Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/E84959666DB511EEB8995773C4F9AE02.roa
File: E84959666DB511EEB8995773C4F9AE02.roa (raw, json)
Hash identifier: ibipLhA/eXqI4NoV6D1KPYHknegLe+tQDBXrkmkKRRo=
Subject key identifier: C8:DE:2B:40:6F:39:9B:66:64:97:41:66:E1:05:83:AD:C5:70:A2:F1
Certificate issuer: /CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Certificate serial: 32
Authority key identifier: E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/E84959666DB511EEB8995773C4F9AE02.roa
Signing time: Wed 18 Oct 2023 12:57:35 +0000
ROA not before: Wed 18 Oct 2023 12:57:35 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 133320
IP address blocks: 45.118.9.0/24 maxlen: 24
103.58.41.0/24 maxlen: 24
2001:df6:a900::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Apr 2024 06:18:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50 (0x32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Validity
Not Before: Oct 18 12:57:35 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=652fd63f-7cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cd:aa:6e:16:cb:fd:c3:88:fb:31:b9:6b:60:
ff:0f:12:b4:7a:91:19:48:53:1c:c8:19:42:51:e5:
d9:81:06:94:86:e7:18:c8:42:fd:8e:e9:1f:a0:19:
4f:a8:09:4e:ef:54:99:93:9f:e3:50:03:43:be:71:
48:ff:37:4d:39:43:94:38:cb:0c:df:5b:ad:f7:4a:
0f:cc:f8:44:39:c9:90:6b:ef:17:1a:94:97:98:12:
06:e3:46:ec:d8:67:04:1d:07:9a:dd:b0:60:30:db:
7d:98:93:20:c2:c8:d9:7d:a1:c8:3e:fb:21:14:73:
6a:77:b2:95:2c:7b:da:12:75:55:df:e6:06:19:f5:
ee:75:f3:9e:16:ab:90:91:08:2a:a5:81:5c:58:76:
1a:0d:3a:4a:6b:4e:ad:0f:09:9f:db:a2:03:85:28:
1a:15:4d:82:c5:5e:f9:cc:8c:1e:67:24:aa:98:e9:
c0:08:89:80:a9:5f:d1:95:29:79:7c:4f:c5:d7:4b:
96:68:84:62:80:5b:f5:0f:03:0c:2a:c5:69:7f:a5:
af:d5:b3:78:a7:ad:9e:9d:16:e8:d3:bb:17:6e:f1:
53:9e:6c:ff:2d:75:62:aa:e3:c8:f5:0b:a3:33:d0:
84:aa:e2:6d:d9:8e:67:26:95:45:f0:a8:d3:7d:d3:
1d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DE:2B:40:6F:39:9B:66:64:97:41:66:E1:05:83:AD:C5:70:A2:F1
X509v3 Authority Key Identifier:
keyid:E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/E84959666DB511EEB8995773C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.9.0/24
103.58.41.0/24
IPv6:
2001:df6:a900::/48
Signature Algorithm: sha256WithRSAEncryption
20:c0:cf:89:66:cd:15:ee:1e:42:93:95:74:0e:cb:09:84:88:
2e:3c:53:3a:98:af:2d:74:03:48:b3:9d:e7:35:d8:43:67:9f:
1e:c1:dd:60:f8:a3:d1:c8:c7:4b:4d:8b:5c:4a:6e:e2:5d:6c:
8b:cf:8a:9c:24:69:52:ae:18:5f:2f:77:e9:78:29:f5:11:45:
af:dc:7d:8f:a6:98:d3:3c:c2:ee:f7:83:7c:e3:58:a9:a6:d9:
bb:ef:94:ef:8c:cc:72:7e:08:2e:47:3a:92:62:bb:7b:9d:ae:
fe:2a:ee:e9:fd:8a:31:7e:e2:40:71:42:36:9d:47:14:aa:b5:
fa:69:a2:2f:27:5a:75:01:57:5a:ab:d2:55:c4:98:b1:b4:3f:
a3:90:aa:b4:f6:68:02:e0:32:8f:d1:d7:5f:c0:8f:9a:e0:fe:
c2:fd:65:39:59:55:5e:52:f9:40:88:06:2b:4c:05:8b:60:f7:
62:73:8e:47:70:03:5d:86:cc:f7:f7:9e:8a:ca:4e:12:73:99:
2b:80:0a:10:c7:d0:c8:79:a5:ce:5b:cd:ca:6b:d1:6a:57:ad:
f7:5a:be:46:36:ca:65:7a:bc:13:0c:35:f2:af:50:67:b1:d6:
87:d9:5c:2c:f1:6b:67:9b:73:ad:27:23:98:3b:33:60:3d:58:
d0:9b:de:8d
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBMjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NTlFNTExMC8GA1UEBRMoRTQ3QkY3MDI1NDUzMjY5N0QyMEQwRDMxMTBGNjI1Mzcw
RDY1RkE4MzAeFw0yMzEwMTgxMjU3MzVaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MmZkNjNmLTdjYWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCezapuFsv9w4j7MblrYP8PErR6kRlIUxzIGUJR5dmBBpSG5xjIQv2O6R+gGU+o
CU7vVJmTn+NQA0O+cUj/N005Q5Q4ywzfW633Sg/M+EQ5yZBr7xcalJeYEgbjRuzY
ZwQdB5rdsGAw232YkyDCyNl9ocg++yEUc2p3spUse9oSdVXf5gYZ9e51854Wq5CR
CCqlgVxYdhoNOkprTq0PCZ/bogOFKBoVTYLFXvnMjB5nJKqY6cAIiYCpX9GVKXl8
T8XXS5ZohGKAW/UPAwwqxWl/pa/Vs3inrZ6dFujTuxdu8VOebP8tdWKq48j1C6Mz
0ISq4m3ZjmcmlUXwqNN90x1bAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUyN4rQG85
m2Zkl0Fm4QWDrcVwovEwHwYDVR0jBBgwFoAU5Hv3AlRTJpfSDQ0xEPYlNw1l+oMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI1OUU1L0REOUYxRjdDM0Mw
MTExRUU5MUNCRTE1N0M0RjlBRTAyLzVIdjNBbFJUSnBmU0RRMHhFUFlsTncxbC1v
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNUh2M0FsUlRKcGZTRFEweEVQWWxOdzFsLW9NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NTlFNS9ERDlGMUY3QzNDMDExMUVFOTFDQkUxNTdDNEY5QUUwMi9FODQ5NTk2NjZE
QjUxMUVFQjg5OTU3NzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn
MCUwEgQCAAEwDAMEAC12CQMEAGc6KTAPBAIAAjAJAwcAIAEN9qkAMA0GCSqGSIb3
DQEBCwUAA4IBAQAgwM+JZs0V7h5Ck5V0DssJhIguPFM6mK8tdANIs53nNdhDZ58e
wd1g+KPRyMdLTYtcSm7iXWyLz4qcJGlSrhhfL3fpeCn1EUWv3H2PppjTPMLu94N8
41ipptm775TvjMxyfgguRzqSYrt7na7+Ku7p/YoxfuJAcUI2nUcUqrX6aaIvJ1p1
AVdaq9JVxJixtD+jkKq09mgC4DKP0ddfwI+a4P7C/WU5WVVeUvlAiAYrTAWLYPdi
c45HcANdhsz3956Kyk4Sc5krgAoQx9DIeaXOW83Ka9FqV633Wr5GNsplerwTDDXy
r1BnsdaH2Vws8Wtnm3OtJyOYOzNgPVjQm96N
-----END CERTIFICATE-----
Generated at Tue Apr 16 08:59:27 2024 by rpki-client on console-ams.rpki-client.org