Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/B2EA4D6E3BCD11EC8086E031C4F9AE02.roa
File: B2EA4D6E3BCD11EC8086E031C4F9AE02.roa (raw, json)
Hash identifier: hmI++gI2L4+p+wSLdX5EH7DfEABdzMaHH8UHah7e6AA=
Subject key identifier: 15:26:BC:C1:8F:45:A5:0E:32:6B:7B:BD:52:EF:EA:7F:91:C2:A2:0D
Certificate issuer: /CN=A91AD0B2/serialNumber=44BA569BFD2EC816B069734513E0BBF2D34EB707
Certificate serial: 0474
Authority key identifier: 44:BA:56:9B:FD:2E:C8:16:B0:69:73:45:13:E0:BB:F2:D3:4E:B7:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RLpWm_0uyBawaXNFE-C78tNOtwc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/B2EA4D6E3BCD11EC8086E031C4F9AE02.roa
Signing time: Wed 13 Sep 2023 00:42:12 +0000
ROA not before: Wed 13 Sep 2023 00:42:12 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 399955
IP address blocks: 43.242.200.0/22 maxlen: 24
103.38.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 03:08:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1140 (0x474)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AD0B2/serialNumber=44BA569BFD2EC816B069734513E0BBF2D34EB707
Validity
Not Before: Sep 13 00:42:12 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65010564-ad4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d6:2d:d4:dd:f6:b5:11:18:5c:56:e3:ab:21:
1b:cb:0d:1d:d6:26:9b:9c:fa:20:91:9a:5f:ae:40:
5a:87:62:6d:ae:b3:20:8e:86:ba:47:b1:1f:72:60:
13:16:55:b1:e7:f6:9a:6b:6b:a8:79:bf:78:19:8f:
ef:c8:83:6f:bb:10:80:c9:8d:6c:36:7c:83:fd:27:
ce:9f:a6:fd:24:32:0d:0b:c8:b5:2d:f6:8c:a4:79:
58:a2:57:3c:24:3e:d7:71:cc:54:92:f2:c3:24:b0:
0d:98:b6:30:e1:54:39:9d:cb:c9:76:5d:86:f2:67:
c2:59:07:e9:fe:b6:4c:3b:5f:6f:2d:27:a2:de:dc:
bd:fb:ca:d1:d0:be:9f:47:51:4b:5b:21:29:9d:5a:
fa:38:c2:70:60:bb:38:ef:3b:4f:ce:53:c4:4f:eb:
30:3f:d9:2b:93:8a:9b:84:2a:c0:c1:ea:07:5f:53:
5e:2d:22:11:ad:15:44:7f:3e:4b:47:17:17:49:e9:
5e:50:bf:9c:2a:28:b0:f4:0d:c7:09:9a:9c:0b:31:
15:82:f8:35:0d:fc:00:8e:46:a7:a1:5e:1a:61:db:
f7:72:fc:99:7b:35:d4:6c:77:79:5a:85:70:0b:3d:
5d:85:b1:06:43:eb:06:f5:11:f3:5b:f5:95:16:9a:
7d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:26:BC:C1:8F:45:A5:0E:32:6B:7B:BD:52:EF:EA:7F:91:C2:A2:0D
X509v3 Authority Key Identifier:
keyid:44:BA:56:9B:FD:2E:C8:16:B0:69:73:45:13:E0:BB:F2:D3:4E:B7:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/RLpWm_0uyBawaXNFE-C78tNOtwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RLpWm_0uyBawaXNFE-C78tNOtwc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AD0B2/2213E5BCCB2E11EBB2D39748C4F9AE02/B2EA4D6E3BCD11EC8086E031C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.242.200.0/22
