Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/DB19B5C6A55311EEA1AB8929C4F9AE02.roa
File: DB19B5C6A55311EEA1AB8929C4F9AE02.roa (raw, json)
Hash identifier: v3U7BzJ9E6QTA40/Yg7nXonk/T0NrFYaiHAFrNqr4FE=
Subject key identifier: D6:45:1D:B5:D1:D4:64:05:F7:FF:3A:AC:7D:A5:25:BB:56:7E:CC:F6
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: 023E
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/DB19B5C6A55311EEA1AB8929C4F9AE02.roa
Signing time: Thu 28 Dec 2023 07:36:47 +0000
ROA not before: Thu 28 Dec 2023 07:36:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 43.243.193.0/24 maxlen: 24
45.113.82.0/24 maxlen: 24
103.229.116.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 574 (0x23e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Validity
Not Before: Dec 28 07:36:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=658d258f-ac92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6f:e7:4c:92:1e:01:2f:69:5c:cd:a7:9c:95:
98:31:e5:63:86:96:45:ca:b0:51:9a:56:79:38:08:
f2:b7:e4:0b:ea:fe:af:07:7e:89:47:d6:eb:0d:b7:
71:66:64:13:d2:87:4a:c5:28:57:18:d7:aa:1b:73:
9f:65:e7:71:44:b1:4b:9d:5b:78:04:a9:9e:c3:4a:
ef:0f:f0:77:6a:e6:a5:c2:b0:f4:bf:42:50:09:83:
45:3c:7e:00:fa:09:a2:34:6a:b8:b5:69:26:a4:30:
89:6d:58:bd:d3:41:15:7d:1f:dc:3d:52:81:98:96:
ea:53:7c:cd:f3:1c:8b:ff:3d:ea:ba:47:c3:e1:a4:
e5:1f:87:a0:48:3f:f5:73:b9:fb:0a:0b:c8:3e:22:
fa:f3:7b:3c:24:3c:57:93:26:df:cd:dd:b3:6c:d4:
0c:3b:ab:4a:01:1f:2f:0d:dd:49:3b:87:ed:a1:6e:
f2:a4:5e:af:00:cd:29:85:f8:97:8b:56:28:3e:c4:
ce:24:29:9c:9b:4b:46:7a:db:30:99:f9:a4:7f:30:
0f:a9:1c:1e:cc:6e:d5:29:da:cd:b4:80:66:d7:10:
18:b3:3a:bc:be:a0:6c:46:ea:27:69:97:28:08:c1:
18:ce:32:09:cb:14:66:72:0a:80:b7:5d:42:b1:fa:
0b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:45:1D:B5:D1:D4:64:05:F7:FF:3A:AC:7D:A5:25:BB:56:7E:CC:F6
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/DB19B5C6A55311EEA1AB8929C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.193.0/24
45.113.82.0/24
103.229.116.0/24
Signature Algorithm: sha256WithRSAEncryption
96:13:52:03:0b:f6:78:00:84:2d:5b:0f:d9:47:19:9f:63:d8:
1b:e5:5d:f5:31:7b:d0:48:3b:52:ad:39:3c:be:76:47:5b:5b:
8b:fb:fc:15:9c:62:12:9f:f5:11:02:35:96:dc:7b:40:3c:eb:
58:d6:c0:ba:99:99:6f:96:bb:e5:db:bd:55:a2:cb:8b:5a:43:
a1:f4:6e:31:26:c5:1a:eb:53:d3:ed:88:c7:e3:d3:22:47:aa:
58:86:2f:56:32:ef:09:76:dc:24:e0:b7:4d:51:21:e3:b4:ca:
98:40:95:49:0b:8a:b7:84:15:9e:6c:a4:c4:48:99:32:47:83:
6d:94:5a:61:a7:d1:db:40:eb:48:72:82:dd:a9:0a:3c:c6:5b:
42:5a:b1:3e:77:2f:1b:6a:19:6f:65:99:a8:d7:0e:de:0e:55:
cb:2c:02:35:3b:59:ff:b5:d3:ed:dc:4b:09:e3:8f:ec:49:53:
8b:9f:3e:64:3b:dd:c4:ea:a0:02:94:d7:8b:94:7d:65:19:15:
5b:fc:ba:a1:71:29:c1:8a:be:82:04:66:8c:22:77:88:1d:83:
48:a8:65:3b:ef:9d:7d:66:61:dc:90:51:f8:18:fc:97:84:fd:
97:ff:19:51:d0:52:7d:a0:0a:17:48:e1:91:36:e4:dd:52:60:
5b:38:e0:cd
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAj4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhBRjIxMTAvBgNVBAUTKDEwMDVDQ0Q1RTE4MjMwRkJBOUFERDNEMjdGODVEQTM4
RjEzRTQxNzIwHhcNMjMxMjI4MDczNjQ3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThkMjU4Zi1hYzkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu2/nTJIeAS9pXM2nnJWYMeVjhpZFyrBRmlZ5OAjyt+QL6v6vB36JR9brDbdx
ZmQT0odKxShXGNeqG3OfZedxRLFLnVt4BKmew0rvD/B3aualwrD0v0JQCYNFPH4A
+gmiNGq4tWkmpDCJbVi900EVfR/cPVKBmJbqU3zN8xyL/z3qukfD4aTlH4egSD/1
c7n7CgvIPiL683s8JDxXkybfzd2zbNQMO6tKAR8vDd1JO4ftoW7ypF6vAM0phfiX
i1YoPsTOJCmcm0tGetswmfmkfzAPqRwezG7VKdrNtIBm1xAYszq8vqBsRuonaZco
CMEYzjIJyxRmcgqAt11CsfoLDwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNZFHbXR
1GQF9/86rH2lJbtWfsz2MB8GA1UdIwQYMBaAFBAFzNXhgjD7qa3T0n+F2jjxPkFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEFGMi83M0M4ODc5MkUw
NjcxMUVDQjlEMkZGODFDNEY5QUUwMi9FQVhNMWVHQ01QdXByZFBTZjRYYU9QRS1R
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhBRjIvNzNDODg3OTJFMDY3MTFFQ0I5RDJGRjgxQzRGOUFFMDIvREIxOUI1QzZB
NTUzMTFFRUExQUI4OTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr88EDBAAtcVIDBABn5XQwDQYJKoZIhvcNAQELBQADggEB
AJYTUgML9ngAhC1bD9lHGZ9j2BvlXfUxe9BIO1KtOTy+dkdbW4v7/BWcYhKf9REC
NZbce0A861jWwLqZmW+Wu+XbvVWiy4taQ6H0bjEmxRrrU9PtiMfj0yJHqliGL1Yy
7wl23CTgt01RIeO0yphAlUkLireEFZ5spMRImTJHg22UWmGn0dtA60hygt2pCjzG
W0JasT53LxtqGW9lmajXDt4OVcssAjU7Wf+10+3cSwnjj+xJU4ufPmQ73cTqoAKU
14uUfWUZFVv8uqFxKcGKvoIEZowid4gdg0ioZTvvnX1mYdyQUfgY/JeE/Zf/GVHQ
Un2gChdI4ZE25N1SYFs44M0=
-----END CERTIFICATE-----
Generated at Fri Jan 5 00:14:24 2024 by rpki-client on console-fra.rpki-client.org