Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914365D/D6D5237CC79B11EA82F1C91DC4F9AE02/D015DB746A6611ED89AE592DC4F9AE02.roa
File: D015DB746A6611ED89AE592DC4F9AE02.roa (raw, json)
Hash identifier: D7G73E3QrXU6ZAZWfRdeoypbrVPd8FKewTKwMpwlwwg=
Subject key identifier: 55:A4:D4:96:3E:AA:78:92:26:53:5E:3E:7C:33:3E:C3:63:87:13:4A
Certificate issuer: /CN=A914365D/serialNumber=B67922EC3957C9F87DA11E2248BD46D4A0B1C3F0
Certificate serial: 0702
Authority key identifier: B6:79:22:EC:39:57:C9:F8:7D:A1:1E:22:48:BD:46:D4:A0:B1:C3:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnki7DlXyfh9oR4iSL1G1KCxw_A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914365D/D6D5237CC79B11EA82F1C91DC4F9AE02/D015DB746A6611ED89AE592DC4F9AE02.roa
Signing time: Fri 02 Jun 2023 23:35:36 +0000
ROA not before: Fri 02 Jun 2023 23:35:36 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 58779
IP address blocks: 43.251.34.0/23 maxlen: 23
103.25.254.0/23 maxlen: 23
103.25.254.0/24 maxlen: 24
103.25.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1794 (0x702)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914365D/serialNumber=B67922EC3957C9F87DA11E2248BD46D4A0B1C3F0
Validity
Not Before: Jun 2 23:35:36 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=647a7cc7-7a18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:61:b5:dc:63:b1:24:d6:ae:73:a7:8e:3e:b9:
69:37:6c:e9:72:c6:bc:b9:74:b6:53:dd:3a:67:e1:
7c:57:bf:59:53:6d:1f:b2:fd:2c:e5:47:f8:11:77:
a5:e7:f0:a8:c7:59:5a:23:d8:5d:14:51:da:a4:80:
be:10:63:d5:87:5a:e8:d0:dd:af:55:ee:00:dc:e3:
75:19:cd:06:27:33:c9:ad:0a:9b:4b:70:40:03:77:
f9:ba:f4:1f:95:8a:6f:14:fa:67:9d:8a:21:07:16:
97:55:67:d2:81:7e:82:dd:8d:60:a5:0a:58:3e:d2:
b5:0f:04:a7:6c:9c:8a:67:79:45:a3:3e:59:66:c7:
7b:e9:b6:19:ae:d3:ba:31:59:91:43:d1:56:c3:7a:
08:8e:36:6a:84:89:e3:d7:5b:08:22:bd:5a:7d:9e:
1c:54:bd:3f:98:1a:0a:9c:23:c7:84:14:ac:b8:c8:
4a:78:1e:50:b4:2b:5e:c7:56:6e:f7:a5:43:b9:89:
d1:50:e8:a9:02:a9:63:09:ca:9d:dc:06:db:a2:75:
81:d0:11:24:39:e4:d5:db:dc:1a:a2:18:4c:29:fa:
a4:08:f5:57:c8:4a:3e:9f:5f:f4:d4:00:87:b5:67:
cb:ba:99:4f:94:3e:d1:6e:3e:4f:ec:d7:a1:f0:75:
29:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A4:D4:96:3E:AA:78:92:26:53:5E:3E:7C:33:3E:C3:63:87:13:4A
X509v3 Authority Key Identifier:
keyid:B6:79:22:EC:39:57:C9:F8:7D:A1:1E:22:48:BD:46:D4:A0:B1:C3:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914365D/D6D5237CC79B11EA82F1C91DC4F9AE02/tnki7DlXyfh9oR4iSL1G1KCxw_A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnki7DlXyfh9oR4iSL1G1KCxw_A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914365D/D6D5237CC79B11EA82F1C91DC4F9AE02/D015DB746A6611ED89AE592DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.34.0/23
