Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/03CE5E10DB7B11EEB854A364C4F9AE02.roa
File: 03CE5E10DB7B11EEB854A364C4F9AE02.roa (raw, json)
Hash identifier: rJTmYArmyvvacpLGpqJqezJ5o1i55+GORbwCpQKCNj8=
Subject key identifier: E8:2C:5D:5C:6C:9F:1F:F0:06:7D:CD:DC:B4:FD:F9:17:8C:E5:5C:3B
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 2757
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/03CE5E10DB7B11EEB854A364C4F9AE02.roa
Signing time: Tue 26 Mar 2024 04:21:11 +0000
ROA not before: Tue 26 Mar 2024 04:21:11 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 133177
IP address blocks: 43.250.124.0/24 maxlen: 24
43.250.125.0/24 maxlen: 24
43.250.126.0/24 maxlen: 24
43.250.127.0/24 maxlen: 24
122.254.64.0/24 maxlen: 24
122.254.65.0/24 maxlen: 24
122.254.66.0/24 maxlen: 24
122.254.67.0/24 maxlen: 24
122.254.68.0/24 maxlen: 24
122.254.69.0/24 maxlen: 24
122.254.70.0/24 maxlen: 24
122.254.71.0/24 maxlen: 24
122.254.72.0/21 maxlen: 21
122.254.80.0/20 maxlen: 20
122.254.96.0/20 maxlen: 20
122.254.112.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 12 Jun 2024 11:11:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10071 (0x2757)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Mar 26 04:21:11 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66024d37-1427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e1:d2:bb:69:84:94:a8:56:12:2b:55:9e:2b:
90:85:be:0b:01:34:d3:ec:42:a0:43:d7:d5:af:d9:
80:43:5d:cf:85:c7:3f:ea:5e:64:94:38:66:f4:73:
f2:62:99:83:6a:1f:89:54:c1:7c:ee:d8:b3:63:97:
d9:09:80:91:2e:de:43:57:72:04:60:e9:af:aa:77:
b4:9d:1b:91:59:8a:0d:e4:2b:6d:1b:c4:49:8a:be:
53:ab:2c:e9:aa:29:ed:d0:63:64:fb:61:04:8a:4b:
53:7b:d3:b7:cb:33:8e:18:b0:fd:e0:db:bf:1b:58:
22:1b:dd:f9:7d:fd:04:dd:d8:16:33:38:12:d7:60:
e9:58:17:6e:ff:12:67:d4:ef:83:be:31:fe:8d:a8:
d4:29:0a:6f:3b:0a:23:3a:7e:0b:37:88:9d:f7:75:
6d:a3:1a:ed:c1:69:d1:49:73:e4:2e:01:ab:b3:5c:
52:32:cf:81:78:be:15:07:9e:f0:fa:ba:5e:4e:7e:
4e:69:37:10:0c:53:fb:e4:55:de:74:85:18:ff:f8:
54:af:83:eb:91:00:94:ec:1a:81:30:95:54:04:71:
39:b5:1a:72:ad:19:f7:8a:48:eb:96:f1:fa:d6:74:
3d:53:d2:22:5e:88:2e:cf:3b:20:64:81:f3:24:de:
79:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:2C:5D:5C:6C:9F:1F:F0:06:7D:CD:DC:B4:FD:F9:17:8C:E5:5C:3B
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/03CE5E10DB7B11EEB854A364C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.124.0/22
122.254.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5a:66:45:50:a1:97:3a:a5:b2:aa:a8:33:1a:40:2b:6b:7b:0f:
1e:ee:63:6c:2a:7c:47:85:e8:79:f2:2f:6c:df:f7:fa:c7:6c:
d8:48:41:80:b9:5e:8c:b5:28:7a:b1:12:e2:7f:e5:b3:d1:f0:
fc:47:a8:c1:3d:d5:34:f5:cb:41:35:92:36:b4:fc:52:27:c1:
0d:b0:08:56:10:36:20:b4:0a:dd:ec:b7:71:de:05:31:ff:6e:
db:b5:f2:bb:75:cc:ba:35:a5:c1:76:1a:f2:b5:10:73:79:cb:
d4:8f:a7:84:96:f4:9c:65:55:e8:d5:cc:1e:f9:29:07:1c:59:
58:57:6d:7c:ed:86:3a:15:32:7a:b1:ed:70:e1:13:fa:e4:f2:
83:3b:46:52:bc:b2:f0:99:27:d7:66:92:18:30:e9:9a:d1:70:
e3:46:b1:9c:3c:6b:58:1f:6d:79:c0:83:03:e0:a2:46:fe:cb:
15:d6:ba:f8:b2:fa:3c:69:60:b5:5f:b0:9a:7d:0e:2c:80:6e:
d7:89:6a:30:19:df:9b:68:e3:5a:92:e5:4a:67:85:2d:d9:ea:
b2:d4:49:76:53:a4:d6:80:18:5f:53:e7:a4:cf:7a:44:13:5d:
c9:18:f6:d0:fa:91:72:2a:ec:5c:81:91:84:f6:a9:c3:b2:b3:
37:44:59:a4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICJ1cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjQwMzI2MDQyMTExWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAyNGQzNy0xNDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApeHSu2mElKhWEitVniuQhb4LATTT7EKgQ9fVr9mAQ13Phcc/6l5klDhm9HPy
YpmDah+JVMF87tizY5fZCYCRLt5DV3IEYOmvqne0nRuRWYoN5CttG8RJir5Tqyzp
qint0GNk+2EEiktTe9O3yzOOGLD94Nu/G1giG935ff0E3dgWMzgS12DpWBdu/xJn
1O+DvjH+jajUKQpvOwojOn4LN4id93VtoxrtwWnRSXPkLgGrs1xSMs+BeL4VB57w
+rpeTn5OaTcQDFP75FXedIUY//hUr4PrkQCU7BqBMJVUBHE5tRpyrRn3ikjrlvH6
1nQ9U9IiXoguzzsgZIHzJN55UQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOgsXVxs
nx/wBn3N3LT9+ReM5Vw7MB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvMDNDRTVFMTBE
QjdCMTFFRUI4NTRBMzY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr+nwDBAZ6/kAwDQYJKoZIhvcNAQELBQADggEBAFpmRVCh
lzqlsqqoMxpAK2t7Dx7uY2wqfEeF6HnyL2zf9/rHbNhIQYC5Xoy1KHqxEuJ/5bPR
8PxHqME91TT1y0E1kja0/FInwQ2wCFYQNiC0Ct3st3HeBTH/btu18rt1zLo1pcF2
GvK1EHN5y9SPp4SW9JxlVejVzB75KQccWVhXbXzthjoVMnqx7XDhE/rk8oM7RlK8
svCZJ9dmkhgw6ZrRcONGsZw8a1gfbXnAgwPgokb+yxXWuviy+jxpYLVfsJp9DiyA
bteJajAZ35to41qS5UpnhS3Z6rLUSXZTpNaAGF9T56TPekQTXckY9tD6kXIq7FyB
kYT2qcOyszdEWaQ=
-----END CERTIFICATE-----
Generated at Wed Jun 12 13:31:48 2024 by rpki-client on console-fra.rpki-client.org