Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/69E4E8640B7C11EF8E4FA72DC4F9AE02.roa
File: 69E4E8640B7C11EF8E4FA72DC4F9AE02.roa (raw, json)
Hash identifier: uzbfP6PSi15+cB5q+5efmAHUZVI1i0WZIgt2xCf4cvk=
Subject key identifier: 95:C6:58:13:65:81:58:56:80:E0:1F:F6:E0:C3:96:E4:9A:41:16:F9
Certificate issuer: /CN=A9155647/serialNumber=AD3445DB42010B1215A49E427F1AE7400D788BFB
Certificate serial: 1A
Authority key identifier: AD:34:45:DB:42:01:0B:12:15:A4:9E:42:7F:1A:E7:40:0D:78:8B:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rTRF20IBCxIVpJ5CfxrnQA14i_s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/69E4E8640B7C11EF8E4FA72DC4F9AE02.roa
Signing time: Mon 06 May 2024 07:44:06 +0000
ROA not before: Mon 06 May 2024 07:44:06 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 834
IP address blocks: 43.231.205.0/24 maxlen: 24
43.231.206.0/24 maxlen: 24
43.231.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 17:56:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155647/serialNumber=AD3445DB42010B1215A49E427F1AE7400D788BFB
Validity
Not Before: May 6 07:44:06 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66388a45-56b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:70:cf:5d:56:c0:5f:10:3d:be:e3:99:47:62:
1a:a4:4f:b9:d6:86:f5:57:58:67:fd:44:65:a4:ef:
62:51:78:7d:2a:6c:e6:8d:c1:f8:2a:d3:54:25:a2:
a3:2c:24:23:79:85:2d:cf:d7:44:61:80:be:55:53:
02:66:04:60:81:d2:10:11:02:e6:33:a5:fb:e2:59:
db:50:55:6d:83:8a:47:3a:14:fb:70:41:89:ed:12:
4b:c1:58:18:b0:c7:50:63:ac:09:27:c7:e9:57:23:
66:0d:5c:d7:13:1d:a5:e6:9d:00:70:5e:73:17:76:
29:6d:1d:c3:85:83:16:d7:6d:2e:28:89:3f:70:c4:
be:7b:72:e2:56:b9:6f:56:3c:87:12:e3:76:2d:35:
04:5b:72:6a:8e:fc:29:43:b9:57:8b:0c:ba:15:46:
f3:5e:3a:a9:26:d4:f4:8f:78:0b:43:c9:e2:83:4d:
e4:05:18:77:f1:81:96:54:19:68:dc:7a:64:33:3c:
48:d8:63:3e:54:d5:31:53:1e:d1:16:87:5b:6c:06:
8c:3b:cb:a0:9c:fc:fb:a4:58:e0:17:ae:95:42:ec:
cd:89:a0:3c:e2:dd:43:96:a5:55:91:f3:42:38:9f:
08:ab:08:ea:dd:98:14:02:21:dd:df:06:5a:42:2e:
7f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C6:58:13:65:81:58:56:80:E0:1F:F6:E0:C3:96:E4:9A:41:16:F9
X509v3 Authority Key Identifier:
keyid:AD:34:45:DB:42:01:0B:12:15:A4:9E:42:7F:1A:E7:40:0D:78:8B:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/rTRF20IBCxIVpJ5CfxrnQA14i_s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rTRF20IBCxIVpJ5CfxrnQA14i_s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/69E4E8640B7C11EF8E4FA72DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.205.0-43.231.207.255
