Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/354631EE799A11EF87750381C4F9AE02.roa
File: 354631EE799A11EF87750381C4F9AE02.roa (raw, json)
Hash identifier: 9FewWr21LwPHt88VD46h4GFkjsNM+VDqsyFRqXtgQbc=
Subject key identifier: B3:1E:5E:27:C9:7E:75:26:4E:A8:D6:F6:AC:85:1D:07:0F:FF:F7:35
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0C7D
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/354631EE799A11EF87750381C4F9AE02.roa
Signing time: Mon 23 Sep 2024 10:54:30 +0000
ROA not before: Mon 23 Sep 2024 10:54:30 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 43260
IP address blocks: 59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 16:10:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3197 (0xc7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Sep 23 10:54:30 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66f148e5-ebdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:48:51:1f:44:91:1a:f8:a0:7e:ca:cd:2a:33:
36:36:c0:02:9c:18:05:29:eb:70:ec:bd:a3:79:09:
0b:dd:69:fd:a2:c5:52:e9:12:d4:80:97:ca:01:e2:
c7:ed:4b:d5:57:34:71:01:d2:45:22:36:19:92:83:
fd:e3:b2:47:36:1e:8b:04:e8:db:63:25:45:53:bd:
ee:6a:93:df:cb:6e:25:59:9f:5a:3b:dd:93:40:a9:
88:9f:35:01:d1:5b:8f:54:82:ff:c8:f7:9d:51:3c:
03:b4:a3:18:25:dd:7e:da:df:e9:6f:47:55:39:9d:
a8:d3:a4:f2:dc:99:d1:24:ca:d0:01:5a:3b:aa:68:
08:79:b0:53:cd:26:d4:d5:c4:1d:e8:f6:aa:e2:0e:
19:57:7b:14:4d:73:cc:98:6c:09:1f:55:eb:93:dd:
3b:65:1f:a6:8f:c7:03:76:9b:8e:bb:31:62:02:97:
c7:64:0a:a7:8f:cf:ef:4b:48:1e:a8:a5:31:47:c1:
5e:2d:35:6e:f4:7a:4e:a7:70:4d:65:3f:f6:dd:91:
bc:db:10:3c:af:ed:a8:4e:ca:41:2a:8e:cc:44:82:
46:2c:16:f0:e9:3b:bc:45:be:8e:2e:29:af:23:b5:
77:79:eb:e6:0b:6e:08:96:7e:70:65:77:f4:e2:f6:
a7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1E:5E:27:C9:7E:75:26:4E:A8:D6:F6:AC:85:1D:07:0F:FF:F7:35
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/354631EE799A11EF87750381C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.62.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:34:b0:de:7e:c3:74:75:9e:fb:0b:94:36:3e:5a:8b:d4:16:
ba:f9:a2:ec:dd:cd:12:05:85:68:ec:1c:5d:34:e3:f9:ab:7d:
a6:ba:36:96:29:bd:62:52:4b:3b:84:db:43:aa:6f:7f:64:e4:
7e:4e:b8:46:0a:09:cc:4d:74:c1:6d:da:49:9a:16:f6:19:dc:
e9:3d:4d:cc:83:45:f6:c7:8f:a5:8d:1c:ca:58:b6:f1:fb:f0:
a4:a9:44:dd:9b:2b:79:30:4e:1a:d2:bf:80:12:d5:2e:c2:dd:
3d:8a:ee:23:10:60:d5:89:3e:5b:28:cf:5d:05:ec:a4:32:5d:
4d:c6:69:ce:d3:8c:f4:40:fc:ef:b4:a3:44:fa:bc:7d:83:67:
ea:f8:54:e1:04:bd:d9:41:62:bc:c9:95:b2:bf:53:2d:e9:be:
06:58:d7:0c:ed:ad:54:9f:b6:f3:43:2e:46:36:bf:7e:d4:bb:
2f:79:61:5b:7c:c0:43:85:4a:c3:09:31:38:4b:c4:de:1d:07:
a3:22:6e:7a:30:70:10:27:85:8f:26:59:b3:a5:09:6d:e1:7e:
90:68:0b:f9:cf:a1:8e:c1:fc:6d:ab:03:b6:53:f5:35:0c:8b:
6e:9a:16:d2:b6:8b:e1:56:7a:0e:31:f6:f6:f2:43:7f:87:da:
0f:85:d9:20
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDH0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwOTIzMTA1NDMwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYxNDhlNS1lYmRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArUhRH0SRGvigfsrNKjM2NsACnBgFKetw7L2jeQkL3Wn9osVS6RLUgJfKAeLH
7UvVVzRxAdJFIjYZkoP947JHNh6LBOjbYyVFU73uapPfy24lWZ9aO92TQKmInzUB
0VuPVIL/yPedUTwDtKMYJd1+2t/pb0dVOZ2o06Ty3JnRJMrQAVo7qmgIebBTzSbU
1cQd6Paq4g4ZV3sUTXPMmGwJH1Xrk907ZR+mj8cDdpuOuzFiApfHZAqnj8/vS0ge
qKUxR8FeLTVu9HpOp3BNZT/23ZG82xA8r+2oTspBKo7MRIJGLBbw6Tu8Rb6OLimv
I7V3eevmC24Iln5wZXf04vanGwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLMeXifJ
fnUmTqjW9qyFHQcP//c1MB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvMzU0NjMxRUU3
OTlBMTFFRjg3NzUwMzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAE7mD4wDQYJKoZIhvcNAQELBQADggEBAK40sN5+w3R1nvsL
lDY+WovUFrr5ouzdzRIFhWjsHF004/mrfaa6NpYpvWJSSzuE20Oqb39k5H5OuEYK
CcxNdMFt2kmaFvYZ3Ok9TcyDRfbHj6WNHMpYtvH78KSpRN2bK3kwThrSv4AS1S7C
3T2K7iMQYNWJPlsoz10F7KQyXU3Gac7TjPRA/O+0o0T6vH2DZ+r4VOEEvdlBYrzJ
lbK/Uy3pvgZY1wztrVSftvNDLkY2v37Uuy95YVt8wEOFSsMJMThLxN4dB6Mibnow
cBAnhY8mWbOlCW3hfpBoC/nPoY7B/G2rA7ZT9TUMi26aFtK2i+FWeg4x9vbyQ3+H
2g+F2SA=
-----END CERTIFICATE-----
Generated at Mon Sep 23 21:19:06 2024 by rpki-client on console-ams.rpki-client.org