Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/407AAAF0F16311EE848EF739C4F9AE02.roa
File: 407AAAF0F16311EE848EF739C4F9AE02.roa (raw, json)
Hash identifier: Hd3oJReCzWKvIWbvQKVwaQt4tM4jqkIcehCGVV47Dz0=
Subject key identifier: 69:29:34:FA:F1:1F:7D:71:64:8A:6C:7D:97:3B:71:FC:B4:19:E4:7F
Certificate issuer: /CN=A9175F18/serialNumber=3C8B2BDBCB155E2D2FECD45D062FB3699F034320
Certificate serial: 075B
Authority key identifier: 3C:8B:2B:DB:CB:15:5E:2D:2F:EC:D4:5D:06:2F:B3:69:9F:03:43:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PIsr28sVXi0v7NRdBi-zaZ8DQyA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/407AAAF0F16311EE848EF739C4F9AE02.roa
Signing time: Thu 28 Nov 2024 21:41:00 +0000
ROA not before: Thu 28 Nov 2024 21:41:00 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 137547
IP address blocks: 43.225.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 05:36:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1883 (0x75b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9175F18, serialNumber=3C8B2BDBCB155E2D2FECD45D062FB3699F034320
Validity
Not Before: Nov 28 21:41:00 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6748e36c-e19b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:37:74:54:28:d9:0f:57:74:08:97:04:7e:1a:
5f:cc:21:ce:a6:29:41:17:1b:7e:51:fb:a6:7c:d2:
07:88:58:bd:f7:43:e5:93:80:df:4b:57:27:5d:0e:
0f:6b:1e:7e:fa:97:89:52:0a:5f:90:dc:08:ee:47:
0c:0e:ed:e6:d7:8c:8a:f7:db:3c:e6:8f:8f:85:93:
76:95:0c:a2:de:bc:cf:8b:f7:15:81:6d:62:68:77:
1d:21:01:68:36:c7:5b:1b:ba:ec:d5:b5:47:f6:13:
f5:ed:3a:8f:00:26:70:ca:f5:e5:56:9c:ab:9e:5f:
0a:5d:a1:dd:69:8d:49:61:20:6b:79:9a:69:46:6f:
d5:4a:d9:c7:53:05:75:0e:64:13:0a:17:d9:8d:95:
68:10:c1:56:d4:2d:13:47:a9:06:85:37:38:52:b0:
b0:df:42:32:8f:89:69:4f:ec:74:e7:fe:0c:f9:27:
90:9d:97:8f:05:9b:30:33:fc:84:84:a9:58:21:e6:
23:28:f1:b2:18:ca:21:08:20:04:dc:24:08:2b:f9:
54:ef:31:12:92:61:31:78:9a:5c:a5:bd:9f:35:6e:
aa:da:4b:2d:ef:d2:38:61:2d:fb:50:3b:cc:8a:8c:
7f:cf:1d:89:02:77:59:67:77:2b:e4:c5:16:de:51:
61:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:29:34:FA:F1:1F:7D:71:64:8A:6C:7D:97:3B:71:FC:B4:19:E4:7F
X509v3 Authority Key Identifier:
keyid:3C:8B:2B:DB:CB:15:5E:2D:2F:EC:D4:5D:06:2F:B3:69:9F:03:43:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/PIsr28sVXi0v7NRdBi-zaZ8DQyA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PIsr28sVXi0v7NRdBi-zaZ8DQyA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/407AAAF0F16311EE848EF739C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.58.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:1c:a1:ce:ef:91:fc:5e:73:52:fc:e5:10:27:12:37:8b:7a:
32:00:da:01:30:4e:34:df:e0:98:80:bd:2f:8f:ed:26:55:0d:
d1:d7:a2:cf:ab:04:8d:b6:3f:98:02:1b:d1:83:c3:4f:7c:e7:
6e:f0:a1:5a:e5:1e:8e:73:c1:f1:5f:8f:29:1a:53:80:f8:0c:
6e:f9:f5:1b:3d:a4:18:c3:f5:a4:25:fd:a2:8e:73:2b:3e:91:
fa:c8:50:d3:08:61:b5:f1:aa:f5:72:a6:92:34:4b:89:7a:13:
47:6d:d6:ea:33:5e:e8:46:7f:b2:d5:03:21:6f:a9:6c:fa:c7:
5d:cd:90:86:d6:69:0b:80:fb:89:fb:10:5f:9c:31:46:2a:64:
fb:30:73:37:f0:c4:0a:96:b0:5d:ae:7c:59:58:eb:60:c6:48:
e3:aa:d8:8b:a5:8d:0c:19:37:88:44:99:03:76:6d:96:0c:b5:
b9:3b:bd:35:db:8f:2b:49:c3:91:18:8e:6e:80:97:94:52:f4:
da:2a:e9:01:2c:20:82:a3:97:64:01:26:43:6f:0d:3d:46:fa:
d0:51:14:46:6b:6c:82:ee:67:22:5b:7c:b7:05:14:ac:c1:fb:
53:1c:6d:65:b1:f7:95:f6:e0:a7:d6:70:c8:26:e3:08:7e:46:
5d:75:10:e1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB1swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzVGMTgxMTAvBgNVBAUTKDNDOEIyQkRCQ0IxNTVFMkQyRkVDRDQ1RDA2MkZCMzY5
OUYwMzQzMjAwHhcNMjQxMTI4MjE0MTAwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ4ZTM2Yy1lMTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuDd0VCjZD1d0CJcEfhpfzCHOpilBFxt+UfumfNIHiFi990Plk4DfS1cnXQ4P
ax5++peJUgpfkNwI7kcMDu3m14yK99s85o+PhZN2lQyi3rzPi/cVgW1iaHcdIQFo
NsdbG7rs1bVH9hP17TqPACZwyvXlVpyrnl8KXaHdaY1JYSBreZppRm/VStnHUwV1
DmQTChfZjZVoEMFW1C0TR6kGhTc4UrCw30Iyj4lpT+x05/4M+SeQnZePBZswM/yE
hKlYIeYjKPGyGMohCCAE3CQIK/lU7zESkmExeJpcpb2fNW6q2kst79I4YS37UDvM
iox/zx2JAndZZ3cr5MUW3lFhNwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGkpNPrx
H31xZIpsfZc7cfy0GeR/MB8GA1UdIwQYMBaAFDyLK9vLFV4tL+zUXQYvs2mfA0Mg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NUYxOC9BMzg0MjkxQzBB
QTAxMUVCODczMzM4ODJDNEY5QUUwMi9QSXNyMjhzVlhpMHY3TlJkQmktemFaOERR
eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BJc3IyOHNWWGkwdjdOUmRCaS16YVo4RFF5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzVGMTgvQTM4NDI5MUMwQUEwMTFFQjg3MzMzODgyQzRGOUFFMDIvNDA3QUFBRjBG
MTYzMTFFRTg0OEVGNzM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr4TowDQYJKoZIhvcNAQELBQADggEBADscoc7vkfxec1L8
5RAnEjeLejIA2gEwTjTf4JiAvS+P7SZVDdHXos+rBI22P5gCG9GDw098527woVrl
Ho5zwfFfjykaU4D4DG759Rs9pBjD9aQl/aKOcys+kfrIUNMIYbXxqvVyppI0S4l6
E0dt1uozXuhGf7LVAyFvqWz6x13NkIbWaQuA+4n7EF+cMUYqZPswczfwxAqWsF2u
fFlY62DGSOOq2IuljQwZN4hEmQN2bZYMtbk7vTXbjytJw5EYjm6Al5RS9Noq6QEs
IIKjl2QBJkNvDT1G+tBRFEZrbILuZyJbfLcFFKzB+1McbWWx95X24KfWcMgm4wh+
Rl11EOE=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:29:55 2025 by rpki-client