Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/0EA67F889A5811EF89B18281C4F9AE02.roa
File: 0EA67F889A5811EF89B18281C4F9AE02.roa (raw, json)
Hash identifier: XSFmzeGFBXF5JRP506LJKKPVq+D2foEe1NPsOqxNmmY=
Subject key identifier: 0A:68:F7:88:37:38:B5:C0:B0:55:BA:72:EE:CA:56:FC:9C:90:59:F0
Certificate issuer: /CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD
Certificate serial: 0775
Authority key identifier: D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/0EA67F889A5811EF89B18281C4F9AE02.roa
Signing time: Mon 04 Nov 2024 04:59:16 +0000
ROA not before: Mon 04 Nov 2024 04:59:16 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 55933
IP address blocks: 43.240.12.0/22 maxlen: 24
45.125.12.0/22 maxlen: 24
45.125.32.0/22 maxlen: 24
103.39.108.0/22 maxlen: 24
103.51.144.0/22 maxlen: 24
103.193.148.0/22 maxlen: 24
103.246.244.0/22 maxlen: 24
123.108.108.0/22 maxlen: 24
123.254.104.0/21 maxlen: 24
182.237.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 08:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1909 (0x775)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD
Validity
Not Before: Nov 4 04:59:16 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=672854a4-e311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:05:a6:f5:64:84:41:9c:f9:24:4d:8b:50:c8:
e9:db:de:b7:b2:34:67:2e:84:ed:70:ed:b4:b7:df:
61:64:dc:29:3b:49:5c:9c:f7:aa:84:ac:fb:cd:5a:
fa:c9:42:41:a3:16:37:71:b5:9a:fa:69:9c:7b:47:
95:59:b3:3e:db:29:4e:14:ad:1a:2d:cc:17:b1:9b:
2c:07:27:04:53:c2:7b:85:0c:d6:0e:58:73:c8:b7:
7a:bd:52:85:a7:da:f6:34:3a:86:3a:5d:de:9c:c5:
91:81:78:fd:1f:17:7e:02:a7:a9:27:d4:16:18:18:
fe:38:46:ac:cd:2d:c9:06:54:fb:47:c8:5d:ef:87:
a9:2b:7c:f4:b3:0d:73:8a:97:37:15:ee:73:71:a0:
11:66:bf:d9:9a:f9:c8:91:cc:4b:06:a3:7c:52:d4:
4e:40:cb:2b:cd:54:ad:bb:4c:ce:40:46:ef:15:a7:
d2:56:4d:4c:e8:ae:ae:18:fb:be:ab:8a:df:48:79:
06:aa:32:d2:ff:33:87:a9:d1:a7:c2:a1:68:9a:ac:
6e:3b:81:2f:5f:d0:6d:34:b6:33:cd:40:b1:5e:22:
dc:eb:fb:df:e3:84:3c:c0:2c:a2:66:c2:94:20:7c:
b0:d1:17:67:5e:9c:ec:fb:f6:fe:e4:3b:19:00:80:
ad:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:68:F7:88:37:38:B5:C0:B0:55:BA:72:EE:CA:56:FC:9C:90:59:F0
X509v3 Authority Key Identifier:
keyid:D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/0EA67F889A5811EF89B18281C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.12.0/22
45.125.12.0/22
45.125.32.0/22
103.39.108.0/22
103.51.144.0/22
103.193.148.0/22
103.246.244.0/22
123.108.108.0/22
123.254.104.0/21
182.237.0.0/22
Signature Algorithm: sha256WithRSAEncryption
