Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/1358F7D6419811EAA268D964C4F9AE02.roa
File: 1358F7D6419811EAA268D964C4F9AE02.roa (raw, json)
Hash identifier: anu+ARaa/lbCsJvr8RP0ruCGA9lHvLiQyb6N9UihGGw=
Subject key identifier: FF:24:48:7A:AD:98:CB:26:B0:60:D9:19:67:84:10:43:02:2A:EE:2D
Certificate issuer: /CN=A91B3D30/serialNumber=01EE089DD4867B2CB276582AA97B318F509EA6EE
Certificate serial: 094A
Authority key identifier: 01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/1358F7D6419811EAA268D964C4F9AE02.roa
Signing time: Fri 02 Dec 2022 21:07:33 +0000
ROA not before: Fri 02 Dec 2022 21:07:33 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 9311
IP address blocks: 43.239.105.0/24 maxlen: 24
43.239.107.0/24 maxlen: 24
45.124.204.0/24 maxlen: 24
45.124.206.0/24 maxlen: 24
103.244.221.0/24 maxlen: 24
103.244.223.0/24 maxlen: 24
103.249.184.0/24 maxlen: 24
103.249.186.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2378 (0x94a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B3D30/serialNumber=01EE089DD4867B2CB276582AA97B318F509EA6EE
Validity
Not Before: Dec 2 21:07:33 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=638a6915-cfe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ee:38:37:56:09:3a:f1:e7:84:79:e3:c8:1c:
de:66:55:18:96:f9:3b:ca:8e:06:af:0b:d1:97:95:
18:5a:36:98:b8:8d:a1:28:0f:f4:f9:d6:fd:84:1b:
f1:bb:3e:62:42:5e:f6:3b:ed:ab:9c:b1:c9:02:a2:
f3:a5:a4:e3:1f:a7:88:21:ac:93:a2:ab:18:d3:24:
57:b4:e5:70:85:66:57:7f:ed:68:24:35:56:b4:39:
11:99:d6:ef:eb:21:ab:dd:c2:43:62:40:e4:c2:16:
4e:7f:77:60:e8:1e:ac:a6:e9:52:8c:cc:8a:98:21:
7e:cc:9f:46:18:b7:26:cd:4b:20:7c:2f:7f:a4:fe:
49:8c:81:ed:93:2a:c7:fa:aa:96:94:4e:9f:f0:54:
1e:90:15:2b:34:8d:df:f1:6d:db:43:81:a6:11:70:
28:72:21:60:6a:07:69:a0:9b:b2:e0:1c:ab:62:42:
df:05:27:5e:22:10:10:ba:ef:c2:0f:ba:7b:48:4b:
2a:5a:a9:f9:41:7f:39:ae:e1:87:28:b2:e1:05:7a:
85:4d:5a:ec:d1:b4:d1:16:96:66:bd:16:0c:51:8c:
54:92:99:83:1d:a5:0a:40:09:fc:6f:a6:d0:b1:94:
9c:50:be:1f:2e:85:6e:c2:6d:a9:0d:e5:2a:3f:fa:
a1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:24:48:7A:AD:98:CB:26:B0:60:D9:19:67:84:10:43:02:2A:EE:2D
X509v3 Authority Key Identifier:
keyid:01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/1358F7D6419811EAA268D964C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.105.0/24
43.239.107.0/24
45.124.204.0/24
45.124.206.0/24
103.244.221.0/24
103.244.223.0/24
103.249.184.0/24
103.249.186.0/24
Signature Algorithm: sha256WithRSAEncryption
89:39:42:2a:58:10:1e:8c:ca:1c:91:b6:df:cc:44:b9:6f:62:
c4:65:76:db:6e:63:15:10:fa:60:bc:ff:41:de:b4:d0:21:f7:
61:26:40:01:69:cb:ba:0c:14:fd:b5:af:3d:1c:bf:90:6f:cd:
8c:55:dc:13:a1:35:91:c0:53:aa:01:06:65:92:e5:c1:54:5d:
2c:bd:a6:2a:80:e0:7b:db:5b:67:02:93:f7:1b:d1:81:f0:21:
fd:fa:07:93:21:8c:8b:65:b9:7e:13:0a:f6:10:a3:2a:4f:72:
8b:7d:fd:0d:95:14:e1:f8:67:97:2f:6e:cc:3e:39:f4:9c:84:
7e:0f:f4:68:c6:e2:63:68:88:08:ee:00:9b:80:9e:45:8e:f1:
c9:22:9c:2e:1a:0a:4a:b7:10:82:9a:63:43:fa:2d:23:1a:85:
2b:02:74:64:b2:66:75:42:0a:b9:cd:f8:a0:eb:3b:0f:c7:51:
42:1e:55:25:cc:9d:31:c2:ae:0e:92:03:96:61:4d:82:bc:1f:
29:47:18:f8:86:87:72:e9:83:60:18:3b:67:9b:12:9c:7c:d0:
3e:0a:69:b7:d7:d4:04:9b:b1:63:f0:76:28:76:ca:bc:c4:f4:
53:5c:a8:1f:d8:f4:44:b7:0e:04:ba:6f:4b:73:30:df:2b:c8:
4b:e5:25:a7
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICCUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjNEMzAxMTAvBgNVBAUTKDAxRUUwODlERDQ4NjdCMkNCMjc2NTgyQUE5N0IzMThG
NTA5RUE2RUUwHhcNMjIxMjAyMjEwNzMzWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhhNjkxNS1jZmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu+44N1YJOvHnhHnjyBzeZlUYlvk7yo4GrwvRl5UYWjaYuI2hKA/0+db9hBvx
uz5iQl72O+2rnLHJAqLzpaTjH6eIIayToqsY0yRXtOVwhWZXf+1oJDVWtDkRmdbv
6yGr3cJDYkDkwhZOf3dg6B6spulSjMyKmCF+zJ9GGLcmzUsgfC9/pP5JjIHtkyrH
+qqWlE6f8FQekBUrNI3f8W3bQ4GmEXAociFgagdpoJuy4ByrYkLfBSdeIhAQuu/C
D7p7SEsqWqn5QX85ruGHKLLhBXqFTVrs0bTRFpZmvRYMUYxUkpmDHaUKQAn8b6bQ
sZScUL4fLoVuwm2pDeUqP/qhnQIDAQABo4ICvzCCArswHQYDVR0OBBYEFP8kSHqt
mMsmsGDZGWeEEEMCKu4tMB8GA1UdIwQYMBaAFAHuCJ3UhnsssnZYKql7MY9Qnqbu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0QzMC9FM0RGNDY5QzQx
NjgxMUVBQUU4QTc3NTBDNEY5QUUwMi9BZTRJbmRTR2V5eXlkbGdxcVhzeGoxQ2Vw
dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FlNEluZFNHZXl5eWRsZ3FxWHN4ajFDZXB1NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjNEMzAvRTNERjQ2OUM0MTY4MTFFQUFFOEE3NzUwQzRGOUFFMDIvMTM1OEY3RDY0
MTk4MTFFQUEyNjhEOTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBAAr72kDBAAr72sDBAAtfMwDBAAtfM4DBABn9N0DBABn9N8D
BABn+bgDBABn+bowDQYJKoZIhvcNAQELBQADggEBAIk5QipYEB6MyhyRtt/MRLlv
YsRldttuYxUQ+mC8/0HetNAh92EmQAFpy7oMFP21rz0cv5BvzYxV3BOhNZHAU6oB
BmWS5cFUXSy9piqA4HvbW2cCk/cb0YHwIf36B5MhjItluX4TCvYQoypPcot9/Q2V
FOH4Z5cvbsw+OfSchH4P9GjG4mNoiAjuAJuAnkWO8ckinC4aCkq3EIKaY0P6LSMa
hSsCdGSyZnVCCrnN+KDrOw/HUUIeVSXMnTHCrg6SA5ZhTYK8HylHGPiGh3Lpg2AY
O2ebEpx80D4KabfX1ASbsWPwdih2yrzE9FNcqB/Y9ES3DgS6b0tzMN8ryEvlJac=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:02 2023 by rpki-client on console-ams.rpki-client.org