Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/E8F34628BC0811EE9135A47AC4F9AE02.roa
File: E8F34628BC0811EE9135A47AC4F9AE02.roa (raw, json)
Hash identifier: SSM6R1cORr8WMi5Zj4flYxsikF4rz6u3+zhJpDHUbzs=
Subject key identifier: D3:10:36:90:7D:B5:FB:9B:71:82:CF:A9:CF:CC:4D:1B:B6:F7:B4:8F
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 2713
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/E8F34628BC0811EE9135A47AC4F9AE02.roa
Signing time: Fri 26 Jan 2024 05:08:15 +0000
ROA not before: Fri 26 Jan 2024 05:08:15 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 133177
IP address blocks: 43.250.124.0/24 maxlen: 24
43.250.125.0/24 maxlen: 24
43.250.126.0/24 maxlen: 24
43.250.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 05:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10003 (0x2713)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Jan 26 05:08:15 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65b33e3f-179f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:50:9c:cc:ee:cc:3b:e1:88:ca:0d:ac:ba:8b:
39:de:8f:bb:26:75:f9:47:8f:40:e3:3d:59:99:fb:
ac:08:fb:50:f2:b1:2d:9d:7a:48:00:c6:d9:1c:92:
0a:f3:d3:b2:a3:a5:75:b7:42:71:0d:d4:db:7c:f3:
25:32:bd:41:dc:6d:7c:11:b4:49:f9:ce:ef:ba:e1:
0c:ce:aa:fe:d4:7f:15:73:17:e8:1a:75:27:1f:1c:
c5:66:e1:6c:d1:ec:be:a7:c0:d8:05:af:a7:9c:60:
a5:52:b9:9f:ee:f9:54:c8:08:a5:55:d5:d7:e7:cc:
22:58:ae:f7:ad:f3:ea:15:3c:31:34:da:f8:28:b2:
a8:a1:49:56:e2:1c:14:ba:a1:72:8e:99:93:84:1e:
22:76:56:da:21:c1:3b:aa:a8:93:c7:42:0e:c5:59:
99:b4:e7:6f:00:45:aa:36:45:b5:bf:09:4b:f1:40:
02:4d:8f:44:db:53:99:df:37:9b:91:c2:e3:07:cc:
36:f9:e6:3f:65:ee:ac:69:fa:ee:10:71:37:0b:cb:
eb:bf:a7:bd:a6:33:aa:69:99:d5:f3:c3:d9:fc:64:
dc:e9:bc:17:f1:0d:24:03:98:bd:1c:20:d5:f6:3e:
fe:88:7d:f8:33:27:1c:d6:36:99:60:7c:1c:43:75:
c0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:10:36:90:7D:B5:FB:9B:71:82:CF:A9:CF:CC:4D:1B:B6:F7:B4:8F
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/E8F34628BC0811EE9135A47AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.124.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:ea:5a:6e:30:fe:b9:41:ee:56:d5:ac:ae:6f:9e:d1:8a:66:
f3:98:b3:1a:79:6c:67:9f:ca:5c:b4:c7:f3:4e:d0:e2:2e:2c:
85:7c:d0:3d:4a:2b:67:28:78:46:fe:82:95:c4:b1:0b:e8:17:
ab:3d:f4:9b:27:f5:ba:a6:b1:98:32:7c:c7:b5:d1:c3:a8:8d:
2e:45:39:ce:51:60:4b:6f:2c:43:53:8c:12:c9:23:56:03:8b:
fc:96:0d:f6:00:0e:63:30:21:df:ef:e2:94:f2:62:8a:5c:3c:
47:02:f5:c0:6c:1d:a3:57:87:d1:02:df:cb:99:aa:af:7c:76:
50:9e:ee:c7:02:a4:f2:bc:ba:07:8a:ff:9b:84:3f:2d:e2:87:
ec:19:d2:cb:e8:32:3f:bb:45:06:84:c4:7b:8f:23:b4:81:34:
52:79:d3:0a:75:ba:70:93:28:0b:21:7f:19:7d:8a:de:eb:aa:
05:2f:cb:84:8f:64:6c:e5:88:33:da:5f:8c:c6:ef:48:b4:76:
1d:ee:b1:f4:f5:72:07:46:a8:59:1a:33:90:62:d7:3d:cf:91:
a8:98:59:67:c5:6d:98:95:8e:df:d8:16:e1:9c:4f:91:e6:34:
e3:9f:b4:91:12:b9:0c:c7:35:b4:d8:73:5c:a0:e0:aa:ac:bb:
e8:13:48:45
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJxMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjQwMTI2MDUwODE1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWIzM2UzZi0xNzlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5FCczO7MO+GIyg2suos53o+7JnX5R49A4z1ZmfusCPtQ8rEtnXpIAMbZHJIK
89Oyo6V1t0JxDdTbfPMlMr1B3G18EbRJ+c7vuuEMzqr+1H8VcxfoGnUnHxzFZuFs
0ey+p8DYBa+nnGClUrmf7vlUyAilVdXX58wiWK73rfPqFTwxNNr4KLKooUlW4hwU
uqFyjpmThB4idlbaIcE7qqiTx0IOxVmZtOdvAEWqNkW1vwlL8UACTY9E21OZ3zeb
kcLjB8w2+eY/Ze6safruEHE3C8vrv6e9pjOqaZnV88PZ/GTc6bwX8Q0kA5i9HCDV
9j7+iH34Mycc1jaZYHwcQ3XAxwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNMQNpB9
tfubcYLPqc/MTRu297SPMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvRThGMzQ2MjhC
QzA4MTFFRTkxMzVBNDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr+nwwDQYJKoZIhvcNAQELBQADggEBAK7qWm4w/rlB7lbV
rK5vntGKZvOYsxp5bGefyly0x/NO0OIuLIV80D1KK2coeEb+gpXEsQvoF6s99Jsn
9bqmsZgyfMe10cOojS5FOc5RYEtvLENTjBLJI1YDi/yWDfYADmMwId/v4pTyYopc
PEcC9cBsHaNXh9EC38uZqq98dlCe7scCpPK8ugeK/5uEPy3ih+wZ0svoMj+7RQaE
xHuPI7SBNFJ50wp1unCTKAshfxl9it7rqgUvy4SPZGzliDPaX4zG70i0dh3usfT1
cgdGqFkaM5Bi1z3PkaiYWWfFbZiVjt/YFuGcT5HmNOOftJESuQzHNbTYc1yg4Kqs
u+gTSEU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org