Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/B5D0F45C038411EFBBE77E26C4F9AE02.roa
File: B5D0F45C038411EFBBE77E26C4F9AE02.roa (raw, json)
Hash identifier: fdsVxUUQoHVC+McPTjal4EY3C7tGtGsBX1LtR8UBOWM=
Subject key identifier: 4C:95:92:B4:63:60:6B:B6:E8:42:DD:D8:39:03:F4:DC:4F:80:05:6F
Certificate issuer: /CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Certificate serial: 1E
Authority key identifier: BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/B5D0F45C038411EFBBE77E26C4F9AE02.roa
Signing time: Thu 02 May 2024 02:22:44 +0000
ROA not before: Thu 02 May 2024 02:22:44 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 35908
IP address blocks: 43.252.120.0/22 maxlen: 22
110.34.128.0/17 maxlen: 24
2401:4a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 May 2024 03:04:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Validity
Not Before: May 2 02:22:44 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6632f8f4-886d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:22:41:98:7e:a0:4b:5b:0a:1e:7b:c3:6c:3c:
c8:ff:b1:93:d7:39:6b:a6:ac:8d:ec:bd:44:e8:88:
ce:65:6c:d9:e8:95:f8:67:4e:41:be:56:75:d1:60:
d4:df:04:41:39:14:54:34:cc:df:6b:d7:81:82:7b:
bf:fd:bf:93:96:e0:7f:9c:ac:64:16:70:04:fd:4a:
f4:5e:d6:63:d5:50:81:bd:dd:23:83:fe:69:b0:b5:
97:97:2b:a4:8f:f4:e3:73:a6:d2:be:99:4d:34:32:
61:15:89:ff:b1:11:47:d7:fb:6d:60:a0:94:f9:27:
8f:49:5b:c8:55:c3:6c:21:58:60:8c:5d:4a:02:ef:
ee:f5:db:26:2d:98:95:17:4b:b4:5b:31:f6:4d:a9:
8a:89:a3:03:7c:57:bc:9a:31:4a:40:d2:a4:d1:4f:
80:14:62:95:3e:54:60:4f:80:1a:02:ed:79:b2:7d:
fc:9e:b3:7b:ca:3f:4b:0d:8e:ae:a7:66:da:b6:db:
5d:70:1f:5a:f7:8e:30:0c:e6:a3:24:24:a6:d4:23:
f5:69:5f:4d:37:d1:e0:c2:b6:01:99:ed:e2:cd:37:
1e:93:57:df:0e:56:6c:c8:df:0f:37:d8:0b:9e:4a:
3a:af:b0:08:7f:79:a1:54:bf:23:c7:65:a1:9d:d6:
83:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:95:92:B4:63:60:6B:B6:E8:42:DD:D8:39:03:F4:DC:4F:80:05:6F
X509v3 Authority Key Identifier:
keyid:BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/B5D0F45C038411EFBBE77E26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.120.0/22
110.34.128.0/17
IPv6:
2401:4a40::/32
Signature Algorithm: sha256WithRSAEncryption
61:b7:48:a7:87:0a:34:a3:9f:3d:ea:bb:13:a2:6d:7a:fc:87:
ec:95:bc:c6:0f:a8:ed:a5:80:3b:15:55:f9:ba:69:9e:06:b7:
8f:28:23:9a:f4:4f:ab:92:9d:4b:47:e5:58:a2:d8:be:09:05:
54:9b:11:92:e7:30:25:8c:c7:a6:1a:02:b7:aa:53:76:52:23:
af:5a:b4:b3:b5:1c:e7:44:fc:c9:9c:c3:ef:ca:5f:93:c0:31:
79:d6:7c:5f:a6:80:fb:95:19:49:6b:d8:b7:2c:94:2e:b2:36:
9f:f2:97:2b:3f:a4:bf:25:70:9f:18:cb:76:a0:1c:e6:22:cb:
1c:af:38:0e:01:39:d1:59:00:a8:24:45:7a:18:7a:54:a4:5c:
83:43:fa:c3:17:f4:65:35:2a:f5:dd:2b:d9:c7:64:03:81:7b:
74:54:12:16:e1:75:4d:5a:87:f0:dc:6e:d5:9d:03:d7:28:40:
85:f8:6c:62:5c:e3:05:f3:7d:97:f4:01:e5:f2:31:42:33:12:
6b:b2:90:b7:bb:01:17:1c:b8:6a:20:09:d0:84:73:b6:e2:f0:
79:aa:54:dc:eb:8c:72:f4:af:ba:74:ba:6f:14:5d:44:e3:34:
aa:73:1e:73:7b:69:72:ae:b1:19:49:4d:71:b1:3d:c9:0c:5a:
24:34:e6:f6
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QzUzMjExMC8GA1UEBRMoQkNBQjNFNzZGODRFRDQzNzQyRjJBMDgxMjQyNzA4RTc5
OUNFMUI1RjAeFw0yNDA1MDIwMjIyNDRaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzJmOGY0LTg4NmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCTIkGYfqBLWwoee8NsPMj/sZPXOWumrI3svUToiM5lbNnolfhnTkG+VnXRYNTf
BEE5FFQ0zN9r14GCe7/9v5OW4H+crGQWcAT9SvRe1mPVUIG93SOD/mmwtZeXK6SP
9ONzptK+mU00MmEVif+xEUfX+21goJT5J49JW8hVw2whWGCMXUoC7+712yYtmJUX
S7RbMfZNqYqJowN8V7yaMUpA0qTRT4AUYpU+VGBPgBoC7Xmyffyes3vKP0sNjq6n
Ztq2211wH1r3jjAM5qMkJKbUI/VpX0030eDCtgGZ7eLNNx6TV98OVmzI3w832Aue
SjqvsAh/eaFUvyPHZaGd1oNzAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUTJWStGNg
a7boQt3YOQP03E+ABW8wHwYDVR0jBBgwFoAUvKs+dvhO1DdC8qCBJCcI55nOG18w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDNTMyL0RBQTBEMEI0MDM3
RTExRUY4NTIwRTc1OEM0RjlBRTAyL3ZLcy1kdmhPMURkQzhxQ0JKQ2NJNTVuT0cx
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdktzLWR2aE8xRGRDOHFDQkpDY0k1NW5PRzE4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QzUzMi9EQUEwRDBCNDAzN0UxMUVGODUyMEU3NThDNEY5QUUwMi9CNUQwRjQ1QzAz
ODQxMUVGQkJFNzdFMjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAiv8eAMEB24igDANBAIAAjAHAwUAJAFKQDANBgkqhkiG9w0B
AQsFAAOCAQEAYbdIp4cKNKOfPeq7E6JtevyH7JW8xg+o7aWAOxVV+bppnga3jygj
mvRPq5KdS0flWKLYvgkFVJsRkucwJYzHphoCt6pTdlIjr1q0s7Uc50T8yZzD78pf
k8AxedZ8X6aA+5UZSWvYtyyULrI2n/KXKz+kvyVwnxjLdqAc5iLLHK84DgE50VkA
qCRFehh6VKRcg0P6wxf0ZTUq9d0r2cdkA4F7dFQSFuF1TVqH8Nxu1Z0D1yhAhfhs
YlzjBfN9l/QB5fIxQjMSa7KQt7sBFxy4aiAJ0IRztuLweapU3OuMcvSvunS6bxRd
ROM0qnMec3tpcq6xGUlNcbE9yQxaJDTm9g==
-----END CERTIFICATE-----
Generated at Thu May 2 04:25:02 2024 by rpki-client on console-ams.rpki-client.org