Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164A50/F7A64B0A187811EDBE469610C4F9AE02/573F6D248F4811EF8F72410EC4F9AE02.roa
File: 573F6D248F4811EF8F72410EC4F9AE02.roa (raw, json)
Hash identifier: vM5HrDLTCfWFJ28QoiWKT6SpH0fdpfis5TDXa+yD/lM=
Subject key identifier: E2:E8:1D:AD:52:29:E8:DB:96:9D:0D:A5:6F:93:03:EC:F5:90:A3:F9
Certificate issuer: /CN=A9164A50/serialNumber=94830F940D8DDC7F989B7CAB136283CF432960BD
Certificate serial: 01EF
Authority key identifier: 94:83:0F:94:0D:8D:DC:7F:98:9B:7C:AB:13:62:83:CF:43:29:60:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lIMPlA2N3H-Ym3yrE2KDz0MpYL0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164A50/F7A64B0A187811EDBE469610C4F9AE02/573F6D248F4811EF8F72410EC4F9AE02.roa
Signing time: Mon 21 Oct 2024 01:03:54 +0000
ROA not before: Mon 21 Oct 2024 01:03:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132627
IP address blocks: 43.245.224.0/22 maxlen: 24
103.17.152.0/22 maxlen: 22
103.17.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 01:55:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 495 (0x1ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164A50/serialNumber=94830F940D8DDC7F989B7CAB136283CF432960BD
Validity
Not Before: Oct 21 01:03:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6715a879-bcb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:59:10:c0:bb:13:ff:f5:7b:9b:b1:f7:0c:89:
d7:7b:d1:fc:1c:a8:b5:a4:80:fc:07:54:d0:20:66:
fe:8d:46:99:d3:4f:2b:93:30:e3:5a:8f:16:f5:30:
9c:d8:98:0d:dc:a9:ce:fa:6a:74:73:dd:09:09:ab:
77:ce:80:b7:c2:54:1f:72:89:81:6a:3e:d9:d7:91:
d7:da:cf:fd:5d:7f:61:a7:62:8d:e4:b5:0a:9f:a3:
0a:91:e6:f9:fe:71:3b:d2:1f:2b:9a:ff:6d:84:a9:
8c:8f:1e:07:bb:ca:29:f1:7b:75:04:85:79:36:f0:
6d:b2:fc:93:20:1b:44:61:c6:80:63:4e:5c:60:c8:
ee:d9:fd:48:e6:e7:16:f3:7b:5f:6e:5a:93:23:70:
b6:4d:70:c4:63:47:70:ce:7f:2e:3f:75:26:53:0e:
11:8c:0e:8f:01:19:53:80:d2:0d:2f:19:7e:0c:1c:
4a:ea:56:57:d5:bb:2f:f6:b8:52:45:b7:6a:72:1a:
ab:c4:62:0d:22:10:18:ab:6c:28:25:a7:c7:2b:ff:
5e:16:91:f8:48:bc:09:23:12:d3:97:8f:0d:eb:60:
dc:8a:e3:14:66:69:b3:20:49:4f:9a:fd:9c:ad:f8:
64:2c:ab:3e:69:5a:c3:b0:39:cf:0d:f2:a7:e4:78:
d6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E8:1D:AD:52:29:E8:DB:96:9D:0D:A5:6F:93:03:EC:F5:90:A3:F9
X509v3 Authority Key Identifier:
keyid:94:83:0F:94:0D:8D:DC:7F:98:9B:7C:AB:13:62:83:CF:43:29:60:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164A50/F7A64B0A187811EDBE469610C4F9AE02/lIMPlA2N3H-Ym3yrE2KDz0MpYL0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lIMPlA2N3H-Ym3yrE2KDz0MpYL0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164A50/F7A64B0A187811EDBE469610C4F9AE02/573F6D248F4811EF8F72410EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.224.0/22
