Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/DB5C4650ED3011EEB4F92916C4F9AE02.roa
File: DB5C4650ED3011EEB4F92916C4F9AE02.roa (raw, json)
Hash identifier: 5mlaTqdzrufuHS81lUiVNPIVCKN5sRnJbLs8ztfGwGk=
Subject key identifier: 00:8A:AF:59:C6:28:7C:AB:BC:FB:33:0E:3E:B0:85:91:11:60:CB:4A
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: 02B3
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/DB5C4650ED3011EEB4F92916C4F9AE02.roa
Signing time: Mon 13 May 2024 04:08:42 +0000
ROA not before: Mon 13 May 2024 04:08:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150142
IP address blocks: 43.243.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 06:51:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 691 (0x2b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Validity
Not Before: May 13 04:08:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66419249-c6be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:85:5e:b8:1a:16:2c:be:e0:0c:fb:85:9e:43:
87:09:cc:d9:a5:9c:39:36:03:51:e6:82:63:91:6a:
57:0e:98:43:b0:ba:e8:e5:8f:b6:c2:98:4d:a4:b4:
7f:d3:6b:04:bb:58:96:17:9a:11:b0:03:72:ee:76:
58:6e:9e:ff:4f:ae:ca:d5:3e:af:e3:c3:59:9e:72:
8a:08:d2:0c:73:45:38:7b:d4:96:09:4d:f1:53:70:
6c:ca:5e:7c:12:54:1d:b3:01:ab:14:9d:23:a8:27:
d2:bd:98:e0:4a:58:d0:2c:6a:df:66:da:51:b0:f0:
cd:a0:ec:4f:7b:ef:e7:45:cc:99:af:8b:45:fd:56:
78:18:a0:a1:46:dd:6a:d2:57:58:27:e6:59:7b:75:
ce:05:8d:cf:6f:5c:f2:3a:3d:32:95:9b:6d:c3:db:
89:40:f2:dd:d0:e2:73:27:64:b4:fb:b0:87:ff:36:
17:a6:04:49:e7:77:f0:fd:7e:9d:fd:d3:b0:b4:70:
b8:4a:c4:92:86:a9:56:e4:a1:6c:57:2e:c4:c1:8b:
37:a2:43:0b:73:66:6d:6c:fb:5f:8a:9a:7f:72:38:
1b:6c:5f:59:59:c9:2d:ad:b2:79:f1:9a:66:f7:1b:
99:8b:86:d6:62:8c:d5:60:0a:91:d5:56:64:9e:46:
d8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8A:AF:59:C6:28:7C:AB:BC:FB:33:0E:3E:B0:85:91:11:60:CB:4A
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/DB5C4650ED3011EEB4F92916C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.193.0/24
Signature Algorithm: sha256WithRSAEncryption
56:2b:fe:20:ec:26:31:47:a1:18:91:fc:67:c6:f1:37:ce:8e:
07:3d:d8:2b:41:00:81:4b:bd:6c:dd:f4:99:8c:a3:69:52:d9:
e6:b2:f5:70:f7:f6:ce:65:45:eb:a1:6e:1a:22:6a:b3:4d:c2:
38:f7:23:31:01:f9:75:95:5b:06:ac:dc:c0:7e:fc:fb:89:33:
89:65:38:2b:be:11:71:36:d2:00:e6:3d:c4:ef:de:e7:28:02:
63:2e:40:8b:db:86:b6:ec:b7:ff:3f:86:be:de:95:9f:f7:2d:
89:ff:26:8b:35:fd:bf:5a:84:ff:42:13:d2:a4:e5:38:d9:86:
29:5d:cc:9b:c8:67:28:f6:59:0c:49:ee:71:9a:50:c9:04:ae:
f9:72:11:44:0e:05:46:4f:18:09:cb:de:a2:4b:63:6f:a9:c7:
b5:3d:d5:41:ea:fe:9b:f0:43:f3:aa:e3:81:67:d0:d5:2d:fd:
38:60:98:4a:74:f1:be:33:1e:76:1e:2a:77:bb:3c:35:67:c9:
d9:6e:7d:21:1c:c9:d7:c7:41:d1:cf:b1:22:eb:ac:91:26:cc:
c1:d4:b7:1e:e6:fe:f4:bc:58:c5:ba:3f:22:9e:3e:6a:14:e7:
6f:f5:21:0f:e7:87:0a:21:a3:61:fb:23:7d:6c:20:0f:cc:c0:
37:dd:7a:87
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICArMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhBRjIxMTAvBgNVBAUTKDEwMDVDQ0Q1RTE4MjMwRkJBOUFERDNEMjdGODVEQTM4
RjEzRTQxNzIwHhcNMjQwNTEzMDQwODQyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQxOTI0OS1jNmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA84VeuBoWLL7gDPuFnkOHCczZpZw5NgNR5oJjkWpXDphDsLro5Y+2wphNpLR/
02sEu1iWF5oRsANy7nZYbp7/T67K1T6v48NZnnKKCNIMc0U4e9SWCU3xU3Bsyl58
ElQdswGrFJ0jqCfSvZjgSljQLGrfZtpRsPDNoOxPe+/nRcyZr4tF/VZ4GKChRt1q
0ldYJ+ZZe3XOBY3Pb1zyOj0ylZttw9uJQPLd0OJzJ2S0+7CH/zYXpgRJ53fw/X6d
/dOwtHC4SsSShqlW5KFsVy7EwYs3okMLc2ZtbPtfipp/cjgbbF9ZWcktrbJ58Zpm
9xuZi4bWYozVYAqR1VZknkbYNQIDAQABo4IClTCCApEwHQYDVR0OBBYEFACKr1nG
KHyrvPszDj6whZERYMtKMB8GA1UdIwQYMBaAFBAFzNXhgjD7qa3T0n+F2jjxPkFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEFGMi83M0M4ODc5MkUw
NjcxMUVDQjlEMkZGODFDNEY5QUUwMi9FQVhNMWVHQ01QdXByZFBTZjRYYU9QRS1R
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhBRjIvNzNDODg3OTJFMDY3MTFFQ0I5RDJGRjgxQzRGOUFFMDIvREI1QzQ2NTBF
RDMwMTFFRUI0RjkyOTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr88EwDQYJKoZIhvcNAQELBQADggEBAFYr/iDsJjFHoRiR
/GfG8TfOjgc92CtBAIFLvWzd9JmMo2lS2eay9XD39s5lReuhbhoiarNNwjj3IzEB
+XWVWwas3MB+/PuJM4llOCu+EXE20gDmPcTv3ucoAmMuQIvbhrbst/8/hr7elZ/3
LYn/Jos1/b9ahP9CE9Kk5TjZhildzJvIZyj2WQxJ7nGaUMkErvlyEUQOBUZPGAnL
3qJLY2+px7U91UHq/pvwQ/Oq44Fn0NUt/ThgmEp08b4zHnYeKne7PDVnydlufSEc
ydfHQdHPsSLrrJEmzMHUtx7m/vS8WMW6PyKePmoU52/1IQ/nhwoho2H7I31sIA/M
wDfdeoc=
-----END CERTIFICATE-----
Generated at Wed May 29 08:37:55 2024 by rpki-client on console-fra.rpki-client.org