Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164A50/F7A64B0A187811EDBE469610C4F9AE02/BDA9DE001C5E11ED94861F7CC4F9AE02.roa
File: BDA9DE001C5E11ED94861F7CC4F9AE02.roa (raw, json)
Hash identifier: wNkDXswoIsfNaXhGA/YZud+t9elugH4UWLxwSpJ5NY4=
Subject key identifier: 53:8B:BE:34:1A:A5:3B:8E:84:60:E8:89:D7:6D:77:98:27:AC:22:E4
Certificate issuer: /CN=A9164A50/serialNumber=94830F940D8DDC7F989B7CAB136283CF432960BD
Certificate serial: 0196
Authority key identifier: 94:83:0F:94:0D:8D:DC:7F:98:9B:7C:AB:13:62:83:CF:43:29:60:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lIMPlA2N3H-Ym3yrE2KDz0MpYL0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164A50/F7A64B0A187811EDBE469610C4F9AE02/BDA9DE001C5E11ED94861F7CC4F9AE02.roa
Signing time: Sat 27 Apr 2024 04:47:12 +0000
ROA not before: Sat 27 Apr 2024 04:47:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132627
IP address blocks: 43.245.224.0/22 maxlen: 24
103.17.152.0/22 maxlen: 22
103.17.152.0/24 maxlen: 24
125.254.50.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 01:03:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 406 (0x196)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164A50/serialNumber=94830F940D8DDC7F989B7CAB136283CF432960BD
Validity
Not Before: Apr 27 04:47:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=662c834f-6684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1b:69:8b:dd:cc:53:ef:70:4f:5b:fa:60:de:
d2:7c:86:4f:25:19:f4:c9:82:15:71:71:46:94:3f:
92:2c:27:6d:88:6c:53:40:ce:9d:8e:d6:44:7e:46:
cd:ad:ec:4c:af:7f:2b:8a:28:4f:5a:67:88:ef:c1:
47:26:ab:f2:a5:1a:36:e1:03:8d:2b:ab:81:71:b5:
b3:84:9e:b7:81:94:ea:69:88:0a:65:cb:72:98:37:
1d:0f:20:3a:21:84:85:f3:e6:a4:2b:c4:16:09:74:
c7:d6:33:2a:84:23:45:e4:0b:38:64:1a:82:3e:aa:
67:99:3d:6e:18:6f:be:aa:f9:83:33:c4:5b:dc:91:
02:e6:68:b5:ba:b8:c9:63:56:6a:af:d2:10:80:98:
a7:15:47:3e:93:14:4f:22:e5:41:c3:eb:eb:a3:ec:
47:b0:28:72:61:7c:9b:ec:90:e4:b9:72:38:de:72:
ca:94:f4:98:7a:b9:3c:a5:72:92:00:8e:1f:43:ae:
33:3e:b6:10:d4:15:de:0a:6c:74:6d:c3:14:e5:bf:
9c:8b:fa:4c:d6:86:6a:01:e2:5a:b8:d7:9a:b1:86:
af:03:c0:29:be:7f:bf:9b:f0:7d:94:48:9c:3b:75:
7c:77:67:ab:08:a4:07:2d:ca:a8:4c:60:c3:19:d2:
08:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8B:BE:34:1A:A5:3B:8E:84:60:E8:89:D7:6D:77:98:27:AC:22:E4
X509v3 Authority Key Identifier:
keyid:94:83:0F:94:0D:8D:DC:7F:98:9B:7C:AB:13:62:83:CF:43:29:60:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164A50/F7A64B0A187811EDBE469610C4F9AE02/lIMPlA2N3H-Ym3yrE2KDz0MpYL0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lIMPlA2N3H-Ym3yrE2KDz0MpYL0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164A50/F7A64B0A187811EDBE469610C4F9AE02/BDA9DE001C5E11ED94861F7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.224.0/22
