Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/45735C44609111EFBC21C15CC4F9AE02.roa
File: 45735C44609111EFBC21C15CC4F9AE02.roa (raw, json)
Hash identifier: Eup7Y2RrOp+POemBZTS6UkXtxVvK6Wqi1USJ223p69k=
Subject key identifier: 1D:56:36:2C:B6:3B:FF:C9:FF:AF:02:75:F4:4F:E9:EF:52:07:16:A0
Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Certificate serial: 0319
Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/45735C44609111EFBC21C15CC4F9AE02.roa
Signing time: Mon 02 Sep 2024 14:44:24 +0000
ROA not before: Mon 02 Sep 2024 14:44:24 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 64021
IP address blocks: 43.230.10.0/24 maxlen: 24
43.230.11.0/24 maxlen: 24
43.255.117.0/24 maxlen: 24
103.235.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 08:31:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 793 (0x319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916557B
Validity
Not Before: Sep 2 14:44:24 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66d5cf48-e8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:37:aa:b2:dd:0e:07:4c:24:23:57:f8:47:00:
36:36:02:7f:91:7e:7b:97:da:59:33:85:84:42:2a:
29:1d:96:62:21:e6:90:0c:17:93:63:f5:d1:22:da:
17:37:53:90:2f:42:01:0c:35:47:7c:90:80:88:89:
5b:a3:41:cd:5e:53:9e:83:7a:3b:d2:00:53:f7:2d:
4e:99:ae:63:7e:c9:97:93:5a:4b:f5:8f:8c:a7:9e:
9f:7c:8c:78:2a:c0:cd:bf:e4:90:bc:4d:91:67:2b:
e4:12:31:bd:d2:62:66:5d:79:9b:20:b4:28:72:2c:
96:2e:a6:ea:36:69:20:6e:75:6d:69:09:99:fe:b7:
a6:91:41:64:85:eb:1c:30:fa:83:29:67:3f:52:24:
5c:b1:12:a1:28:d2:a0:aa:35:98:59:b0:7c:cf:cd:
d3:0e:16:5c:6d:7a:b3:6c:a8:ca:33:56:0b:00:15:
04:99:7a:19:c7:ba:44:23:a6:d9:71:ef:8a:24:9b:
96:54:ed:4d:85:2a:a9:83:33:ea:51:6b:46:2f:c3:
fc:81:f6:14:4d:f7:9a:cc:63:3e:52:f6:88:8b:cb:
3f:be:67:79:4c:25:e9:f6:a4:9c:67:1b:b3:37:1f:
65:26:5f:29:ff:36:b0:0e:ef:1d:9a:9d:94:a7:68:
3a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:56:36:2C:B6:3B:FF:C9:FF:AF:02:75:F4:4F:E9:EF:52:07:16:A0
X509v3 Authority Key Identifier:
keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/45735C44609111EFBC21C15CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.10.0/23
43.255.117.0/24
103.235.19.0/24
Signature Algorithm: sha256WithRSAEncryption
33:f9:d8:b2:49:2f:61:ea:d9:df:3c:34:8c:37:99:b3:e4:53:
51:81:e7:a6:f7:a1:58:a0:90:f2:67:ae:3c:b7:fa:2a:0c:d2:
18:78:b3:d6:81:b0:3b:b0:a1:a4:7b:bb:56:d2:07:51:eb:b0:
77:87:7c:28:99:9e:ee:d0:bd:54:54:0f:3a:b5:f3:02:64:da:
fa:a7:fe:f1:27:55:33:f2:b7:2c:33:ef:c2:9e:95:e5:bf:af:
67:82:d2:da:6b:3b:46:89:94:00:1c:fe:eb:b5:ae:88:cb:f0:
48:ef:41:34:fd:c6:97:d2:4a:44:21:5d:e8:63:1c:82:68:03:
76:3e:73:f4:f6:7f:81:1c:ff:3b:61:3b:02:fe:26:f1:f2:11:
15:96:3e:f6:5c:c3:5c:5b:cf:ec:2c:4e:a8:00:9e:7f:40:34:
4a:61:05:c7:de:13:86:c0:99:96:9d:bb:75:d7:b9:99:d5:d3:
ee:5e:84:bf:76:36:8f:ea:2b:bb:29:1f:0a:42:bb:f2:4d:74:
5d:b0:9d:0a:45:af:65:b1:88:53:36:cb:b3:54:05:21:8a:0d:
c3:bf:17:8e:31:23:83:04:fd:4d:63:51:34:47:a4:20:cc:fe:
f8:5c:f7:09:cc:94:a0:39:a4:4e:33:7c:5a:87:2b:b2:46:50:
b0:2b:c3:8e
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAxkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE
MjYwQUE5NzgwHhcNMjQwOTAyMTQ0NDI0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1Y2Y0OC1lOGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Teqst0OB0wkI1f4RwA2NgJ/kX57l9pZM4WEQiopHZZiIeaQDBeTY/XRItoX
N1OQL0IBDDVHfJCAiIlbo0HNXlOeg3o70gBT9y1Oma5jfsmXk1pL9Y+Mp56ffIx4
KsDNv+SQvE2RZyvkEjG90mJmXXmbILQociyWLqbqNmkgbnVtaQmZ/remkUFkhesc
MPqDKWc/UiRcsRKhKNKgqjWYWbB8z83TDhZcbXqzbKjKM1YLABUEmXoZx7pEI6bZ
ce+KJJuWVO1NhSqpgzPqUWtGL8P8gfYUTfeazGM+UvaIi8s/vmd5TCXp9qScZxuz
Nx9lJl8p/zawDu8dmp2Up2g6EwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFB1WNiy2
O//J/68CdfRP6e9SBxagMB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx
RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1N0IvOERBNzI2NDBDMUZBMTFFQ0IzMEVFMjFBQzRGOUFFMDIvNDU3MzVDNDQ2
MDkxMTFFRkJDMjFDMTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAEr5goDBAAr/3UDBABn6xMwDQYJKoZIhvcNAQELBQADggEB
ADP52LJJL2Hq2d88NIw3mbPkU1GB56b3oVigkPJnrjy3+ioM0hh4s9aBsDuwoaR7
u1bSB1HrsHeHfCiZnu7QvVRUDzq18wJk2vqn/vEnVTPytywz78KeleW/r2eC0tpr
O0aJlAAc/uu1rojL8EjvQTT9xpfSSkQhXehjHIJoA3Y+c/T2f4Ec/zthOwL+JvHy
ERWWPvZcw1xbz+wsTqgAnn9ANEphBcfeE4bAmZadu3XXuZnV0+5ehL92No/qK7sp
HwpCu/JNdF2wnQpFr2WxiFM2y7NUBSGKDcO/F44xI4ME/U1jUTRHpCDM/vhc9wnM
lKA5pE4zfFqHK7JGULArw44=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:38 2025 by rpki-client