50:2f:c8:11:66:41:25:83:e1:95:bf:2a:31:73:65:57:b0:c0:
40:e8:ae:38:c6:d2:3a:9e:40:db:5e:b6:90:7e:08:e0:e9:33:
ce:fa:e7:29:1c:00:c9:2d:a7:08:f8:93:81:84:27:a7:3a:bc:
fc:39:33:30:d1:b9:f4:c9:6a:c9:ab:b8:00:6b:70:ee:9f:54:
37:59:e8:09:b9:84:c1:d3:98:e4:1d:96:9c:4b:45:22:36:18:
3a:bd:d6:15:a5:33:1d:78:c5:42:60:cf:26:ea:30:3c:4c:03:
5b:7a:7d:f7:7d:f2:e6:2c:4e:2b:5b:e9:f1:2e:57:5e:03:b4:
e9:f1:b8:5b:e5:20:a3:fc:0e:c9:b0:44:81:82:7e:4e:c1:50:
21:b9:74:c8:3b:c4:d7:db:ea:d0:da:64:4b:8b:4d:bb:4c:71:
a5:b6:5e:71:1d:08:61:13:93:cc:64:8b:a4:26:1a:82:6c:48:
ce:0d:66:77:f3:50:ee:1d:75:2d:b9:61:15:4b:87:99:05:ed:
0c:9c:79:00:21:8c:0d:99:95:6a:08:fa:17:11:ae:b7:5d:75:
f9:98:81:4c:e0:23:58:23:9a:84:ed:e4:53:be:e3:b4:0d:90:
63:c0:5b:7c:90:41:58:84:5c:a4:77:b0:2d:ef:64:4f:d8:09:
1e:26:f0:83
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICB3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzk3QzIxMTAvBgNVBAUTKEQzRDE1QUVFOUE0RjhBRTVDMjgxMTA4QTdEMkQzQUQ4
MUQ0RTc5Q0QwHhcNMjQxMTA0MDQ1OTE2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI4NTRhNC1lMzExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtAWm9WSEQZz5JE2LUMjp2963sjRnLoTtcO20t99hZNwpO0lcnPeqhKz7zVr6
yUJBoxY3cbWa+mmce0eVWbM+2ylOFK0aLcwXsZssBycEU8J7hQzWDlhzyLd6vVKF
p9r2NDqGOl3enMWRgXj9Hxd+AqepJ9QWGBj+OEaszS3JBlT7R8hd74epK3z0sw1z
ipc3Fe5zcaARZr/ZmvnIkcxLBqN8UtROQMsrzVStu0zOQEbvFafSVk1M6K6uGPu+
q4rfSHkGqjLS/zOHqdGnwqFomqxuO4EvX9BtNLYzzUCxXiLc6/vf44Q8wCyiZsKU
IHyw0RdnXpzs+/b+5DsZAICtXQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFApo94g3
OLXAsFW6cu7KVvyckFnwMB8GA1UdIwQYMBaAFNPRWu6aT4rlwoEQin0tOtgdTnnN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTdDMi80RTQyNkRFOEZC
RUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1WENnUkNLZlMwNjJCMU9l
YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzA5RmE3cHBQaXVYQ2dSQ0tmUzA2MkIxT2VjMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzk3QzIvNEU0MjZERThGQkVBMTFFQTk0MEExRDE5QzRGOUFFMDIvMEVBNjdGODg5
QTU4MTFFRjg5QjE4MjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAIr8AwDBAItfQwDBAItfSADBAJnJ2wDBAJnM5ADBAJnwZQD
BAJn9vQDBAJ7bGwDBAN7/mgDBAK27QAwDQYJKoZIhvcNAQELBQADggEBAFAvyBFm
QSWD4ZW/KjFzZVewwEDorjjG0jqeQNtetpB+CODpM8765ykcAMktpwj4k4GEJ6c6
vPw5MzDRufTJasmruABrcO6fVDdZ6Am5hMHTmOQdlpxLRSI2GDq91hWlMx14xUJg
zybqMDxMA1t6ffd98uYsTitb6fEuV14DtOnxuFvlIKP8DsmwRIGCfk7BUCG5dMg7
xNfb6tDaZEuLTbtMcaW2XnEdCGETk8xki6QmGoJsSM4NZnfzUO4ddS25YRVLh5kF
7QyceQAhjA2ZlWoI+hcRrrdddfmYgUzgI1gjmoTt5FO+47QNkGPAW3yQQViEXKR3
sC3vZE/YCR4m8IM=
-----END CERTIFICATE-----
Generated at Mon Nov 4 10:08:01 2024 by rpki-client on console-fra.rpki-client.org