Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/7DCA92B4799C11EF9AA50F1BC4F9AE02.roa
File: 7DCA92B4799C11EF9AA50F1BC4F9AE02.roa (raw, json)
Hash identifier: 22Vw6AFgTTtvBD+8fGRHRev5sh9Rm/17U7XETjGlcoo=
Subject key identifier: 9E:CE:1C:D2:AF:3C:FC:B9:63:9D:6B:EF:56:A9:85:A0:6C:2C:51:2C
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 27DE
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/7DCA92B4799C11EF9AA50F1BC4F9AE02.roa
Signing time: Mon 23 Sep 2024 11:10:50 +0000
ROA not before: Mon 23 Sep 2024 11:10:50 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 214760
IP address blocks: 43.250.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 02:27:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10206 (0x27de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Sep 23 11:10:50 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66f14cba-a3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d3:80:9c:91:9e:a8:7c:1f:22:18:49:75:e8:
70:26:96:7d:81:7f:c2:d4:bd:6a:23:a2:78:fb:e7:
db:d1:75:d6:5b:4e:05:d4:50:7d:4c:b3:2b:21:89:
d5:f5:6d:8d:c2:f5:3f:02:eb:58:58:0a:0b:e7:11:
d4:e9:67:93:36:c6:c6:44:02:a3:6d:ad:a6:f8:56:
94:21:46:7b:d7:42:61:3a:a2:93:28:ad:da:46:b1:
6e:2a:16:0d:5b:df:d5:8c:1a:4d:6e:f7:24:bc:28:
ed:e9:d6:b4:25:83:6c:45:11:cf:5f:e0:2b:74:1d:
65:82:d9:eb:9a:3b:07:ff:49:0c:ca:5d:e0:90:6a:
7e:75:29:ac:29:70:8e:46:ca:08:89:59:d5:4b:c3:
61:e7:a6:c0:9c:20:54:f8:d5:07:e1:33:4b:f2:57:
a5:4b:10:8a:1c:c4:d4:c9:21:78:3b:a7:9f:a7:1c:
9d:f4:fa:be:ed:4b:0b:db:d3:30:9f:ec:e7:82:0f:
4f:00:bb:23:5f:d5:ab:cd:df:1b:8a:31:40:cc:ab:
6c:1c:66:02:1d:7f:15:4a:a2:39:1e:04:86:2f:5e:
4e:c7:42:2e:df:f6:40:cd:7b:c9:a2:9e:f7:1c:6b:
fe:f9:ad:34:bb:92:cf:68:d4:57:3c:35:6b:20:ca:
96:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:CE:1C:D2:AF:3C:FC:B9:63:9D:6B:EF:56:A9:85:A0:6C:2C:51:2C
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/7DCA92B4799C11EF9AA50F1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.125.0/24
Signature Algorithm: sha256WithRSAEncryption
92:26:a4:5b:81:34:99:0f:97:82:58:60:6b:74:d8:13:41:34:
49:b0:d0:15:f8:79:c8:99:09:c4:0e:86:87:02:aa:6e:e6:16:
12:5c:5a:bf:a8:42:c2:8b:aa:ed:21:d1:db:5a:a9:9e:0b:0d:
29:ae:fd:83:79:a9:e5:b9:c4:f5:9e:ca:31:73:99:cf:8c:fc:
86:14:49:10:2a:f7:07:f4:2c:8a:fc:34:07:14:c2:f9:1d:1a:
e4:99:f5:e7:8c:2c:4c:d4:8e:ca:29:85:f8:29:b4:59:ec:38:
40:79:3f:dc:55:43:54:fe:96:d7:ef:f3:87:7d:4f:f2:42:f3:
fc:f6:56:af:08:fe:10:1b:7e:9a:e8:54:bc:70:e4:dc:34:48:
72:f0:85:49:a3:05:0f:ea:d3:ed:f3:7b:f2:81:f7:f9:5f:7b:
bc:63:08:7a:37:24:13:d5:37:7f:ba:6b:e2:4c:4c:f9:9a:7a:
f9:09:c0:3e:2e:d7:0c:70:0b:f4:61:8f:9c:0f:33:c7:b1:a5:
03:63:6d:e1:24:30:f1:93:bf:19:71:6e:51:2c:53:03:6e:bd:
14:8c:08:26:2d:91:48:12:14:6c:51:18:b5:42:77:c0:a8:5a:
3e:8a:5f:b7:8e:52:91:a9:50:2d:50:10:98:ed:bc:6a:b6:9a:
51:1d:16:d4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjQwOTIzMTExMDUwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYxNGNiYS1hM2I4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoNOAnJGeqHwfIhhJdehwJpZ9gX/C1L1qI6J4++fb0XXWW04F1FB9TLMrIYnV
9W2NwvU/AutYWAoL5xHU6WeTNsbGRAKjba2m+FaUIUZ710JhOqKTKK3aRrFuKhYN
W9/VjBpNbvckvCjt6da0JYNsRRHPX+ArdB1lgtnrmjsH/0kMyl3gkGp+dSmsKXCO
RsoIiVnVS8Nh56bAnCBU+NUH4TNL8lelSxCKHMTUySF4O6efpxyd9Pq+7UsL29Mw
n+zngg9PALsjX9Wrzd8bijFAzKtsHGYCHX8VSqI5HgSGL15Ox0Iu3/ZAzXvJop73
HGv++a00u5LPaNRXPDVrIMqWbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ7OHNKv
PPy5Y51r71aphaBsLFEsMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvN0RDQTkyQjQ3
OTlDMTFFRjlBQTUwRjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr+n0wDQYJKoZIhvcNAQELBQADggEBAJImpFuBNJkPl4JY
YGt02BNBNEmw0BX4eciZCcQOhocCqm7mFhJcWr+oQsKLqu0h0dtaqZ4LDSmu/YN5
qeW5xPWeyjFzmc+M/IYUSRAq9wf0LIr8NAcUwvkdGuSZ9eeMLEzUjsophfgptFns
OEB5P9xVQ1T+ltfv84d9T/JC8/z2Vq8I/hAbfproVLxw5Nw0SHLwhUmjBQ/q0+3z
e/KB9/lfe7xjCHo3JBPVN3+6a+JMTPmaevkJwD4u1wxwC/Rhj5wPM8expQNjbeEk
MPGTvxlxblEsUwNuvRSMCCYtkUgSFGxRGLVCd8CoWj6KX7eOUpGpUC1QEJjtvGq2
mlEdFtQ=
-----END CERTIFICATE-----
Generated at Tue Sep 24 04:17:18 2024 by rpki-client on console-ams.rpki-client.org