Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/C435D52A496711EFACD57574C4F9AE02.roa
File: C435D52A496711EFACD57574C4F9AE02.roa (raw, json)
Hash identifier: G+PrHRn2c9D08SAl+HmBk3AhLIA1f3Dc1MYcc4UkT3E=
Subject key identifier: DA:4F:0A:CB:D8:90:C7:AD:3F:91:EE:62:D2:C7:3B:1F:0E:16:E6:1B
Certificate issuer: /CN=A91DC017/serialNumber=0AA5DE29265A08E27A581D894465BDCDB73709BB
Certificate serial: 012D
Authority key identifier: 0A:A5:DE:29:26:5A:08:E2:7A:58:1D:89:44:65:BD:CD:B7:37:09:BB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/C435D52A496711EFACD57574C4F9AE02.roa
Signing time: Wed 24 Jul 2024 02:52:29 +0000
ROA not before: Wed 24 Jul 2024 02:52:29 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 38277
IP address blocks: 43.252.40.0/24 maxlen: 24
43.252.41.0/24 maxlen: 24
103.228.28.0/22 maxlen: 22
103.228.28.0/24 maxlen: 24
103.228.29.0/24 maxlen: 24
103.228.30.0/24 maxlen: 24
103.228.31.0/24 maxlen: 24
103.251.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 09:53:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 301 (0x12d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC017/serialNumber=0AA5DE29265A08E27A581D894465BDCDB73709BB
Validity
Not Before: Jul 24 02:52:29 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66a06c6d-e414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:69:30:a7:e2:54:1d:77:b5:f6:94:45:2b:c5:
b9:52:0e:48:56:8c:b6:9f:d2:59:e9:57:71:f1:38:
27:6d:73:58:3c:35:3f:b5:95:3e:70:49:55:f9:bc:
41:c9:ea:0f:c7:0c:48:5a:41:b9:7e:f2:c2:53:7e:
22:eb:a8:a0:37:91:b8:fe:c3:2f:55:c4:06:07:32:
e4:06:63:8c:94:4b:28:d3:79:97:87:55:d1:cc:64:
af:4b:6d:c2:f2:20:1f:73:4c:62:16:82:07:fb:0e:
cb:b1:51:b7:06:e5:23:c3:8d:2a:e1:cc:bd:cb:09:
9c:ca:9e:b6:88:e7:b9:1e:d0:ff:fe:72:d7:a3:ad:
95:0e:b4:88:30:16:b8:7d:77:2b:bc:75:0f:e5:09:
6d:7c:14:38:9c:11:33:58:b0:a9:d4:50:13:c0:b2:
36:2c:04:ce:db:d2:29:20:ee:79:6b:ed:ef:46:d2:
91:99:c2:51:43:ac:36:2b:7b:f3:3e:ae:87:64:d8:
28:6a:28:d8:e0:b1:3a:b5:90:49:09:df:b5:4d:36:
5a:53:1a:42:21:db:53:31:8b:c3:38:30:6e:4f:58:
43:d1:d4:53:da:59:e6:da:74:1f:7e:da:4d:a4:e6:
ce:7a:f8:a7:cb:d1:ea:09:a7:a6:04:3c:9c:00:e1:
59:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4F:0A:CB:D8:90:C7:AD:3F:91:EE:62:D2:C7:3B:1F:0E:16:E6:1B
X509v3 Authority Key Identifier:
keyid:0A:A5:DE:29:26:5A:08:E2:7A:58:1D:89:44:65:BD:CD:B7:37:09:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/C435D52A496711EFACD57574C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.40.0/23
103.228.28.0/22
103.251.239.0/24
