Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/BCD1B792ED3011EE9B8FE115C4F9AE02.roa
File: BCD1B792ED3011EE9B8FE115C4F9AE02.roa (raw, json)
Hash identifier: LcekmAOG2LWrt8nwTDfz2tfe7x/FZF9jRHZ7HjWwGLE=
Subject key identifier: B1:8C:FC:78:AA:FA:79:FA:E6:ED:6E:9E:A9:CE:49:56:7B:7E:EE:77
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: 02C8
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/BCD1B792ED3011EE9B8FE115C4F9AE02.roa
Signing time: Wed 29 May 2024 06:52:31 +0000
ROA not before: Wed 29 May 2024 06:52:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 43.243.193.0/24 maxlen: 24
45.113.82.0/24 maxlen: 24
103.229.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 23:03:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 712 (0x2c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2
Validity
Not Before: May 29 06:52:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6656d0ae-966d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4f:2d:e7:e1:60:3e:1d:41:f3:65:8c:7d:c1:
cc:8c:d5:af:9e:d9:08:d3:d8:e6:2e:87:0b:a3:ab:
95:d5:6f:e9:28:ff:44:4e:55:0f:2a:e1:fe:58:0a:
06:fa:69:00:a0:2f:77:60:8a:4a:69:34:84:37:de:
35:97:01:ec:b4:43:eb:cd:ea:9a:39:67:14:a1:c2:
c7:f8:c7:77:23:37:d0:85:3f:c3:8d:da:99:a6:9d:
7a:4b:d5:8a:c2:3f:7d:cc:85:9b:b3:60:ac:ba:21:
14:a1:68:ff:35:e6:b1:31:95:0d:bd:16:27:f0:2c:
da:3f:48:b5:91:67:b9:08:de:2a:71:ce:0c:8b:ee:
8e:ec:98:1b:83:4b:df:5a:cb:ce:e9:78:99:4c:99:
95:38:45:50:d3:2d:e8:36:fb:37:bf:00:64:7e:d5:
ee:80:4a:73:ee:1f:75:46:29:04:4e:3e:ba:ef:1f:
2e:79:cf:b0:2f:f1:9a:b5:73:5f:c9:84:c3:eb:d5:
d1:7c:f2:bf:12:30:17:59:37:32:a5:67:6e:e8:ce:
93:80:bc:c5:1b:84:4c:35:51:ff:83:8a:82:15:51:
3a:83:4a:71:04:da:4b:52:0a:9b:29:79:e2:a2:9f:
95:cb:4f:24:2c:72:fb:f0:99:c5:36:c5:0c:50:2c:
8a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8C:FC:78:AA:FA:79:FA:E6:ED:6E:9E:A9:CE:49:56:7B:7E:EE:77
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/BCD1B792ED3011EE9B8FE115C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.193.0/24
45.113.82.0/24
103.229.118.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:d9:26:1a:d0:c6:f8:1e:10:35:ba:60:1c:67:8d:19:f7:11:
5f:22:7a:4d:4c:61:79:d0:37:0a:9d:af:0f:a5:aa:be:4b:99:
19:ed:70:08:33:e1:50:f7:8f:49:7b:5e:e3:c1:69:9b:63:a9:
ff:6d:75:65:53:e5:5a:d8:fc:6d:ad:9f:ca:e1:c1:49:56:0c:
cd:7c:09:77:8f:1e:b5:48:69:f9:13:56:08:26:b5:a5:7b:b3:
3d:2a:d0:0c:9b:ca:fa:7e:b5:23:c0:46:db:4e:0a:8f:ee:78:
b5:94:f9:18:2d:69:1d:5c:8b:15:b3:1c:04:76:49:95:41:38:
e5:77:6a:b8:5a:c4:d5:49:0e:1a:da:42:9e:0e:d9:cf:09:37:
51:58:71:cd:0d:5f:5a:6c:4c:60:e2:85:7b:ec:f4:0a:2d:a5:
44:4b:fc:8d:49:0b:b0:4d:5a:ef:3c:38:1e:87:6b:8a:31:2d:
8b:c6:50:8c:23:ce:e2:4f:8e:ac:37:b5:7e:81:7b:2c:b4:17:
0c:6f:79:51:4c:70:42:c2:df:58:8a:4c:12:be:45:ca:37:27:
ca:d6:fa:a7:99:39:a1:09:33:28:e6:df:dc:c9:13:05:12:1a:
cf:e3:9e:c4:32:7d:b7:7e:bd:1e:18:37:ea:23:2c:d6:7f:e9:
02:fa:41:e3
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAsgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhBRjIxMTAvBgNVBAUTKDEwMDVDQ0Q1RTE4MjMwRkJBOUFERDNEMjdGODVEQTM4
RjEzRTQxNzIwHhcNMjQwNTI5MDY1MjMxWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU2ZDBhZS05NjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwE8t5+FgPh1B82WMfcHMjNWvntkI09jmLocLo6uV1W/pKP9ETlUPKuH+WAoG
+mkAoC93YIpKaTSEN941lwHstEPrzeqaOWcUocLH+Md3IzfQhT/DjdqZpp16S9WK
wj99zIWbs2CsuiEUoWj/NeaxMZUNvRYn8CzaP0i1kWe5CN4qcc4Mi+6O7Jgbg0vf
WsvO6XiZTJmVOEVQ0y3oNvs3vwBkftXugEpz7h91RikETj667x8uec+wL/GatXNf
yYTD69XRfPK/EjAXWTcypWdu6M6TgLzFG4RMNVH/g4qCFVE6g0pxBNpLUgqbKXni
op+Vy08kLHL78JnFNsUMUCyKSwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFLGM/Hiq
+nn65u1unqnOSVZ7fu53MB8GA1UdIwQYMBaAFBAFzNXhgjD7qa3T0n+F2jjxPkFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEFGMi83M0M4ODc5MkUw
NjcxMUVDQjlEMkZGODFDNEY5QUUwMi9FQVhNMWVHQ01QdXByZFBTZjRYYU9QRS1R
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhBRjIvNzNDODg3OTJFMDY3MTFFQ0I5RDJGRjgxQzRGOUFFMDIvQkNEMUI3OTJF
RDMwMTFFRTlCOEZFMTE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr88EDBAAtcVIDBABn5XYwDQYJKoZIhvcNAQELBQADggEB
ALfZJhrQxvgeEDW6YBxnjRn3EV8iek1MYXnQNwqdrw+lqr5LmRntcAgz4VD3j0l7
XuPBaZtjqf9tdWVT5VrY/G2tn8rhwUlWDM18CXePHrVIafkTVggmtaV7sz0q0Ayb
yvp+tSPARttOCo/ueLWU+RgtaR1cixWzHAR2SZVBOOV3arhaxNVJDhraQp4O2c8J
N1FYcc0NX1psTGDihXvs9AotpURL/I1JC7BNWu88OB6Ha4oxLYvGUIwjzuJPjqw3
tX6Beyy0FwxveVFMcELC31iKTBK+Rco3J8rW+qeZOaEJMyjm39zJEwUSGs/jnsQy
fbd+vR4YN+ojLNZ/6QL6QeM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:35 2025 by rpki-client