Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/DA8B814E931011EDB92FFC5FC4F9AE02.roa
File: DA8B814E931011EDB92FFC5FC4F9AE02.roa (raw, json)
Hash identifier: gTxrLoXouX5xFa9fXnpDCItE5eIlxdUF6xZmbmgyf7Y=
Subject key identifier: 57:7F:6B:FF:BC:91:9A:CD:40:5E:85:DC:78:65:9F:EE:56:0F:6F:F8
Certificate issuer: /CN=A91E0CE8/serialNumber=06C627D9C312C7B47D1C3A53B44755A10A68487C
Certificate serial: 1574
Authority key identifier: 06:C6:27:D9:C3:12:C7:B4:7D:1C:3A:53:B4:47:55:A1:0A:68:48:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BsYn2cMSx7R9HDpTtEdVoQpoSHw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/DA8B814E931011EDB92FFC5FC4F9AE02.roa
Signing time: Wed 06 Dec 2023 17:24:37 +0000
ROA not before: Wed 06 Dec 2023 17:24:37 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 139021
IP address blocks: 43.224.152.0/23 maxlen: 23
43.224.154.0/24 maxlen: 24
43.224.155.0/24 maxlen: 24
103.43.188.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 01 Aug 2024 01:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5492 (0x1574)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E0CE8
Validity
Not Before: Dec 6 17:24:37 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6570ae55-9c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0c:ed:b9:b9:94:0d:34:d7:7a:8d:b1:e7:32:
14:d9:e0:f1:f2:38:b9:33:23:91:26:91:e6:ef:fe:
9f:ac:82:9f:d9:47:79:ff:b7:13:13:b8:2a:16:92:
04:89:60:76:21:49:10:cf:41:4c:90:fa:08:34:64:
11:66:95:e4:c4:4c:9e:55:60:91:67:45:4b:2a:25:
e6:37:a6:9f:90:6e:19:c8:b7:51:7a:88:1d:7c:79:
61:7c:fc:cd:d7:05:41:03:ed:00:ac:6d:9a:f8:31:
2d:d6:91:34:51:40:2b:00:93:99:8f:70:a3:cf:e2:
f8:13:c6:61:42:88:d6:d0:e5:5e:e8:07:e9:8b:73:
0b:2c:c8:a1:62:d1:47:03:84:44:6e:bf:c8:6e:ad:
d8:05:6f:22:e4:07:7d:86:8b:a2:6b:35:d1:b3:94:
fd:0d:fb:f6:55:26:c9:05:08:8e:ee:7f:99:97:a4:
a9:2f:12:09:a5:3e:14:b7:c6:04:29:e7:ad:3d:2f:
c8:e1:35:a6:3b:fb:06:b6:10:4d:ad:2b:48:fe:29:
26:e7:89:91:d5:41:58:75:82:89:36:46:04:5b:ae:
54:c8:df:9b:e2:95:f0:a7:2b:c2:a2:94:ea:38:b8:
8f:f6:a3:6d:b3:03:48:40:c8:0c:1a:10:49:f2:e4:
59:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:7F:6B:FF:BC:91:9A:CD:40:5E:85:DC:78:65:9F:EE:56:0F:6F:F8
X509v3 Authority Key Identifier:
keyid:06:C6:27:D9:C3:12:C7:B4:7D:1C:3A:53:B4:47:55:A1:0A:68:48:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BsYn2cMSx7R9HDpTtEdVoQpoSHw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/DA8B814E931011EDB92FFC5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.152.0/22
