Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/37C9EE28F10611EE96681A3CC4F9AE02.roa
File: 37C9EE28F10611EE96681A3CC4F9AE02.roa (raw, json)
Hash identifier: QnoqM+uB2wGAZeaO62Uhi+V6YwarM0uMOJArkiAqJtM=
Subject key identifier: A0:55:00:91:E9:68:B6:B6:D1:C0:C5:72:34:76:0B:D3:20:28:CB:5B
Certificate issuer: /CN=A91B01C7/serialNumber=E8DF8D5E4C84DA87D729A73C1C4E8611381AB2C1
Certificate serial: 2970
Authority key identifier: E8:DF:8D:5E:4C:84:DA:87:D7:29:A7:3C:1C:4E:86:11:38:1A:B2:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/37C9EE28F10611EE96681A3CC4F9AE02.roa
Signing time: Wed 12 Jun 2024 16:03:48 +0000
ROA not before: Wed 12 Jun 2024 16:03:48 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 58601
IP address blocks: 43.245.192.0/24 maxlen: 24
43.245.195.0/24 maxlen: 24
103.9.112.0/22 maxlen: 22
103.9.112.0/24 maxlen: 24
103.9.113.0/24 maxlen: 24
103.9.114.0/24 maxlen: 24
103.9.115.0/24 maxlen: 24
2403:e100::/32 maxlen: 32
2403:e100:1000::/48 maxlen: 48
2403:e100:1000:4::/64 maxlen: 64
Validation: Failed, certificate revoked on Thu 27 Jun 2024 11:28:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10608 (0x2970)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B01C7/serialNumber=E8DF8D5E4C84DA87D729A73C1C4E8611381AB2C1
Validity
Not Before: Jun 12 16:03:48 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6669c6e4-765e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:93:43:85:4b:23:32:23:9f:c3:9e:f9:c7:51:
55:70:96:67:5c:5d:29:44:6f:9e:72:13:74:97:fb:
99:10:c8:44:d6:69:21:f7:bc:c9:f9:4e:71:e3:0a:
24:88:43:60:52:b0:8c:9a:12:2f:36:9f:65:a5:cc:
da:b5:d3:be:fa:1f:ad:ba:ed:8c:93:af:4a:bf:64:
79:b3:0a:74:9b:09:08:c5:81:da:52:4b:c1:e9:5d:
36:91:7f:ba:99:a3:a0:a4:c6:1d:6e:8c:dc:79:74:
a6:0d:e4:a9:25:b4:17:0d:27:f2:f9:d3:0b:8f:dd:
39:da:8f:03:a0:80:8f:bb:8a:59:d3:ff:a9:4b:75:
6a:ee:7f:ff:b1:fe:34:08:5d:e9:60:19:56:a1:bc:
b6:b3:c5:c5:18:ee:27:55:41:b7:5b:7a:97:5c:a5:
d8:0f:82:f1:67:a9:6d:01:f5:52:81:34:cd:67:4b:
c5:e3:4c:fb:93:a1:d0:c4:00:ab:f7:ad:96:19:db:
60:f2:54:5d:36:a5:52:d0:d5:90:c7:70:59:59:9e:
a9:b7:4e:05:d1:7f:7b:df:da:c2:20:d9:6c:22:d7:
37:5a:85:09:07:ef:21:2d:69:19:8d:aa:00:22:d8:
0d:ed:d6:f6:e6:03:b6:c1:7d:d5:eb:07:15:a3:97:
be:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:55:00:91:E9:68:B6:B6:D1:C0:C5:72:34:76:0B:D3:20:28:CB:5B
X509v3 Authority Key Identifier:
keyid:E8:DF:8D:5E:4C:84:DA:87:D7:29:A7:3C:1C:4E:86:11:38:1A:B2:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/6N-NXkyE2ofXKac8HE6GETgassE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/37C9EE28F10611EE96681A3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.192.0/24
