Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/38D2A96C75D911E8A722EC33C4F9AE02.roa
File: 38D2A96C75D911E8A722EC33C4F9AE02.roa (raw, json)
Hash identifier: elDFtFSy7NJUJ+IUx0YL2euoTfOLBLZKBmxm8iFbuQM=
Subject key identifier: 59:31:AD:B3:C3:AD:34:BF:BB:AA:FD:9D:FF:41:A1:92:D2:5C:B7:8E
Certificate issuer: /CN=A91D92FB/serialNumber=4C36F812E76D827ECE6E59BD1560585C51ECD992
Certificate serial: 33CA
Authority key identifier: 4C:36:F8:12:E7:6D:82:7E:CE:6E:59:BD:15:60:58:5C:51:EC:D9:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/38D2A96C75D911E8A722EC33C4F9AE02.roa
Signing time: Tue 30 Jan 2024 14:51:02 +0000
ROA not before: Tue 30 Jan 2024 14:51:02 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 18049
IP address blocks: 43.243.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 06:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13258 (0x33ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D92FB/serialNumber=4C36F812E76D827ECE6E59BD1560585C51ECD992
Validity
Not Before: Jan 30 14:51:02 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65b90cd5-6e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:87:ac:48:83:21:8e:c3:0e:ab:64:8e:08:11:
b4:6a:49:4a:cf:61:d9:cf:99:4c:36:b8:4a:03:50:
bc:72:5d:1a:1a:ba:d5:a0:c7:22:f4:37:06:98:8a:
bf:cb:46:43:f8:10:9a:69:fb:32:9c:f0:5a:51:5a:
f3:8f:d2:6e:da:72:f9:0b:de:a7:ea:21:8c:a0:ae:
a9:23:88:1c:93:f1:f0:be:ae:d1:23:2c:f7:5f:df:
a5:8e:d8:84:42:44:99:a2:73:e6:16:3d:60:d9:94:
d1:a6:e5:3a:50:16:b5:da:93:94:72:51:af:6b:c6:
cb:8b:ef:ef:60:72:4e:01:6f:b4:12:56:67:f2:cd:
12:5d:25:5f:ee:f4:bb:83:78:bf:42:b6:28:ee:32:
e9:a7:bf:ad:56:8f:60:f9:6d:31:38:04:8b:01:01:
dc:de:19:e1:fb:5e:55:30:03:b1:be:57:8c:83:66:
cb:94:bf:a3:5c:18:aa:8b:0a:d2:57:af:3b:e4:a2:
e5:02:29:83:b7:28:7c:62:84:d8:0f:94:6e:99:09:
3d:1e:35:81:00:6a:0f:d3:64:a2:da:3e:67:94:02:
23:16:52:ef:dc:43:11:4a:06:64:f2:a5:d2:dd:ac:
d0:70:58:77:a9:e3:80:36:cc:8f:ec:39:90:25:2f:
1c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:31:AD:B3:C3:AD:34:BF:BB:AA:FD:9D:FF:41:A1:92:D2:5C:B7:8E
X509v3 Authority Key Identifier:
keyid:4C:36:F8:12:E7:6D:82:7E:CE:6E:59:BD:15:60:58:5C:51:EC:D9:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/38D2A96C75D911E8A722EC33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.252.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:49:d6:0f:e2:45:0a:3d:9a:f1:2c:ce:2d:2f:9b:94:6a:e4:
48:1d:79:94:8a:f0:fd:ce:e9:8c:3b:66:a6:a5:5e:55:e7:49:
