Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/99CA02AA7B0F11EFAB46437FC4F9AE02.roa
File: 99CA02AA7B0F11EFAB46437FC4F9AE02.roa (raw, json)
Hash identifier: B/kCbW28DnpIMEmr4HYuxwr6T/8nFFPanoTMXhlVr0o=
Subject key identifier: CA:11:BB:D5:BF:36:2A:8D:5D:66:D7:59:AF:6E:63:59:D9:D0:B1:69
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0C8A
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/99CA02AA7B0F11EFAB46437FC4F9AE02.roa
Signing time: Wed 25 Sep 2024 07:27:21 +0000
ROA not before: Wed 25 Sep 2024 07:27:21 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 43260
IP address blocks: 59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 16:37:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3210 (0xc8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Sep 25 07:27:21 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66f3bb58-9d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d0:03:5f:b1:ea:9c:eb:89:06:91:3b:51:58:
bb:70:54:4a:3c:da:70:63:c5:2b:1e:c1:b6:f4:52:
a1:bf:5f:83:02:7c:c5:b9:f7:bb:94:ea:08:70:9d:
f4:46:9a:72:03:42:c1:3e:61:fa:c1:eb:96:73:bf:
b8:74:af:ab:d3:e4:00:69:9b:de:85:e4:57:d5:32:
30:9d:08:eb:4c:ab:97:2d:eb:c3:b7:6d:bf:0c:a5:
f4:d8:c8:cd:e4:f4:79:b7:e6:6d:52:80:2f:e7:15:
1c:fa:18:dc:90:fe:e8:a6:a8:e9:f3:87:da:36:cf:
a6:76:8b:ea:0e:45:ab:61:39:90:71:cf:6a:4d:10:
fb:90:01:aa:5d:19:46:0b:f9:a9:af:bb:40:cd:e9:
a7:49:e4:d0:4e:c6:cb:c7:b8:c9:19:c2:17:15:aa:
4b:84:02:cd:4e:08:e5:1e:70:8a:56:63:14:76:10:
6c:d6:55:79:f2:d8:83:24:32:b5:7f:f7:30:10:57:
fb:be:ce:0a:81:7d:f5:02:36:56:c0:f9:93:e2:f0:
5c:a1:a9:ff:7c:e5:eb:5b:c6:4c:6a:2a:ef:1f:61:
78:5d:c2:64:f7:48:fa:83:1e:64:7c:05:36:b3:3e:
98:d9:99:ae:7b:d8:22:b0:c6:31:35:bd:d3:83:2c:
d9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:11:BB:D5:BF:36:2A:8D:5D:66:D7:59:AF:6E:63:59:D9:D0:B1:69
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/99CA02AA7B0F11EFAB46437FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.62.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:cb:0a:15:05:d9:cd:83:ae:59:4b:13:5a:23:9c:3c:08:69:
d8:9a:0d:dc:47:0c:3b:cb:58:f5:53:3a:49:09:8b:55:42:ab:
c2:32:e7:75:23:90:ec:a3:7d:48:e7:25:3f:5a:58:41:25:98:
d6:22:dc:93:d6:00:40:be:08:d4:44:58:54:fe:9e:77:01:cb:
65:83:9d:2f:49:fc:95:43:c2:42:d2:b2:9b:26:35:9b:61:8b:
f2:53:1e:32:64:3a:ca:6b:ed:13:fb:cf:cc:5d:64:6f:cc:a7:
e4:b1:61:5a:a8:f6:55:5d:1c:60:0c:43:c8:a3:bf:23:eb:ab:
e8:11:da:27:5f:c8:11:b9:ba:57:a9:c5:bb:17:ed:d7:42:4b:
a5:1e:b9:a8:65:e6:ce:31:05:ea:0c:49:87:2a:a6:59:34:7f:
e9:0f:77:26:c1:e1:e3:c7:a1:36:ba:2e:26:90:0e:24:7e:3e:
c6:83:c3:fe:6e:79:80:f5:e1:c9:e7:4b:8a:15:75:87:c9:fa:
46:bf:25:f7:d1:1d:03:b8:5e:d4:65:cc:74:6c:55:6b:16:20:
a4:18:11:fc:76:0a:30:81:e2:26:52:a5:c0:92:3f:97:31:ac:
8d:7f:fa:99:ca:93:ed:07:83:d6:4c:77:fb:b7:b8:52:ae:3a:
7e:4c:6b:f6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwOTI1MDcyNzIxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYzYmI1OC05ZDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4NADX7HqnOuJBpE7UVi7cFRKPNpwY8UrHsG29FKhv1+DAnzFufe7lOoIcJ30
RppyA0LBPmH6weuWc7+4dK+r0+QAaZveheRX1TIwnQjrTKuXLevDt22/DKX02MjN
5PR5t+ZtUoAv5xUc+hjckP7opqjp84faNs+mdovqDkWrYTmQcc9qTRD7kAGqXRlG
C/mpr7tAzemnSeTQTsbLx7jJGcIXFapLhALNTgjlHnCKVmMUdhBs1lV58tiDJDK1
f/cwEFf7vs4KgX31AjZWwPmT4vBcoan/fOXrW8ZMairvH2F4XcJk90j6gx5kfAU2
sz6Y2Zmue9gisMYxNb3TgyzZawIDAQABo4IClTCCApEwHQYDVR0OBBYEFMoRu9W/
NiqNXWbXWa9uY1nZ0LFpMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvOTlDQTAyQUE3
QjBGMTFFRkFCNDY0MzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAE7mD4wDQYJKoZIhvcNAQELBQADggEBACvLChUF2c2DrllL
E1ojnDwIadiaDdxHDDvLWPVTOkkJi1VCq8Iy53UjkOyjfUjnJT9aWEElmNYi3JPW
AEC+CNREWFT+nncBy2WDnS9J/JVDwkLSspsmNZthi/JTHjJkOspr7RP7z8xdZG/M
p+SxYVqo9lVdHGAMQ8ijvyPrq+gR2idfyBG5ulepxbsX7ddCS6Ueuahl5s4xBeoM
SYcqplk0f+kPdybB4ePHoTa6LiaQDiR+PsaDw/5ueYD14cnnS4oVdYfJ+ka/JffR
HQO4XtRlzHRsVWsWIKQYEfx2CjCB4iZSpcCSP5cxrI1/+pnKk+0Hg9ZMd/u3uFKu
On5Ma/Y=
-----END CERTIFICATE-----
Generated at Tue Oct 15 18:52:43 2024 by rpki-client on console-fra.rpki-client.org