103.43.188.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:73:52:83:2d:13:ca:8f:8b:f2:5e:1f:e5:34:4b:93:08:92:
54:32:e0:6b:b2:28:6a:31:59:45:e1:91:e3:ee:fb:4c:cb:59:
97:ee:c5:68:b0:6e:e1:4f:a3:cf:51:fa:58:73:71:9c:8b:50:
15:31:68:6f:b8:65:59:30:88:71:44:2e:64:15:21:80:b5:1c:
a0:58:7a:1f:bb:04:ec:f3:1b:83:d1:27:a5:f7:75:c5:0e:af:
d7:98:fb:ec:7a:eb:61:45:d6:e4:df:e7:e8:d2:7c:9a:2a:84:
90:4b:b7:3b:4f:ee:52:63:fa:12:2b:49:fd:7c:c2:32:42:ee:
8d:93:7c:8d:43:76:7c:3b:81:39:4d:6a:2e:64:fe:4a:2a:18:
f4:04:aa:39:08:03:fc:b2:8c:5f:a8:71:ce:7f:75:1b:b2:ac:
1a:0a:49:e0:f0:7e:7c:3a:c8:49:08:c0:c2:8d:47:3b:8b:aa:
81:fc:e2:7c:db:d9:11:87:d7:24:71:c0:d7:fc:c4:f6:91:86:
f8:df:f5:36:8e:99:66:25:bf:5f:f6:ce:8f:04:6c:5b:1b:8d:
8c:f3:21:1e:8d:1e:19:05:9d:52:a0:fd:39:9e:54:c0:d7:41:
21:69:79:9a:93:98:97:0b:61:47:c3:de:a4:c0:40:6c:ff:cd:
31:88:05:92
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTBDRTgxMTAvBgNVBAUTKDA2QzYyN0Q5QzMxMkM3QjQ3RDFDM0E1M0I0NDc1NUEx
MEE2ODQ4N0MwHhcNMjMxMjA2MTcyNDM3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcwYWU1NS05YzU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3AztubmUDTTXeo2x5zIU2eDx8ji5MyORJpHm7/6frIKf2Ud5/7cTE7gqFpIE
iWB2IUkQz0FMkPoINGQRZpXkxEyeVWCRZ0VLKiXmN6afkG4ZyLdReogdfHlhfPzN
1wVBA+0ArG2a+DEt1pE0UUArAJOZj3Cjz+L4E8ZhQojW0OVe6Afpi3MLLMihYtFH
A4REbr/Ibq3YBW8i5Ad9houiazXRs5T9Dfv2VSbJBQiO7n+Zl6SpLxIJpT4Ut8YE
KeetPS/I4TWmO/sGthBNrStI/ikm54mR1UFYdYKJNkYEW65UyN+b4pXwpyvCopTq
OLiP9qNtswNIQMgMGhBJ8uRZvQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFd/a/+8
kZrNQF6F3Hhln+5WD2/4MB8GA1UdIwQYMBaAFAbGJ9nDEse0fRw6U7RHVaEKaEh8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMENFOC85MDBEMjY0NjA2
NkExMUU4QjlCQUY2ODJDNEY5QUUwMi9Cc1luMmNNU3g3UjlIRHBUdEVkVm9RcG9T
SHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JzWW4yY01TeDdSOUhEcFR0RWRWb1Fwb1NIdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTBDRTgvOTAwRDI2NDYwNjZBMTFFOEI5QkFGNjgyQzRGOUFFMDIvREE4QjgxNEU5
MzEwMTFFREI5MkZGQzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr4JgDBAJnK7wwDQYJKoZIhvcNAQELBQADggEBAKdzUoMt
E8qPi/JeH+U0S5MIklQy4GuyKGoxWUXhkePu+0zLWZfuxWiwbuFPo89R+lhzcZyL
UBUxaG+4ZVkwiHFELmQVIYC1HKBYeh+7BOzzG4PRJ6X3dcUOr9eY++x662FF1uTf
5+jSfJoqhJBLtztP7lJj+hIrSf18wjJC7o2TfI1Ddnw7gTlNai5k/koqGPQEqjkI
A/yyjF+occ5/dRuyrBoKSeDwfnw6yEkIwMKNRzuLqoH84nzb2RGH1yRxwNf8xPaR
hvjf9TaOmWYlv1/2zo8EbFsbjYzzIR6NHhkFnVKg/TmeVMDXQSFpeZqTmJcLYUfD
3qTAQGz/zTGIBZI=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:16 2025 by rpki-client