3b:86:a4:a5:2d:63:3f:fe:ec:0b:aa:ba:c8:fe:e5:48:a9:c4:
5e:7d:85:ed:b2:49:10:c6:2d:99:7d:fa:a6:08:78:b5:16:04:
cb:54:34:89:77:2f:76:a1:c5:a1:57:4e:11:dc:e8:86:d6:78:
13:a7:ab:aa:e0:a8:b2:98:e5:d3:d3:21:70:bc:7a:20:de:4f:
25:57:09:aa:2f:26:50:0f:ca:c8:a0:5d:9b:0b:bb:f0:19:7a:
b6:73:d7:a9:96:35:1d:a5:04:a7:36:6d:a1:21:49:55:6d:7c:
c3:7a:c1:92:0f:94:5f:9f:99:6d:5b:52:74:88:e1:d6:18:3f:
51:d0:7e:2f:d0:4d:5a:69:98:ca:da:ce:fb:56:2d:b1:35:28:
53:81:5d:c3:b4:ae:0f:38:c0:7e:e4:ed:f0:8f:92:e6:c8:c5:
76:11:25:4e:c6:26:16:8e:86:da:85:8d:9d:ac:76:3f:93:ea:
56:25:75:4f:7c:d5:c2:42:50:61:c9:b0:04:ad:44:65:6f:f5:
69:5f:9c:b9:4d:b8:ab:82:c9:07:29:46:4f:d4:0b:df:42:67:
f9:4a:9d:34
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICM8owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDkyRkIxMTAvBgNVBAUTKDRDMzZGODEyRTc2RDgyN0VDRTZFNTlCRDE1NjA1ODVD
NTFFQ0Q5OTIwHhcNMjQwMTMwMTQ1MTAyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5MGNkNS02ZTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+YesSIMhjsMOq2SOCBG0aklKz2HZz5lMNrhKA1C8cl0aGrrVoMci9DcGmIq/
y0ZD+BCaafsynPBaUVrzj9Ju2nL5C96n6iGMoK6pI4gck/Hwvq7RIyz3X9+ljtiE
QkSZonPmFj1g2ZTRpuU6UBa12pOUclGva8bLi+/vYHJOAW+0ElZn8s0SXSVf7vS7
g3i/QrYo7jLpp7+tVo9g+W0xOASLAQHc3hnh+15VMAOxvleMg2bLlL+jXBiqiwrS
V6875KLlAimDtyh8YoTYD5RumQk9HjWBAGoP02Si2j5nlAIjFlLv3EMRSgZk8qXS
3azQcFh3qeOANsyP7DmQJS8cuwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFkxrbPD
rTS/u6r9nf9BoZLSXLeOMB8GA1UdIwQYMBaAFEw2+BLnbYJ+zm5ZvRVgWFxR7NmS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTJGQi8zMjdGQzZCMjFE
ODgxMUUyOThGM0EzRTAwOEIwMkNEMi9URGI0RXVkdGduN09ibG05RldCWVhGSHMy
WkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1REYjRFdWR0Z243T2JsbTlGV0JZWEZIczJaSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDkyRkIvMzI3RkM2QjIxRDg4MTFFMjk4RjNBM0UwMDhCMDJDRDIvMzhEMkE5NkM3
NUQ5MTFFOEE3MjJFQzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr8/wwDQYJKoZIhvcNAQELBQADggEBAD5J1g/iRQo9mvEs
zi0vm5Rq5EgdeZSK8P3O6Yw7ZqalXlXnSTuGpKUtYz/+7Auqusj+5UipxF59he2y
SRDGLZl9+qYIeLUWBMtUNIl3L3ahxaFXThHc6IbWeBOnq6rgqLKY5dPTIXC8eiDe
TyVXCaovJlAPysigXZsLu/AZerZz16mWNR2lBKc2baEhSVVtfMN6wZIPlF+fmW1b
UnSI4dYYP1HQfi/QTVppmMrazvtWLbE1KFOBXcO0rg84wH7k7fCPkubIxXYRJU7G
JhaOhtqFjZ2sdj+T6lYldU981cJCUGHJsAStRGVv9WlfnLlNuKuCyQcpRk/UC99C
Z/lKnTQ=
-----END CERTIFICATE-----
Generated at Mon Nov 4 08:26:38 2024 by rpki-client on console-fra.rpki-client.org