Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/689A48866F4811ED92CB5C4BC4F9AE02.roa
File: 689A48866F4811ED92CB5C4BC4F9AE02.roa (raw, json)
Hash identifier: TwAUI4o/QkJ1TMJyaqfTI8EgEi37lV8ZSj2PE8QC9qA=
Subject key identifier: 3B:A2:6B:8B:F3:5F:6B:9D:89:6C:1D:A8:74:6B:F4:1E:9B:5F:44:58
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: 02BA
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/689A48866F4811ED92CB5C4BC4F9AE02.roa
Signing time: Mon 13 May 2024 04:08:48 +0000
ROA not before: Mon 13 May 2024 04:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49901
IP address blocks: 43.243.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 18:56:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 698 (0x2ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2
Validity
Not Before: May 13 04:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66419250-6159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:90:ea:94:0f:e4:62:d9:a4:ee:5d:12:44:3c:
03:12:b9:f3:9e:c0:6b:bd:88:01:d6:32:55:46:b1:
21:c2:ea:5c:41:30:61:bd:d6:f8:a6:4c:f0:b1:ae:
6f:bd:72:5d:e3:29:23:5d:b6:b1:26:36:e2:76:12:
81:6a:d2:2c:a6:e1:5d:dd:b1:29:01:37:e6:71:0b:
bb:e3:62:12:22:1a:b9:35:56:52:43:14:39:d7:cd:
d6:5e:f4:79:69:0d:43:b8:8f:ce:82:79:c9:17:eb:
d9:1a:06:2c:17:44:d7:e7:8a:1c:00:f1:0e:63:e2:
47:dc:37:40:38:46:ce:d7:ff:25:d4:8a:a2:ce:74:
b5:20:48:5b:c9:1f:48:44:55:21:f1:25:ac:7d:e7:
36:39:08:b9:a5:5f:2d:75:88:0b:7d:71:85:7f:b1:
86:c9:56:da:7e:ac:fd:15:b2:34:9c:7c:24:df:8e:
44:7f:24:62:c1:22:59:9f:55:20:d2:d5:72:af:43:
e8:13:6a:12:c1:88:7a:7f:0a:86:36:06:90:10:d0:
56:49:2d:91:1c:62:85:21:62:7d:99:d2:b8:50:66:
fb:e4:a6:77:42:d7:54:0a:c2:49:9b:df:1a:eb:a0:
18:65:f5:54:5b:ea:3e:5b:17:d1:64:dd:b7:3c:a6:
3a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A2:6B:8B:F3:5F:6B:9D:89:6C:1D:A8:74:6B:F4:1E:9B:5F:44:58
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/689A48866F4811ED92CB5C4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.192.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:c5:9f:1b:7f:e6:ea:d5:6f:9b:0e:be:4d:13:9f:ef:b0:d0:
4e:a8:2e:03:d8:c4:c3:44:a4:9d:d5:98:b9:5a:6a:ce:1b:97:
5b:c3:19:aa:b8:e6:9c:0f:90:d8:2e:8c:3d:91:2e:f4:fb:6b:
22:16:63:bc:15:a6:cc:a7:51:22:40:21:5a:ea:d5:75:65:01:
08:30:43:ba:30:82:83:e4:71:5c:4c:cb:7c:65:14:01:b9:73:
75:b7:e9:5f:8c:90:73:c9:4b:ff:54:f1:23:7a:40:63:87:23:
0c:a8:7e:2e:49:d9:cf:43:0f:ff:a4:a6:24:d4:52:a2:0f:64:
b6:9c:6f:5f:ab:d1:f9:aa:c5:29:09:95:0e:29:8f:b2:63:a1:
be:eb:57:2e:25:e3:76:53:d8:a2:6a:5b:7c:f3:da:67:67:2e:
b7:65:2c:58:cc:19:5d:21:72:30:66:ad:96:f1:d8:40:ba:b8:
ac:a1:c5:ac:e7:4e:a4:80:ed:80:38:c3:85:fe:b7:83:a9:69:
c1:50:0e:35:5e:1c:b6:76:2c:8a:d5:78:48:e2:50:7c:6c:ad:
39:b4:fb:9d:70:07:c9:6f:d5:7d:68:48:b1:7a:e1:b3:fe:72:
b3:b9:c2:b8:84:61:d3:41:a3:8a:84:44:0c:04:10:62:1b:26:
32:13:72:f7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICArowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhBRjIxMTAvBgNVBAUTKDEwMDVDQ0Q1RTE4MjMwRkJBOUFERDNEMjdGODVEQTM4
RjEzRTQxNzIwHhcNMjQwNTEzMDQwODQ4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQxOTI1MC02MTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxZDqlA/kYtmk7l0SRDwDErnznsBrvYgB1jJVRrEhwupcQTBhvdb4pkzwsa5v
vXJd4ykjXbaxJjbidhKBatIspuFd3bEpATfmcQu742ISIhq5NVZSQxQ5183WXvR5
aQ1DuI/OgnnJF+vZGgYsF0TX54ocAPEOY+JH3DdAOEbO1/8l1IqiznS1IEhbyR9I
RFUh8SWsfec2OQi5pV8tdYgLfXGFf7GGyVbafqz9FbI0nHwk345EfyRiwSJZn1Ug
0tVyr0PoE2oSwYh6fwqGNgaQENBWSS2RHGKFIWJ9mdK4UGb75KZ3QtdUCsJJm98a
66AYZfVUW+o+WxfRZN23PKY6gwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDuia4vz
X2udiWwdqHRr9B6bX0RYMB8GA1UdIwQYMBaAFBAFzNXhgjD7qa3T0n+F2jjxPkFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEFGMi83M0M4ODc5MkUw
NjcxMUVDQjlEMkZGODFDNEY5QUUwMi9FQVhNMWVHQ01QdXByZFBTZjRYYU9QRS1R
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhBRjIvNzNDODg3OTJFMDY3MTFFQ0I5RDJGRjgxQzRGOUFFMDIvNjg5QTQ4ODY2
RjQ4MTFFRDkyQ0I1QzRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr88AwDQYJKoZIhvcNAQELBQADggEBALPFnxt/5urVb5sO
vk0Tn++w0E6oLgPYxMNEpJ3VmLlaas4bl1vDGaq45pwPkNgujD2RLvT7ayIWY7wV
psynUSJAIVrq1XVlAQgwQ7owgoPkcVxMy3xlFAG5c3W36V+MkHPJS/9U8SN6QGOH
Iwyofi5J2c9DD/+kpiTUUqIPZLacb1+r0fmqxSkJlQ4pj7Jjob7rVy4l43ZT2KJq
W3zz2mdnLrdlLFjMGV0hcjBmrZbx2EC6uKyhxaznTqSA7YA4w4X+t4OpacFQDjVe
HLZ2LIrVeEjiUHxsrTm0+51wB8lv1X1oSLF64bP+crO5wriEYdNBo4qERAwEEGIb
JjITcvc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:20 2025 by rpki-client