Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/588616F604B011EF9F40A04BC4F9AE02.roa
File: 588616F604B011EF9F40A04BC4F9AE02.roa (raw, json)
Hash identifier: 6oXheciK3Q1rj/tdin3dB8NvBBAKZ7WXLGwq4nzmQUU=
Subject key identifier: 60:80:C3:6E:B2:F9:4D:02:C8:E5:5C:B5:C0:48:33:10:B6:2A:4B:E2
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0BB1
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/588616F604B011EF9F40A04BC4F9AE02.roa
Signing time: Sat 27 Apr 2024 16:08:12 +0000
ROA not before: Sat 27 Apr 2024 16:08:12 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 38026
IP address blocks: 59.152.60.0/24 maxlen: 24
59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
103.205.181.0/24 maxlen: 24
103.205.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 15:28:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2993 (0xbb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Apr 27 16:08:12 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=662d22ec-1c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:81:97:50:cd:d4:31:06:1e:2d:c1:bd:fd:35:
f9:a8:1a:d9:24:c1:c5:f1:ee:af:b7:07:8e:a0:43:
fb:54:a1:de:bb:a7:e1:b3:31:fa:cb:4a:0f:4e:d9:
0e:f5:2a:1d:a5:83:4c:41:71:e5:90:73:59:1b:df:
b8:f3:b5:2f:20:71:d0:60:6b:fe:ba:d7:9d:fe:fa:
d7:dd:93:1c:bd:2c:97:13:bc:fb:23:e5:f2:4c:4e:
f1:ef:67:96:81:ed:fd:9d:eb:52:73:d9:c6:37:8c:
7b:3e:07:78:5b:a8:6d:1a:f3:e3:e8:08:0c:c0:3a:
be:d8:62:f9:f1:77:75:e3:38:38:86:8e:62:96:5e:
10:5b:af:e0:b5:0b:b4:b6:d5:b4:23:17:3d:40:b8:
da:9f:36:d6:28:1b:c0:27:9f:1b:e1:09:d5:17:41:
43:b6:17:18:dc:ad:11:6a:38:cc:4c:b6:44:04:80:
af:17:b1:90:dc:12:62:81:be:2c:5d:92:1c:6d:3f:
fd:ae:68:cb:ce:1c:d4:f9:90:5c:62:f8:76:5c:5d:
56:b6:c7:f8:d4:b8:6b:5a:eb:09:b2:02:ff:d8:a6:
08:d8:00:87:46:6e:68:07:9a:fd:80:35:67:dc:e8:
c7:db:0b:c7:7a:ef:68:d0:61:04:33:a7:25:24:2e:
9c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:80:C3:6E:B2:F9:4D:02:C8:E5:5C:B5:C0:48:33:10:B6:2A:4B:E2
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/588616F604B011EF9F40A04BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.60.0/24
59.152.62.0/23
103.205.181.0/24
103.205.183.0/24
Signature Algorithm: sha256WithRSAEncryption
84:5a:5c:87:19:82:27:86:c1:02:02:7e:92:2c:1a:8e:b8:47:
4c:72:0b:e3:50:23:27:1e:8a:58:5a:2c:1d:ff:07:a9:2c:e8:
ca:e9:21:b3:94:a9:19:7f:78:18:92:1d:63:4e:ea:c5:5a:b2:
05:49:64:f0:fb:47:d7:27:e6:fa:7f:73:ca:82:08:20:de:f2:
07:f5:69:8e:b4:c8:6a:7f:7e:56:de:33:97:6a:91:08:17:04:
bb:3f:2d:6a:41:a2:87:08:72:53:7e:81:71:53:8f:5d:27:a3:
72:2d:46:2a:66:f0:da:94:e8:4f:d1:9d:55:de:5a:3d:6c:66:
32:d5:43:c1:9e:23:43:44:db:72:9e:89:e2:f2:1d:5a:f7:aa:
7c:87:03:e9:5a:96:7d:26:d0:da:02:68:39:dd:e8:12:60:ca:
38:b5:a3:77:c2:6e:65:db:ee:09:66:63:3f:f7:ce:78:b5:eb:
40:90:e1:79:41:f0:02:73:39:63:4e:12:0f:43:54:c7:c3:cc:
d8:d1:3a:83:07:ea:62:ef:ff:e3:85:f7:11:69:8f:df:81:fe:
b8:f2:37:4b:59:57:1e:03:78:2f:f6:eb:fa:83:3d:4f:8e:51:
ae:4b:ee:e8:38:1d:a8:2e:a2:bd:c2:a0:4c:8d:b1:99:4b:a1:
01:ab:65:a8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwNDI3MTYwODEyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJkMjJlYy0xYzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwIGXUM3UMQYeLcG9/TX5qBrZJMHF8e6vtweOoEP7VKHeu6fhszH6y0oPTtkO
9SodpYNMQXHlkHNZG9+487UvIHHQYGv+uted/vrX3ZMcvSyXE7z7I+XyTE7x72eW
ge39netSc9nGN4x7Pgd4W6htGvPj6AgMwDq+2GL58Xd14zg4ho5ill4QW6/gtQu0
ttW0Ixc9QLjanzbWKBvAJ58b4QnVF0FDthcY3K0RajjMTLZEBICvF7GQ3BJigb4s
XZIcbT/9rmjLzhzU+ZBcYvh2XF1Wtsf41LhrWusJsgL/2KYI2ACHRm5oB5r9gDVn
3OjH2wvHeu9o0GEEM6clJC6cfQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFGCAw26y
+U0CyOVctcBIMxC2KkviMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvNTg4NjE2RjYw
NEIwMTFFRjlGNDBBMDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAA7mDwDBAE7mD4DBABnzbUDBABnzbcwDQYJKoZIhvcNAQEL
BQADggEBAIRaXIcZgieGwQICfpIsGo64R0xyC+NQIyceilhaLB3/B6ks6MrpIbOU
qRl/eBiSHWNO6sVasgVJZPD7R9cn5vp/c8qCCCDe8gf1aY60yGp/flbeM5dqkQgX
BLs/LWpBoocIclN+gXFTj10no3ItRipm8NqU6E/RnVXeWj1sZjLVQ8GeI0NE23Ke
ieLyHVr3qnyHA+laln0m0NoCaDnd6BJgyji1o3fCbmXb7glmYz/3zni160CQ4XlB
8AJzOWNOEg9DVMfDzNjROoMH6mLv/+OF9xFpj9+B/rjyN0tZVx4DeC/26/qDPU+O
Ua5L7ug4Haguor3CoEyNsZlLoQGrZag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org