Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32332e302f32342d3234203d3e203230343733.roa
File: 34332e3235322e32332e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: yB5EmgFmuHkQmIMlBchYOj01Cdsu/d7o9oi4COpYtAE=
Subject key identifier: 28:7C:A3:8D:D0:A9:AF:7E:53:08:66:E4:16:55:A7:04:B8:0A:8B:BB
Certificate issuer: /CN=A91DD5100000/serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B
Certificate serial: 18715F6474561D852472D161B6160B40FE7222E7
Authority key identifier: 5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32332e302f32342d3234203d3e203230343733.roa
Signing time: Mon 10 Feb 2025 16:57:49 +0000
ROA not before: Mon 10 Feb 2025 16:52:49 +0000
ROA not after: Mon 09 Feb 2026 16:57:49 +0000
asID: 20473
IP address blocks: 43.252.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Apr 2025 00:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:71:5f:64:74:56:1d:85:24:72:d1:61:b6:16:0b:40:fe:72:22:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD5100000
Validity
Not Before: Feb 10 16:52:49 2025 GMT
Not After : Feb 9 16:57:49 2026 GMT
Subject: CN=287CA38DD0A9AF7E530866E41655A704B80A8BBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:95:77:2e:be:8e:3c:28:cb:ad:fd:e3:7d:e5:
45:13:72:9a:ab:fa:d9:ec:4c:10:57:f1:26:16:c8:
53:ab:84:26:10:f1:f4:13:57:f2:0c:41:4f:17:1e:
fd:ff:5f:08:4a:fb:8c:17:4c:cf:9f:99:01:9a:13:
33:50:36:1e:4a:07:86:f8:09:51:55:78:b7:45:0c:
75:13:e5:bc:fb:b0:db:79:cb:00:e0:65:88:e3:1b:
ca:c7:80:a1:1e:b6:ea:81:e0:d6:b9:a7:01:12:1e:
eb:31:3e:92:a9:fe:e2:3e:52:42:6c:39:9d:98:4f:
8a:ef:19:23:5d:5b:1c:4c:76:e8:31:3e:61:12:fa:
fe:af:72:87:1b:c8:f0:d4:f5:e0:0a:31:69:ee:85:
59:f2:19:58:de:63:86:f6:a6:d6:8a:69:09:5e:96:
95:ab:26:e9:92:2b:0d:5d:e6:4e:a0:9e:04:d9:0a:
9b:e5:bc:d9:40:ef:a1:17:c7:32:36:e1:f6:87:cb:
b8:9d:01:6f:f3:82:51:a2:32:df:db:ee:4e:9e:0e:
85:08:50:97:4f:d6:bf:f3:41:49:52:52:5e:b9:4b:
8b:ae:19:03:57:f4:13:9a:76:41:8c:58:20:19:7e:
09:02:30:46:e4:65:ee:62:81:49:f9:48:08:f9:22:
d0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:7C:A3:8D:D0:A9:AF:7E:53:08:66:E4:16:55:A7:04:B8:0A:8B:BB
X509v3 Authority Key Identifier:
keyid:5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32332e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.252.23.0/24
Signature Algorithm: sha256WithRSAEncryption
75:82:00:bd:5d:d0:49:9a:57:d5:29:86:bb:8e:cb:b3:76:6c:
ca:26:2f:9e:b2:3b:f2:2b:d2:ff:59:93:15:5e:29:c5:c4:99:
