Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D209/B3397B4A353A11EBB7EB6B18C4F9AE02/1D8E40064F6111ED9365FC4AC4F9AE02.roa
File: 1D8E40064F6111ED9365FC4AC4F9AE02.roa (raw, json)
Hash identifier: vDqwmtZ+SsSyJ9rvBoc/FS5aGqKc/MPeBesS9kUwqyk=
Subject key identifier: 02:EB:11:ED:22:CB:2C:0B:34:CC:C3:F6:B3:A2:C5:98:13:D0:FA:EC
Certificate issuer: /CN=A919D209/serialNumber=EB62DFC734A25BC154D367A98CF27ED16F41EAD0
Certificate serial: 05A0
Authority key identifier: EB:62:DF:C7:34:A2:5B:C1:54:D3:67:A9:8C:F2:7E:D1:6F:41:EA:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/62LfxzSiW8FU02epjPJ-0W9B6tA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D209/B3397B4A353A11EBB7EB6B18C4F9AE02/1D8E40064F6111ED9365FC4AC4F9AE02.roa
Signing time: Mon 03 Apr 2023 00:51:07 +0000
ROA not before: Mon 03 Apr 2023 00:51:07 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 9535
IP address blocks: 43.230.189.0/24 maxlen: 24
103.50.9.0/24 maxlen: 24
103.50.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 04:39:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1440 (0x5a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D209/serialNumber=EB62DFC734A25BC154D367A98CF27ED16F41EAD0
Validity
Not Before: Apr 3 00:51:07 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=642a22fb-ddfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:51:4b:39:85:ec:d4:e7:e8:fb:c2:f6:8d:42:
26:13:0e:77:7b:c6:ad:c1:f8:8e:2d:a8:d0:72:ad:
e9:e0:cb:89:c8:6c:0a:ed:a6:33:31:b2:d0:c1:27:
79:96:1a:e8:d3:aa:d8:f9:0a:44:39:8c:d0:4d:9c:
fd:99:58:f4:43:f4:31:01:68:e3:cd:f9:00:c7:bd:
f0:86:71:4a:27:2a:64:59:2a:9c:ac:bb:68:10:7d:
0a:05:ba:76:65:74:4a:54:e5:18:62:8d:85:92:59:
c0:ee:21:be:22:1a:07:69:b5:81:22:15:59:b3:35:
2e:2a:ef:8c:dd:c6:c2:32:fa:9a:9b:d4:4b:b8:c7:
68:8b:4f:fe:6a:66:d9:a8:07:5b:80:6e:d0:e9:ba:
ad:94:03:b0:3d:18:67:86:95:83:e3:dc:50:9e:9e:
0b:20:06:67:a8:bb:74:3a:c7:32:be:e4:92:0d:87:
79:d2:07:fc:e7:b4:b6:49:2d:ad:c6:b0:47:28:66:
e3:ca:44:23:15:4b:2d:00:2f:b3:04:7e:4f:bc:2a:
7a:29:02:f8:a6:66:f9:72:27:64:4b:69:83:59:3f:
a8:ec:9a:a1:cd:ee:a0:2e:8e:53:1e:31:b3:ab:9b:
a1:b0:58:30:83:60:60:d3:b6:fc:02:f5:55:1a:15:
44:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:EB:11:ED:22:CB:2C:0B:34:CC:C3:F6:B3:A2:C5:98:13:D0:FA:EC
X509v3 Authority Key Identifier:
keyid:EB:62:DF:C7:34:A2:5B:C1:54:D3:67:A9:8C:F2:7E:D1:6F:41:EA:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D209/B3397B4A353A11EBB7EB6B18C4F9AE02/62LfxzSiW8FU02epjPJ-0W9B6tA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/62LfxzSiW8FU02epjPJ-0W9B6tA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D209/B3397B4A353A11EBB7EB6B18C4F9AE02/1D8E40064F6111ED9365FC4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.189.0/24
