Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/226011B411BF11EFAAAD681EC4F9AE02.roa
File: 226011B411BF11EFAAAD681EC4F9AE02.roa (raw, json)
Hash identifier: QvNFQZPQo2AB888JVogaRDYWHQA+tf9XIOxOyjGFRNY=
Subject key identifier: A0:EC:1F:B4:8F:0B:28:33:3E:37:1B:DD:DD:07:78:5F:33:3E:6C:68
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0BEE
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/226011B411BF11EFAAAD681EC4F9AE02.roa
Signing time: Wed 15 May 2024 09:09:31 +0000
ROA not before: Wed 15 May 2024 09:09:31 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 43260
IP address blocks: 59.152.60.0/24 maxlen: 24
59.152.61.0/24 maxlen: 24
59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
103.205.180.0/24 maxlen: 24
103.205.181.0/24 maxlen: 24
103.205.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 May 2024 11:56:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3054 (0xbee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: May 15 09:09:31 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66447bca-3316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f2:2b:14:8c:ae:10:89:36:6b:55:50:c2:d2:
76:1a:55:b1:50:33:0e:ad:e2:25:59:79:46:bc:59:
0c:89:01:40:1a:3e:e7:9a:5c:60:ea:c8:cb:8e:dd:
5c:13:3d:30:60:57:fd:de:a7:92:04:29:55:cd:aa:
31:b8:9c:a7:80:7d:3a:4d:9a:85:dc:2b:46:aa:c4:
a9:2e:39:9d:4d:9c:b2:de:18:64:5f:8d:02:bf:db:
25:b8:84:06:22:9b:8f:76:cf:3c:4e:3c:3e:22:53:
64:be:ae:db:f4:ba:c7:ef:7a:f9:58:97:20:68:cb:
56:d5:5d:45:be:58:d2:a3:0b:58:c0:66:ab:9e:0f:
0b:8b:c6:9f:82:70:85:ae:21:62:d7:ba:7e:a2:74:
59:f3:1a:0c:b5:bf:82:0e:bd:81:5e:a7:0b:c0:84:
91:97:4d:3c:a9:44:9c:c2:7f:bf:e2:bd:ce:c6:1c:
27:29:d9:38:96:ab:17:91:c8:18:09:ed:c9:90:35:
18:aa:34:92:3a:5d:23:32:0a:6a:e2:40:44:e5:57:
ea:94:6e:7c:7c:b6:89:ae:9e:7b:34:e0:39:fe:67:
9a:2f:f2:b2:01:ee:bb:fb:ec:9d:c9:28:f8:1f:1d:
f3:d7:49:44:51:c4:e3:e5:05:9a:10:f2:16:dd:f2:
22:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:EC:1F:B4:8F:0B:28:33:3E:37:1B:DD:DD:07:78:5F:33:3E:6C:68
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/226011B411BF11EFAAAD681EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.60.0/22
103.205.180.0/23
103.205.183.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:45:d0:e6:06:67:0a:21:1a:be:07:d3:62:d4:85:c8:34:1c:
68:5f:43:4d:b9:19:a3:85:2b:e8:c1:eb:77:86:4b:3c:43:3b:
32:e2:fb:2b:c0:3d:c3:89:8a:5a:60:00:9e:50:8e:69:21:3a:
6c:cf:ec:fb:ae:5f:1f:46:b0:63:9e:d3:c7:70:87:68:b1:5e:
fd:66:8d:85:ef:1a:92:3d:42:b2:cf:2f:4c:09:7b:0f:e8:67:
1b:74:34:6f:6a:0a:80:f3:a9:a7:30:3e:be:ea:11:dc:f0:48:
5e:a8:89:56:c5:0c:c4:0b:2d:2c:d9:c6:22:40:f0:5c:c4:04:
7e:29:79:aa:f8:18:20:bc:e0:d6:bc:2b:de:4e:18:a6:46:e8:
23:15:fe:f4:c4:70:1a:aa:c5:45:ff:e2:b2:5e:c9:15:d6:24:
35:bb:ea:b4:bd:59:41:65:4f:02:89:92:d1:37:16:b0:4b:f4:
98:98:db:27:23:c5:71:7f:a1:ea:32:32:c5:c3:8c:ba:ce:0a:
c3:c0:b0:50:33:99:4c:98:f0:87:ce:99:07:89:28:3f:f7:39:
bf:fc:31:d0:c2:2d:67:10:41:75:76:86:a6:80:6d:62:d3:13:
ab:b9:4a:e2:52:72:6d:6d:bd:b1:7b:c2:7a:81:79:f7:d3:4e:
a2:bf:d9:fb
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICC+4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwNTE1MDkwOTMxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ0N2JjYS0zMzE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3vIrFIyuEIk2a1VQwtJ2GlWxUDMOreIlWXlGvFkMiQFAGj7nmlxg6sjLjt1c
Ez0wYFf93qeSBClVzaoxuJyngH06TZqF3CtGqsSpLjmdTZyy3hhkX40Cv9sluIQG
IpuPds88Tjw+IlNkvq7b9LrH73r5WJcgaMtW1V1FvljSowtYwGarng8Li8afgnCF
riFi17p+onRZ8xoMtb+CDr2BXqcLwISRl008qUScwn+/4r3OxhwnKdk4lqsXkcgY
Ce3JkDUYqjSSOl0jMgpq4kBE5VfqlG58fLaJrp57NOA5/meaL/KyAe67++ydySj4
Hx3z10lEUcTj5QWaEPIW3fIilQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKDsH7SP
CygzPjcb3d0HeF8zPmxoMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvMjI2MDExQjQx
MUJGMTFFRkFBQUQ2ODFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAI7mDwDBAFnzbQDBABnzbcwDQYJKoZIhvcNAQELBQADggEB
AH1F0OYGZwohGr4H02LUhcg0HGhfQ025GaOFK+jB63eGSzxDOzLi+yvAPcOJilpg
AJ5QjmkhOmzP7PuuXx9GsGOe08dwh2ixXv1mjYXvGpI9QrLPL0wJew/oZxt0NG9q
CoDzqacwPr7qEdzwSF6oiVbFDMQLLSzZxiJA8FzEBH4pear4GCC84Na8K95OGKZG
6CMV/vTEcBqqxUX/4rJeyRXWJDW76rS9WUFlTwKJktE3FrBL9JiY2ycjxXF/oeoy
MsXDjLrOCsPAsFAzmUyY8IfOmQeJKD/3Ob/8MdDCLWcQQXV2hqaAbWLTE6u5SuJS
cm1tvbF7wnqBeffTTqK/2fs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org