Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/65D2D96A701811EFB7E9252EC4F9AE02.roa
File: 65D2D96A701811EFB7E9252EC4F9AE02.roa (raw, json)
Hash identifier: 123LM7LcRpGrCFpo5JsUje17yYIFw4wthvHPyU5M8X8=
Subject key identifier: CF:4A:90:9D:53:F5:C2:DE:49:0C:F2:7D:64:ED:0C:CD:44:13:31:BA
Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Certificate serial: 034B
Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/65D2D96A701811EFB7E9252EC4F9AE02.roa
Signing time: Wed 11 Sep 2024 08:32:36 +0000
ROA not before: Wed 11 Sep 2024 08:32:36 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137263
IP address blocks: 43.230.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 06:53:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 843 (0x34b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916557B
Validity
Not Before: Sep 11 08:32:36 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66e155a4-29d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:10:12:4d:c1:07:23:9b:fd:74:d9:90:a0:41:
ae:fc:5e:6e:ce:2f:69:9e:de:38:a8:6d:36:60:db:
70:29:a9:d5:af:19:9b:c7:38:52:1e:da:ba:03:cd:
73:f3:d8:b0:5e:74:31:94:26:c9:02:ca:37:d8:3c:
3e:bf:14:3f:0c:f9:1a:57:27:c8:33:ab:fc:df:c3:
5f:94:8b:a2:75:97:5e:cc:87:3d:28:1d:d3:e5:d2:
0c:80:12:5a:ee:f0:58:ae:57:77:ee:13:0a:65:7e:
66:52:64:b9:ad:68:79:57:24:8e:ee:31:e8:fc:9d:
b8:5d:5c:80:81:4c:ec:46:55:45:8d:23:f8:7b:e6:
66:97:03:5c:7d:49:64:a9:ff:bf:ec:88:f4:12:31:
21:9a:c5:db:23:6d:ae:69:ee:d8:04:28:bc:97:19:
37:a5:ee:d8:2a:4a:1b:fa:a3:2b:dc:ca:fe:ed:12:
d7:3b:5d:64:24:78:f1:93:a4:35:e7:ff:bf:74:79:
b2:c8:9f:db:a9:5e:7a:d4:17:4e:10:3a:1e:31:bd:
9b:8b:3b:93:8a:a8:ab:12:b9:d9:fc:57:c7:88:1e:
be:2a:ee:ea:90:ee:0b:c6:55:e6:79:1c:96:cb:41:
1e:a8:36:e8:33:ec:48:5c:59:3d:8b:18:ab:80:7e:
77:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4A:90:9D:53:F5:C2:DE:49:0C:F2:7D:64:ED:0C:CD:44:13:31:BA
X509v3 Authority Key Identifier:
keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/65D2D96A701811EFB7E9252EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.10.0/24
Signature Algorithm: sha256WithRSAEncryption
33:d3:6e:e3:80:43:51:40:f6:04:19:89:2c:54:e3:33:d9:c9:
4a:15:78:d2:6a:81:db:35:60:9d:cf:dc:59:4e:58:e9:1e:35:
8d:fc:b1:73:c4:8d:7e:b4:57:04:8b:90:1f:e2:17:77:7c:26:
19:78:7f:d9:c1:0a:9e:bc:33:f8:24:85:00:c8:7e:36:db:3d:
59:01:6b:68:b4:6f:c5:31:67:ee:da:cb:b2:5e:94:f2:ea:f4:
fa:77:64:67:ab:a3:ab:61:75:4c:3f:31:9d:10:ee:41:2d:47:
25:77:c3:1f:f4:0e:3c:2f:6b:d6:d3:ad:b6:81:aa:3e:18:63:
9c:dd:60:16:6e:4f:fb:64:49:a1:e7:3d:8f:ce:ee:78:c4:5d:
22:b2:36:51:42:04:cc:76:ad:df:27:1b:5b:60:60:56:0f:f4:
ed:d3:35:44:b2:6b:63:2f:19:12:d0:1f:96:96:d1:92:37:c1:
3c:7f:81:4c:9b:a7:f5:34:6b:ea:7f:34:5a:5f:b5:cc:7e:52:
66:8e:0c:9f:47:a5:a4:6c:62:71:1a:2a:5c:3a:80:3a:1d:b6:
db:e5:68:fc:ea:15:75:1a:cc:70:1e:04:ec:f5:a0:73:e2:d3:
9b:23:3f:ce:7b:d6:b5:e4:17:b1:7e:9e:35:95:0f:9b:f8:f1:
2f:8c:4d:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA0swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE
MjYwQUE5NzgwHhcNMjQwOTExMDgzMjM2WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUxNTVhNC0yOWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwhASTcEHI5v9dNmQoEGu/F5uzi9pnt44qG02YNtwKanVrxmbxzhSHtq6A81z
89iwXnQxlCbJAso32Dw+vxQ/DPkaVyfIM6v838NflIuidZdezIc9KB3T5dIMgBJa
7vBYrld37hMKZX5mUmS5rWh5VySO7jHo/J24XVyAgUzsRlVFjSP4e+ZmlwNcfUlk
qf+/7Ij0EjEhmsXbI22uae7YBCi8lxk3pe7YKkob+qMr3Mr+7RLXO11kJHjxk6Q1
5/+/dHmyyJ/bqV561BdOEDoeMb2bizuTiqirErnZ/FfHiB6+Ku7qkO4LxlXmeRyW
y0EeqDboM+xIXFk9ixirgH53tQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM9KkJ1T
9cLeSQzyfWTtDM1EEzG6MB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx
RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1N0IvOERBNzI2NDBDMUZBMTFFQ0IzMEVFMjFBQzRGOUFFMDIvNjVEMkQ5NkE3
MDE4MTFFRkI3RTkyNTJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr5gowDQYJKoZIhvcNAQELBQADggEBADPTbuOAQ1FA9gQZ
iSxU4zPZyUoVeNJqgds1YJ3P3FlOWOkeNY38sXPEjX60VwSLkB/iF3d8Jhl4f9nB
Cp68M/gkhQDIfjbbPVkBa2i0b8UxZ+7ay7JelPLq9Pp3ZGero6thdUw/MZ0Q7kEt
RyV3wx/0Djwva9bTrbaBqj4YY5zdYBZuT/tkSaHnPY/O7njEXSKyNlFCBMx2rd8n
G1tgYFYP9O3TNUSya2MvGRLQH5aW0ZI3wTx/gUybp/U0a+p/NFpftcx+UmaODJ9H
paRsYnEaKlw6gDodttvlaPzqFXUazHAeBOz1oHPi05sjP8571rXkF7F+njWVD5v4
8S+MTcU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:15 2025 by rpki-client