Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/531C7DEA7BA711EF8ABBA081C4F9AE02.roa
File: 531C7DEA7BA711EF8ABBA081C4F9AE02.roa (raw, json)
Hash identifier: Bw+OFGy8eyT85+BXlVkFSHy8W1jwFqrwu6fwgVz5rQg=
Subject key identifier: E3:F2:DD:AD:62:C8:00:59:D6:C3:9C:A8:34:CB:70:98:36:80:6A:9C
Certificate issuer: /CN=A91A998A/serialNumber=9C071E814D80B10E2CA1F71E9B2E535C3905CB65
Certificate serial: 08
Authority key identifier: 9C:07:1E:81:4D:80:B1:0E:2C:A1:F7:1E:9B:2E:53:5C:39:05:CB:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nAcegU2AsQ4sofcemy5TXDkFy2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/531C7DEA7BA711EF8ABBA081C4F9AE02.roa
Signing time: Fri 27 Sep 2024 03:52:34 +0000
ROA not before: Fri 27 Sep 2024 03:52:34 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 59065
IP address blocks: 43.230.182.0/24 maxlen: 24
103.50.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 04:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A998A/serialNumber=9C071E814D80B10E2CA1F71E9B2E535C3905CB65
Validity
Not Before: Sep 27 03:52:34 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66f62c02-6b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:29:98:c6:c4:a5:4c:11:ab:fb:42:6e:84:82:
b0:cf:c9:93:fc:86:fe:69:c2:e9:98:6a:ec:31:9d:
e3:e5:1e:bd:7e:15:18:de:0f:a8:0f:b2:04:9e:ac:
6b:41:6b:1c:ea:17:ab:b7:02:d2:7d:d7:85:dd:24:
ea:33:0e:24:01:e7:f0:a6:80:c5:f2:0b:a2:da:9a:
b4:ca:cd:7f:ad:f7:cc:ac:1b:69:91:fb:5e:84:01:
4d:6b:2d:7d:2b:f6:62:06:20:1a:f4:76:bb:a3:06:
8f:5b:52:23:fb:d9:91:b0:24:22:87:2c:54:4b:63:
a5:60:17:50:43:00:4f:cf:04:53:c4:ab:3b:d2:4d:
f4:bd:f4:13:21:eb:3c:1e:11:e4:2c:de:3b:1e:fa:
e2:9c:30:c0:d5:67:b1:90:42:4d:75:21:2a:e9:d4:
7a:38:76:c7:b3:42:1e:fa:02:ae:0f:84:dd:fc:97:
9d:63:ed:5d:45:30:21:38:5d:7d:e6:00:24:e8:ca:
61:4b:03:b2:cf:3e:da:6d:1b:db:4e:21:9a:48:65:
ac:3d:3e:33:35:30:e4:f5:6f:42:96:9d:7c:f2:10:
d8:0c:55:f7:43:3c:eb:9f:57:dc:60:50:37:e6:fc:
45:b7:c2:f1:81:c6:a8:56:eb:c3:fc:d7:50:19:09:
c6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F2:DD:AD:62:C8:00:59:D6:C3:9C:A8:34:CB:70:98:36:80:6A:9C
X509v3 Authority Key Identifier:
keyid:9C:07:1E:81:4D:80:B1:0E:2C:A1:F7:1E:9B:2E:53:5C:39:05:CB:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/nAcegU2AsQ4sofcemy5TXDkFy2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nAcegU2AsQ4sofcemy5TXDkFy2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A998A/522CB7347AE811EF9A4A4737C4F9AE02/531C7DEA7BA711EF8ABBA081C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.182.0/24