103.25.254.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:f0:84:c3:0f:af:fa:56:2d:24:bd:9e:99:b4:a0:fb:b1:de:
61:ca:f2:67:ca:92:33:ec:7e:b4:f9:aa:7e:6d:98:c5:08:36:
74:e8:1e:4e:2d:4a:2f:74:f1:a2:fa:30:69:0e:72:e1:be:38:
03:fe:cd:41:71:20:59:24:8a:0a:7b:71:fb:0a:bb:5f:02:9d:
79:ff:28:ef:8c:59:c1:22:e3:47:95:f1:93:03:8e:e0:4d:f4:
b8:bc:3d:88:38:9a:e3:2c:e8:00:ee:0d:27:f9:6e:81:b3:43:
7d:dc:8f:06:31:3f:b3:d0:95:05:fe:f0:49:ac:4f:6c:50:41:
02:1d:96:0b:e0:61:45:e3:1b:6e:ed:5b:55:54:73:50:cb:7d:
9c:14:dd:3e:b6:db:1a:fd:77:9a:eb:19:86:8f:b8:5b:8c:e0:
d1:df:80:29:61:4c:9b:1c:5d:27:b5:25:45:f7:1b:94:f7:cd:
14:8b:f3:d2:8a:97:3f:e0:76:d5:a6:82:23:3f:d5:93:6f:64:
07:50:26:3c:47:b9:9f:cc:5e:29:7a:83:52:56:c1:c8:45:65:
e5:e8:f0:59:cb:a3:67:bd:b6:ec:b6:a8:d9:44:79:9d:01:9b:
ad:6b:e2:9b:9d:b3:29:97:87:73:0b:7e:4e:28:73:e0:87:72:
6f:f7:f5:9e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBwIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDM2NUQxMTAvBgNVBAUTKEI2NzkyMkVDMzk1N0M5Rjg3REExMUUyMjQ4QkQ0NkQ0
QTBCMUMzRjAwHhcNMjMwNjAyMjMzNTM2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdhN2NjNy03YTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3GG13GOxJNauc6eOPrlpN2zpcsa8uXS2U906Z+F8V79ZU20fsv0s5Uf4EXel
5/Cox1laI9hdFFHapIC+EGPVh1ro0N2vVe4A3ON1Gc0GJzPJrQqbS3BAA3f5uvQf
lYpvFPpnnYohBxaXVWfSgX6C3Y1gpQpYPtK1DwSnbJyKZ3lFoz5ZZsd76bYZrtO6
MVmRQ9FWw3oIjjZqhInj11sIIr1afZ4cVL0/mBoKnCPHhBSsuMhKeB5QtCtex1Zu
96VDuYnRUOipAqljCcqd3AbbonWB0BEkOeTV29waohhMKfqkCPVXyEo+n1/01ACH
tWfLuplPlD7Rbj5P7Neh8HUpXQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFWk1JY+
qniSJlNePnwzPsNjhxNKMB8GA1UdIwQYMBaAFLZ5Iuw5V8n4faEeIki9RtSgscPw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MzY1RC9ENkQ1MjM3Q0M3
OUIxMUVBODJGMUM5MURDNEY5QUUwMi90bmtpN0RsWHlmaDlvUjRpU0wxRzFLQ3h3
X0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Rua2k3RGxYeWZoOW9SNGlTTDFHMUtDeHdfQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDM2NUQvRDZENTIzN0NDNzlCMTFFQTgyRjFDOTFEQzRGOUFFMDIvRDAxNURCNzQ2
QTY2MTFFRDg5QUU1OTJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEr+yIDBAFnGf4wDQYJKoZIhvcNAQELBQADggEBALjwhMMP
r/pWLSS9npm0oPux3mHK8mfKkjPsfrT5qn5tmMUINnToHk4tSi908aL6MGkOcuG+
OAP+zUFxIFkkigp7cfsKu18CnXn/KO+MWcEi40eV8ZMDjuBN9Li8PYg4muMs6ADu
DSf5boGzQ33cjwYxP7PQlQX+8EmsT2xQQQIdlgvgYUXjG27tW1VUc1DLfZwU3T62
2xr9d5rrGYaPuFuM4NHfgClhTJscXSe1JUX3G5T3zRSL89KKlz/gdtWmgiM/1ZNv
ZAdQJjxHuZ/MXil6g1JWwchFZeXo8FnLo2e9tuy2qNlEeZ0Bm61r4pudsymXh3ML
fk4oc+CHcm/39Z4=
-----END CERTIFICATE-----
Generated at Fri Oct 20 07:44:25 2023 by rpki-client on console-ams.rpki-client.org