Signature Algorithm: sha256WithRSAEncryption
07:82:55:8a:67:df:57:8c:cb:bd:a7:9e:c8:e9:bf:b3:9f:0d:
bc:29:f9:96:83:96:b0:34:2c:d9:5f:ba:69:c6:5a:fa:ed:18:
f7:2d:b5:42:f6:ad:28:a3:95:ab:0c:3e:03:5e:bb:57:e9:f9:
df:2c:24:21:57:e5:16:74:a9:7e:94:7c:02:1d:94:20:4e:0e:
5f:12:24:23:3c:52:f1:9c:19:34:2f:f2:d3:2d:4b:c1:db:e6:
b2:9c:54:de:a1:7d:e4:5e:b3:60:e0:fe:9b:3b:98:6d:25:d4:
9f:36:92:df:87:6b:cc:35:47:4f:43:0e:0e:47:0f:b6:ec:4d:
fd:f1:a8:43:f0:d1:60:b5:0a:8f:de:04:54:a2:69:ec:b4:46:
91:a8:e9:f3:b5:bc:b3:e1:36:c4:6f:d4:1b:ca:96:3b:e4:b9:
ff:0d:47:3b:7d:93:1f:60:85:af:64:e9:95:70:61:98:71:0e:
71:f7:ce:d4:6f:65:2a:ab:d7:3c:f3:83:d1:71:8f:fd:17:2d:
5a:9a:10:08:8a:11:06:4f:45:20:33:74:50:4e:b9:52:5c:9c:
ec:74:a9:2f:ee:b6:4b:e1:3f:36:e9:2b:e8:8f:f3:0b:5a:32:
7d:e9:02:6c:d5:4e:7c:61:ac:74:fa:b4:8c:b4:9b:9e:f3:9c:
b3:d0:69:94
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REMwMTcxMTAvBgNVBAUTKDBBQTVERTI5MjY1QTA4RTI3QTU4MUQ4OTQ0NjVCRENE
QjczNzA5QkIwHhcNMjQwNzI0MDI1MjI5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmEwNmM2ZC1lNDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA12kwp+JUHXe19pRFK8W5Ug5IVoy2n9JZ6Vdx8TgnbXNYPDU/tZU+cElV+bxB
yeoPxwxIWkG5fvLCU34i66igN5G4/sMvVcQGBzLkBmOMlEso03mXh1XRzGSvS23C
8iAfc0xiFoIH+w7LsVG3BuUjw40q4cy9ywmcyp62iOe5HtD//nLXo62VDrSIMBa4
fXcrvHUP5QltfBQ4nBEzWLCp1FATwLI2LATO29IpIO55a+3vRtKRmcJRQ6w2K3vz
Pq6HZNgoaijY4LE6tZBJCd+1TTZaUxpCIdtTMYvDODBuT1hD0dRT2lnm2nQfftpN
pObOeviny9HqCaemBDycAOFZtwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNpPCsvY
kMetP5HuYtLHOx8OFuYbMB8GA1UdIwQYMBaAFAql3ikmWgjielgdiURlvc23Nwm7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzAxNy8xMDVBQzhGQzkw
QzMxMUVEQkExRENDMjNDNEY5QUUwMi9DcVhlS1NaYUNPSjZXQjJKUkdXOXpiYzND
YnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NxWGVLU1phQ09KNldCMkpSR1c5emJjM0Nicy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REMwMTcvMTA1QUM4RkM5MEMzMTFFREJBMURDQzIzQzRGOUFFMDIvQzQzNUQ1MkE0
OTY3MTFFRkFDRDU3NTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAEr/CgDBAJn5BwDBABn++8wDQYJKoZIhvcNAQELBQADggEB
AAeCVYpn31eMy72nnsjpv7OfDbwp+ZaDlrA0LNlfumnGWvrtGPcttUL2rSijlasM
PgNeu1fp+d8sJCFX5RZ0qX6UfAIdlCBODl8SJCM8UvGcGTQv8tMtS8Hb5rKcVN6h
feRes2Dg/ps7mG0l1J82kt+Ha8w1R09DDg5HD7bsTf3xqEPw0WC1Co/eBFSiaey0
RpGo6fO1vLPhNsRv1BvKljvkuf8NRzt9kx9gha9k6ZVwYZhxDnH3ztRvZSqr1zzz
g9Fxj/0XLVqaEAiKEQZPRSAzdFBOuVJcnOx0qS/utkvhPzbpK+iP8wtaMn3pAmzV
TnxhrHT6tIy0m57znLPQaZQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:59 2024 by rpki-client on console-ams.rpki-client.org