Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/B5D0F45C038411EFBBE77E26C4F9AE02.roa
File: B5D0F45C038411EFBBE77E26C4F9AE02.roa (raw, json)
Hash identifier: CoiUUOm9fGekCdc2+vHbuJeBsOTWqD9l+lhmGBdTFEo=
Subject key identifier: 1F:A7:EB:38:F8:64:74:37:50:2B:F5:8F:0A:1C:9B:13:EF:C8:50:9B
Certificate issuer: /CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Certificate serial: 16
Authority key identifier: BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/B5D0F45C038411EFBBE77E26C4F9AE02.roa
Signing time: Fri 26 Apr 2024 04:46:14 +0000
ROA not before: Fri 26 Apr 2024 04:46:14 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 35908
IP address blocks: 43.252.120.0/22 maxlen: 22
110.34.128.0/17 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 02:41:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Validity
Not Before: Apr 26 04:46:14 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=662b3195-7154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f7:c8:52:27:d6:b3:e3:12:86:15:a5:b4:d0:
19:19:04:0e:3d:40:cd:05:03:5f:72:f0:14:da:c8:
86:19:8d:aa:2a:66:2a:e6:d1:7a:f7:f0:40:2b:4e:
79:79:c4:dd:79:9e:f9:f7:c9:e0:b6:b4:cd:a7:3d:
1e:fc:2a:ce:b3:8f:c5:c4:d9:0c:43:18:1f:4c:4a:
bf:a9:b1:cb:fd:80:a7:f4:02:e0:4a:04:12:0b:41:
62:40:18:9c:d9:c7:af:06:a2:65:ea:ae:96:05:78:
16:fb:07:b8:e9:06:12:5f:3d:1b:75:d8:72:90:89:
55:dd:28:ab:15:f6:8b:66:74:46:f1:89:54:3a:92:
80:b9:84:c1:fe:24:8c:15:9f:04:da:d9:06:dc:c1:
f8:d7:6f:48:fe:67:da:6a:dc:95:fd:f6:52:b6:1d:
fd:d5:e2:02:c4:db:fc:f3:94:05:27:e9:d8:8e:9b:
6b:fd:19:0b:48:fb:d5:37:28:62:cb:3f:01:21:4d:
a7:17:c9:65:4b:27:cc:d0:2b:34:8d:f9:dc:dd:e3:
b3:a8:8d:c9:38:e0:09:32:5e:a9:e3:4a:20:8f:cf:
76:1d:fd:83:37:04:47:d0:c3:4c:fc:d9:ed:de:98:
94:d6:3f:b0:ba:c2:5c:dc:8b:e7:59:e2:6f:b9:7e:
3a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A7:EB:38:F8:64:74:37:50:2B:F5:8F:0A:1C:9B:13:EF:C8:50:9B
X509v3 Authority Key Identifier:
keyid:BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/B5D0F45C038411EFBBE77E26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.120.0/22
110.34.128.0/17
Signature Algorithm: sha256WithRSAEncryption
01:a3:69:93:08:f9:73:ea:ef:01:d0:3f:7c:06:a4:bf:c4:19:
c1:20:1e:3f:d8:30:98:89:47:48:34:a4:48:03:0f:a6:ae:8b:
f4:79:26:ab:05:5a:cd:f2:ae:e4:85:9a:b9:98:f0:fa:65:3c:
f1:b9:42:f4:29:00:df:43:fa:d3:3b:7f:e2:28:31:2d:ef:9c:
29:7f:d2:b3:ff:a4:68:17:c0:3a:59:e1:ad:c4:55:7d:44:46:
d0:cd:01:14:f5:4f:15:4f:3a:09:8f:13:ea:3e:0f:a6:08:e4:
cb:01:55:48:49:70:13:eb:a4:1d:44:21:bb:2a:36:92:9e:b4:
9c:3f:a2:b9:b9:c0:09:bf:12:1e:2b:a0:f9:b5:d3:b4:10:60:
66:db:f6:2d:71:57:c6:1a:49:33:b2:bf:b9:e9:f7:e6:38:3a:
fe:19:c0:8d:6c:bd:51:6f:23:21:8b:98:a8:8a:9e:35:03:ff:
09:3b:e3:7a:f1:8d:83:40:0d:bc:1f:1a:b9:a5:af:82:7a:c8:
cb:ff:f2:fe:5f:e6:64:4d:cf:64:72:88:9e:28:3b:c3:10:18:
ed:a2:70:02:f1:2f:8f:6b:b5:fd:59:7f:eb:02:c5:44:bb:eb:
f9:9a:d3:63:3a:9f:6f:4f:0a:e7:a8:7d:c7:f7:3a:3e:1c:8f:
e0:3d:0b:a4
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QzUzMjExMC8GA1UEBRMoQkNBQjNFNzZGODRFRDQzNzQyRjJBMDgxMjQyNzA4RTc5
OUNFMUI1RjAeFw0yNDA0MjYwNDQ2MTRaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MmIzMTk1LTcxNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCf98hSJ9az4xKGFaW00BkZBA49QM0FA19y8BTayIYZjaoqZirm0Xr38EArTnl5
xN15nvn3yeC2tM2nPR78Ks6zj8XE2QxDGB9MSr+pscv9gKf0AuBKBBILQWJAGJzZ
x68GomXqrpYFeBb7B7jpBhJfPRt12HKQiVXdKKsV9otmdEbxiVQ6koC5hMH+JIwV
nwTa2QbcwfjXb0j+Z9pq3JX99lK2Hf3V4gLE2/zzlAUn6diOm2v9GQtI+9U3KGLL
PwEhTacXyWVLJ8zQKzSN+dzd47Oojck44AkyXqnjSiCPz3Yd/YM3BEfQw0z82e3e
mJTWP7C6wlzci+dZ4m+5fjp/AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUH6frOPhk
dDdQK/WPChybE+/IUJswHwYDVR0jBBgwFoAUvKs+dvhO1DdC8qCBJCcI55nOG18w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDNTMyL0RBQTBEMEI0MDM3
RTExRUY4NTIwRTc1OEM0RjlBRTAyL3ZLcy1kdmhPMURkQzhxQ0JKQ2NJNTVuT0cx
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdktzLWR2aE8xRGRDOHFDQkpDY0k1NW5PRzE4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QzUzMi9EQUEwRDBCNDAzN0UxMUVGODUyMEU3NThDNEY5QUUwMi9CNUQwRjQ1QzAz
ODQxMUVGQkJFNzdFMjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAiv8eAMEB24igDANBgkqhkiG9w0BAQsFAAOCAQEAAaNpkwj5
c+rvAdA/fAakv8QZwSAeP9gwmIlHSDSkSAMPpq6L9HkmqwVazfKu5IWauZjw+mU8
8blC9CkA30P60zt/4igxLe+cKX/Ss/+kaBfAOlnhrcRVfURG0M0BFPVPFU86CY8T
6j4PpgjkywFVSElwE+ukHUQhuyo2kp60nD+iubnACb8SHiug+bXTtBBgZtv2LXFX
xhpJM7K/uen35jg6/hnAjWy9UW8jIYuYqIqeNQP/CTvjevGNg0ANvB8auaWvgnrI
y//y/l/mZE3PZHKInig7wxAY7aJwAvEvj2u1/Vl/6wLFRLvr+ZrTYzqfb08K56h9
x/c6PhyP4D0LpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org