Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/E1FF4DFC70BD11EF93935F16C4F9AE02.roa
File: E1FF4DFC70BD11EF93935F16C4F9AE02.roa (raw, json)
Hash identifier: Ok0eic/SM4vECOBroIY3nPA+TGMhVLs0W+aHdYfHrUk=
Subject key identifier: 71:C3:7A:57:45:B7:57:02:60:42:21:6D:27:14:62:B0:C4:A8:C2:68
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0C72
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/E1FF4DFC70BD11EF93935F16C4F9AE02.roa
Signing time: Thu 12 Sep 2024 16:46:23 +0000
ROA not before: Thu 12 Sep 2024 16:46:23 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 215133
IP address blocks: 59.152.60.0/22 maxlen: 22
59.152.60.0/24 maxlen: 24
59.152.61.0/24 maxlen: 24
59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
103.205.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 10:52:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3186 (0xc72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Sep 12 16:46:23 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66e31adf-2161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d7:d3:70:16:8f:e0:a2:81:56:01:26:31:18:
23:ae:64:44:a5:78:f6:e6:55:58:a8:e8:bd:0f:2a:
b7:55:62:39:65:45:6d:68:f8:22:b3:9c:a7:7e:8a:
19:e0:3c:8f:80:32:41:e6:d9:19:88:da:ad:70:9e:
3b:8d:87:ab:69:d2:2a:0b:b1:66:5b:56:61:22:1f:
41:da:55:6c:89:2a:67:38:ff:37:c7:d4:57:91:16:
c9:f9:d1:34:70:b7:46:75:3b:f8:8a:b9:39:3e:c0:
ac:94:5a:a5:58:8b:b8:fc:0f:cb:04:23:d7:b2:c0:
ef:e6:44:23:86:98:4f:75:bc:b0:50:15:1e:63:04:
97:a9:6a:22:5b:0a:2b:82:77:89:2b:c3:ad:16:3d:
3d:c9:7b:7d:f7:d9:a4:98:7e:38:d0:a9:87:49:70:
c2:e3:e0:14:71:96:c2:7a:bd:53:b2:c0:95:d6:d3:
0b:c2:f1:fe:3e:6c:16:8d:03:d7:42:ff:52:ca:71:
71:0d:59:01:45:63:63:0d:06:f7:14:35:3b:1f:79:
f0:5c:40:a9:00:c4:df:8b:1f:46:bc:17:42:b4:f0:
da:90:f1:e0:e0:d2:9c:75:d4:ee:8d:6c:5e:91:64:
ae:18:7a:4d:61:85:66:0e:7b:9c:c5:07:15:42:d4:
6c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C3:7A:57:45:B7:57:02:60:42:21:6D:27:14:62:B0:C4:A8:C2:68
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/E1FF4DFC70BD11EF93935F16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.60.0/22
103.205.182.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:b1:1f:ed:93:86:95:4b:e8:2d:e8:0e:57:72:77:3d:6c:28:
4d:71:c7:be:a5:cb:27:93:70:92:1e:0a:70:92:08:b3:19:a4:
ea:57:59:25:a9:9e:e8:80:88:c9:0d:49:b2:2d:cd:95:32:92:
a4:ee:66:5a:4f:8f:87:00:a0:d6:b8:00:f2:5c:bf:3d:c6:48:
1f:bc:0e:98:58:c3:db:39:c8:10:b6:d4:da:27:ed:2f:f0:cc:
49:2a:27:0a:f4:a9:23:a4:72:61:a6:c2:9f:5a:51:51:b3:ba:
56:c4:bc:f3:e0:68:e0:6d:12:39:2c:99:41:fb:4b:3c:d1:e0:
1e:28:49:cc:01:26:e2:bc:55:00:7e:5f:ab:65:1d:4d:93:d0:
03:41:42:ad:3d:10:1b:ae:61:a8:f2:87:4d:7e:31:fc:8b:32:
fd:97:95:12:a9:40:a4:57:d5:a4:73:46:4e:06:b6:8b:40:ef:
9b:75:30:db:56:af:43:c4:53:ee:7f:89:ad:bc:c8:65:4e:b8:
c4:0d:52:a4:ea:d3:9f:67:06:9a:27:58:cd:02:95:26:41:ff:
b4:60:a3:dc:0d:5a:94:ee:d3:f3:92:f2:48:ae:61:6c:11:7d:
a0:0b:c9:5a:61:6c:5c:fc:9c:d9:66:04:23:d6:72:6e:01:68:
c8:95:af:a0
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDHIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwOTEyMTY0NjIzWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUzMWFkZi0yMTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn9fTcBaP4KKBVgEmMRgjrmREpXj25lVYqOi9Dyq3VWI5ZUVtaPgis5ynfooZ
4DyPgDJB5tkZiNqtcJ47jYeradIqC7FmW1ZhIh9B2lVsiSpnOP83x9RXkRbJ+dE0
cLdGdTv4irk5PsCslFqlWIu4/A/LBCPXssDv5kQjhphPdbywUBUeYwSXqWoiWwor
gneJK8OtFj09yXt999mkmH440KmHSXDC4+AUcZbCer1TssCV1tMLwvH+PmwWjQPX
Qv9SynFxDVkBRWNjDQb3FDU7H3nwXECpAMTfix9GvBdCtPDakPHg4NKcddTujWxe
kWSuGHpNYYVmDnucxQcVQtRsbwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHHDeldF
t1cCYEIhbScUYrDEqMJoMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvRTFGRjRERkM3
MEJEMTFFRjkzOTM1RjE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAI7mDwDBABnzbYwDQYJKoZIhvcNAQELBQADggEBAH2xH+2T
hpVL6C3oDldydz1sKE1xx76lyyeTcJIeCnCSCLMZpOpXWSWpnuiAiMkNSbItzZUy
kqTuZlpPj4cAoNa4APJcvz3GSB+8DphYw9s5yBC21Non7S/wzEkqJwr0qSOkcmGm
wp9aUVGzulbEvPPgaOBtEjksmUH7SzzR4B4oScwBJuK8VQB+X6tlHU2T0ANBQq09
EBuuYajyh01+MfyLMv2XlRKpQKRX1aRzRk4GtotA75t1MNtWr0PEU+5/ia28yGVO
uMQNUqTq059nBponWM0ClSZB/7Rgo9wNWpTu0/OS8kiuYWwRfaALyVphbFz8nNlm
BCPWcm4BaMiVr6A=
-----END CERTIFICATE-----
Generated at Mon Sep 23 14:19:11 2024 by rpki-client on console-ams.rpki-client.org