c3:5f:3f:d4:f7:34:07:1c:5e:01:f8:21:a7:9b:39:e6:85:68:
93:2a:f7:70:90:dd:e5:3c:d6:50:d4:af:b3:7d:54:d0:f7:0c:
ef:a0:d4:6b:cc:af:a6:ad:93:b9:b6:a7:5b:e1:2b:47:ab:d4:
b8:cb:2f:1c:ad:43:b7:97:00:3f:68:b6:1f:8d:e9:73:1e:9d:
e8:49:7f:24:18:e0:eb:20:2e:7d:ee:35:b3:45:df:ab:e4:0c:
29:12:53:cb:27:4a:bf:88:1b:eb:61:9d:ad:f4:aa:4b:2a:da:
d8:c7:1d:9b:3f:fe:7b:7d:67:92:fa:37:a8:60:a6:aa:0f:17:
45:4c:e2:f7:48:3e:d5:af:77:fd:b8:31:ce:3c:bb:a9:c1:4e:
63:40:ac:78:4f:79:8c:c1:50:aa:28:85:ae:b8:73:c1:63:70:
c4:50:6b:73:ad:f9:6b:07:d7:45:03:7e:a9:3e:fe:69:0d:85:
d6:1c:74:1a:d7:7f:d4:c8:7e:de:82:1c:26:d2:4b:e0:49:d7:
3d:57:b7:d6:d0:90:df:5b:fb:0e:0f:53:75:27:c8:60:b2:a2:
0e:b1:04:ea
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUGHFfZHRWHYUkctFhthYLQP5yIucwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxREQ1MTAwMDAwMTEwLwYDVQQFEyg1RDcwN0IwRDM1
Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCMB4XDTI1MDIxMDE2NTI0OVoX
DTI2MDIwOTE2NTc0OVowMzExMC8GA1UEAxMoMjg3Q0EzOEREMEE5QUY3RTUzMDg2
NkU0MTY1NUE3MDRCODBBOEJCQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuVdy6+jjwoy639433lRRNymqv62exMEFfxJhbIU6uEJhDx9BNX8gxBTxce
/f9fCEr7jBdMz5+ZAZoTM1A2HkoHhvgJUVV4t0UMdRPlvPuw23nLAOBliOMbyseA
oR626oHg1rmnARIe6zE+kqn+4j5SQmw5nZhPiu8ZI11bHEx26DE+YRL6/q9yhxvI
8NT14Aoxae6FWfIZWN5jhvam1oppCV6Wlasm6ZIrDV3mTqCeBNkKm+W82UDvoRfH
Mjbh9ofLuJ0Bb/OCUaIy39vuTp4OhQhQl0/Wv/NBSVJSXrlLi64ZA1f0E5p2QYxY
IBl+CQIwRuRl7mKBSflICPki0A8CAwEAAaOCAg8wggILMB0GA1UdDgQWBBQofKON
0KmvflMIZuQWVacEuAqLuzAfBgNVHSMEGDAWgBRdcHsNNWliJDK0vcv9Mg+ai23c
ezAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFERDUxMDAwMDAvMC81RDcwN0Iw
RDM1Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9YWEI3RFRWcFlp
UXl0TDNMX1RJUG1vdHQzSHMuY2VyMIGJBggrBgEFBQcBCwR9MHsweQYIKwYBBQUH
MAuGbXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxREQ1
MTAwMDAwLzAvMzQzMzJlMzIzNTMyMmUzMjMzMmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzIzMDM0MzczMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv8FzANBgkqhkiG9w0BAQsFAAOCAQEA
dYIAvV3QSZpX1SmGu47Ls3ZsyiYvnrI78ivS/1mTFV4pxcSZw18/1Pc0BxxeAfgh
p5s55oVokyr3cJDd5TzWUNSvs31U0PcM76DUa8yvpq2TubanW+ErR6vUuMsvHK1D
t5cAP2i2H43pcx6d6El/JBjg6yAufe41s0Xfq+QMKRJTyydKv4gb62GdrfSqSyra
2Mcdmz/+e31nkvo3qGCmqg8XRUzi90g+1a93/bgxzjy7qcFOY0CseE95jMFQqiiF
rrhzwWNwxFBrc635awfXRQN+qT7+aQ2F1hx0Gtd/1Mh+3oIcJtJL4EnXPVe31tCQ
31v7Dg9TdSfIYLKiDrEE6g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:22 2025 by rpki-client