Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/66B96D9EA83A11EFA4FE4D0CC4F9AE02.roa
File: 66B96D9EA83A11EFA4FE4D0CC4F9AE02.roa (raw, json)
Hash identifier: tCPK4SFEKr5SOGiSiILaz9pf0fbHhhY8rNfPQGofUaw=
Subject key identifier: BA:22:59:36:7D:9C:8A:36:E2:A6:F3:CC:53:31:04:30:39:23:4C:8C
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: 033E
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/66B96D9EA83A11EFA4FE4D0CC4F9AE02.roa
Signing time: Thu 21 Nov 2024 18:57:06 +0000
ROA not before: Thu 21 Nov 2024 18:57:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 43.243.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 06:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 830 (0x33e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2
Validity
Not Before: Nov 21 18:57:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=673f8281-bb32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dd:89:9a:e6:c8:0f:af:df:d0:34:2d:60:c3:
34:85:c0:3f:f9:b0:00:d4:01:ee:d4:14:4f:35:5d:
53:bc:91:ec:e4:dd:b8:16:31:9e:14:00:fb:ac:45:
55:5d:cf:e6:a4:11:84:2a:66:76:85:57:9c:5f:c8:
bb:8d:42:8d:4a:1f:e3:f5:17:24:cb:39:a9:d6:69:
83:4a:a9:c6:1a:1d:7a:ca:e3:72:20:70:aa:ff:6e:
3d:5d:a9:0e:f3:56:3f:bd:6c:20:46:af:5d:e5:02:
21:8a:19:46:1f:7f:12:bb:58:13:fc:81:8a:7c:9a:
14:fe:28:25:84:b1:5a:63:0f:01:bf:ff:0d:f6:df:
cb:30:b6:f0:43:a8:81:77:34:67:0a:39:fc:4f:80:
4e:68:fb:f1:ed:a7:2f:ab:e4:49:aa:50:f6:46:89:
b3:73:7a:59:08:20:bd:5a:2c:29:ac:65:78:85:dc:
df:6d:70:e9:b8:65:e3:0e:fc:c0:85:c6:8b:7c:32:
0c:90:c6:6c:bc:cb:8d:eb:ef:2d:0f:09:a9:8f:f5:
a4:9c:fc:4e:0f:c1:73:b9:9c:60:57:3e:61:24:e8:
22:0d:22:78:d6:9e:90:cd:37:31:62:c6:e2:e3:fa:
73:25:45:2e:7e:80:c8:c5:52:6c:00:80:92:6f:70:
14:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:22:59:36:7D:9C:8A:36:E2:A6:F3:CC:53:31:04:30:39:23:4C:8C
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/66B96D9EA83A11EFA4FE4D0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.192.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:d3:e2:f1:d3:7d:60:69:3b:c6:53:eb:f6:ec:3a:04:f1:25:
6d:fe:b0:d8:a0:74:a6:c5:68:18:35:d5:70:6a:51:19:27:fe:
26:9d:a4:cd:b0:b7:7a:f4:5d:2b:46:32:71:6b:32:2a:f8:4b:
d1:c2:83:4c:17:e3:f0:76:33:7d:06:cf:89:dd:0b:5c:0e:c1:
c4:90:0b:8e:fa:dc:bc:a0:b0:d6:b3:68:b1:59:48:ef:1a:3f:
82:cf:15:eb:a4:de:07:73:ce:c9:8e:05:87:11:46:b3:89:18:
27:54:8f:3c:21:20:39:69:8f:a2:56:2c:c9:16:ea:37:07:23:
d3:9f:eb:8e:81:5c:7a:cd:70:2b:23:ae:41:98:0d:85:d9:9a:
cb:ff:34:98:f1:70:88:8b:b0:8a:d4:f6:f4:3a:94:f5:14:8c:
94:7d:7b:22:c4:88:b7:f0:45:2a:ca:1c:9e:6a:36:1d:f3:be:
63:86:62:aa:9a:0d:f3:58:8c:1a:d9:c1:9c:2d:fc:78:34:1c:
f5:c3:72:e7:d1:14:10:0c:26:ad:11:15:65:25:80:ee:bb:50:
1e:c6:47:48:a8:3e:74:06:37:15:21:28:42:11:56:21:0c:ce:
c2:b4:36:99:89:48:bf:2b:c9:67:3f:4b:20:cc:9b:f8:29:47:
26:e3:2c:ed
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhBRjIxMTAvBgNVBAUTKDEwMDVDQ0Q1RTE4MjMwRkJBOUFERDNEMjdGODVEQTM4
RjEzRTQxNzIwHhcNMjQxMTIxMTg1NzA2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNmODI4MS1iYjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs92JmubID6/f0DQtYMM0hcA/+bAA1AHu1BRPNV1TvJHs5N24FjGeFAD7rEVV
Xc/mpBGEKmZ2hVecX8i7jUKNSh/j9Rckyzmp1mmDSqnGGh16yuNyIHCq/249XakO
81Y/vWwgRq9d5QIhihlGH38Su1gT/IGKfJoU/iglhLFaYw8Bv/8N9t/LMLbwQ6iB
dzRnCjn8T4BOaPvx7acvq+RJqlD2Romzc3pZCCC9WiwprGV4hdzfbXDpuGXjDvzA
hcaLfDIMkMZsvMuN6+8tDwmpj/WknPxOD8FzuZxgVz5hJOgiDSJ41p6QzTcxYsbi
4/pzJUUufoDIxVJsAICSb3AUuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLoiWTZ9
nIo24qbzzFMxBDA5I0yMMB8GA1UdIwQYMBaAFBAFzNXhgjD7qa3T0n+F2jjxPkFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEFGMi83M0M4ODc5MkUw
NjcxMUVDQjlEMkZGODFDNEY5QUUwMi9FQVhNMWVHQ01QdXByZFBTZjRYYU9QRS1R
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhBRjIvNzNDODg3OTJFMDY3MTFFQ0I5RDJGRjgxQzRGOUFFMDIvNjZCOTZEOUVB
ODNBMTFFRkE0RkU0RDBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr88AwDQYJKoZIhvcNAQELBQADggEBAC/T4vHTfWBpO8ZT
6/bsOgTxJW3+sNigdKbFaBg11XBqURkn/iadpM2wt3r0XStGMnFrMir4S9HCg0wX
4/B2M30Gz4ndC1wOwcSQC4763LygsNazaLFZSO8aP4LPFeuk3gdzzsmOBYcRRrOJ
GCdUjzwhIDlpj6JWLMkW6jcHI9Of646BXHrNcCsjrkGYDYXZmsv/NJjxcIiLsIrU
9vQ6lPUUjJR9eyLEiLfwRSrKHJ5qNh3zvmOGYqqaDfNYjBrZwZwt/Hg0HPXDcufR
FBAMJq0RFWUlgO67UB7GR0ioPnQGNxUhKEIRViEMzsK0NpmJSL8ryWc/SyDMm/gp
RybjLO0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:05:34 2025 by rpki-client