Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/DE49ED54799911EF9FC45680C4F9AE02.roa
File: DE49ED54799911EF9FC45680C4F9AE02.roa (raw, json)
Hash identifier: gA251hLegogLU6dYxPfyCkKeCLtQ+ixQ3xVVI9fN/BY=
Subject key identifier: 24:DF:44:1E:67:59:69:45:FD:67:F2:2E:47:2C:EA:5D:A4:92:59:EE
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0C7B
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/DE49ED54799911EF9FC45680C4F9AE02.roa
Signing time: Mon 23 Sep 2024 10:52:04 +0000
ROA not before: Mon 23 Sep 2024 10:52:04 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 215133
IP address blocks: 59.152.60.0/22 maxlen: 22
59.152.60.0/24 maxlen: 24
59.152.61.0/24 maxlen: 24
103.205.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 10:45:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3195 (0xc7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Sep 23 10:52:04 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66f14854-869c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c1:26:00:09:3e:61:bb:1a:ba:34:14:06:45:
3f:7c:c3:77:5c:43:55:ec:d9:5a:97:b0:1a:08:44:
86:73:3d:f1:a6:af:7e:6a:93:ad:e6:05:0f:c3:67:
db:2e:e3:d1:c3:c6:ba:f5:80:cb:04:76:8f:80:47:
0f:98:f0:cc:33:ec:29:39:e9:cf:b7:57:89:61:c6:
dd:c8:28:11:2c:8a:d3:4f:cd:1e:a2:6a:49:59:53:
88:04:c1:10:70:4e:05:01:36:29:18:a6:90:25:79:
6d:26:68:52:9d:6e:64:0b:78:06:9a:6b:79:21:49:
ac:41:29:7b:bb:a2:29:49:e9:86:da:6a:15:0b:45:
12:ed:e4:29:74:0f:10:67:a2:94:e3:3d:6a:85:81:
7f:69:cc:ef:af:21:86:59:96:a7:cf:c3:1d:b5:fb:
ef:3d:1d:df:57:c7:2a:48:f7:4f:56:05:bd:6f:e1:
0b:a3:92:14:05:9c:d7:b7:b6:46:25:74:8f:73:1d:
57:f9:43:bd:6c:7b:62:d5:c1:04:8c:7c:a4:6f:d2:
90:60:5a:37:55:31:04:48:8c:f3:ec:ef:d6:6a:28:
20:83:c1:53:57:83:03:b4:e5:de:9c:6b:3d:30:d8:
e9:85:5d:f2:b3:0b:1a:cf:85:06:0c:c0:73:d3:a7:
4a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DF:44:1E:67:59:69:45:FD:67:F2:2E:47:2C:EA:5D:A4:92:59:EE
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/DE49ED54799911EF9FC45680C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.60.0/22
103.205.182.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:dd:1b:5e:a9:22:d9:03:d3:99:f3:4e:4a:26:e6:64:69:b1:
9b:c7:ab:52:a2:8d:60:42:a3:17:1d:ec:89:e4:78:88:75:e1:
4a:a5:89:0f:bd:d0:e6:58:e9:82:a5:8b:f7:fc:79:da:9b:f4:
e8:39:94:53:e3:2c:fa:6d:c1:5c:9c:73:38:27:1f:25:2b:4a:
9c:82:32:88:28:28:21:48:69:9f:e0:fb:e7:f7:68:25:e7:27:
9b:be:6a:6a:dc:eb:ac:a1:8a:ce:67:97:5f:c5:1a:5a:f0:1d:
8a:a7:d1:60:e1:dd:fe:53:1d:98:36:77:18:d3:9b:d5:63:c7:
aa:af:12:7b:d2:5d:79:05:77:5d:89:90:09:ad:c5:c0:db:82:
79:d0:3f:1c:27:b7:52:46:33:e4:18:f7:fb:8d:64:02:33:42:
56:40:5f:e9:62:12:ae:5b:b6:06:33:e8:ff:3f:15:87:ff:d9:
3b:a3:db:8a:25:9e:bf:cc:b1:8f:3e:0e:9e:80:7c:e2:93:98:
41:01:98:8e:63:4a:2a:8b:d7:54:22:09:84:c9:88:91:ad:07:
f5:09:44:dc:4d:53:29:be:39:23:dd:b0:16:f0:8f:ec:f4:bb:
e3:02:7c:15:ac:dc:07:11:33:c0:e8:aa:7d:bf:2b:c9:70:38:
e5:bf:55:4c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDHswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwOTIzMTA1MjA0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYxNDg1NC04NjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApMEmAAk+YbsaujQUBkU/fMN3XENV7Nlal7AaCESGcz3xpq9+apOt5gUPw2fb
LuPRw8a69YDLBHaPgEcPmPDMM+wpOenPt1eJYcbdyCgRLIrTT80eompJWVOIBMEQ
cE4FATYpGKaQJXltJmhSnW5kC3gGmmt5IUmsQSl7u6IpSemG2moVC0US7eQpdA8Q
Z6KU4z1qhYF/aczvryGGWZanz8MdtfvvPR3fV8cqSPdPVgW9b+ELo5IUBZzXt7ZG
JXSPcx1X+UO9bHti1cEEjHykb9KQYFo3VTEESIzz7O/Waiggg8FTV4MDtOXenGs9
MNjphV3yswsaz4UGDMBz06dK9QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCTfRB5n
WWlF/WfyLkcs6l2kklnuMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvREU0OUVENTQ3
OTk5MTFFRjlGQzQ1NjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAI7mDwDBABnzbYwDQYJKoZIhvcNAQELBQADggEBAIvdG16p
ItkD05nzTkom5mRpsZvHq1KijWBCoxcd7InkeIh14UqliQ+90OZY6YKli/f8edqb
9Og5lFPjLPptwVycczgnHyUrSpyCMogoKCFIaZ/g++f3aCXnJ5u+amrc66yhis5n
l1/FGlrwHYqn0WDh3f5THZg2dxjTm9Vjx6qvEnvSXXkFd12JkAmtxcDbgnnQPxwn
t1JGM+QY9/uNZAIzQlZAX+liEq5btgYz6P8/FYf/2Tuj24olnr/MsY8+Dp6AfOKT
mEEBmI5jSiqL11QiCYTJiJGtB/UJRNxNUym+OSPdsBbwj+z0u+MCfBWs3AcRM8Do
qn2/K8lwOOW/VUw=
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:03:38 2024 by rpki-client on console-ams.rpki-client.org