Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/908699E07B1111EFA7DD1123C4F9AE02.roa
File: 908699E07B1111EFA7DD1123C4F9AE02.roa (raw, json)
Hash identifier: IjZFHekgs/AOV4QwNYMKk9SdXMEGagx4k+dMef5J9Ao=
Subject key identifier: 24:A8:0B:5B:61:ED:88:C1:95:63:88:37:70:DD:0F:ED:0A:19:C9:E4
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0C93
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/908699E07B1111EFA7DD1123C4F9AE02.roa
Signing time: Wed 25 Sep 2024 07:43:45 +0000
ROA not before: Wed 25 Sep 2024 07:43:45 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 215133
IP address blocks: 59.152.60.0/24 maxlen: 24
59.152.61.0/24 maxlen: 24
103.205.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 12 Oct 2024 05:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3219 (0xc93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Sep 25 07:43:45 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66f3bf30-33a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:86:d4:02:8b:aa:a5:7c:d5:99:81:36:94:2f:
10:8b:76:d2:ce:c5:82:a1:28:e7:71:4e:e0:1c:ef:
7a:77:f2:ce:a4:80:f1:66:7a:55:c7:a2:fe:cb:4b:
fc:ab:2a:c1:5e:85:73:27:b4:74:2a:11:69:cc:78:
88:db:76:05:a4:4a:58:69:45:05:8b:2d:1d:8e:5b:
5e:69:b3:8c:28:cc:b2:2c:7f:20:b3:ca:2d:97:c2:
a1:40:fc:10:5f:b8:99:71:9e:ce:a3:c0:97:7e:1f:
96:30:f8:cc:53:43:82:ea:2c:28:78:43:5a:45:33:
6e:55:90:4b:b0:fd:57:4f:7a:2a:ba:a9:c8:68:b2:
9b:70:ca:2a:5b:df:d6:7a:f2:9c:97:7c:a3:7d:e0:
98:ad:5d:b2:29:d2:7c:a4:c9:a7:6c:4a:ff:54:9c:
05:85:6f:c0:fe:83:b9:22:69:bb:42:97:71:40:c0:
41:a1:5b:ae:5a:fc:34:65:83:54:7f:62:64:78:4d:
d7:f6:99:58:93:50:84:10:dc:16:f8:34:84:ea:c0:
12:5d:23:9e:08:98:3e:47:27:15:57:2c:ad:0b:bd:
d4:e6:d0:83:a1:85:ea:2a:d3:62:3f:77:52:e2:4c:
1d:8c:17:2a:fc:1d:a7:57:df:99:62:d1:84:d3:75:
8e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A8:0B:5B:61:ED:88:C1:95:63:88:37:70:DD:0F:ED:0A:19:C9:E4
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/908699E07B1111EFA7DD1123C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.60.0/23
103.205.182.0/24
Signature Algorithm: sha256WithRSAEncryption
63:5b:01:59:34:24:05:b9:93:88:d4:4c:13:02:68:40:22:f6:
41:cb:09:4f:44:27:02:cf:b1:07:d5:bf:89:52:16:6e:e1:12:
fd:98:c4:1a:ad:f4:f7:74:45:a2:e5:93:5e:3a:8e:71:45:82:
d0:af:8a:ba:b7:d3:9c:5e:33:d5:c7:0e:66:72:a2:80:ea:ed:
c4:77:fd:8a:9e:b9:dc:ba:55:f3:75:cb:d8:94:2a:6c:99:38:
97:9e:dc:54:ed:2c:04:78:66:03:71:94:47:96:14:4c:8b:85:
41:60:aa:83:6b:ab:cb:b0:b1:5e:56:50:12:de:6e:5e:0b:d5:
f0:50:05:3c:61:71:27:d7:62:64:36:1d:16:90:47:03:44:e2:
a8:84:99:e7:7b:0a:b1:c9:53:04:fe:fe:1a:a6:86:b1:d4:75:
bb:3f:41:97:09:94:93:ca:0c:f0:20:8d:fc:b7:5c:cb:39:d7:
9b:ee:6d:b9:5b:56:13:9a:ec:2b:51:0a:c2:c6:3f:cc:30:69:
7d:65:0f:c6:cd:ab:9b:79:b7:99:ba:55:69:0b:71:ef:9e:7f:
df:a7:0c:02:e3:d4:77:0b:4b:38:3e:6c:e8:81:88:76:6b:13:
5d:e7:32:b0:2d:46:46:c2:90:15:f8:1c:be:af:02:1d:a2:19:
52:e7:38:1f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDJMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwOTI1MDc0MzQ1WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYzYmYzMC0zM2E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsYbUAouqpXzVmYE2lC8Qi3bSzsWCoSjncU7gHO96d/LOpIDxZnpVx6L+y0v8
qyrBXoVzJ7R0KhFpzHiI23YFpEpYaUUFiy0djlteabOMKMyyLH8gs8otl8KhQPwQ
X7iZcZ7Oo8CXfh+WMPjMU0OC6iwoeENaRTNuVZBLsP1XT3oquqnIaLKbcMoqW9/W
evKcl3yjfeCYrV2yKdJ8pMmnbEr/VJwFhW/A/oO5Imm7QpdxQMBBoVuuWvw0ZYNU
f2JkeE3X9plYk1CEENwW+DSE6sASXSOeCJg+RycVVyytC73U5tCDoYXqKtNiP3dS
4kwdjBcq/B2nV9+ZYtGE03WORQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCSoC1th
7YjBlWOIN3DdD+0KGcnkMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvOTA4Njk5RTA3
QjExMTFFRkE3REQxMTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAE7mDwDBABnzbYwDQYJKoZIhvcNAQELBQADggEBAGNbAVk0
JAW5k4jUTBMCaEAi9kHLCU9EJwLPsQfVv4lSFm7hEv2YxBqt9Pd0RaLlk146jnFF
gtCvirq305xeM9XHDmZyooDq7cR3/Yqeudy6VfN1y9iUKmyZOJee3FTtLAR4ZgNx
lEeWFEyLhUFgqoNrq8uwsV5WUBLebl4L1fBQBTxhcSfXYmQ2HRaQRwNE4qiEmed7
CrHJUwT+/hqmhrHUdbs/QZcJlJPKDPAgjfy3XMs515vubblbVhOa7CtRCsLGP8ww
aX1lD8bNq5t5t5m6VWkLce+ef9+nDALj1HcLSzg+bOiBiHZrE13nMrAtRkbCkBX4
HL6vAh2iGVLnOB8=
-----END CERTIFICATE-----
Generated at Sat Oct 12 07:42:46 2024 by rpki-client on console-fra.rpki-client.org