Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/02790542434511EFA3535C57C4F9AE02.roa
File: 02790542434511EFA3535C57C4F9AE02.roa (raw, json)
Hash identifier: JlDdX2aikbb17igK+RsuQuqd7cfUim+Y6y87NSQzzBE=
Subject key identifier: F9:92:C1:06:5E:31:85:5C:69:31:C8:A9:D8:F9:09:42:1E:E5:65:6A
Certificate issuer: /CN=A916413C/serialNumber=365D71B2682F56B0EEFF1154755D279B8F9AFB33
Certificate serial: 2762
Authority key identifier: 36:5D:71:B2:68:2F:56:B0:EE:FF:11:54:75:5D:27:9B:8F:9A:FB:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/02790542434511EFA3535C57C4F9AE02.roa
Signing time: Tue 16 Jul 2024 08:02:12 +0000
ROA not before: Tue 16 Jul 2024 08:02:12 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 18001
IP address blocks: 43.228.109.0/24 maxlen: 24
101.2.190.0/24 maxlen: 24
223.224.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jul 2024 08:51:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10082 (0x2762)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916413C/serialNumber=365D71B2682F56B0EEFF1154755D279B8F9AFB33
Validity
Not Before: Jul 16 08:02:12 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66962903-a238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:82:38:1b:14:1e:81:85:59:c2:eb:c5:f7:54:
e8:32:89:ea:4e:6d:ef:5a:c1:6d:54:07:74:ae:4b:
34:3c:cc:ae:24:35:5b:c9:95:1f:4e:80:5e:b0:1a:
cc:47:e1:e8:c6:0a:9e:a4:10:d5:4f:b9:49:88:f2:
e2:81:a9:99:e3:af:c0:2e:04:42:16:a1:92:e8:70:
cd:a2:87:78:49:52:01:3a:e3:eb:1c:14:8b:b0:f5:
2c:0b:7b:e2:ab:e2:ae:91:c7:db:05:27:cc:c7:fc:
94:70:7f:fb:28:11:a8:f8:62:88:3c:df:ca:4e:bc:
3f:a1:4b:bb:e7:52:1d:1b:c8:82:6a:97:5f:04:3a:
67:a5:42:e7:c0:9c:40:89:f3:ec:54:4c:40:fb:e4:
59:50:e7:a8:5c:11:70:79:75:40:9c:67:92:11:e1:
05:3b:ff:57:0d:76:e0:1e:74:51:25:7f:b2:95:42:
2e:a8:c3:17:2a:51:d6:44:95:99:92:bf:24:81:58:
15:f8:f6:bd:29:0c:f6:bd:83:1d:6b:3e:71:a8:92:
a0:40:a9:88:88:ba:ba:dc:8d:88:d5:23:b6:8d:6a:
3e:fe:42:40:b1:5b:b7:25:46:76:0e:45:3e:6c:ba:
f5:c0:96:14:74:3f:34:7f:b5:a7:69:e5:54:c5:6b:
5d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:92:C1:06:5E:31:85:5C:69:31:C8:A9:D8:F9:09:42:1E:E5:65:6A
X509v3 Authority Key Identifier:
keyid:36:5D:71:B2:68:2F:56:B0:EE:FF:11:54:75:5D:27:9B:8F:9A:FB:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/02790542434511EFA3535C57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.109.0/24
101.2.190.0/24
223.224.1.0/24
Signature Algorithm: sha256WithRSAEncryption
03:b5:90:84:95:3a:ce:f4:77:6a:9d:30:84:33:8c:2a:ec:86:
b4:ef:a6:73:bf:f1:b9:3f:f8:60:0d:e6:e8:7d:76:98:aa:a0:
06:49:33:a4:60:55:57:86:25:6a:9f:aa:c4:e0:84:f3:22:bb:
f4:41:88:d8:38:20:a5:1c:7c:f6:55:ba:d7:0b:34:ea:3d:3a:
c5:c5:50:13:ff:59:9a:c9:b7:9d:1e:b7:dc:be:b5:92:b6:d2:
87:4e:67:4e:24:1d:6b:c8:7c:9f:3c:ac:d0:b6:fb:18:00:c8:
da:8b:0e:b6:6c:89:c4:87:06:47:91:0f:4c:cb:41:8c:31:c1:
6d:0c:fd:4c:26:ad:29:ac:1f:06:5f:15:23:98:a1:f8:a0:37:
8a:73:3c:10:56:46:c3:5c:1b:19:32:1b:6d:fa:28:6b:24:db:
01:45:62:f2:8f:3c:d6:62:fb:d2:9e:4b:0f:e3:fc:79:62:4c:
78:f4:fd:e4:16:15:aa:b7:11:27:26:c0:8c:9f:d2:e5:16:6f:
5e:0d:e4:92:73:ac:9e:b9:ac:d9:00:5e:c4:b0:d5:cd:b6:25:
7d:10:66:eb:d3:72:e0:f8:e2:b4:ea:85:c5:a4:e0:8a:5d:4c:
56:63:1a:0a:85:90:f2:f1:cc:41:ca:18:39:c7:55:32:f2:a6:
04:b4:da:fc
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICJ2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQxM0MxMTAvBgNVBAUTKDM2NUQ3MUIyNjgyRjU2QjBFRUZGMTE1NDc1NUQyNzlC
OEY5QUZCMzMwHhcNMjQwNzE2MDgwMjEyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk2MjkwMy1hMjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA34I4GxQegYVZwuvF91ToMonqTm3vWsFtVAd0rks0PMyuJDVbyZUfToBesBrM
R+HoxgqepBDVT7lJiPLigamZ46/ALgRCFqGS6HDNood4SVIBOuPrHBSLsPUsC3vi
q+KukcfbBSfMx/yUcH/7KBGo+GKIPN/KTrw/oUu751IdG8iCapdfBDpnpULnwJxA
ifPsVExA++RZUOeoXBFweXVAnGeSEeEFO/9XDXbgHnRRJX+ylUIuqMMXKlHWRJWZ
kr8kgVgV+Pa9KQz2vYMdaz5xqJKgQKmIiLq63I2I1SO2jWo+/kJAsVu3JUZ2DkU+
bLr1wJYUdD80f7WnaeVUxWtdUwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPmSwQZe
MYVcaTHIqdj5CUIe5WVqMB8GA1UdIwQYMBaAFDZdcbJoL1aw7v8RVHVdJ5uPmvsz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDEzQy85REQ4MjAxQUEw
NzMxMUU0QThCQjZGNDRDNEY5QUUwMi9ObDF4c21ndlZyRHVfeEZVZFYwbm00LWEt
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05sMXhzbWd2VnJEdV94RlVkVjBubTQtYS16TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjQxM0MvOUREODIwMUFBMDczMTFFNEE4QkI2RjQ0QzRGOUFFMDIvMDI3OTA1NDI0
MzQ1MTFFRkEzNTM1QzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr5G0DBABlAr4DBADf4AEwDQYJKoZIhvcNAQELBQADggEB
AAO1kISVOs70d2qdMIQzjCrshrTvpnO/8bk/+GAN5uh9dpiqoAZJM6RgVVeGJWqf
qsTghPMiu/RBiNg4IKUcfPZVutcLNOo9OsXFUBP/WZrJt50et9y+tZK20odOZ04k
HWvIfJ88rNC2+xgAyNqLDrZsicSHBkeRD0zLQYwxwW0M/UwmrSmsHwZfFSOYofig
N4pzPBBWRsNcGxkyG236KGsk2wFFYvKPPNZi+9KeSw/j/HliTHj0/eQWFaq3EScm
wIyf0uUWb14N5JJzrJ65rNkAXsSw1c22JX0QZuvTcuD44rTqhcWk4IpdTFZjGgqF
kPLxzEHKGDnHVTLypgS02vw=
-----END CERTIFICATE-----
Generated at Fri Jul 19 12:04:50 2024 by rpki-client on console-ams.rpki-client.org