Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/A510073CA2F611EE8477DC13C4F9AE02.roa
File: A510073CA2F611EE8477DC13C4F9AE02.roa (raw, json)
Hash identifier: S5niyViuXLYG+rcrJQcihmxNYW/64lAOqCylGWrB8rM=
Subject key identifier: 95:EA:EC:FC:D4:1A:DC:D7:DE:AB:87:A4:58:AA:5B:18:FF:07:86:38
Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Certificate serial: 02DC
Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/A510073CA2F611EE8477DC13C4F9AE02.roa
Signing time: Mon 17 Jun 2024 06:02:29 +0000
ROA not before: Mon 17 Jun 2024 06:02:29 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 64021
IP address blocks: 43.255.117.0/24 maxlen: 24
103.235.16.0/23 maxlen: 23
103.235.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jun 2024 08:53:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 732 (0x2dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916557B
Validity
Not Before: Jun 17 06:02:29 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=666fd175-a42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:86:13:f6:bc:97:35:d5:07:59:ac:a0:d8:0c:
48:3d:f6:e3:5b:c8:62:db:b5:69:7b:df:70:8b:1d:
20:dc:82:cd:70:a8:cd:fc:47:d9:04:5f:6f:cf:f7:
69:66:6a:61:15:1d:12:55:15:9c:b5:a3:22:54:db:
32:fd:4a:c5:7f:fa:78:01:c1:ab:42:ae:23:ce:1a:
0e:7d:54:8d:62:93:e0:6d:75:8b:99:96:58:3e:e9:
00:83:bf:4b:1f:22:b4:f0:08:d4:7b:d7:96:91:2e:
a0:70:bc:b3:ca:6e:7e:fe:f8:b5:ec:e4:82:fe:aa:
9f:51:f1:c7:1a:c2:a4:3d:bf:d2:d7:ed:80:40:d9:
25:c4:40:46:3c:02:d2:cd:cc:6d:ff:c7:90:3c:f3:
9f:47:74:14:c9:61:fb:13:c0:cb:e9:86:70:ef:b4:
1a:ef:d9:d0:e4:08:12:5c:e9:17:32:d9:f9:95:84:
e9:a7:ba:85:38:53:63:db:77:f3:9a:e0:79:12:68:
63:ed:49:76:56:09:83:e8:41:36:46:ce:b9:44:aa:
60:8a:76:9f:e2:42:4d:67:c0:b3:a7:fd:ea:20:86:
be:1c:f2:95:62:92:79:7d:ae:c4:4b:81:b9:d0:db:
c9:8b:b2:cf:40:c3:9c:d1:49:aa:cb:37:9e:c9:d9:
cb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EA:EC:FC:D4:1A:DC:D7:DE:AB:87:A4:58:AA:5B:18:FF:07:86:38
X509v3 Authority Key Identifier:
keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/A510073CA2F611EE8477DC13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.117.0/24
103.235.16.0/23
103.235.19.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:89:28:40:33:29:1a:c0:e3:c2:cf:ce:24:14:34:a5:44:f8:
67:d8:d2:60:7a:72:f7:da:31:69:71:b1:4e:e6:2b:c6:d3:01:
68:06:ca:ae:5c:3c:80:72:68:0c:e3:cb:ec:c7:db:14:35:75:
09:51:83:2b:11:0e:b0:f9:73:f2:a9:18:1e:17:10:8d:03:f1:
38:e3:fe:93:4f:01:d3:cd:22:27:e5:8d:6b:5e:2d:b7:7b:57:
1e:a6:d5:15:de:d0:59:dd:67:b4:09:48:18:28:1f:f5:97:eb:
5f:97:27:b7:33:d0:e0:c6:c4:06:80:89:96:16:46:9f:be:3c:
e2:bf:fd:01:e7:1e:01:70:4b:26:a9:ec:18:5a:0a:bb:f9:0c:
64:be:2a:f5:83:3c:e9:6a:3a:05:0e:66:73:9b:72:23:5f:eb:
6a:bf:86:a4:0f:76:b5:b7:c3:db:e5:44:a6:a7:b1:5d:51:ca:
14:f2:13:ed:b3:78:dd:f7:9c:3a:cb:6d:3f:1a:38:c6:1c:63:
05:b2:30:8c:95:12:9c:a5:66:1b:ec:b6:b5:d7:d9:85:8e:60:
57:7b:52:ab:fb:b5:40:4c:67:36:39:fe:39:61:e6:0c:53:16:
bb:46:a6:c8:a0:24:a8:86:3d:1b:65:8a:52:6e:5e:39:04:64:
40:40:08:f3
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAtwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE
MjYwQUE5NzgwHhcNMjQwNjE3MDYwMjI5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZmZDE3NS1hNDJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5oYT9ryXNdUHWayg2AxIPfbjW8hi27Vpe99wix0g3ILNcKjN/EfZBF9vz/dp
ZmphFR0SVRWctaMiVNsy/UrFf/p4AcGrQq4jzhoOfVSNYpPgbXWLmZZYPukAg79L
HyK08AjUe9eWkS6gcLyzym5+/vi17OSC/qqfUfHHGsKkPb/S1+2AQNklxEBGPALS
zcxt/8eQPPOfR3QUyWH7E8DL6YZw77Qa79nQ5AgSXOkXMtn5lYTpp7qFOFNj23fz
muB5Emhj7Ul2VgmD6EE2Rs65RKpginaf4kJNZ8Czp/3qIIa+HPKVYpJ5fa7ES4G5
0NvJi7LPQMOc0UmqyzeeydnL8QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJXq7PzU
GtzX3quHpFiqWxj/B4Y4MB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx
RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1N0IvOERBNzI2NDBDMUZBMTFFQ0IzMEVFMjFBQzRGOUFFMDIvQTUxMDA3M0NB
MkY2MTFFRTg0NzdEQzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr/3UDBAFn6xADBABn6xMwDQYJKoZIhvcNAQELBQADggEB
AF6JKEAzKRrA48LPziQUNKVE+GfY0mB6cvfaMWlxsU7mK8bTAWgGyq5cPIByaAzj
y+zH2xQ1dQlRgysRDrD5c/KpGB4XEI0D8Tjj/pNPAdPNIifljWteLbd7Vx6m1RXe
0FndZ7QJSBgoH/WX61+XJ7cz0ODGxAaAiZYWRp++POK//QHnHgFwSyap7BhaCrv5
DGS+KvWDPOlqOgUOZnObciNf62q/hqQPdrW3w9vlRKansV1RyhTyE+2zeN33nDrL
bT8aOMYcYwWyMIyVEpylZhvstrXX2YWOYFd7Uqv7tUBMZzY5/jlh5gxTFrtGpsig
JKiGPRtlilJuXjkEZEBACPM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:29 2025 by rpki-client