43.245.195.0/24
103.9.112.0/22
IPv6:
2403:e100::/32
Signature Algorithm: sha256WithRSAEncryption
69:26:32:0a:dc:5f:8b:7e:7a:66:52:d0:d0:b4:4a:4e:5e:5c:
be:8a:ec:64:87:f4:7d:80:2e:86:6b:3d:b6:99:ed:7a:5f:c9:
bb:62:87:a4:f9:73:7f:ea:f3:bc:4f:e5:a0:4f:96:e3:b6:61:
52:f4:ba:f2:5b:ce:d5:6f:59:5c:3b:ff:7c:9f:ef:25:ce:9f:
c6:49:d1:0b:e8:6e:ac:8c:13:9b:e9:bc:a3:e2:76:54:8c:5c:
6a:99:cc:ba:b8:82:cb:31:9b:d9:7a:77:70:3e:af:fb:f7:8a:
02:2d:99:2f:50:95:ac:4c:8f:76:d5:2a:a8:ab:45:92:93:60:
8e:13:24:77:97:68:65:57:1a:53:89:65:c8:50:e5:b4:2d:7f:
ac:a5:d9:df:71:f7:5d:84:55:45:d0:1c:d0:1c:7c:bf:e4:b5:
e6:f6:73:ad:fc:39:23:67:e8:d1:4f:d4:de:f0:73:9e:37:62:
10:20:c6:ee:44:99:64:3d:c7:4a:67:c0:3c:74:59:96:39:60:
df:ee:6d:44:8c:58:ff:1e:31:a2:8a:f1:53:37:55:28:93:50:
8b:44:be:03:97:47:e9:4f:f4:89:69:ce:3d:4a:87:b1:e4:9b:
8a:98:3c:bd:ff:1d:bf:25:ec:65:7e:0f:09:ab:c4:e4:b9:43:
38:57:16:25
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICKXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjAxQzcxMTAvBgNVBAUTKEU4REY4RDVFNEM4NERBODdENzI5QTczQzFDNEU4NjEx
MzgxQUIyQzEwHhcNMjQwNjEyMTYwMzQ4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjY5YzZlNC03NjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJNDhUsjMiOfw575x1FVcJZnXF0pRG+echN0l/uZEMhE1mkh97zJ+U5x4wok
iENgUrCMmhIvNp9lpczatdO++h+tuu2Mk69Kv2R5swp0mwkIxYHaUkvB6V02kX+6
maOgpMYdbozceXSmDeSpJbQXDSfy+dMLj9052o8DoICPu4pZ0/+pS3Vq7n//sf40
CF3pYBlWoby2s8XFGO4nVUG3W3qXXKXYD4LxZ6ltAfVSgTTNZ0vF40z7k6HQxACr
962WGdtg8lRdNqVS0NWQx3BZWZ6pt04F0X9739rCINlsItc3WoUJB+8hLWkZjaoA
ItgN7db25gO2wX3V6wcVo5e+uQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFKBVAJHp
aLa20cDFcjR2C9MgKMtbMB8GA1UdIwQYMBaAFOjfjV5MhNqH1ymnPBxOhhE4GrLB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDFDNy85N0NGMjBGQTMz
MjMxMUU0QTZFNzQ5MTFDNEY5QUUwMi82Ti1OWGt5RTJvZlhLYWM4SEU2R0VUZ2Fz
c0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZOLU5Ya3lFMm9mWEthYzhIRTZHRVRnYXNzRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjAxQzcvOTdDRjIwRkEzMzIzMTFFNEE2RTc0OTExQzRGOUFFMDIvMzdDOUVFMjhG
MTA2MTFFRTk2NjgxQTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAAr9cADBAAr9cMDBAJnCXAwDQQCAAIwBwMFACQD4QAwDQYJ
KoZIhvcNAQELBQADggEBAGkmMgrcX4t+emZS0NC0Sk5eXL6K7GSH9H2ALoZrPbaZ
7Xpfybtih6T5c3/q87xP5aBPluO2YVL0uvJbztVvWVw7/3yf7yXOn8ZJ0QvobqyM
E5vpvKPidlSMXGqZzLq4gssxm9l6d3A+r/v3igItmS9QlaxMj3bVKqirRZKTYI4T
JHeXaGVXGlOJZchQ5bQtf6yl2d9x912EVUXQHNAcfL/kteb2c638OSNn6NFP1N7w
c543YhAgxu5EmWQ9x0pnwDx0WZY5YN/ubUSMWP8eMaKK8VM3VSiTUItEvgOXR+lP
9Ilpzj1Kh7Hkm4qYPL3/Hb8l7GV+DwmrxOS5QzhXFiU=
-----END CERTIFICATE-----
Generated at Thu Jun 27 16:07:24 2024 by rpki-client on console-ams.rpki-client.org