103.50.9.0-103.50.10.255
Signature Algorithm: sha256WithRSAEncryption
0d:9b:38:ec:19:97:1c:08:5c:35:6d:ba:53:fa:d4:af:8f:97:
7e:7d:32:66:c9:c3:63:90:9d:ac:5e:a5:46:29:e2:fc:63:2c:
9d:04:bf:8c:a2:36:e2:51:78:30:f1:ba:59:30:26:42:8c:b4:
44:37:68:d2:20:52:67:63:25:14:10:c5:8b:71:72:22:e0:ab:
0a:a2:21:4f:f2:ed:92:50:63:51:bf:ff:2f:ce:b6:84:e3:d0:
98:cb:1a:6b:1f:fd:23:75:2b:e1:ab:6c:73:6a:5d:4b:d4:8a:
45:40:73:1c:84:c8:04:0a:01:10:4e:0e:28:e4:64:aa:7c:b7:
4a:a3:ef:5b:1d:49:e5:0e:92:e8:3f:2f:8f:6c:19:30:1a:31:
64:7c:ad:24:1f:cb:3d:07:c0:46:1c:16:21:37:0a:c7:b3:47:
56:49:0a:fc:b9:2e:a0:14:af:ad:53:4a:7b:4c:6d:69:58:a2:
a0:5f:37:77:06:89:c4:c2:ae:cf:bf:89:30:d6:ad:c2:b6:d9:
4e:ef:f2:04:de:e7:f1:cd:6f:81:74:4c:2b:49:ef:13:09:8a:
58:a6:37:93:6b:04:e8:ce:34:e1:65:e8:9c:f3:c0:07:0d:5d:
58:fb:cb:5d:2d:40:9a:a3:d0:32:ca:45:36:ac:79:96:9e:ba:
61:0e:ea:8f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICBaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQyMDkxMTAvBgNVBAUTKEVCNjJERkM3MzRBMjVCQzE1NEQzNjdBOThDRjI3RUQx
NkY0MUVBRDAwHhcNMjMwNDAzMDA1MTA3WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJhMjJmYi1kZGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3lFLOYXs1Ofo+8L2jUImEw53e8atwfiOLajQcq3p4MuJyGwK7aYzMbLQwSd5
lhro06rY+QpEOYzQTZz9mVj0Q/QxAWjjzfkAx73whnFKJypkWSqcrLtoEH0KBbp2
ZXRKVOUYYo2FklnA7iG+IhoHabWBIhVZszUuKu+M3cbCMvqam9RLuMdoi0/+ambZ
qAdbgG7Q6bqtlAOwPRhnhpWD49xQnp4LIAZnqLt0OscyvuSSDYd50gf857S2SS2t
xrBHKGbjykQjFUstAC+zBH5PvCp6KQL4pmb5cidkS2mDWT+o7Jqhze6gLo5THjGz
q5uhsFgwg2Bg07b8AvVVGhVETQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFALrEe0i
yywLNMzD9rOixZgT0PrsMB8GA1UdIwQYMBaAFOti38c0olvBVNNnqYzyftFvQerQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDIwOS9CMzM5N0I0QTM1
M0ExMUVCQjdFQjZCMThDNEY5QUUwMi82MkxmeHpTaVc4RlUwMmVwalBKLTBXOUI2
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzYyTGZ4elNpVzhGVTAyZXBqUEotMFc5QjZ0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQyMDkvQjMzOTdCNEEzNTNBMTFFQkI3RUI2QjE4QzRGOUFFMDIvMUQ4RTQwMDY0
RjYxMTFFRDkzNjVGQzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAAr5r0wDAMEAGcyCQMEAGcyCjANBgkqhkiG9w0BAQsFAAOC
AQEADZs47BmXHAhcNW26U/rUr4+Xfn0yZsnDY5CdrF6lRini/GMsnQS/jKI24lF4
MPG6WTAmQoy0RDdo0iBSZ2MlFBDFi3FyIuCrCqIhT/LtklBjUb//L862hOPQmMsa
ax/9I3Ur4atsc2pdS9SKRUBzHITIBAoBEE4OKORkqny3SqPvWx1J5Q6S6D8vj2wZ
MBoxZHytJB/LPQfARhwWITcKx7NHVkkK/LkuoBSvrVNKe0xtaViioF83dwaJxMKu
z7+JMNatwrbZTu/yBN7n8c1vgXRMK0nvEwmKWKY3k2sE6M404WXonPPABw1dWPvL
XS1AmqPQMspFNqx5lp66YQ7qjw==
-----END CERTIFICATE-----
Generated at Mon Jan 22 06:01:33 2024 by rpki-client on console-fra.rpki-client.org