Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/E0C12BC27A4A11EF91A7135FC4F9AE02.roa
File: E0C12BC27A4A11EF91A7135FC4F9AE02.roa (raw, json)
Hash identifier: nHHNXzeoXMOXaAAOUyjeDmWAE38DS6T0QBJ5CSDWFy0=
Subject key identifier: 5E:A6:01:10:B6:47:18:13:2A:69:32:A2:CD:AF:56:70:1E:1C:F6:19
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0C86
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/E0C12BC27A4A11EF91A7135FC4F9AE02.roa
Signing time: Tue 24 Sep 2024 10:50:14 +0000
ROA not before: Tue 24 Sep 2024 10:50:14 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 43260
IP address blocks: 59.152.60.0/24 maxlen: 24
59.152.61.0/24 maxlen: 24
59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 07:27:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3206 (0xc86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Sep 24 10:50:14 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66f29966-36f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c3:e9:35:a8:25:69:99:ba:cf:13:e7:e5:fa:
26:29:28:14:95:5c:1b:69:5a:51:f6:aa:e7:6f:0d:
2c:e5:87:bb:2a:45:1c:ba:ac:98:f5:29:12:a9:a4:
3b:d7:40:24:c2:27:93:ae:08:ed:36:ae:4c:48:cd:
9c:5a:65:c3:70:58:1b:0d:6f:f0:52:c3:b4:ce:da:
e1:ba:3b:f6:09:55:f3:30:5b:c6:74:c1:6d:aa:50:
5d:5c:bb:e0:59:14:0f:4c:3d:fe:68:9b:4e:5c:b8:
df:68:26:d1:58:ff:7d:c9:6e:6c:b8:de:3a:a1:e7:
4d:59:aa:49:c7:cc:7c:d2:30:6c:b7:3f:2c:17:e6:
fe:41:59:14:e2:8e:b5:44:ba:a5:01:73:f1:c0:6e:
fd:c9:9f:01:6c:0a:5b:df:d0:79:60:4f:b0:51:79:
89:6b:23:19:6d:b9:1e:1e:c9:4f:5a:e0:22:e2:d3:
ec:a4:e3:f4:4c:fa:43:f8:5d:fb:94:88:0f:96:0c:
6b:b9:a6:cd:e0:3c:3d:39:03:51:78:5b:2b:96:75:
c4:42:42:92:c0:8b:a4:c4:c6:65:76:51:2b:c2:20:
0f:d1:7b:1b:f5:bf:ec:e7:99:76:c8:a5:cb:1c:af:
03:bb:b1:37:dc:e9:d3:0e:b2:05:83:77:bb:e9:ef:
f0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A6:01:10:B6:47:18:13:2A:69:32:A2:CD:AF:56:70:1E:1C:F6:19
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/E0C12BC27A4A11EF91A7135FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.60.0/22
Signature Algorithm: sha256WithRSAEncryption
45:af:30:29:59:3c:55:06:98:0c:c0:d2:96:69:33:72:ca:38:
c9:6b:b9:56:28:20:26:ed:2e:b9:34:73:ce:e5:f6:fa:31:6d:
c6:a7:c2:ce:c1:4a:7e:5e:e8:29:44:6f:5a:63:f8:18:6f:eb:
83:b1:af:22:98:76:75:ef:3d:14:7f:ea:2e:77:59:d2:66:ce:
29:0f:5b:50:27:79:74:96:25:aa:f9:7b:09:80:fe:69:d9:52:
d3:76:3f:d9:3d:53:4e:b2:ef:37:f2:a4:59:8f:07:05:37:12:
9d:9f:38:7e:9f:19:44:29:56:52:a9:73:e2:4c:55:6a:55:ff:
8d:6b:a3:ea:f6:38:fe:15:90:f5:c6:ac:51:e2:ab:49:70:5c:
32:44:88:22:76:88:c6:4b:31:92:a9:97:3e:46:43:d5:3c:20:
64:12:7f:6f:10:e3:14:a7:1e:42:cf:b7:97:0d:39:42:42:9e:
40:83:a5:6c:da:2c:95:ee:6a:01:6e:e1:15:0c:8b:99:0f:41:
d3:0f:0a:b0:12:c4:2c:07:d1:8e:21:08:ce:72:4e:2a:64:34:
b9:49:e2:2e:83:99:a9:49:d3:ea:8e:98:ab:08:17:20:3b:ab:
fa:f0:24:b5:f6:4d:14:8f:cd:c4:2b:fc:69:d4:fa:ab:97:5f:
2d:12:5b:cf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwOTI0MTA1MDE0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYyOTk2Ni0zNmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtcPpNaglaZm6zxPn5fomKSgUlVwbaVpR9qrnbw0s5Ye7KkUcuqyY9SkSqaQ7
10AkwieTrgjtNq5MSM2cWmXDcFgbDW/wUsO0ztrhujv2CVXzMFvGdMFtqlBdXLvg
WRQPTD3+aJtOXLjfaCbRWP99yW5suN46oedNWapJx8x80jBstz8sF+b+QVkU4o61
RLqlAXPxwG79yZ8BbApb39B5YE+wUXmJayMZbbkeHslPWuAi4tPspOP0TPpD+F37
lIgPlgxruabN4Dw9OQNReFsrlnXEQkKSwIukxMZldlErwiAP0Xsb9b/s55l2yKXL
HK8Du7E33OnTDrIFg3e76e/wYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFF6mARC2
RxgTKmkyos2vVnAeHPYZMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvRTBDMTJCQzI3
QTRBMTFFRjkxQTcxMzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAI7mDwwDQYJKoZIhvcNAQELBQADggEBAEWvMClZPFUGmAzA
0pZpM3LKOMlruVYoICbtLrk0c87l9voxbcanws7BSn5e6ClEb1pj+Bhv64OxryKY
dnXvPRR/6i53WdJmzikPW1AneXSWJar5ewmA/mnZUtN2P9k9U06y7zfypFmPBwU3
Ep2fOH6fGUQpVlKpc+JMVWpV/41ro+r2OP4VkPXGrFHiq0lwXDJEiCJ2iMZLMZKp
lz5GQ9U8IGQSf28Q4xSnHkLPt5cNOUJCnkCDpWzaLJXuagFu4RUMi5kPQdMPCrAS
xCwH0Y4hCM5yTipkNLlJ4i6DmalJ0+qOmKsIFyA7q/rwJLX2TRSPzcQr/GnU+quX
Xy0SW88=
-----END CERTIFICATE-----
Generated at Wed Sep 25 09:41:00 2024 by rpki-client on console-fra.rpki-client.org