Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/B911891A6F4011EAAC33B74EC4F9AE02.roa
File: B911891A6F4011EAAC33B74EC4F9AE02.roa (raw, json)
Hash identifier: eAl3vboBZo9cUlwHTFoaBlA58DjAEuDhtS2ZJ3JC6Ik=
Subject key identifier: A1:CE:33:6C:D7:71:75:8B:5D:68:83:01:4F:B4:2D:49:BB:33:66:A8
Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Certificate serial: 09A8
Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/B911891A6F4011EAAC33B74EC4F9AE02.roa
Signing time: Thu 30 May 2024 21:27:50 +0000
ROA not before: Thu 30 May 2024 21:27:50 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 47339
IP address blocks: 43.243.40.0/24 maxlen: 24
43.243.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 10:39:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2472 (0x9a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Validity
Not Before: May 30 21:27:50 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6658ef56-8993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d2:4d:d7:c9:6e:30:47:3c:0c:08:82:9e:df:
21:a9:0a:72:9d:39:2e:c3:ab:bf:96:04:f6:da:7b:
35:1c:d3:03:c0:b3:1a:d9:0c:02:06:8a:bf:2f:14:
c5:4b:5b:53:e3:98:3a:1d:7c:ef:d7:00:7a:a1:3d:
93:64:11:ea:25:7f:c7:c8:cb:07:be:46:64:14:50:
18:9a:23:ec:d7:6d:f8:56:e4:a9:be:b1:e9:06:0b:
03:49:1b:8e:5b:b5:e7:86:7b:8c:69:b7:03:ab:f0:
08:cc:32:bc:9a:43:52:58:a4:6b:6a:f8:ac:9d:38:
bb:f4:64:c0:89:29:1e:0e:53:05:45:3e:14:fa:09:
37:93:49:7c:e1:a5:1a:78:0c:80:bc:73:92:13:6f:
5f:91:59:98:89:f6:95:20:46:f7:7f:2b:4e:31:73:
bc:e3:71:9c:64:dc:2b:6c:a0:d1:8f:56:9c:72:d9:
ba:1f:a9:cf:80:9b:69:34:e9:12:1b:68:29:c9:02:
d5:94:e2:db:57:5b:5d:6c:52:a0:52:c4:15:3a:02:
33:95:5c:96:05:02:42:09:3a:e6:ea:ef:f0:ab:23:
c7:62:f3:a6:8f:19:0c:69:bc:c1:e7:3d:c9:ea:cc:
c6:1b:23:92:5a:0d:d3:3e:38:59:17:ba:20:cd:37:
78:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CE:33:6C:D7:71:75:8B:5D:68:83:01:4F:B4:2D:49:BB:33:66:A8
X509v3 Authority Key Identifier:
keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/B911891A6F4011EAAC33B74EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.40.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:9b:3a:f7:d1:3a:d7:e3:c4:ff:94:dd:28:ba:5b:13:62:c2:
3e:fb:e3:8a:e4:43:93:a8:9c:f8:5b:0b:19:cc:c2:57:ab:34:
fc:0d:2a:35:98:b8:27:c6:ef:45:b0:dc:b3:47:63:08:9b:b9:
7f:6a:f8:fe:8e:af:ce:24:05:c6:e1:e7:7f:8a:ac:08:bb:b9:
3a:99:ec:e7:a4:23:3e:7a:66:78:b1:8d:56:33:94:b7:65:f6:
d5:a0:19:15:7e:38:98:18:08:8a:4b:24:48:d7:b3:73:6d:82:
00:df:4d:ba:ec:14:84:f3:ad:ce:a8:90:50:07:df:fd:09:58:
5c:74:a9:dc:0d:37:06:12:a7:0f:f8:0b:60:57:0b:57:a8:31:
84:f0:01:f6:7e:0b:87:70:36:ae:6c:63:4b:98:22:88:c2:f8:
c5:e0:05:de:fd:0f:76:09:63:a4:8c:3a:e5:54:a9:88:72:3a:
d7:c8:f7:e9:fc:c5:f2:0f:82:35:e9:2a:28:7d:81:55:30:64:
34:1a:63:af:58:43:33:83:eb:14:37:cb:d4:90:c2:4f:34:b0:
f4:c3:56:cd:e9:06:39:79:e3:78:ae:37:ae:2c:b5:5b:83:f8:
6b:42:44:f3:ce:87:12:26:27:a8:f3:14:06:29:38:38:1c:b5:
18:39:7c:c0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw
OEM3NDNENEIwHhcNMjQwNTMwMjEyNzUwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU4ZWY1Ni04OTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6tJN18luMEc8DAiCnt8hqQpynTkuw6u/lgT22ns1HNMDwLMa2QwCBoq/LxTF
S1tT45g6HXzv1wB6oT2TZBHqJX/HyMsHvkZkFFAYmiPs1234VuSpvrHpBgsDSRuO
W7XnhnuMabcDq/AIzDK8mkNSWKRravisnTi79GTAiSkeDlMFRT4U+gk3k0l84aUa
eAyAvHOSE29fkVmYifaVIEb3fytOMXO843GcZNwrbKDRj1acctm6H6nPgJtpNOkS
G2gpyQLVlOLbV1tdbFKgUsQVOgIzlVyWBQJCCTrm6u/wqyPHYvOmjxkMabzB5z3J
6szGGyOSWg3TPjhZF7ogzTd4ZQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKHOM2zX
cXWLXWiDAU+0LUm7M2aoMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG
M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNFMjcvRjM4ODg3NjY2RjNBMTFFQTk4NDAxMzNEQzRGOUFFMDIvQjkxMTg5MUE2
RjQwMTFFQUFDMzNCNzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr8ygwDQYJKoZIhvcNAQELBQADggEBAIqbOvfROtfjxP+U
3Si6WxNiwj7744rkQ5OonPhbCxnMwlerNPwNKjWYuCfG70Ww3LNHYwibuX9q+P6O
r84kBcbh53+KrAi7uTqZ7OekIz56ZnixjVYzlLdl9tWgGRV+OJgYCIpLJEjXs3Nt
ggDfTbrsFITzrc6okFAH3/0JWFx0qdwNNwYSpw/4C2BXC1eoMYTwAfZ+C4dwNq5s
Y0uYIojC+MXgBd79D3YJY6SMOuVUqYhyOtfI9+n8xfIPgjXpKih9gVUwZDQaY69Y
QzOD6xQ3y9SQwk80sPTDVs3pBjl543iuN64stVuD+GtCRPPOhxImJ6jzFAYpODgc
tRg5fMA=
-----END CERTIFICATE-----
Generated at Thu Oct 10 16:08:16 2024 by rpki-client on console-fra.rpki-client.org