Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/8CD29D945BA011EEB91BDA3BC4F9AE02.roa
File: 8CD29D945BA011EEB91BDA3BC4F9AE02.roa (raw, json)
Hash identifier: CgRjKPFjcNJ+vxGsMeI7tvU4XDXBQs0Z5eJHOwNzvHA=
Subject key identifier: 5C:78:05:DC:24:99:42:E8:E8:21:2C:BF:45:2F:87:D8:CC:39:32:39
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: F6
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/8CD29D945BA011EEB91BDA3BC4F9AE02.roa
Signing time: Wed 04 Oct 2023 09:49:31 +0000
ROA not before: Wed 04 Oct 2023 09:49:31 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 133499
IP address blocks: 43.225.80.0/22 maxlen: 24
43.225.188.0/24 maxlen: 24
43.225.190.0/24 maxlen: 24
43.228.236.0/24 maxlen: 24
43.228.238.0/24 maxlen: 24
43.228.239.0/24 maxlen: 24
103.84.120.0/22 maxlen: 24
103.194.113.0/24 maxlen: 24
103.240.164.0/22 maxlen: 24
103.241.52.0/22 maxlen: 22
103.241.52.0/24 maxlen: 24
103.241.53.0/24 maxlen: 24
103.241.54.0/24 maxlen: 24
103.241.55.0/24 maxlen: 24
150.107.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Oct 2023 09:04:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246 (0xf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: Oct 4 09:49:31 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=651d352b-2709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:00:9b:8a:fe:ed:5d:0f:21:8f:7a:ff:2c:55:
af:1d:91:68:8d:3a:b9:e2:32:f6:84:d9:92:c1:4f:
59:77:88:63:bd:06:4a:c9:c0:f3:5b:fc:1b:da:49:
98:1a:15:60:25:bf:8c:cb:68:bb:69:de:4a:9e:0d:
d6:e2:36:d1:8d:cc:ec:83:72:3f:22:81:20:cd:29:
11:64:9b:e4:f6:33:b6:4b:fb:28:64:6e:6b:c2:0c:
2b:d5:4d:2a:1c:6e:b8:94:e4:1d:dc:7c:48:8a:31:
4d:32:16:9e:6c:4e:a8:61:e4:30:c7:f1:2b:29:b7:
a7:83:ba:a7:2a:5a:aa:48:c5:d1:a3:c5:82:c9:3c:
55:c6:fc:b4:74:a5:d9:15:83:2b:bc:8d:98:76:5c:
65:ac:6c:1e:f1:52:65:dd:7e:a5:da:2b:4e:e0:c8:
ce:2b:f5:e5:db:cb:31:c2:f8:b2:2d:3d:6f:68:07:
24:70:ef:08:b6:4e:73:0f:5e:32:a6:3c:f3:f6:c1:
48:80:b8:20:5c:70:93:5d:d2:1e:2b:e3:29:fb:6c:
9a:be:7d:63:1d:9c:ea:3c:93:e7:e9:df:20:d4:5c:
54:f1:5d:32:a8:5b:1e:e6:2f:8a:ba:2f:33:ad:6b:
33:4e:f4:e0:d6:fb:a4:8f:ad:98:0c:2a:50:b7:bd:
33:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:78:05:DC:24:99:42:E8:E8:21:2C:BF:45:2F:87:D8:CC:39:32:39
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/8CD29D945BA011EEB91BDA3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.80.0/22
43.225.188.0/24
43.225.190.0/24
43.228.236.0/24
43.228.238.0/23
103.84.120.0/22
103.194.113.0/24
103.240.164.0/22
103.241.52.0/22
150.107.226.0/24
Signature Algorithm: sha256WithRSAEncryption
68:8c:46:8b:d0:8f:3f:dc:c4:58:42:27:e7:2c:7f:87:f5:76:
54:e9:5e:96:f4:11:fb:01:23:6f:6c:eb:c2:4f:4e:4a:a7:c2:
b7:31:46:d5:6d:3a:17:2c:bd:ed:db:e9:c1:0b:71:5e:ea:c1:
0c:a4:99:07:04:ea:32:e9:bf:a8:2f:02:12:52:02:f0:74:0f:
3a:b4:fb:54:f0:58:e0:c5:00:66:e9:ba:2c:29:ad:06:fb:29:
45:e9:b6:e1:9a:ec:22:dd:1f:8c:60:55:7f:29:61:7c:df:2b:
62:e8:65:de:15:3c:ca:86:5b:33:9b:c4:3f:3b:43:3f:bc:af:
b9:90:6d:b4:4b:43:81:22:94:c6:81:59:1d:38:dc:91:77:9c:
ce:e9:00:be:0b:0e:03:ca:6f:07:a4:2c:5d:dd:b9:94:a5:52:
68:5e:cc:8a:14:61:cd:0d:01:6d:c6:5c:fc:bd:86:d0:4a:b6:
ce:91:a6:89:65:34:39:f7:9e:10:2f:f6:03:7f:cf:27:29:c7:
ce:e8:4c:5e:55:31:de:57:80:29:8f:bf:52:2e:ad:fb:1c:be:
32:a4:7c:3d:9e:24:bc:14:3d:12:e3:93:05:38:f5:cb:f1:31:
68:84:a8:24:58:6f:8a:53:75:c7:13:38:92:f9:14:c4:84:ef:
be:22:73:28
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICAPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5
Njk4RkU2MzgwHhcNMjMxMDA0MDk0OTMxWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkMzUyYi0yNzA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvgCbiv7tXQ8hj3r/LFWvHZFojTq54jL2hNmSwU9Zd4hjvQZKycDzW/wb2kmY
GhVgJb+My2i7ad5Kng3W4jbRjczsg3I/IoEgzSkRZJvk9jO2S/soZG5rwgwr1U0q
HG64lOQd3HxIijFNMhaebE6oYeQwx/ErKbeng7qnKlqqSMXRo8WCyTxVxvy0dKXZ
FYMrvI2YdlxlrGwe8VJl3X6l2itO4MjOK/Xl28sxwviyLT1vaAckcO8Itk5zD14y
pjzz9sFIgLggXHCTXdIeK+Mp+2yavn1jHZzqPJPn6d8g1FxU8V0yqFse5i+Kui8z
rWszTvTg1vukj62YDCpQt70zDwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFFx4Bdwk
mULo6CEsv0Uvh9jMOTI5MB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx
ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvOENEMjlEOTQ1
QkEwMTFFRUI5MUJEQTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAIr4VADBAAr4bwDBAAr4b4DBAAr5OwDBAEr5O4DBAJnVHgD
BABnwnEDBAJn8KQDBAJn8TQDBACWa+IwDQYJKoZIhvcNAQELBQADggEBAGiMRovQ
jz/cxFhCJ+csf4f1dlTpXpb0EfsBI29s68JPTkqnwrcxRtVtOhcsve3b6cELcV7q
wQykmQcE6jLpv6gvAhJSAvB0Dzq0+1TwWODFAGbpuiwprQb7KUXptuGa7CLdH4xg
VX8pYXzfK2LoZd4VPMqGWzObxD87Qz+8r7mQbbRLQ4EilMaBWR043JF3nM7pAL4L
DgPKbwekLF3duZSlUmhezIoUYc0NAW3GXPy9htBKts6RpollNDn3nhAv9gN/zycp
x87oTF5VMd5XgCmPv1IurfscvjKkfD2eJLwUPRLjkwU49cvxMWiEqCRYb4pTdccT
OJL5FMSE774icyg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org