103.38.80.0/22
Signature Algorithm: sha256WithRSAEncryption
70:c6:e1:c2:89:64:79:80:6b:d2:81:62:a3:58:a2:06:df:27:
76:48:e6:21:f2:f7:a3:1d:41:37:74:37:86:20:50:df:92:c2:
29:2a:01:bc:fc:8b:7f:49:e0:59:1a:68:0a:2f:1e:be:f3:a9:
dd:b9:ef:6b:18:83:2a:2c:bc:e5:f1:6b:82:d2:36:e7:cf:d2:
3b:02:0c:20:7e:16:23:75:62:17:b2:b9:19:36:41:71:0a:d8:
3a:42:7c:17:7c:eb:16:49:91:25:ab:f9:6e:05:de:e6:94:8c:
c3:d7:5b:df:c3:ae:6e:a4:17:a7:08:91:9a:c2:cc:4e:b4:3a:
f2:45:23:83:bd:bc:ea:b3:cc:39:0f:60:9a:f9:59:5f:69:4e:
ff:39:d2:1c:1b:fb:5e:21:78:b2:3c:9f:40:44:83:f6:ab:42:
7a:db:e9:8f:36:ca:78:7e:cc:a1:65:36:b6:fb:5d:b5:51:1f:
4b:9c:d8:c5:2b:45:9a:ed:fa:15:a7:50:6c:5c:55:17:81:9d:
33:2c:a1:13:e7:b1:ab:92:4e:89:af:fa:6a:71:69:80:7e:6b:
0b:19:2a:12:ec:0f:ae:ed:22:bc:84:5e:f1:18:ae:d7:2c:bd:
cd:f1:b3:93:83:46:75:79:0d:e2:f8:92:43:68:40:12:e6:e2:
a9:7a:55:0e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUQwQjIxMTAvBgNVBAUTKDQ0QkE1NjlCRkQyRUM4MTZCMDY5NzM0NTEzRTBCQkYy
RDM0RUI3MDcwHhcNMjMwOTEzMDA0MjEyWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTAxMDU2NC1hZDRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA49Yt1N32tREYXFbjqyEbyw0d1iabnPogkZpfrkBah2JtrrMgjoa6R7EfcmAT
FlWx5/aaa2uoeb94GY/vyINvuxCAyY1sNnyD/SfOn6b9JDINC8i1LfaMpHlYolc8
JD7XccxUkvLDJLANmLYw4VQ5ncvJdl2G8mfCWQfp/rZMO19vLSei3ty9+8rR0L6f
R1FLWyEpnVr6OMJwYLs47ztPzlPET+swP9krk4qbhCrAweoHX1NeLSIRrRVEfz5L
RxcXSeleUL+cKiiw9A3HCZqcCzEVgvg1DfwAjkanoV4aYdv3cvyZezXUbHd5WoVw
Cz1dhbEGQ+sG9RHzW/WVFpp9gwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBUmvMGP
RaUOMmt7vVLv6n+RwqINMB8GA1UdIwQYMBaAFES6Vpv9LsgWsGlzRRPgu/LTTrcH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRDBCMi8yMjEzRTVCQ0NC
MkUxMUVCQjJEMzk3NDhDNEY5QUUwMi9STHBXbV8wdXlCYXdhWE5GRS1DNzh0Tk90
d2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JMcFdtXzB1eUJhd2FYTkZFLUM3OHROT3R3Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUQwQjIvMjIxM0U1QkNDQjJFMTFFQkIyRDM5NzQ4QzRGOUFFMDIvQjJFQTRENkUz
QkNEMTFFQzgwODZFMDMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr8sgDBAJnJlAwDQYJKoZIhvcNAQELBQADggEBAHDG4cKJ
ZHmAa9KBYqNYogbfJ3ZI5iHy96MdQTd0N4YgUN+SwikqAbz8i39J4FkaaAovHr7z
qd2572sYgyosvOXxa4LSNufP0jsCDCB+FiN1YheyuRk2QXEK2DpCfBd86xZJkSWr
+W4F3uaUjMPXW9/Drm6kF6cIkZrCzE60OvJFI4O9vOqzzDkPYJr5WV9pTv850hwb
+14heLI8n0BEg/arQnrb6Y82ynh+zKFlNrb7XbVRH0uc2MUrRZrt+hWnUGxcVReB
nTMsoRPnsauSTomv+mpxaYB+awsZKhLsD67tIryEXvEYrtcsvc3xs5ODRnV5DeL4
kkNoQBLm4ql6VQ4=
-----END CERTIFICATE-----
Generated at Wed Jan 10 04:14:56 2024 by rpki-client on console-ams.rpki-client.org