Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/FDAE28A4C5E611EC87A9A43FC4F9AE02.roa
File: FDAE28A4C5E611EC87A9A43FC4F9AE02.roa (raw, json)
Hash identifier: nOzD8UzdChWaDkjaIlYS6gQ+bDE9lb36u16bdxxg7mA=
Subject key identifier: FA:0E:47:2E:C5:39:D2:DE:86:09:63:9C:53:55:0E:62:74:EA:C1:23
Certificate issuer: /CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3
Certificate serial: 33C1
Authority key identifier: 17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/FDAE28A4C5E611EC87A9A43FC4F9AE02.roa
Signing time: Thu 12 Oct 2023 15:00:50 +0000
ROA not before: Thu 12 Oct 2023 15:00:50 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 38742
IP address blocks: 43.250.136.0/22 maxlen: 22
43.250.137.0/24 maxlen: 24
43.250.138.0/24 maxlen: 24
43.250.139.0/24 maxlen: 24
61.5.192.0/20 maxlen: 20
61.5.193.0/24 maxlen: 24
61.5.194.0/23 maxlen: 24
61.5.197.0/24 maxlen: 24
61.5.198.0/24 maxlen: 24
61.5.199.0/24 maxlen: 24
61.5.201.0/24 maxlen: 24
61.5.202.0/24 maxlen: 24
61.5.203.0/24 maxlen: 24
61.5.204.0/24 maxlen: 24
61.5.205.0/24 maxlen: 24
61.5.206.0/24 maxlen: 24
61.5.207.0/24 maxlen: 24
103.42.0.0/22 maxlen: 22
103.42.1.0/24 maxlen: 24
103.42.2.0/24 maxlen: 24
103.42.3.0/24 maxlen: 24
119.59.80.0/21 maxlen: 21
119.59.80.0/24 maxlen: 24
119.59.82.0/24 maxlen: 24
119.59.83.0/24 maxlen: 24
119.59.84.0/24 maxlen: 24
119.59.85.0/24 maxlen: 24
119.59.86.0/24 maxlen: 24
119.59.87.0/24 maxlen: 24
121.100.48.0/21 maxlen: 21
121.100.48.0/24 maxlen: 24
121.100.49.0/24 maxlen: 24
121.100.50.0/23 maxlen: 24
121.100.52.0/24 maxlen: 24
121.100.53.0/24 maxlen: 24
121.100.54.0/24 maxlen: 24
121.100.55.0/24 maxlen: 24
2400:e500::/32 maxlen: 32
2400:e500:1::/48 maxlen: 48
2400:e500:5::/48 maxlen: 48
2400:e500:d::/48 maxlen: 48
2400:e500:13::/48 maxlen: 48
2400:e500:23::/48 maxlen: 48
2400:e500:24::/48 maxlen: 48
2400:e500:2a::/48 maxlen: 48
2400:e500:2b::/48 maxlen: 48
2400:e500:30::/48 maxlen: 48
2400:e500:31::/48 maxlen: 48
2400:e500:32::/48 maxlen: 48
2400:e500:33::/48 maxlen: 48
2400:e500:34::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 16 Feb 2024 14:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13249 (0x33c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3
Validity
Not Before: Oct 12 15:00:50 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65280a22-7866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:83:3c:24:6b:13:fe:e1:f9:f4:eb:38:7f:ec:
aa:cc:f6:5f:98:33:af:b3:88:9e:aa:bb:af:ec:ac:
1c:6d:41:c4:71:32:be:06:95:6f:f8:2b:ea:b9:76:
cb:a3:8b:91:64:a7:8a:2a:d6:95:3e:a7:3b:d3:ec:
a0:22:ca:c0:3a:0d:f1:96:ec:15:6e:65:b4:5b:bd:
1c:d0:b9:3e:ce:62:52:eb:5b:98:11:59:23:5e:2a:
d0:6f:7b:2c:07:93:e5:f8:19:9d:98:70:c7:dc:c1:
00:85:b7:b3:09:6b:0d:2e:2d:84:94:25:7b:8e:2f:
2f:62:d8:6e:f6:41:92:50:6c:2c:a0:b7:3d:d9:6e:
35:c8:5a:6d:03:d2:76:b9:ef:bd:93:bf:ae:01:83:
22:17:d4:08:82:1e:d0:55:1f:04:95:31:d9:78:ff:
b6:9c:2f:6a:d5:a6:cc:24:ea:78:df:cd:b5:84:6d:
1d:b6:e4:31:f6:31:3a:d4:68:6e:80:27:15:ef:29:
63:8a:17:9d:3c:9a:03:11:be:d9:00:40:0c:16:ab:
56:32:96:0a:dd:1c:e3:da:ba:92:ba:a9:78:19:44:
