Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/DE9846387A1C11EFA5166F6FC4F9AE02.roa
File: DE9846387A1C11EFA5166F6FC4F9AE02.roa (raw, json)
Hash identifier: LNUgXyrH6y11WbIJFfI3j/uGPNnjH0ai09qQh4uQU40=
Subject key identifier: 7A:B3:D3:84:0E:43:D2:39:FD:28:0A:88:CF:FC:BE:26:C4:DE:0B:42
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 27E1
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/DE9846387A1C11EFA5166F6FC4F9AE02.roa
Signing time: Tue 24 Sep 2024 02:29:48 +0000
ROA not before: Tue 24 Sep 2024 02:29:48 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 214760
IP address blocks: 43.250.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 03:27:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10209 (0x27e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Sep 24 02:29:48 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66f2241c-26e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:83:a6:a1:92:f8:4d:00:3e:87:cb:85:f0:ed:
5a:4f:d2:17:99:3a:c5:ea:e8:12:98:8b:d8:ea:53:
34:4b:59:23:58:da:be:53:86:c4:d6:49:07:e2:27:
cf:6d:c5:26:52:82:9b:ae:0a:8c:63:58:43:29:78:
5a:8d:1f:cd:67:50:a3:36:db:f9:b2:83:8c:0c:fb:
6f:29:fb:13:45:09:b6:11:eb:99:c2:19:18:b4:1b:
32:aa:b1:a3:a1:1f:0c:77:b1:72:57:ce:71:51:48:
56:8f:18:b4:c3:ae:82:8d:fd:4a:40:c8:6d:a3:b6:
e4:64:d3:b9:8d:d9:e6:f9:ca:b6:f2:d1:b8:b9:d4:
72:f3:73:84:c4:3c:96:cd:d9:9e:3f:8b:b6:b3:7a:
48:c4:92:5b:93:cd:64:a9:25:11:c2:74:45:f8:95:
65:fa:65:24:68:2b:cd:f2:7d:70:d9:34:2b:e2:ab:
43:e4:14:fd:f5:b4:e6:fc:26:76:17:12:27:62:af:
81:47:53:d8:65:e5:d0:98:a0:3f:99:89:89:8e:ba:
42:6b:81:6b:7e:55:90:9a:95:a4:89:39:63:29:d1:
34:41:88:09:26:6a:83:3d:18:e0:e2:6b:8a:8b:4c:
37:73:69:f3:9d:ac:ab:65:4a:f3:53:9d:03:6b:1c:
dc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B3:D3:84:0E:43:D2:39:FD:28:0A:88:CF:FC:BE:26:C4:DE:0B:42
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/DE9846387A1C11EFA5166F6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.125.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:cf:22:29:85:84:8c:32:59:f0:ac:f3:35:a9:41:30:00:a3:
68:89:25:de:c0:fc:97:5e:a5:65:d9:53:8a:d2:31:6e:98:fa:
d4:bc:fa:c5:19:57:89:20:31:cb:f2:48:c5:de:b5:7f:08:1c:
5a:75:f7:c2:11:a6:9d:bc:65:a2:ad:7e:0f:2b:29:5f:66:8a:
da:1c:29:37:0f:be:13:4b:5f:16:ac:7e:ff:21:a2:02:37:9b:
2c:f2:0d:8f:2d:f5:02:f3:bc:79:25:d3:54:1d:46:ae:82:fb:
16:45:1a:35:1f:3f:d8:d8:30:da:dd:a9:e9:97:ef:c1:6f:ec:
ac:49:d6:b4:c6:f7:ea:fb:e9:75:79:d7:f4:cc:b4:bc:bd:c2:
c2:d7:81:e1:b8:8c:e4:6f:35:c1:c3:29:86:56:f8:67:3f:70:
49:86:73:9e:59:15:b0:f7:86:47:b3:09:d9:27:5b:8b:c3:2f:
3e:49:04:4e:51:86:9b:88:7e:50:80:1d:5a:26:27:4a:ba:15:
ba:91:0f:92:ca:11:f0:33:f5:31:dc:2f:79:d5:17:21:d0:8f:
9a:9d:0f:87:78:5e:b3:00:98:98:27:ae:b9:9a:34:93:66:a5:
07:2f:9c:aa:06:32:71:26:9f:2f:3e:8b:77:a0:0e:6c:70:c0:
f2:05:11:c9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjQwOTI0MDIyOTQ4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYyMjQxYy0yNmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs4OmoZL4TQA+h8uF8O1aT9IXmTrF6ugSmIvY6lM0S1kjWNq+U4bE1kkH4ifP
bcUmUoKbrgqMY1hDKXhajR/NZ1CjNtv5soOMDPtvKfsTRQm2EeuZwhkYtBsyqrGj
oR8Md7FyV85xUUhWjxi0w66Cjf1KQMhto7bkZNO5jdnm+cq28tG4udRy83OExDyW
zdmeP4u2s3pIxJJbk81kqSURwnRF+JVl+mUkaCvN8n1w2TQr4qtD5BT99bTm/CZ2
FxInYq+BR1PYZeXQmKA/mYmJjrpCa4FrflWQmpWkiTljKdE0QYgJJmqDPRjg4muK
i0w3c2nznayrZUrzU50DaxzcwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHqz04QO
Q9I5/SgKiM/8vibE3gtCMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvREU5ODQ2Mzg3
QTFDMTFFRkE1MTY2RjZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr+n0wDQYJKoZIhvcNAQELBQADggEBAA7PIimFhIwyWfCs
8zWpQTAAo2iJJd7A/JdepWXZU4rSMW6Y+tS8+sUZV4kgMcvySMXetX8IHFp198IR
pp28ZaKtfg8rKV9mitocKTcPvhNLXxasfv8hogI3myzyDY8t9QLzvHkl01QdRq6C
+xZFGjUfP9jYMNrdqemX78Fv7KxJ1rTG9+r76XV51/TMtLy9wsLXgeG4jORvNcHD
KYZW+Gc/cEmGc55ZFbD3hkezCdknW4vDLz5JBE5RhpuIflCAHVomJ0q6FbqRD5LK
EfAz9THcL3nVFyHQj5qdD4d4XrMAmJgnrrmaNJNmpQcvnKoGMnEmny8+i3egDmxw
wPIFEck=
-----END CERTIFICATE-----
Generated at Tue Sep 24 05:55:20 2024 by rpki-client on console-ams.rpki-client.org