103.17.152.0/22
125.254.50.0/23
Signature Algorithm: sha256WithRSAEncryption
22:c8:13:b4:bf:4a:18:7d:36:bf:8e:68:f9:11:ae:3a:db:b3:
3d:ab:64:66:66:a7:66:c5:a4:31:e2:1d:9b:08:a0:5d:bb:59:
6b:52:8c:fb:18:e2:e3:b5:25:d4:73:a9:05:16:1e:e3:1b:ce:
cb:8b:c0:30:c2:69:87:b2:cb:01:00:71:db:bf:6f:ed:27:28:
fa:2c:8f:ea:d8:0b:b6:25:24:0f:70:52:23:8d:27:0b:1d:34:
fc:a9:71:09:d8:47:db:f3:55:c5:63:57:ac:38:7e:35:8e:79:
41:eb:b7:bf:52:c1:60:6a:82:f9:e1:2d:c7:96:a7:f4:f1:ce:
3f:a1:ba:c0:58:b1:66:4a:5f:7b:8c:dd:eb:5c:71:f2:70:51:
16:db:9c:8b:63:68:88:20:9b:3e:22:93:13:83:0a:5a:68:8a:
d4:1c:ef:51:be:3a:4c:24:01:78:50:7d:54:78:a6:ed:3b:28:
e8:cd:a4:d6:f5:37:23:0a:c7:94:2a:52:d5:85:03:6e:8c:8b:
e7:e9:85:d4:5d:ce:94:5d:f4:17:e1:cc:4a:67:cd:c3:b9:f0:
ad:47:1b:66:b7:eb:db:f7:dc:3b:84:18:7f:ae:0b:23:c9:4d:
f4:62:76:8b:1b:0b:51:58:ca:9a:77:5f:e4:4f:2c:03:25:42:
2c:c8:67:62
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjRBNTAxMTAvBgNVBAUTKDk0ODMwRjk0MEQ4RERDN0Y5ODlCN0NBQjEzNjI4M0NG
NDMyOTYwQkQwHhcNMjQwNDI3MDQ0NzEyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJjODM0Zi02Njg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzxtpi93MU+9wT1v6YN7SfIZPJRn0yYIVcXFGlD+SLCdtiGxTQM6djtZEfkbN
rexMr38riihPWmeI78FHJqvypRo24QONK6uBcbWzhJ63gZTqaYgKZctymDcdDyA6
IYSF8+akK8QWCXTH1jMqhCNF5As4ZBqCPqpnmT1uGG++qvmDM8Rb3JEC5mi1urjJ
Y1Zqr9IQgJinFUc+kxRPIuVBw+vro+xHsChyYXyb7JDkuXI43nLKlPSYerk8pXKS
AI4fQ64zPrYQ1BXeCmx0bcMU5b+ci/pM1oZqAeJauNeasYavA8Apvn+/m/B9lEic
O3V8d2erCKQHLcqoTGDDGdIIrQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFOLvjQa
pTuOhGDoiddtd5gnrCLkMB8GA1UdIwQYMBaAFJSDD5QNjdx/mJt8qxNig89DKWC9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NEE1MC9GN0E2NEIwQTE4
NzgxMUVEQkU0Njk2MTBDNEY5QUUwMi9sSU1QbEEyTjNILVltM3lyRTJLRHowTXBZ
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xJTVBsQTJOM0gtWW0zeXJFMktEejBNcFlMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjRBNTAvRjdBNjRCMEExODc4MTFFREJFNDY5NjEwQzRGOUFFMDIvQkRBOURFMDAx
QzVFMTFFRDk0ODYxRjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAIr9eADBAJnEZgDBAF9/jIwDQYJKoZIhvcNAQELBQADggEB
ACLIE7S/Shh9Nr+OaPkRrjrbsz2rZGZmp2bFpDHiHZsIoF27WWtSjPsY4uO1JdRz
qQUWHuMbzsuLwDDCaYeyywEAcdu/b+0nKPosj+rYC7YlJA9wUiONJwsdNPypcQnY
R9vzVcVjV6w4fjWOeUHrt79SwWBqgvnhLceWp/Txzj+husBYsWZKX3uM3etccfJw
URbbnItjaIggmz4ikxODClpoitQc71G+OkwkAXhQfVR4pu07KOjNpNb1NyMKx5Qq
UtWFA26Mi+fphdRdzpRd9BfhzEpnzcO58K1HG2a369v33DuEGH+uCyPJTfRidosb
C1FYypp3X+RPLAMlQizIZ2I=
-----END CERTIFICATE-----
Generated at Mon Oct 21 03:03:11 2024 by rpki-client on console-ams.rpki-client.org