Signature Algorithm: sha256WithRSAEncryption
82:75:4f:30:f7:16:6b:0d:fb:b6:3d:49:ff:65:68:17:9b:fb:
1d:39:14:ed:11:65:db:31:e7:a8:56:12:fb:c7:d8:b5:4e:21:
8e:0a:ee:42:89:af:1e:69:27:2f:59:a0:6b:04:43:14:96:43:
7c:f7:00:91:67:16:58:1f:45:85:90:c4:2b:06:05:c6:4a:8e:
e7:cf:a4:a3:a6:5a:d8:52:d0:61:14:b1:46:5c:0a:50:e3:45:
66:e6:2f:00:d9:e5:14:3a:11:5c:e5:3b:95:34:20:37:bf:7b:
41:c8:31:25:bb:08:f5:27:40:32:1e:8f:e6:41:d9:d4:f6:5a:
46:e1:c4:96:a1:db:81:5b:0a:4f:24:b8:86:4e:43:1a:5d:32:
0a:02:b7:b3:97:81:72:90:94:36:22:c7:53:9a:a3:ff:29:87:
55:9a:2e:93:26:e7:26:b0:18:8f:0f:93:00:81:8b:80:bb:2f:
bb:6f:bf:04:d8:86:d8:4d:d8:b8:ba:fe:4a:d2:71:63:ad:50:
46:03:a6:e2:58:9e:7f:d2:95:0e:11:79:60:2d:b3:06:1b:00:
24:5a:63:18:5e:11:65:4c:5d:ab:b8:44:b2:34:cf:91:d3:eb:
8d:a6:06:92:f2:d2:7c:b0:4c:fb:aa:93:ac:b0:d9:38:4e:3f:
2e:9d:f1:d1
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBGjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTY0NzExMC8GA1UEBRMoQUQzNDQ1REI0MjAxMEIxMjE1QTQ5RTQyN0YxQUU3NDAw
RDc4OEJGQjAeFw0yNDA1MDYwNzQ0MDZaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2Mzg4YTQ1LTU2YjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDecM9dVsBfED2+45lHYhqkT7nWhvVXWGf9RGWk72JReH0qbOaNwfgq01QloqMs
JCN5hS3P10RhgL5VUwJmBGCB0hARAuYzpfviWdtQVW2Dikc6FPtwQYntEkvBWBiw
x1BjrAknx+lXI2YNXNcTHaXmnQBwXnMXdiltHcOFgxbXbS4oiT9wxL57cuJWuW9W
PIcS43YtNQRbcmqO/ClDuVeLDLoVRvNeOqkm1PSPeAtDyeKDTeQFGHfxgZZUGWjc
emQzPEjYYz5U1TFTHtEWh1tsBow7y6Cc/PukWOAXrpVC7M2JoDzi3UOWpVWR80I4
nwirCOrdmBQCId3fBlpCLn/bAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUlcZYE2WB
WFaA4B/24MOW5JpBFvkwHwYDVR0jBBgwFoAUrTRF20IBCxIVpJ5CfxrnQA14i/sw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1NjQ3LzkwNUMxMDQ2RjM2
RjExRUU5OTcyRUI3OUM0RjlBRTAyL3JUUkYyMElCQ3hJVnBKNUNmeHJuUUExNGlf
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvclRSRjIwSUJDeElWcEo1Q2Z4cm5RQTE0aV9zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTY0Ny85MDVDMTA0NkYzNkYxMUVFOTk3MkVCNzlDNEY5QUUwMi82OUU0RTg2NDBC
N0MxMUVGOEU0RkE3MkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAK+fNAwQEK+fAMA0GCSqGSIb3DQEBCwUAA4IBAQCCdU8w
9xZrDfu2PUn/ZWgXm/sdORTtEWXbMeeoVhL7x9i1TiGOCu5Cia8eaScvWaBrBEMU
lkN89wCRZxZYH0WFkMQrBgXGSo7nz6SjplrYUtBhFLFGXApQ40Vm5i8A2eUUOhFc
5TuVNCA3v3tByDEluwj1J0AyHo/mQdnU9lpG4cSWoduBWwpPJLiGTkMaXTIKArez
l4FykJQ2IsdTmqP/KYdVmi6TJucmsBiPD5MAgYuAuy+7b78E2IbYTdi4uv5K0nFj
rVBGA6biWJ5/0pUOEXlgLbMGGwAkWmMYXhFlTF2ruESyNM+R0+uNpgaS8tJ8sEz7
qpOssNk4Tj8unfHR
-----END CERTIFICATE-----
Generated at Fri May 17 20:21:20 2024 by rpki-client on console-fra.rpki-client.org