Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/32CB4A9A795D11EFB44BA914C4F9AE02.roa
File: 32CB4A9A795D11EFB44BA914C4F9AE02.roa (raw, json)
Hash identifier: UhA+uxLzfU21CTBid52/uIHrRJm75Ib3T9nhWbm0mG4=
Subject key identifier: 2C:FA:22:3D:4D:FB:6D:B3:CC:1A:22:FE:B4:EF:49:36:CD:B9:9C:69
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 27D0
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/32CB4A9A795D11EFB44BA914C4F9AE02.roa
Signing time: Mon 23 Sep 2024 03:37:46 +0000
ROA not before: Mon 23 Sep 2024 03:37:46 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 133177
IP address blocks: 43.250.126.0/24 maxlen: 24
43.250.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 04:45:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10192 (0x27d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Sep 23 03:37:46 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66f0e28a-3515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:00:3a:05:d6:5e:e6:a2:e1:75:c3:e0:e3:2a:
0c:83:b3:84:fb:30:52:85:40:c6:12:cf:3e:04:4c:
b1:10:c4:5d:99:c5:07:c3:81:6c:dc:7d:96:c5:f7:
36:75:ec:2a:91:c8:8c:96:29:a0:c5:e1:f6:7b:cb:
e0:44:cc:61:70:6f:6f:00:80:53:a3:8a:9d:2f:c1:
74:ee:2e:d3:29:6f:7d:45:69:04:52:30:bb:81:43:
d7:c8:8d:34:39:5b:41:d3:db:9b:8b:6c:85:3b:32:
88:60:51:94:c3:d0:b1:ea:95:fd:59:82:e5:26:58:
3a:7c:0a:78:dc:ec:d8:d9:12:ec:4a:2d:62:3c:c2:
10:42:3b:bc:21:10:6a:de:d0:85:6f:e9:5a:9b:38:
e9:c8:c7:6c:79:ff:7a:22:cc:39:1f:9c:58:a9:5f:
7f:0b:e1:cd:cf:21:85:d3:97:96:7b:06:c4:79:96:
bf:b9:6b:91:d6:a9:ae:63:8a:eb:1e:cc:e0:25:62:
5b:75:37:7d:75:cb:10:67:b4:59:fb:a0:05:54:24:
a3:bf:af:9a:1b:3a:cf:67:ce:0f:4e:64:24:62:19:
33:3c:b7:0f:9c:f1:c1:fb:6a:57:5a:0a:27:46:58:
2a:f1:be:04:e6:89:f2:59:0c:a8:fa:d2:f9:65:a9:
39:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:FA:22:3D:4D:FB:6D:B3:CC:1A:22:FE:B4:EF:49:36:CD:B9:9C:69
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/32CB4A9A795D11EFB44BA914C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.126.0/23
Signature Algorithm: sha256WithRSAEncryption
35:7e:8d:30:6e:e9:0a:0d:d5:82:54:e5:fc:29:68:72:ec:68:
90:07:05:8f:f1:a9:ff:c6:e6:94:bc:2f:8e:7f:bd:fd:68:f9:
9b:c3:45:6f:57:41:b5:3c:af:16:59:1e:4c:de:c1:c2:13:c5:
e1:70:f9:91:16:34:62:55:ec:9b:8f:cc:c9:8c:70:38:61:1b:
56:e0:74:ce:4e:2d:2d:72:f0:b2:da:ad:c6:80:bd:cc:df:37:
ae:ce:f3:98:f6:42:30:41:a2:b0:80:b7:fd:ed:ff:68:aa:c8:
44:b9:77:f5:7c:de:b9:e3:7b:67:53:d4:82:09:a4:79:c4:af:
21:3f:18:bb:f4:fd:86:28:f7:e9:d2:3d:67:f2:bd:44:b1:7f:
cf:77:bf:6e:e1:f4:a1:42:75:cc:0f:f6:f3:cc:f3:1f:56:09:
af:e8:81:7b:fe:3c:ba:2b:58:80:6c:7d:6a:e6:30:0d:57:64:
cd:bb:2d:1f:13:cc:d0:9b:a7:9a:7e:97:63:7f:8b:7c:bc:b2:
a9:e3:9a:65:de:c4:16:57:aa:08:af:e5:a0:57:fa:50:f9:0e:
d0:e2:ec:0c:a4:f5:45:e0:2a:67:b1:98:4f:a9:af:cc:e4:18:
3b:37:86:50:a9:88:ff:89:fc:e8:a6:ae:33:d9:d8:4d:fc:4f:
76:a8:7f:2c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ9AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjQwOTIzMDMzNzQ2WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYwZTI4YS0zNTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxgA6BdZe5qLhdcPg4yoMg7OE+zBShUDGEs8+BEyxEMRdmcUHw4Fs3H2Wxfc2
dewqkciMlimgxeH2e8vgRMxhcG9vAIBTo4qdL8F07i7TKW99RWkEUjC7gUPXyI00
OVtB09ubi2yFOzKIYFGUw9Cx6pX9WYLlJlg6fAp43OzY2RLsSi1iPMIQQju8IRBq
3tCFb+lamzjpyMdsef96Isw5H5xYqV9/C+HNzyGF05eWewbEeZa/uWuR1qmuY4rr
HszgJWJbdTd9dcsQZ7RZ+6AFVCSjv6+aGzrPZ84PTmQkYhkzPLcPnPHB+2pXWgon
Rlgq8b4E5onyWQyo+tL5Zak5dQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCz6Ij1N
+22zzBoi/rTvSTbNuZxpMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvMzJDQjRBOUE3
OTVEMTFFRkI0NEJBOTE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr+n4wDQYJKoZIhvcNAQELBQADggEBADV+jTBu6QoN1YJU
5fwpaHLsaJAHBY/xqf/G5pS8L45/vf1o+ZvDRW9XQbU8rxZZHkzewcITxeFw+ZEW
NGJV7JuPzMmMcDhhG1bgdM5OLS1y8LLarcaAvczfN67O85j2QjBBorCAt/3t/2iq
yES5d/V83rnje2dT1IIJpHnEryE/GLv0/YYo9+nSPWfyvUSxf893v27h9KFCdcwP
9vPM8x9WCa/ogXv+PLorWIBsfWrmMA1XZM27LR8TzNCbp5p+l2N/i3y8sqnjmmXe
xBZXqgiv5aBX+lD5DtDi7Ayk9UXgKmexmE+pr8zkGDs3hlCpiP+J/OimrjPZ2E38
T3aofyw=
-----END CERTIFICATE-----
Generated at Tue Sep 24 05:55:20 2024 by rpki-client on console-ams.rpki-client.org