signing time: Thu 07 Sep 2023 04:35:31 +0000
ROA not before: Thu 07 Sep 2023 04:35:31 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 834
IP address blocks: 43.254.167.0/24 maxlen: 24
43.255.122.0/23 maxlen: 24
43.255.156.0/24 maxlen: 24
103.24.216.0/23 maxlen: 24
103.231.58.0/23 maxlen: 24
103.240.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Sep 2023 18:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1234 (0x4d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 7 04:35:31 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64f95313-996b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0e:d6:4a:df:cf:e3:2d:b5:40:71:35:74:ec:
14:c9:6d:b7:6d:01:f2:6d:6e:42:45:2c:f4:a6:c9:
da:61:35:ae:69:ea:7b:f4:7f:05:4c:58:a3:a9:b9:
0c:44:54:73:60:6d:88:a7:12:8b:27:2f:80:6c:59:
0c:30:c3:39:d0:87:4d:48:af:0e:dd:64:db:62:7f:
bc:cb:06:03:15:1e:5a:70:3e:28:04:1b:1c:51:1e:
83:42:73:66:9a:b2:df:55:d4:38:a2:f7:29:2f:a1:
59:0d:d7:a4:a3:6e:28:31:df:4d:43:17:2c:d1:70:
ab:24:22:76:03:be:c9:c8:72:b1:d3:46:d5:6d:76:
7b:74:a4:e5:0a:22:4e:f3:c9:ce:84:b9:fd:33:a5:
45:8b:a8:7f:32:d6:c9:08:ca:02:28:04:73:43:ee:
74:b8:69:d4:ba:ae:17:44:f5:32:d4:2b:f5:c7:c3:
14:b1:25:2c:70:a5:f6:a7:c6:ac:7a:26:b1:43:b6:
dc:35:5d:97:3a:0d:4e:cd:4f:03:e8:e1:aa:1a:47:
44:e9:dc:93:c0:1a:61:8b:aa:50:44:e5:84:05:93:
f2:43:85:01:a2:cc:f0:80:c7:56:61:0e:b6:19:df:
3a:3c:e6:b8:80:b1:01:6a:c2:70:82:d8:08:b4:f7:
a1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:AC:1A:09:E3:CE:B6:13:3E:8E:E6:1F:0A:26:B3:34:00:4A:8B:F8
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/FA5B99004D3711EEAEC1C322C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.167.0/24
43.255.122.0/23
43.255.156.0/24
103.24.216.0/23
103.231.58.0/23
103.240.198.0/24
Signature Algorithm: sha256WithRSAEncryption
be:be:ff:02:31:2e:dd:3e:09:61:f8:00:8a:04:02:22:f5:77:
73:62:83:69:3e:a7:3e:68:05:64:0d:d5:60:29:f0:db:07:2a:
55:14:f4:b4:27:87:e7:66:79:b7:92:53:5c:78:85:e2:b7:23:
57:53:77:a0:40:ac:9e:cb:ef:7a:d2:3d:5b:38:24:4c:92:b9:
38:59:e3:87:90:cf:dc:ee:7c:ee:c5:56:80:4c:f8:f2:34:48:
33:d4:a6:f4:2d:2d:9b:9c:83:75:79:8a:a3:ed:c5:d1:eb:d5:
c1:a6:28:7d:48:4c:70:bb:31:af:c4:1d:e6:b5:13:28:4d:78:
85:e8:70:0d:f8:03:e2:b9:85:4d:1b:f1:a0:38:7c:d3:e2:0b:
f1:22:08:14:4b:fd:40:ec:5a:32:88:62:a8:2e:5d:b5:1f:c1:
3f:b2:d2:96:71:34:0b:68:8c:1b:4b:bc:d9:72:2d:fe:6d:15:
a6:65:69:2f:7b:00:72:47:ff:68:a8:a4:ce:83:e4:24:61:b5:
a9:9e:6b:ca:c8:26:98:84:b5:4f:43:1c:64:57:7d:0a:8d:bd:
92:09:fc:17:ff:8d:51:56:25:5f:52:10:11:e9:ae:f4:71:7a:
de:d5:72:77:c4:c1:2d:24:04:7b:53:4b:4c:04:3c:08:f3:f4:
4e:a8:8b:6b
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwOTA3MDQzNTMxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY5NTMxMy05OTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5A7WSt/P4y21QHE1dOwUyW23bQHybW5CRSz0psnaYTWuaep79H8FTFijqbkM
RFRzYG2IpxKLJy+AbFkMMMM50IdNSK8O3WTbYn+8ywYDFR5acD4oBBscUR6DQnNm
mrLfVdQ4ovcpL6FZDdeko24oMd9NQxcs0XCrJCJ2A77JyHKx00bVbXZ7dKTlCiJO
88nOhLn9M6VFi6h/MtbJCMoCKARzQ+50uGnUuq4XRPUy1Cv1x8MUsSUscKX2p8as
eiaxQ7bcNV2XOg1OzU8D6OGqGkdE6dyTwBphi6pQROWEBZPyQ4UBoszwgMdWYQ62
Gd86POa4gLEBasJwgtgItPehXQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFA2sGgnj
zrYTPo7mHwomszQASov4MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRkE1Qjk5MDA0
RDM3MTFFRUFFQzFDMzIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAAr/qcDBAEr/3oDBAAr/5wDBAFnGNgDBAFn5zoDBABn8MYw
DQYJKoZIhvcNAQELBQADggEBAL6+/wIxLt0+CWH4AIoEAiL1d3Nig2k+pz5oBWQN
1WAp8NsHKlUU9LQnh+dmebeSU1x4heK3I1dTd6BArJ7L73rSPVs4JEySuThZ44eQ
z9zufO7FVoBM+PI0SDPUpvQtLZucg3V5iqPtxdHr1cGmKH1ITHC7Ma/EHea1EyhN
eIXocA34A+K5hU0b8aA4fNPiC/EiCBRL/UDsWjKIYqguXbUfwT+y0pZxNAtojBtL
vNlyLf5tFaZlaS97AHJH/2iopM6D5CRhtamea8rIJpiEtU9DHGRXfQqNvZIJ/Bf/
jVFWJV9SEBHprvRxet7VcnfEwS0kBHtTS0wEPAjz9E6oi2s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org