103.17.152.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:bf:c8:ae:22:ae:6c:27:81:55:12:48:52:45:58:9a:72:6c:
ad:08:2c:d7:c1:97:1d:41:e2:e8:93:d5:f3:9a:49:c2:85:b3:
be:9f:cc:3f:9e:d3:a0:e6:72:7b:d2:f0:28:33:58:af:78:6b:
82:cf:cd:0c:76:34:9e:aa:8e:48:33:2f:71:fb:6e:48:39:c3:
2e:a3:22:34:8e:1d:5f:37:0b:c7:b6:10:a3:7a:af:78:78:e0:
83:65:c3:7a:47:e0:ed:b0:a5:67:7d:10:2e:0a:c4:cd:68:bf:
e1:60:91:8e:59:15:d3:71:a6:7b:67:33:5b:2d:ec:8c:98:1d:
cf:3d:56:97:70:48:4b:25:4e:f4:c6:7e:44:d0:0b:10:e4:7e:
94:9c:f4:7d:d9:a0:5f:60:9a:e5:6d:ee:ac:58:36:3c:15:5e:
fa:f4:c9:7d:91:cc:4b:07:58:2f:bb:22:d6:4b:9f:4e:6b:a2:
92:4a:1d:e7:fb:69:ae:f1:1c:0b:36:2d:0d:c5:d7:b7:14:c8:
b1:22:c0:fd:4b:d0:bb:f2:b5:d7:3b:f5:10:5d:de:f3:b2:2a:
a1:90:25:ff:be:a9:36:76:4f:24:be:a3:c9:2f:f0:9b:bf:32:
a8:80:e6:ed:9d:c0:12:36:d3:04:d2:bc:a1:9d:55:49:a3:84:
08:e9:7e:43
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjRBNTAxMTAvBgNVBAUTKDk0ODMwRjk0MEQ4RERDN0Y5ODlCN0NBQjEzNjI4M0NG
NDMyOTYwQkQwHhcNMjQxMDIxMDEwMzU0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE1YTg3OS1iY2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtVkQwLsT//V7m7H3DInXe9H8HKi1pID8B1TQIGb+jUaZ008rkzDjWo8W9TCc
2JgN3KnO+mp0c90JCat3zoC3wlQfcomBaj7Z15HX2s/9XX9hp2KN5LUKn6MKkeb5
/nE70h8rmv9thKmMjx4Hu8op8Xt1BIV5NvBtsvyTIBtEYcaAY05cYMju2f1I5ucW
83tfblqTI3C2TXDEY0dwzn8uP3UmUw4RjA6PARlTgNINLxl+DBxK6lZX1bsv9rhS
RbdqchqrxGINIhAYq2woJafHK/9eFpH4SLwJIxLTl48N62DciuMUZmmzIElPmv2c
rfhkLKs+aVrDsDnPDfKn5HjWRQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOLoHa1S
Kejblp0NpW+TA+z1kKP5MB8GA1UdIwQYMBaAFJSDD5QNjdx/mJt8qxNig89DKWC9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NEE1MC9GN0E2NEIwQTE4
NzgxMUVEQkU0Njk2MTBDNEY5QUUwMi9sSU1QbEEyTjNILVltM3lyRTJLRHowTXBZ
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xJTVBsQTJOM0gtWW0zeXJFMktEejBNcFlMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjRBNTAvRjdBNjRCMEExODc4MTFFREJFNDY5NjEwQzRGOUFFMDIvNTczRjZEMjQ4
RjQ4MTFFRjhGNzI0MTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr9eADBAJnEZgwDQYJKoZIhvcNAQELBQADggEBAMO/yK4i
rmwngVUSSFJFWJpybK0ILNfBlx1B4uiT1fOaScKFs76fzD+e06DmcnvS8CgzWK94
a4LPzQx2NJ6qjkgzL3H7bkg5wy6jIjSOHV83C8e2EKN6r3h44INlw3pH4O2wpWd9
EC4KxM1ov+FgkY5ZFdNxpntnM1st7IyYHc89VpdwSEslTvTGfkTQCxDkfpSc9H3Z
oF9gmuVt7qxYNjwVXvr0yX2RzEsHWC+7ItZLn05ropJKHef7aa7xHAs2LQ3F17cU
yLEiwP1L0Lvytdc79RBd3vOyKqGQJf++qTZ2TyS+o8kv8Ju/MqiA5u2dwBI20wTS
vKGdVUmjhAjpfkM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:56:44 2024 by rpki-client on console-fra.rpki-client.org