Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/0987DB325FA311EE90BA7329C4F9AE02.roa
File: 0987DB325FA311EE90BA7329C4F9AE02.roa (raw, json)
Hash identifier: f7Mqsf0GnnaDbts7Xnr9WofkkEMSPHCcT0VUpwKhuX0=
Subject key identifier: E8:7A:B3:18:9D:A9:96:6C:E4:B9:79:7C:55:94:B3:E0:EE:42:A4:83
Certificate issuer: /CN=A91F3853/serialNumber=7B59A4DB86EF5419F7ADBDDA1DF52B509EE6DF75
Certificate serial: 54
Authority key identifier: 7B:59:A4:DB:86:EF:54:19:F7:AD:BD:DA:1D:F5:2B:50:9E:E6:DF:75
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1mk24bvVBn3rb3aHfUrUJ7m33U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/0987DB325FA311EE90BA7329C4F9AE02.roa
Signing time: Fri 01 Mar 2024 07:38:38 +0000
ROA not before: Fri 01 Mar 2024 07:38:38 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 132422
IP address blocks: 43.230.8.0/24 maxlen: 24
43.230.10.0/24 maxlen: 24
43.230.11.0/24 maxlen: 24
103.49.60.0/24 maxlen: 24
103.49.61.0/24 maxlen: 24
103.49.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Jun 2024 02:12:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84 (0x54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3853/serialNumber=7B59A4DB86EF5419F7ADBDDA1DF52B509EE6DF75
Validity
Not Before: Mar 1 07:38:38 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e185fe-ccf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8d:a5:58:e7:9f:2c:12:46:11:51:05:ee:c0:
98:5c:2e:3f:5c:ef:d2:50:9e:d0:cc:db:28:eb:42:
94:28:eb:f8:67:39:4d:13:87:51:3a:7a:59:3d:97:
8e:5f:f0:f2:2d:0f:d2:60:d5:75:d2:09:52:55:67:
35:eb:20:31:dc:8f:1e:6f:58:17:28:d9:3a:3e:2a:
f6:8b:9c:52:bb:07:d3:ff:31:84:e2:1b:4f:84:06:
19:3d:f7:e2:9a:a3:f7:b9:bf:03:f9:b9:8b:06:20:
89:3b:1d:c7:90:02:9c:f9:9f:c2:c6:d8:ab:a3:a7:
dd:2b:ca:e8:4c:f4:07:d2:77:1d:4a:d1:2c:0a:64:
82:54:32:4d:32:6e:11:8b:93:27:b6:42:89:f5:15:
de:c7:48:2e:43:41:b3:e5:46:5d:33:a3:b0:21:0d:
87:8b:7c:3b:74:3b:3b:f6:90:98:b5:90:06:7b:f2:
28:c1:01:c0:4f:37:02:ea:c0:02:64:7f:3f:69:2d:
88:94:05:d0:89:83:8b:92:2d:25:ba:87:00:74:28:
8e:dc:2d:c1:c8:44:89:7e:53:68:29:c9:9f:fa:4d:
83:0f:61:6c:72:22:34:76:61:7b:f3:c8:7c:f1:d3:
f5:24:b6:dd:ce:22:60:81:e2:5d:99:c4:c3:d3:fe:
7c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:7A:B3:18:9D:A9:96:6C:E4:B9:79:7C:55:94:B3:E0:EE:42:A4:83
X509v3 Authority Key Identifier:
keyid:7B:59:A4:DB:86:EF:54:19:F7:AD:BD:DA:1D:F5:2B:50:9E:E6:DF:75
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/e1mk24bvVBn3rb3aHfUrUJ7m33U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1mk24bvVBn3rb3aHfUrUJ7m33U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/0987DB325FA311EE90BA7329C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.8.0/24
