Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/A6AE6A94085D11EFA5EBF528C4F9AE02.roa
File: A6AE6A94085D11EFA5EBF528C4F9AE02.roa (raw, json)
Hash identifier: HApmY8l8YEpMb8sYoxcrtdqCKc7tUia1tpEXRjxalQo=
Subject key identifier: AA:31:07:09:EC:16:A7:3E:C5:84:EE:DC:35:E8:33:72:43:3A:60:05
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0BB7
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/A6AE6A94085D11EFA5EBF528C4F9AE02.roa
Signing time: Thu 02 May 2024 08:26:19 +0000
ROA not before: Thu 02 May 2024 08:26:19 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 38026
IP address blocks: 59.152.62.0/24 maxlen: 24
103.205.181.0/24 maxlen: 24
103.205.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 16:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2999 (0xbb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: May 2 08:26:19 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66334e2b-3905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:be:69:c7:67:74:76:c1:4e:ca:46:d4:7a:cd:
e1:0f:53:16:ea:0d:78:c6:1b:21:2e:d6:b8:0d:b9:
43:da:cd:bb:99:00:db:a8:44:de:46:7f:a4:c6:5d:
0e:48:72:17:51:38:24:56:0c:7a:8a:92:d4:2a:62:
68:d2:c2:06:f8:6b:ca:5a:8b:df:f6:f6:fc:cd:38:
7b:36:27:1f:86:0a:f1:16:8c:aa:a7:16:e8:f9:13:
4a:bf:40:a7:a7:76:d7:4d:b9:80:0f:cb:62:5a:f9:
eb:61:c4:c5:0c:2a:a4:0e:6a:9e:d0:25:6d:92:df:
8f:80:70:25:51:a3:11:15:74:b4:23:23:fe:cb:e7:
c9:1b:de:cb:60:44:85:a3:d0:25:47:5f:01:e6:bc:
05:3e:5b:2e:fc:98:d4:d1:bd:d9:c5:6c:c3:31:f4:
95:26:d5:bd:19:d2:c7:a0:3a:79:57:5d:56:e2:c5:
5a:a4:bb:66:19:d6:98:2c:ff:7f:d4:12:c5:03:a9:
6f:a7:82:4c:59:75:91:4a:2f:a6:02:a8:36:99:c3:
8b:b2:98:b5:7f:63:83:06:75:cc:37:66:8c:92:3e:
c4:7f:69:15:5a:c4:13:4a:42:49:1f:69:c4:9b:08:
8a:cd:85:27:51:fa:0a:09:c8:37:d5:78:31:fd:0c:
56:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:31:07:09:EC:16:A7:3E:C5:84:EE:DC:35:E8:33:72:43:3A:60:05
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/A6AE6A94085D11EFA5EBF528C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.62.0/24
103.205.181.0/24
103.205.183.0/24
Signature Algorithm: sha256WithRSAEncryption
05:b8:17:b6:0e:ba:e8:60:02:1e:45:f4:08:b5:5f:87:ce:cc:
52:da:fe:7c:69:4c:e1:bc:a2:93:2d:a3:fc:e3:27:0d:1f:4a:
44:ff:a1:e3:61:32:64:a4:3b:69:94:8c:66:37:15:a7:31:70:
64:f3:fc:dc:5f:ee:fe:21:8e:0a:88:64:ef:11:3c:32:56:de:
a6:86:d2:61:84:1a:01:66:19:5e:3d:4a:ea:1d:f7:be:f1:15:
7f:e7:c1:a9:68:aa:f5:5b:d3:49:3c:ba:d3:7c:65:fb:4f:a1:
56:20:8e:55:b0:e8:12:76:06:20:28:0f:75:60:02:1d:03:ed:
35:f8:75:80:a5:57:ff:8f:3d:ce:5e:a9:fe:6e:fa:0d:2e:d5:
e4:2d:12:0a:88:72:85:c2:90:39:d6:de:ee:a4:4d:cb:e6:bb:
96:27:71:17:c0:84:07:b5:14:79:80:5a:bf:2a:c2:66:fa:f2:
9a:cc:e8:77:f0:be:b4:ea:25:f8:70:31:d7:f2:8e:06:bd:4a:
4e:99:78:ad:2c:e8:d9:eb:16:a4:7e:52:40:34:3c:cb:e6:46:
90:12:79:f6:20:6e:cb:73:a4:50:2e:ee:25:70:d8:94:ad:05:
c1:9a:b0:1a:34:24:34:74:4f:1a:12:40:4f:1d:9f:56:b4:b6:
59:0c:49:85
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICC7cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwNTAyMDgyNjE5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMzNGUyYi0zOTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9b5px2d0dsFOykbUes3hD1MW6g14xhshLta4DblD2s27mQDbqETeRn+kxl0O
SHIXUTgkVgx6ipLUKmJo0sIG+GvKWovf9vb8zTh7NicfhgrxFoyqpxbo+RNKv0Cn
p3bXTbmAD8tiWvnrYcTFDCqkDmqe0CVtkt+PgHAlUaMRFXS0IyP+y+fJG97LYESF
o9AlR18B5rwFPlsu/JjU0b3ZxWzDMfSVJtW9GdLHoDp5V11W4sVapLtmGdaYLP9/
1BLFA6lvp4JMWXWRSi+mAqg2mcOLspi1f2ODBnXMN2aMkj7Ef2kVWsQTSkJJH2nE
mwiKzYUnUfoKCcg31Xgx/QxWHQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKoxBwns
Fqc+xYTu3DXoM3JDOmAFMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvQTZBRTZBOTQw
ODVEMTFFRkE1RUJGNTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAA7mD4DBABnzbUDBABnzbcwDQYJKoZIhvcNAQELBQADggEB
AAW4F7YOuuhgAh5F9Ai1X4fOzFLa/nxpTOG8opMto/zjJw0fSkT/oeNhMmSkO2mU
jGY3FacxcGTz/Nxf7v4hjgqIZO8RPDJW3qaG0mGEGgFmGV49Suod977xFX/nwalo
qvVb00k8utN8ZftPoVYgjlWw6BJ2BiAoD3VgAh0D7TX4dYClV/+PPc5eqf5u+g0u
1eQtEgqIcoXCkDnW3u6kTcvmu5YncRfAhAe1FHmAWr8qwmb68prM6HfwvrTqJfhw
Mdfyjga9Sk6ZeK0s6NnrFqR+UkA0PMvmRpASefYgbstzpFAu7iVw2JStBcGasBo0
JDR0TxoSQE8dn1a0tlkMSYU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org