Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/F4D5EBF490C511EDA07C3025C4F9AE02.roa
File: F4D5EBF490C511EDA07C3025C4F9AE02.roa (raw, json)
Hash identifier: GgdJNerr7iPpibZ9hMaOO7ss9eQZgf1TtI3OQ26T7kI=
Subject key identifier: C8:C7:47:7C:E2:F1:28:90:E1:EA:14:BF:52:C4:66:79:70:AF:D7:70
Certificate issuer: /CN=A91DC017/serialNumber=0AA5DE29265A08E27A581D894465BDCDB73709BB
Certificate serial: 010E
Authority key identifier: 0A:A5:DE:29:26:5A:08:E2:7A:58:1D:89:44:65:BD:CD:B7:37:09:BB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/F4D5EBF490C511EDA07C3025C4F9AE02.roa
Signing time: Fri 07 Jun 2024 06:45:43 +0000
ROA not before: Fri 07 Jun 2024 06:45:43 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 38277
IP address blocks: 43.252.40.0/24 maxlen: 24
43.252.41.0/24 maxlen: 24
103.228.28.0/22 maxlen: 22
103.228.28.0/24 maxlen: 24
103.228.29.0/24 maxlen: 24
103.228.30.0/24 maxlen: 24
103.228.31.0/24 maxlen: 24
103.251.236.0/24 maxlen: 24
103.251.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 02:52:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270 (0x10e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC017/serialNumber=0AA5DE29265A08E27A581D894465BDCDB73709BB
Validity
Not Before: Jun 7 06:45:43 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6662ac97-45a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:77:82:4c:b0:62:78:8b:0a:d5:69:99:3c:90:
5d:c9:24:c1:bd:80:bc:00:b3:ca:14:68:85:d0:4d:
82:ce:bf:20:c4:d4:fb:df:92:e5:1c:ce:0c:0a:b2:
c2:37:89:5a:7f:2a:2e:46:b3:c4:ae:1d:2f:0a:e7:
b1:66:fa:92:76:bd:d2:c9:04:80:5d:fa:da:f2:bb:
dd:b5:78:53:11:d1:17:61:31:7c:3e:48:4d:82:a6:
2a:68:9e:6a:4e:f7:a3:af:5d:64:59:ef:84:83:ff:
11:c5:fe:eb:56:c0:d7:fd:cd:f1:61:e4:b0:97:f7:
a8:43:6a:32:32:a7:bd:fc:3f:a5:ee:37:70:71:40:
06:ee:67:3a:1a:f5:64:8a:87:d3:9b:80:6a:bf:33:
e2:25:76:1f:10:c1:49:2a:61:cf:94:9f:d8:a6:0a:
de:28:39:f8:57:a6:ef:dd:3d:cf:45:71:77:ed:55:
e1:8f:c6:fe:f5:74:1a:03:12:af:f7:13:53:ff:28:
b6:33:31:b0:d2:67:4f:58:0e:e5:64:d2:ad:ac:8d:
fe:ed:8c:e4:6d:0f:86:4f:8a:14:23:e6:27:12:07:
b7:3a:e4:60:cf:6f:4a:ca:d7:bb:ae:fc:15:41:36:
ed:3e:1b:11:fd:cf:7b:0d:91:80:38:e9:8a:c1:3f:
a4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C7:47:7C:E2:F1:28:90:E1:EA:14:BF:52:C4:66:79:70:AF:D7:70
X509v3 Authority Key Identifier:
keyid:0A:A5:DE:29:26:5A:08:E2:7A:58:1D:89:44:65:BD:CD:B7:37:09:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/F4D5EBF490C511EDA07C3025C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.40.0/23
103.228.28.0/22
103.251.236.0/24