43.230.10.0/23
103.49.60.0-103.49.62.255
Signature Algorithm: sha256WithRSAEncryption
bb:2e:cb:3f:f5:51:97:bc:97:2d:37:3b:b4:81:db:16:a3:58:
3a:ac:16:dc:a7:f7:50:71:56:63:57:de:e1:16:1d:f5:69:31:
cb:b1:b2:89:d9:02:62:c0:5e:76:53:43:1f:d3:70:b8:0f:c5:
b9:d7:1b:11:b8:0f:b9:0b:f1:5a:12:8e:60:b6:fe:8c:5b:ee:
a1:9b:be:8a:1a:0d:e1:80:89:b6:4a:19:bd:ec:aa:94:de:f0:
3e:7f:0a:1b:68:c6:31:9a:34:4b:55:c7:d6:ef:c0:5e:ac:15:
c0:dc:70:ff:19:0c:f7:5a:9e:79:2e:e4:7c:85:2c:4e:c0:63:
57:fb:e5:2e:cc:e7:1a:86:ee:b3:86:1c:56:34:c8:9f:00:22:
22:65:23:06:7f:db:e2:13:25:eb:e9:52:c7:14:2c:a0:2f:18:
c9:6c:13:64:1f:3a:2c:a7:42:1c:cb:ca:b6:74:37:0c:8b:ae:
f7:6a:64:1f:c5:ba:64:03:c0:a7:5e:d0:9d:16:0e:aa:35:4a:
37:55:4c:e7:56:f7:70:37:30:57:9b:c8:11:c5:82:2c:b0:c3:
3a:fb:6d:17:14:28:fd:3c:8c:8e:dd:ca:41:e9:02:91:9c:ec:
e3:3d:40:8b:b8:c2:26:80:92:e1:61:d6:ee:4a:f6:45:94:21:
e6:b9:79:da
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBVDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
Mzg1MzExMC8GA1UEBRMoN0I1OUE0REI4NkVGNTQxOUY3QURCRERBMURGNTJCNTA5
RUU2REY3NTAeFw0yNDAzMDEwNzM4MzhaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZTE4NWZlLWNjZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+jaVY558sEkYRUQXuwJhcLj9c79JQntDM2yjrQpQo6/hnOU0Th1E6elk9l45f
8PItD9Jg1XXSCVJVZzXrIDHcjx5vWBco2To+KvaLnFK7B9P/MYTiG0+EBhk99+Ka
o/e5vwP5uYsGIIk7HceQApz5n8LG2Kujp90ryuhM9AfSdx1K0SwKZIJUMk0ybhGL
kye2Qon1Fd7HSC5DQbPlRl0zo7AhDYeLfDt0Ozv2kJi1kAZ78ijBAcBPNwLqwAJk
fz9pLYiUBdCJg4uSLSW6hwB0KI7cLcHIRIl+U2gpyZ/6TYMPYWxyIjR2YXvzyHzx
0/Uktt3OImCB4l2ZxMPT/nydAgMBAAGjggKpMIICpTAdBgNVHQ4EFgQU6HqzGJ2p
lmzkuXl8VZSz4O5CpIMwHwYDVR0jBBgwFoAUe1mk24bvVBn3rb3aHfUrUJ7m33Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzODUzL0YwMUY2MzI4NUZB
MTExRUVCRDlBRjgyOEM0RjlBRTAyL2UxbWsyNGJ2VkJuM3JiM2FIZlVyVUo3bTMz
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZTFtazI0YnZWQm4zcmIzYUhmVXJVSjdtMzNVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
Mzg1My9GMDFGNjMyODVGQTExMUVFQkQ5QUY4MjhDNEY5QUUwMi8wOTg3REIzMjVG
QTMxMUVFOTBCQTczMjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAzBggrBgEFBQcBBwEB/wQk
MCIwIAQCAAEwGgMEACvmCAMEASvmCjAMAwQCZzE8AwQAZzE+MA0GCSqGSIb3DQEB
CwUAA4IBAQC7Lss/9VGXvJctNzu0gdsWo1g6rBbcp/dQcVZjV97hFh31aTHLsbKJ
2QJiwF52U0Mf03C4D8W51xsRuA+5C/FaEo5gtv6MW+6hm76KGg3hgIm2Shm97KqU
3vA+fwobaMYxmjRLVcfW78BerBXA3HD/GQz3Wp55LuR8hSxOwGNX++UuzOcahu6z
hhxWNMifACIiZSMGf9viEyXr6VLHFCygLxjJbBNkHzosp0Icy8q2dDcMi673amQf
xbpkA8CnXtCdFg6qNUo3VUznVvdwNzBXm8gRxYIssMM6+20XFCj9PIyO3cpB6QKR
nOzjPUCLuMImgJLhYdbuSvZFlCHmuXna
-----END CERTIFICATE-----
Generated at Thu Jun 13 02:57:10 2024 by rpki-client on console-fra.rpki-client.org