103.50.2.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:39:81:6d:c1:e9:7f:de:2c:35:58:ca:73:d9:ad:90:4f:ba:
43:cf:1b:a7:dc:c9:aa:c7:70:64:09:5c:fe:a4:92:9d:ec:9d:
b6:68:ee:c9:a2:b7:84:e2:04:a2:88:ad:72:30:b8:4a:38:0f:
39:d3:e1:cf:b8:ac:c5:10:98:4b:07:83:d4:54:dd:aa:78:1b:
58:07:2e:bf:c9:61:c2:0f:a3:f3:2a:0c:4a:81:73:b6:34:0a:
fd:4e:f1:7e:42:29:a9:77:66:59:2a:73:a6:64:52:04:0c:f2:
78:7c:26:91:61:c2:07:09:49:6d:0f:55:b9:93:6a:29:89:7a:
ad:6c:07:f3:91:c1:c7:e3:7e:33:7a:cb:8d:5b:22:77:a4:bf:
83:d0:ee:60:8a:16:8e:fe:9d:7b:a4:81:65:ea:02:81:fa:1b:
98:a6:c5:62:87:0d:83:47:a6:ec:ec:b6:8d:51:4d:9f:c9:73:
48:d0:57:81:1e:61:d0:9e:18:e9:25:0a:75:c1:89:96:b1:b4:
0c:1c:a4:29:ef:87:7f:e9:b8:55:3d:13:52:3f:5e:c0:61:d8:
e1:f4:5e:14:15:0d:a2:a4:b9:b9:f7:d8:0f:c9:48:b7:9c:bd:
75:5a:a7:12:d4:82:3d:81:00:6a:99:f2:2d:63:80:e4:c4:5e:
33:9c:df:2e
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
OTk4QTExMC8GA1UEBRMoOUMwNzFFODE0RDgwQjEwRTJDQTFGNzFFOUIyRTUzNUMz
OTA1Q0I2NTAeFw0yNDA5MjcwMzUyMzRaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZjYyYzAyLTZiM2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmKZjGxKVMEav7Qm6EgrDPyZP8hv5pwumYauwxnePlHr1+FRjeD6gPsgSerGtB
axzqF6u3AtJ914XdJOozDiQB5/CmgMXyC6LamrTKzX+t98ysG2mR+16EAU1rLX0r
9mIGIBr0drujBo9bUiP72ZGwJCKHLFRLY6VgF1BDAE/PBFPEqzvSTfS99BMh6zwe
EeQs3jse+uKcMMDVZ7GQQk11ISrp1Ho4dsezQh76Aq4PhN38l51j7V1FMCE4XX3m
ACToymFLA7LPPtptG9tOIZpIZaw9PjM1MOT1b0KWnXzyENgMVfdDPOufV9xgUDfm
/EW3wvGBxqhW68P811AZCcaBAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU4/LdrWLI
AFnWw5yoNMtwmDaAapwwHwYDVR0jBBgwFoAUnAcegU2AsQ4sofcemy5TXDkFy2Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5OThBLzUyMkNCNzM0N0FF
ODExRUY5QTRBNDczN0M0RjlBRTAyL25BY2VnVTJBc1E0c29mY2VteTVUWERrRnky
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbkFjZWdVMkFzUTRzb2ZjZW15NVRYRGtGeTJVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
OTk4QS81MjJDQjczNDdBRTgxMUVGOUE0QTQ3MzdDNEY5QUUwMi81MzFDN0RFQTdC
QTcxMUVGOEFCQkEwODFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEACvmtgMEAGcyAjANBgkqhkiG9w0BAQsFAAOCAQEAzDmBbcHp
f94sNVjKc9mtkE+6Q88bp9zJqsdwZAlc/qSSneydtmjuyaK3hOIEooitcjC4SjgP
OdPhz7isxRCYSweD1FTdqngbWAcuv8lhwg+j8yoMSoFztjQK/U7xfkIpqXdmWSpz
pmRSBAzyeHwmkWHCBwlJbQ9VuZNqKYl6rWwH85HBx+N+M3rLjVsid6S/g9DuYIoW
jv6de6SBZeoCgfobmKbFYocNg0em7Oy2jVFNn8lzSNBXgR5h0J4Y6SUKdcGJlrG0
DBykKe+Hf+m4VT0TUj9ewGHY4fReFBUNoqS5uffYD8lIt5y9dVqnEtSCPYEAapny
LWOA5MReM5zfLg==
-----END CERTIFICATE-----
Generated at Fri Sep 27 13:53:51 2024 by rpki-client on console.sobornost.net