103.251.239.0/24
Signature Algorithm: sha256WithRSAEncryption
af:65:99:f6:73:65:50:d5:05:d0:02:73:b6:77:84:32:9b:14:
97:d2:d9:01:e7:26:ed:df:5a:73:59:f0:bc:d0:04:19:a1:b5:
9b:4f:7d:b0:37:96:d9:00:00:40:63:88:c6:5a:5d:a4:4c:d1:
48:1c:bc:eb:7a:73:5e:07:78:46:4d:43:5b:b9:19:5e:86:95:
22:a2:6c:7f:8c:93:2e:0d:8e:a2:a8:ae:ae:cf:3a:5d:78:71:
6c:15:ec:1b:2b:db:cc:3b:e2:dc:78:8a:c4:7d:23:5f:13:b1:
8f:09:ae:9a:5f:24:f3:b0:8f:40:7f:d0:ac:d3:80:71:82:bb:
a8:0c:55:9d:cc:7a:68:b5:71:39:ea:6e:56:de:87:44:9a:81:
cf:85:19:46:e4:d4:cd:4c:eb:e2:45:0a:af:b5:26:42:2e:2f:
e1:41:de:3d:72:9f:97:37:1f:77:b9:8f:af:85:7a:11:6f:12:
5c:f0:d0:18:ee:b4:bf:49:46:4c:fd:e0:06:37:7a:a9:96:7b:
a6:28:b5:a8:86:bf:be:b5:b6:0a:24:63:62:54:99:9f:b1:d4:
65:ea:8f:a3:40:38:bf:b4:36:c7:fa:ed:9f:bd:d9:12:b6:43:
0d:65:ee:f9:f0:8c:d9:cd:02:26:79:f3:e8:b6:ab:18:92:ab:
34:7a:a5:29
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REMwMTcxMTAvBgNVBAUTKDBBQTVERTI5MjY1QTA4RTI3QTU4MUQ4OTQ0NjVCRENE
QjczNzA5QkIwHhcNMjQwNjA3MDY0NTQzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYyYWM5Ny00NWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzneCTLBieIsK1WmZPJBdySTBvYC8ALPKFGiF0E2Czr8gxNT735LlHM4MCrLC
N4lafyouRrPErh0vCuexZvqSdr3SyQSAXfra8rvdtXhTEdEXYTF8PkhNgqYqaJ5q
Tvejr11kWe+Eg/8Rxf7rVsDX/c3xYeSwl/eoQ2oyMqe9/D+l7jdwcUAG7mc6GvVk
iofTm4BqvzPiJXYfEMFJKmHPlJ/YpgreKDn4V6bv3T3PRXF37VXhj8b+9XQaAxKv
9xNT/yi2MzGw0mdPWA7lZNKtrI3+7YzkbQ+GT4oUI+YnEge3OuRgz29Kyte7rvwV
QTbtPhsR/c97DZGAOOmKwT+k2QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFMjHR3zi
8SiQ4eoUv1LEZnlwr9dwMB8GA1UdIwQYMBaAFAql3ikmWgjielgdiURlvc23Nwm7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzAxNy8xMDVBQzhGQzkw
QzMxMUVEQkExRENDMjNDNEY5QUUwMi9DcVhlS1NaYUNPSjZXQjJKUkdXOXpiYzND
YnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NxWGVLU1phQ09KNldCMkpSR1c5emJjM0Nicy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REMwMTcvMTA1QUM4RkM5MEMzMTFFREJBMURDQzIzQzRGOUFFMDIvRjRENUVCRjQ5
MEM1MTFFREEwN0MzMDI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAEr/CgDBAJn5BwDBABn++wDBABn++8wDQYJKoZIhvcNAQEL
BQADggEBAK9lmfZzZVDVBdACc7Z3hDKbFJfS2QHnJu3fWnNZ8LzQBBmhtZtPfbA3
ltkAAEBjiMZaXaRM0UgcvOt6c14HeEZNQ1u5GV6GlSKibH+Mky4NjqKorq7POl14
cWwV7Bsr28w74tx4isR9I18TsY8JrppfJPOwj0B/0KzTgHGCu6gMVZ3Memi1cTnq
blbeh0Sagc+FGUbk1M1M6+JFCq+1JkIuL+FB3j1yn5c3H3e5j6+FehFvElzw0Bju
tL9JRkz94AY3eqmWe6YotaiGv761tgokY2JUmZ+x1GXqj6NAOL+0Nsf67Z+92RK2
Qw1l7vnwjNnNAiZ58+i2qxiSqzR6pSk=
-----END CERTIFICATE-----
Generated at Wed Jul 24 05:12:03 2024 by rpki-client on console-fra.rpki-client.org