Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/FA93EF928B1311EF86EFF756C4F9AE02.roa
File: FA93EF928B1311EF86EFF756C4F9AE02.roa (raw, json)
Hash identifier: bgLBooNg43tNbvUGTZYrmzbGih5IG1LmfV9sKAuST9o=
Subject key identifier: 66:B4:9D:0F:A6:3A:4A:D5:E5:71:E3:C3:81:31:BA:23:4E:30:9F:E3
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0CAC
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/FA93EF928B1311EF86EFF756C4F9AE02.roa
Signing time: Tue 15 Oct 2024 16:40:27 +0000
ROA not before: Tue 15 Oct 2024 16:40:27 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 43260
IP address blocks: 59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 15:37:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3244 (0xcac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Oct 15 16:40:27 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=670e9afb-e6be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0c:73:9e:2e:2d:37:fb:d4:d9:9f:f6:e4:8e:
55:cf:05:8c:7c:4a:0b:94:31:b4:53:43:53:5e:0d:
ff:36:b7:6c:23:9b:67:80:d5:23:4d:23:03:39:82:
a5:52:20:5f:17:0a:1a:e3:c6:cf:a5:13:a0:3f:06:
77:38:4f:3b:97:cd:da:6a:d2:a9:a7:90:aa:5f:f5:
51:d6:9e:28:56:ac:c0:3c:fd:e8:d9:4a:a6:a0:1e:
bd:04:a9:9a:c2:20:f4:3f:1b:61:09:8d:39:0d:3e:
a8:84:f4:94:f1:8a:32:21:79:bc:47:fa:9a:86:94:
8f:1d:93:f0:3e:ca:a3:0d:f6:cb:f2:67:ad:3f:66:
50:4c:64:30:81:8e:14:6f:2a:07:31:b6:66:ce:88:
73:7a:cc:d9:d8:e6:6c:4a:67:fc:47:50:dc:90:ae:
aa:3f:80:e2:59:42:02:5a:3c:6c:be:a8:14:d6:4e:
42:65:8a:1a:13:a7:84:76:21:0d:1b:64:86:bf:7f:
d5:5d:f6:c4:5b:42:f8:17:4a:86:51:08:48:53:5d:
5a:53:97:09:53:3c:44:49:fb:07:4c:25:7a:a5:4b:
07:86:6d:4e:b4:07:60:52:37:06:ca:92:24:80:68:
c6:60:8b:81:8f:f7:89:c3:ef:02:65:3f:fe:da:ae:
cb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B4:9D:0F:A6:3A:4A:D5:E5:71:E3:C3:81:31:BA:23:4E:30:9F:E3
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/FA93EF928B1311EF86EFF756C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.62.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:25:4c:1f:2b:50:ef:ff:44:94:bb:08:ff:4a:4a:7d:af:22:
59:ff:f9:6b:2e:e0:64:cd:fb:11:a2:91:2b:ef:52:35:39:d3:
d2:0a:15:4d:c1:c0:c3:9d:9a:4d:eb:e9:ee:b9:17:29:de:77:
86:0a:fb:fa:75:af:b5:b5:02:41:56:5e:63:95:a8:bd:e5:cb:
5a:7e:ea:bb:a7:9a:73:39:6c:91:b5:31:fa:f2:a0:53:b3:17:
dd:46:16:00:4a:25:f3:3e:3e:8c:a3:22:47:8f:85:23:ec:90:
6b:d9:f2:c6:32:7f:de:d7:c8:d1:08:07:6b:79:cc:2b:bd:1b:
85:dc:fa:15:ef:3e:00:f7:fe:60:57:de:7c:fc:0b:54:6d:c0:
b3:d2:13:80:e8:88:22:8e:f2:12:23:3a:bf:ae:b2:ca:4d:08:
6b:f0:f1:41:70:3d:aa:7a:45:39:7e:82:80:d2:c1:3b:f6:aa:
ea:26:88:8c:87:33:7a:e3:8b:66:3d:7e:13:9c:e7:41:48:8d:
5c:da:9b:39:ee:fc:98:67:44:03:51:88:fe:92:0f:f9:70:13:
d2:6e:cb:4c:e1:4e:50:94:05:00:9e:29:af:6a:21:3f:62:15:
d4:31:fe:bc:bd:11:11:09:af:91:e6:3c:d9:2d:1d:05:0a:09:
dc:ff:88:16
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQxMDE1MTY0MDI3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzBlOWFmYi1lNmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Qxzni4tN/vU2Z/25I5VzwWMfEoLlDG0U0NTXg3/NrdsI5tngNUjTSMDOYKl
UiBfFwoa48bPpROgPwZ3OE87l83aatKpp5CqX/VR1p4oVqzAPP3o2UqmoB69BKma
wiD0PxthCY05DT6ohPSU8YoyIXm8R/qahpSPHZPwPsqjDfbL8metP2ZQTGQwgY4U
byoHMbZmzohzeszZ2OZsSmf8R1DckK6qP4DiWUICWjxsvqgU1k5CZYoaE6eEdiEN
G2SGv3/VXfbEW0L4F0qGUQhIU11aU5cJUzxESfsHTCV6pUsHhm1OtAdgUjcGypIk
gGjGYIuBj/eJw+8CZT/+2q7LXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGa0nQ+m
OkrV5XHjw4ExuiNOMJ/jMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvRkE5M0VGOTI4
QjEzMTFFRjg2RUZGNzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAE7mD4wDQYJKoZIhvcNAQELBQADggEBAI0lTB8rUO//RJS7
CP9KSn2vIln/+Wsu4GTN+xGikSvvUjU509IKFU3BwMOdmk3r6e65Fyned4YK+/p1
r7W1AkFWXmOVqL3ly1p+6runmnM5bJG1MfryoFOzF91GFgBKJfM+PoyjIkePhSPs
kGvZ8sYyf97XyNEIB2t5zCu9G4Xc+hXvPgD3/mBX3nz8C1RtwLPSE4DoiCKO8hIj
Or+usspNCGvw8UFwPap6RTl+goDSwTv2quomiIyHM3rji2Y9fhOc50FIjVzamznu
/JhnRANRiP6SD/lwE9Juy0zhTlCUBQCeKa9qIT9iFdQx/ry9EREJr5HmPNktHQUK
Cdz/iBY=
-----END CERTIFICATE-----
Generated at Mon Nov 18 18:41:01 2024 by rpki-client on console-fra.rpki-client.org