Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/982FE9E47A2611EF87194755C4F9AE02.roa
File: 982FE9E47A2611EF87194755C4F9AE02.roa (raw, json)
Hash identifier: RgfwB49h1NamfB11ypwPFybXrw0RLnjypjVm7aq58k4=
Subject key identifier: F1:7D:1C:A3:4E:4C:45:18:53:77:1B:93:19:1D:A5:08:E0:9D:46:76
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 27EB
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/982FE9E47A2611EF87194755C4F9AE02.roa
Signing time: Tue 24 Sep 2024 04:36:22 +0000
ROA not before: Tue 24 Sep 2024 04:36:22 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 141718
IP address blocks: 43.250.124.0/24 maxlen: 24
43.250.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 07:27:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10219 (0x27eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Sep 24 04:36:22 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66f241c6-5c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:fe:3a:17:44:0b:dd:14:05:e0:06:bf:8d:7a:
20:10:0c:33:04:cf:03:4d:2e:88:5e:3f:58:65:b8:
d2:c2:33:b5:d9:54:3e:b8:d5:d9:4d:ed:de:5b:2e:
e6:b2:f4:c8:ed:46:ad:4f:b5:58:49:6d:52:06:d9:
ce:d6:d3:18:98:ae:a5:ec:51:0f:5d:dc:54:57:28:
2f:ee:0a:30:20:d9:3d:49:8d:14:e5:ff:d2:cb:4b:
6f:c0:2f:f1:92:8f:94:ba:fc:a4:4f:c8:3d:c1:38:
7f:f2:10:a2:a9:b1:f4:8a:2a:db:10:b5:e6:4a:3c:
de:62:4b:72:4c:fe:5a:5c:c6:b4:72:db:e9:e9:d3:
7d:dd:e5:bb:f0:e7:a6:dd:6f:a0:4c:c8:28:04:72:
ff:ac:79:d2:bb:e0:8e:5c:63:d5:b4:b1:71:9c:cf:
7b:97:d4:95:1c:18:12:c1:3b:4c:5d:d7:5d:fe:47:
38:8f:17:6b:0e:25:1c:21:ec:ec:d3:3d:b9:da:4d:
b3:66:fd:04:41:53:27:e6:87:3a:4d:c0:ad:5c:76:
b2:fa:14:99:d2:41:2f:40:9a:66:16:7b:02:78:00:
60:85:26:a8:66:37:d8:a0:97:c8:db:11:a1:fa:0f:
fd:ae:8b:7a:dd:10:95:bd:35:ab:8d:54:e9:9c:c4:
90:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7D:1C:A3:4E:4C:45:18:53:77:1B:93:19:1D:A5:08:E0:9D:46:76
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/982FE9E47A2611EF87194755C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.124.0/24
43.250.127.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:6c:f8:e4:f6:7e:06:dc:58:80:11:4f:55:22:48:c1:a7:81:
32:88:13:e9:60:94:82:75:7e:1c:7e:02:47:4f:5d:12:8d:2c:
39:06:9e:bd:bb:1b:88:8a:fb:61:75:45:04:ef:9f:58:90:b0:
f0:5a:53:a2:93:6f:33:e1:5f:24:16:c9:69:d0:d8:c6:27:ed:
6f:4e:3c:bc:24:b3:81:6c:0c:8b:88:5d:9d:86:3d:90:c5:7a:
ce:bc:24:0f:82:cf:5c:b2:3f:16:1c:5f:69:d1:7b:7a:03:25:
21:bd:bf:d9:03:ae:bf:4c:04:67:6c:cb:56:44:09:86:0b:73:
f7:ad:56:3d:59:69:e4:c1:fd:29:24:21:df:b1:0e:00:72:62:
10:45:ae:36:00:c6:b4:2b:e4:8e:6d:81:b6:5c:38:65:b3:8a:
d8:63:53:a9:51:fd:cc:df:83:89:68:f8:d8:e2:b9:e7:d7:a0:
05:68:e6:1f:59:6a:0f:ed:9d:e0:5f:3f:9c:e7:5e:2c:9d:a4:
8f:0c:8c:10:51:c6:a5:c1:4a:51:b7:81:31:0b:09:98:5e:53:
0d:96:e0:a1:f0:cd:31:10:cf:f7:91:42:8c:a7:f0:b1:a4:4c:
ea:53:f5:98:d8:e2:f1:5b:d8:56:95:1c:8c:24:ec:49:bd:c0:
e6:5b:6d:ce
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICJ+swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjQwOTI0MDQzNjIyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYyNDFjNi01YzRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8/46F0QL3RQF4Aa/jXogEAwzBM8DTS6IXj9YZbjSwjO12VQ+uNXZTe3eWy7m
svTI7UatT7VYSW1SBtnO1tMYmK6l7FEPXdxUVygv7gowINk9SY0U5f/Sy0tvwC/x
ko+UuvykT8g9wTh/8hCiqbH0iirbELXmSjzeYktyTP5aXMa0ctvp6dN93eW78Oem
3W+gTMgoBHL/rHnSu+COXGPVtLFxnM97l9SVHBgSwTtMXddd/kc4jxdrDiUcIezs
0z252k2zZv0EQVMn5oc6TcCtXHay+hSZ0kEvQJpmFnsCeABghSaoZjfYoJfI2xGh
+g/9rot63RCVvTWrjVTpnMSQOQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPF9HKNO
TEUYU3cbkxkdpQjgnUZ2MB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvOTgyRkU5RTQ3
QTI2MTFFRjg3MTk0NzU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr+nwDBAAr+n8wDQYJKoZIhvcNAQELBQADggEBAL1s+OT2
fgbcWIART1UiSMGngTKIE+lglIJ1fhx+AkdPXRKNLDkGnr27G4iK+2F1RQTvn1iQ
sPBaU6KTbzPhXyQWyWnQ2MYn7W9OPLwks4FsDIuIXZ2GPZDFes68JA+Cz1yyPxYc
X2nRe3oDJSG9v9kDrr9MBGdsy1ZECYYLc/etVj1ZaeTB/SkkId+xDgByYhBFrjYA
xrQr5I5tgbZcOGWzithjU6lR/czfg4lo+NjiuefXoAVo5h9Zag/tneBfP5znXiyd
pI8MjBBRxqXBSlG3gTELCZheUw2W4KHwzTEQz/eRQoyn8LGkTOpT9ZjY4vFb2FaV
HIwk7Em9wOZbbc4=
-----END CERTIFICATE-----
Generated at Tue Sep 24 12:04:17 2024 by rpki-client on console-ams.rpki-client.org