Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/A514BE1A795811EFA695B965C4F9AE02.roa
File: A514BE1A795811EFA695B965C4F9AE02.roa (raw, json)
Hash identifier: 6vr7MU8977Y4he4xeM1+aFARg+p31zlSVh7w4HKLfs4=
Subject key identifier: 3D:95:AB:AA:E7:62:2F:15:1A:DC:C2:6F:22:59:42:86:0B:B2:80:90
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 27CB
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/A514BE1A795811EFA695B965C4F9AE02.roa
Signing time: Mon 23 Sep 2024 03:05:10 +0000
ROA not before: Mon 23 Sep 2024 03:05:10 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 141718
IP address blocks: 43.250.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 06:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10187 (0x27cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Sep 23 03:05:10 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66f0dae6-41d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:5c:2a:03:65:ab:1e:13:8e:2f:97:8d:7e:93:
c6:b1:a2:7e:80:63:8f:e6:11:bd:ea:ef:7c:e0:21:
cd:26:ae:0c:81:8b:7f:4e:a8:73:bd:26:c3:09:dc:
2a:5d:b0:e6:78:4c:ff:65:55:bf:6a:30:5c:c8:49:
62:b1:b9:5b:a8:52:88:e8:5b:07:c7:42:4b:7c:61:
4e:77:19:64:ea:91:c5:ba:52:2c:4e:b4:45:ab:74:
24:2e:77:aa:26:38:b5:d2:44:64:32:0a:8e:30:6b:
1c:73:64:01:aa:b2:4a:5c:f6:c1:8d:18:41:29:47:
2c:ba:97:3b:89:6e:be:5a:24:8a:2e:09:90:09:44:
e5:5f:9b:c2:a7:f0:d1:78:3f:3f:3c:b1:d6:e3:ec:
63:4f:e1:4f:9a:69:da:26:de:5e:19:24:77:5a:c7:
54:f8:4f:fe:7b:a0:ad:14:4a:b0:74:fc:f0:40:0c:
d6:f9:05:2a:6d:3a:22:db:4a:24:a6:2c:54:ce:71:
1b:40:3c:d3:e1:2d:b1:57:bb:2c:ee:03:a5:af:0f:
b1:d1:8c:e7:52:e5:ff:8e:ac:94:0b:8b:36:1a:63:
52:ea:bf:30:7c:7f:7a:94:ca:fd:a6:8e:8c:02:6e:
d5:5c:5a:43:7d:8e:72:6c:18:61:47:72:08:74:fd:
2a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:95:AB:AA:E7:62:2F:15:1A:DC:C2:6F:22:59:42:86:0B:B2:80:90
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/A514BE1A795811EFA695B965C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.124.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:59:60:37:48:20:35:a8:ca:a3:7e:15:12:d5:c5:fb:42:61:
b0:67:02:4c:4d:8c:bb:2b:ce:0d:44:a9:fb:89:59:16:2b:f7:
45:2c:7b:56:76:c0:92:9e:83:8c:b2:d3:32:04:73:28:ce:16:
a0:9d:1c:07:64:c3:61:85:00:1f:ba:a0:4e:1d:4f:de:da:b0:
55:c2:5c:86:a1:1d:4e:8a:0b:bc:37:46:67:23:90:ac:9a:58:
20:0d:5f:09:85:00:75:30:16:77:d4:2c:72:b2:85:da:c1:c7:
04:85:94:53:e8:55:af:12:a2:e0:4b:59:f5:74:ec:8f:d1:b5:
13:ce:f2:28:0b:6b:02:20:c8:6f:8b:04:29:24:c6:fa:58:5f:
4a:b0:a8:c8:e4:7d:1c:64:96:53:b2:1b:2e:e1:ff:5f:10:94:
ab:77:3e:c0:ed:35:7a:22:76:c7:a2:15:f1:e9:3b:c6:73:3c:
1e:b2:86:83:25:ee:eb:50:28:84:55:46:49:04:35:a7:a3:fa:
30:b9:b4:76:b2:a1:93:bb:8b:b9:c3:ff:7a:dd:21:ff:1a:09:
f1:8c:5d:33:55:d8:c4:0d:dc:bd:4f:33:cd:b7:e4:d4:73:47:
2f:a9:67:f8:e0:8e:15:bd:b6:e2:a2:be:6f:99:5e:48:8a:c5:
3b:4f:c4:83
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjQwOTIzMDMwNTEwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYwZGFlNi00MWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5lwqA2WrHhOOL5eNfpPGsaJ+gGOP5hG96u984CHNJq4MgYt/TqhzvSbDCdwq
XbDmeEz/ZVW/ajBcyElisblbqFKI6FsHx0JLfGFOdxlk6pHFulIsTrRFq3QkLneq
Jji10kRkMgqOMGscc2QBqrJKXPbBjRhBKUcsupc7iW6+WiSKLgmQCUTlX5vCp/DR
eD8/PLHW4+xjT+FPmmnaJt5eGSR3WsdU+E/+e6CtFEqwdPzwQAzW+QUqbToi20ok
pixUznEbQDzT4S2xV7ss7gOlrw+x0YznUuX/jqyUC4s2GmNS6r8wfH96lMr9po6M
Am7VXFpDfY5ybBhhR3IIdP0qBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD2Vq6rn
Yi8VGtzCbyJZQoYLsoCQMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvQTUxNEJFMUE3
OTU4MTFFRkE2OTVCOTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr+nwwDQYJKoZIhvcNAQELBQADggEBAApZYDdIIDWoyqN+
FRLVxftCYbBnAkxNjLsrzg1EqfuJWRYr90Use1Z2wJKeg4yy0zIEcyjOFqCdHAdk
w2GFAB+6oE4dT97asFXCXIahHU6KC7w3RmcjkKyaWCANXwmFAHUwFnfULHKyhdrB
xwSFlFPoVa8SouBLWfV07I/RtRPO8igLawIgyG+LBCkkxvpYX0qwqMjkfRxkllOy
Gy7h/18QlKt3PsDtNXoidseiFfHpO8ZzPB6yhoMl7utQKIRVRkkENaej+jC5tHay
oZO7i7nD/3rdIf8aCfGMXTNV2MQN3L1PM8235NRzRy+pZ/jgjhW9tuKivm+ZXkiK
xTtPxIM=
-----END CERTIFICATE-----
Generated at Mon Sep 23 07:59:20 2024 by rpki-client on console-fra.rpki-client.org