b2:f0:25:41:de:89:61:de:c6:04:7b:32:27:54:43:
dd:54:0b:b5:a3:04:1c:41:82:e1:1d:69:32:c8:af:
b3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0E:47:2E:C5:39:D2:DE:86:09:63:9C:53:55:0E:62:74:EA:C1:23
X509v3 Authority Key Identifier:
keyid:17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/FDAE28A4C5E611EC87A9A43FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.136.0/22
61.5.192.0/20
103.42.0.0/22
119.59.80.0/21
121.100.48.0/21
IPv6:
2400:e500::/32
Signature Algorithm: sha256WithRSAEncryption
12:55:a6:2c:f3:ee:fe:40:4b:4b:c9:73:ed:b4:ae:57:05:2e:
67:85:ce:5b:bf:f6:89:c6:7a:f9:e1:c8:c7:72:9f:71:41:08:
56:ec:bf:a7:6e:2e:f0:3b:46:2c:ce:9c:61:22:9a:03:7c:5e:
6d:7a:32:cb:f2:7d:67:80:0a:3e:45:49:02:9d:21:8d:02:3a:
9a:e9:2b:e4:0e:78:b6:24:35:bb:bd:c2:fb:ea:20:c9:f0:7a:
75:8e:64:ad:27:40:75:71:74:18:77:32:fb:8d:17:24:33:5c:
3a:03:74:2f:ba:14:c7:27:9d:5b:76:08:9f:b2:a7:e4:f9:cd:
11:8c:61:d1:0e:43:b6:90:09:25:a5:d1:61:17:93:5f:0e:36:
ea:89:bc:6c:29:2a:14:09:ce:ea:f8:6e:dd:0d:6b:57:57:51:
99:f4:c9:5d:a9:2c:c2:74:95:e4:30:72:e5:67:1c:22:b8:4f:
26:3b:41:de:60:c6:ae:82:d8:78:1e:17:87:b5:fb:c9:80:09:
db:56:20:f9:e8:4d:93:8e:ab:62:0f:69:da:11:94:f3:f1:d2:
f6:a4:67:a5:d1:c4:d9:71:4b:11:06:5a:af:08:16:70:1c:6f:
21:46:fd:7d:67:4c:94:71:a9:cf:f2:42:a4:29:81:fd:96:f1:
08:e7:22:06
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICM8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhDN0IxMTAvBgNVBAUTKDE3NTc3RjFFOTJFQjMzQjJDREU2RTQ4OUMwQjlBOTlB
MkUwMkZEQTMwHhcNMjMxMDEyMTUwMDUwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI4MGEyMi03ODY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuYM8JGsT/uH59Os4f+yqzPZfmDOvs4ieqruv7KwcbUHEcTK+BpVv+CvquXbL
o4uRZKeKKtaVPqc70+ygIsrAOg3xluwVbmW0W70c0Lk+zmJS61uYEVkjXirQb3ss
B5Pl+BmdmHDH3MEAhbezCWsNLi2ElCV7ji8vYthu9kGSUGwsoLc92W41yFptA9J2
ue+9k7+uAYMiF9QIgh7QVR8ElTHZeP+2nC9q1abMJOp43821hG0dtuQx9jE61Ghu
gCcV7yljihedPJoDEb7ZAEAMFqtWMpYK3Rzj2rqSuql4GUSy8CVB3olh3sYEezIn
VEPdVAu1owQcQYLhHWkyyK+znQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFPoORy7F
OdLehgljnFNVDmJ06sEjMB8GA1UdIwQYMBaAFBdXfx6S6zOyzebkicC5qZouAv2j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEM3Qi82NzUyMDhBRTFE
OTMxMUUyQkNCREU1RjYwOEIwMkNEMi9GMWRfSHBMck03TE41dVNKd0xtcG1pNENf
YU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0YxZF9IcExyTTdMTjV1U0p3TG1wbWk0Q19hTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhDN0IvNjc1MjA4QUUxRDkzMTFFMkJDQkRFNUY2MDhCMDJDRDIvRkRBRTI4QTRD
NUU2MTFFQzg3QTlBNDNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIr+ogDBAQ9BcADBAJnKgADBAN3O1ADBAN5ZDAwDQQCAAIw
BwMFACQA5QAwDQYJKoZIhvcNAQELBQADggEBABJVpizz7v5AS0vJc+20rlcFLmeF
zlu/9onGevnhyMdyn3FBCFbsv6duLvA7RizOnGEimgN8Xm16MsvyfWeACj5FSQKd
IY0COprpK+QOeLYkNbu9wvvqIMnwenWOZK0nQHVxdBh3MvuNFyQzXDoDdC+6FMcn
nVt2CJ+yp+T5zRGMYdEOQ7aQCSWl0WEXk18ONuqJvGwpKhQJzur4bt0Na1dXUZn0
yV2pLMJ0leQwcuVnHCK4TyY7Qd5gxq6C2HgeF4e1+8mACdtWIPnoTZOOq2IPadoR
lPPx0vakZ6XRxNlxSxEGWq8IFnAcbyFG/X1nTJRxqc/yQqQpgf2W8QjnIgY=
-----END CERTIFICATE-----
Generated at Fri Feb 16 17:41:19 2024 by rpki-client on console-fra.rpki-client.org