Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/F40DE3FE138011EFBF901716C4F9AE02.roa
File: F40DE3FE138011EFBF901716C4F9AE02.roa (raw, json)
Hash identifier: XDliBshB5VXZufW1SypWQkdapBuquWNgCSFv1+DNuf0=
Subject key identifier: 49:01:E3:08:9E:08:E4:3D:EF:29:A3:8E:63:85:FE:19:A8:7A:0C:B9
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0C03
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/F40DE3FE138011EFBF901716C4F9AE02.roa
Signing time: Thu 16 May 2024 12:38:38 +0000
ROA not before: Thu 16 May 2024 12:38:38 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 397373
IP address blocks: 59.152.60.0/24 maxlen: 24
59.152.61.0/24 maxlen: 24
59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 May 2024 04:42:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3075 (0xc03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: May 16 12:38:38 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6645fe4e-d434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9f:5d:49:ed:61:34:e2:94:1b:89:4d:d0:d9:
df:84:57:bd:b8:02:43:52:99:1d:2a:0e:7c:c0:43:
b2:56:ba:fc:0e:0f:47:16:08:85:85:fa:b7:8c:22:
15:75:7c:e7:b8:3a:a4:27:19:7c:dc:4a:fc:cd:f5:
86:fe:6f:0d:10:96:80:da:46:7c:87:20:ee:f7:49:
f7:41:73:71:a4:36:51:59:a5:b9:a7:9d:4b:e4:4f:
0d:a5:ee:63:b0:e0:e4:00:84:e7:8c:f8:4e:86:91:
ad:48:a9:b4:af:cd:f1:a6:93:19:73:de:79:50:68:
59:b9:fd:1c:67:da:66:3d:5a:9a:66:d2:bc:39:04:
31:8a:dc:2e:f0:bf:e0:b2:e5:9e:37:64:e0:9c:00:
a4:6e:20:ac:a5:2c:ef:f5:25:4e:c6:31:89:6d:48:
74:3c:48:d8:96:9a:68:d4:b9:ff:34:23:60:53:11:
7d:35:fc:99:fe:4e:1d:52:81:7e:8c:88:39:fc:c8:
be:f7:15:aa:c8:a1:b4:2a:1a:43:26:85:03:11:62:
c8:98:f0:96:20:5e:3a:cc:b0:0c:c6:1a:3b:0d:cb:
62:42:85:07:e9:e3:a5:ef:28:8d:b0:55:0b:55:46:
5f:6a:d1:56:9c:c2:52:d4:e8:2f:64:fd:b0:1f:ee:
0e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:01:E3:08:9E:08:E4:3D:EF:29:A3:8E:63:85:FE:19:A8:7A:0C:B9
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/F40DE3FE138011EFBF901716C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.60.0/22
Signature Algorithm: sha256WithRSAEncryption
22:6c:e8:7c:5a:67:22:e8:b5:9b:24:ae:30:16:ae:69:34:a8:
4f:89:44:7a:b6:59:42:6a:da:7c:45:20:a4:f4:55:a5:da:5f:
0e:4e:72:82:4b:cc:c6:ed:fd:66:45:a6:bc:b3:b8:10:79:f4:
fc:11:81:f4:c7:db:3b:82:db:b2:ba:76:93:b0:53:22:15:c8:
75:16:cf:02:97:56:ca:90:b8:e8:d2:f9:f4:d2:7c:b0:25:94:
91:26:6a:3d:2c:f8:9d:ad:9b:b8:81:ec:7d:cf:0a:af:54:a3:
37:c9:42:eb:64:4c:c8:da:68:45:2a:ab:af:13:3b:5f:8f:50:
45:7e:ac:7b:f6:90:32:3a:28:7d:3b:dd:7a:56:ef:9b:18:13:
fe:af:4a:f0:1b:45:69:3d:ad:51:1f:01:c6:a7:a6:73:3b:01:
6a:07:63:46:25:fe:b6:7e:15:98:74:9a:49:9d:13:8f:02:0d:
54:71:11:c3:b3:07:29:83:84:70:43:e0:37:ce:62:8a:b8:b1:
e1:4e:b1:ad:a6:57:7e:54:a4:38:60:18:af:d3:51:fa:f6:15:
9d:38:50:f8:dd:26:9f:36:9f:1f:24:c1:fd:4e:2d:66:1f:8b:
64:c2:d2:1f:b6:71:b0:8a:53:1d:31:38:97:2d:48:6d:ff:56:
46:72:44:81
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDAMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwNTE2MTIzODM4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ1ZmU0ZS1kNDM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Z9dSe1hNOKUG4lN0NnfhFe9uAJDUpkdKg58wEOyVrr8Dg9HFgiFhfq3jCIV
dXznuDqkJxl83Er8zfWG/m8NEJaA2kZ8hyDu90n3QXNxpDZRWaW5p51L5E8Npe5j
sODkAITnjPhOhpGtSKm0r83xppMZc955UGhZuf0cZ9pmPVqaZtK8OQQxitwu8L/g
suWeN2TgnACkbiCspSzv9SVOxjGJbUh0PEjYlppo1Ln/NCNgUxF9NfyZ/k4dUoF+
jIg5/Mi+9xWqyKG0KhpDJoUDEWLImPCWIF46zLAMxho7DctiQoUH6eOl7yiNsFUL
VUZfatFWnMJS1OgvZP2wH+4OJQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEkB4wie
COQ97ymjjmOF/hmoegy5MB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvRjQwREUzRkUx
MzgwMTFFRkJGOTAxNzE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAI7mDwwDQYJKoZIhvcNAQELBQADggEBACJs6HxaZyLotZsk
rjAWrmk0qE+JRHq2WUJq2nxFIKT0VaXaXw5OcoJLzMbt/WZFpryzuBB59PwRgfTH
2zuC27K6dpOwUyIVyHUWzwKXVsqQuOjS+fTSfLAllJEmaj0s+J2tm7iB7H3PCq9U
ozfJQutkTMjaaEUqq68TO1+PUEV+rHv2kDI6KH073XpW75sYE/6vSvAbRWk9rVEf
AcanpnM7AWoHY0Yl/rZ+FZh0mkmdE48CDVRxEcOzBymDhHBD4DfOYoq4seFOsa2m
V35UpDhgGK/TUfr2FZ04UPjdJp82nx8kwf1OLWYfi2TC0h+2cbCKUx0xOJctSG3/
VkZyRIE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org