Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/61CC2BA6106811EFA467B42FC4F9AE02.roa
File: 61CC2BA6106811EFA467B42FC4F9AE02.roa (raw, json)
Hash identifier: 6UlgvFXhnFUaGSmk+C55PkWOLsiWs/LPhyvZEoDM5R0=
Subject key identifier: 88:43:86:B3:5B:82:D0:4B:48:AC:9A:41:86:F5:47:91:82:BB:31:83
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0C13
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/61CC2BA6106811EFA467B42FC4F9AE02.roa
Signing time: Sun 19 May 2024 10:43:19 +0000
ROA not before: Sun 19 May 2024 10:43:19 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 215133
IP address blocks: 59.152.60.0/22 maxlen: 22
59.152.60.0/24 maxlen: 24
59.152.61.0/24 maxlen: 24
59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
103.205.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 16:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3091 (0xc13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: May 19 10:43:19 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6649d7c6-791d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:76:88:74:c5:00:3e:43:4c:05:74:55:cd:57:
a5:51:2e:15:7a:be:78:dc:06:96:a7:9b:3d:68:b6:
e2:6d:93:56:7d:0b:78:18:19:4a:58:d4:9b:85:a1:
bc:71:1a:43:e6:9c:98:82:ea:fd:c4:38:e6:d8:fe:
e7:df:7b:23:70:ce:f0:04:bd:70:5e:6b:be:2c:61:
4b:f9:05:72:10:6c:88:4a:88:68:97:22:d4:87:65:
74:42:f9:a2:6f:50:a8:c7:88:05:a0:cf:11:4b:34:
b5:2d:39:ec:65:21:8e:b5:bb:e2:86:59:df:5c:1c:
06:11:e0:5e:3b:9d:44:52:18:4f:30:08:81:fa:bd:
8e:94:84:72:68:ab:37:79:16:45:2c:fb:2e:a0:b7:
a0:74:cd:4a:64:4e:b5:2f:1d:e2:70:f5:05:0e:62:
b4:e2:d8:22:9c:fe:c1:88:33:0d:54:dc:b6:58:31:
ec:55:9a:9f:de:7e:b7:2d:89:73:5c:3f:59:84:d4:
c3:8c:e5:e9:2e:0f:9a:63:3e:f7:1f:0a:21:81:dc:
f0:c4:e8:de:9d:e7:20:e4:2e:21:c9:4b:5c:e8:ae:
62:ec:06:4a:84:ce:c7:f8:31:1a:66:d8:8a:70:14:
bb:40:88:dd:d6:13:66:99:c3:75:2b:cf:8f:2d:ec:
b2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:43:86:B3:5B:82:D0:4B:48:AC:9A:41:86:F5:47:91:82:BB:31:83
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/61CC2BA6106811EFA467B42FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.60.0/22
103.205.182.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:5e:2e:1a:b8:b0:14:7c:a9:bd:46:34:e7:45:e6:e3:b4:d1:
5e:33:a8:f5:02:1d:9b:58:35:62:35:7f:5b:45:0e:68:a3:1a:
05:06:0f:c3:4f:c9:82:cf:de:19:8b:ac:fd:db:91:f9:2a:2d:
43:23:70:15:21:4f:61:73:ab:2d:9b:54:d8:1b:9a:53:a9:f9:
c5:18:d6:3d:4a:9c:a4:98:f1:47:42:33:3c:42:8a:17:37:4e:
c1:2d:f4:28:42:67:1e:fd:3a:75:42:3d:aa:2f:7b:b5:23:74:
d9:de:71:de:a7:ac:67:a3:0a:93:a4:f5:e6:62:f6:81:b0:6e:
62:70:74:93:c7:a0:f7:17:fc:b1:c3:97:c3:5f:e3:84:6b:f7:
ce:10:a2:7f:ad:2c:9d:c1:ff:ed:03:0e:11:8a:ac:0e:ab:1a:
86:8a:20:8f:a4:f2:1c:dd:83:d3:0c:17:49:99:33:17:39:06:
9d:e9:8b:11:2c:f4:12:07:ac:71:48:eb:81:34:8c:4b:2a:f9:
63:80:20:d5:9a:1a:dc:4d:e0:32:20:b9:4c:7e:11:80:cd:23:
ce:6f:04:46:b6:0f:bf:b9:b8:03:78:8c:8e:ef:d8:da:04:b6:
ba:ea:b8:86:be:e5:91:03:70:cf:af:ef:f5:af:3a:70:eb:8e:
8d:8b:bf:c2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDBMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwNTE5MTA0MzE5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ5ZDdjNi03OTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxnaIdMUAPkNMBXRVzVelUS4Ver543AaWp5s9aLbibZNWfQt4GBlKWNSbhaG8
cRpD5pyYgur9xDjm2P7n33sjcM7wBL1wXmu+LGFL+QVyEGyISoholyLUh2V0Qvmi
b1Cox4gFoM8RSzS1LTnsZSGOtbvihlnfXBwGEeBeO51EUhhPMAiB+r2OlIRyaKs3
eRZFLPsuoLegdM1KZE61Lx3icPUFDmK04tginP7BiDMNVNy2WDHsVZqf3n63LYlz
XD9ZhNTDjOXpLg+aYz73HwohgdzwxOjenecg5C4hyUtc6K5i7AZKhM7H+DEaZtiK
cBS7QIjd1hNmmcN1K8+PLeyyBwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIhDhrNb
gtBLSKyaQYb1R5GCuzGDMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvNjFDQzJCQTYx
MDY4MTFFRkE0NjdCNDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAI7mDwDBABnzbYwDQYJKoZIhvcNAQELBQADggEBAIxeLhq4
sBR8qb1GNOdF5uO00V4zqPUCHZtYNWI1f1tFDmijGgUGD8NPyYLP3hmLrP3bkfkq
LUMjcBUhT2Fzqy2bVNgbmlOp+cUY1j1KnKSY8UdCMzxCihc3TsEt9ChCZx79OnVC
Paove7UjdNnecd6nrGejCpOk9eZi9oGwbmJwdJPHoPcX/LHDl8Nf44Rr984Qon+t
LJ3B/+0DDhGKrA6rGoaKII+k8hzdg9MMF0mZMxc5Bp3pixEs9BIHrHFI64E0jEsq
+WOAINWaGtxN4DIguUx+EYDNI85vBEa2D7+5uAN4jI7v2NoEtrrquIa+5ZEDcM+v
7/WvOnDrjo2Lv8I=
-----END CERTIFICATE-----
Generated at Mon May 20 18:42:36 2024 by rpki-client on console-fra.rpki-client.org