Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/FC71E56A045611EF95844134C4F9AE02.roa
File: FC71E56A045611EF95844134C4F9AE02.roa (raw, json)
Hash identifier: bbsa67T8K2oMtms+T+FywcOuH28X60dxMn/Zb2eumSY=
Subject key identifier: AB:42:FD:25:74:35:26:A3:FC:84:EB:55:02:66:EB:B0:99:F4:36:5F
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0BAE
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/FC71E56A045611EF95844134C4F9AE02.roa
Signing time: Sat 27 Apr 2024 05:28:32 +0000
ROA not before: Sat 27 Apr 2024 05:28:32 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 38026
IP address blocks: 59.152.60.0/24 maxlen: 24
59.152.61.0/24 maxlen: 24
59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
103.205.181.0/24 maxlen: 24
103.205.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Apr 2024 16:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2990 (0xbae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Apr 27 05:28:32 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=662c8d00-9cc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f9:a3:3c:da:15:ca:07:eb:44:21:8e:92:c3:
1f:36:e8:d2:82:9d:ea:93:26:5e:3f:31:51:5f:dd:
02:7f:04:b7:b6:33:3a:38:02:64:b7:c4:0b:6c:fe:
00:f0:5a:57:d9:38:06:0a:e5:2b:bb:6b:38:61:85:
79:82:4b:65:2b:bc:27:21:25:53:84:74:2a:91:97:
03:44:ff:08:cf:b8:4b:cc:d7:aa:d6:29:da:4a:50:
ef:ae:2d:75:17:0a:a9:0c:4a:88:ea:52:b0:22:17:
66:5d:96:8a:d8:ef:d2:4a:6d:ae:d8:0b:3a:26:b6:
ef:99:b7:f9:22:6c:24:f6:00:91:c4:81:57:1a:7a:
d4:91:e1:1d:90:10:32:35:6d:ec:75:54:60:a5:7d:
6b:c5:99:c7:87:1b:2c:67:35:d5:62:8a:21:8b:09:
8a:6f:69:fd:e6:c9:e3:1d:0b:a0:24:eb:4e:ce:5d:
a0:91:30:aa:c7:22:a1:3a:ec:5f:11:1c:a3:38:50:
b1:9e:cd:e1:2b:2f:eb:fb:63:ca:bc:d0:a9:a9:40:
79:cb:a1:2c:b8:92:fc:72:f9:64:d4:1e:29:1c:8b:
69:58:1a:4e:5d:d5:e3:14:fb:4c:a0:80:d7:98:ca:
c8:fb:f3:74:6e:a3:7f:1c:76:ae:98:be:cc:48:a7:
b1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:42:FD:25:74:35:26:A3:FC:84:EB:55:02:66:EB:B0:99:F4:36:5F
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/FC71E56A045611EF95844134C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.60.0/22
103.205.181.0/24
103.205.183.0/24
Signature Algorithm: sha256WithRSAEncryption
44:06:eb:e1:ef:c8:85:a5:c5:2b:21:94:d0:ea:85:86:f6:fa:
4c:a0:51:97:35:a7:40:32:4a:cf:9b:25:04:9f:ad:ce:88:f0:
be:76:14:7a:f1:aa:66:37:14:b5:e9:58:a1:13:db:2e:bc:31:
f7:16:e3:a3:93:da:28:08:37:b0:d0:04:3e:9a:b2:bb:4e:fa:
66:e2:7d:51:14:c9:47:0a:9a:b1:03:c8:54:bc:06:83:0e:21:
af:a1:14:80:6a:00:b4:dc:cd:34:a7:2d:93:ce:d3:ec:fa:18:
00:6e:f4:42:be:c1:cb:66:1f:15:68:21:7c:0c:ac:71:b3:44:
1d:79:30:57:5a:7f:bb:2b:83:ee:9b:cd:b0:6a:8b:95:04:13:
96:7c:9d:fb:13:f7:2a:2d:22:8c:53:98:86:68:75:bd:da:85:
51:0e:34:13:52:dc:ae:92:30:ae:a6:3e:67:b6:76:10:ae:41:
f6:0a:85:e8:85:8f:2a:24:f8:78:17:a1:e0:54:bf:ff:3e:6a:
ab:b4:74:9f:90:49:24:ea:3e:ad:ed:f8:da:7c:ca:0c:76:91:
20:1d:24:9b:83:22:44:94:4e:d6:ec:b8:8c:8d:c5:2c:bc:91:
9c:94:e9:0f:9f:92:c3:e0:03:14:12:31:d7:e8:30:e7:d4:eb:
9a:6a:a4:fe
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICC64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwNDI3MDUyODMyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJjOGQwMC05Y2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsvmjPNoVygfrRCGOksMfNujSgp3qkyZePzFRX90CfwS3tjM6OAJkt8QLbP4A
8FpX2TgGCuUru2s4YYV5gktlK7wnISVThHQqkZcDRP8Iz7hLzNeq1inaSlDvri11
FwqpDEqI6lKwIhdmXZaK2O/SSm2u2As6Jrbvmbf5Imwk9gCRxIFXGnrUkeEdkBAy
NW3sdVRgpX1rxZnHhxssZzXVYoohiwmKb2n95snjHQugJOtOzl2gkTCqxyKhOuxf
ERyjOFCxns3hKy/r+2PKvNCpqUB5y6EsuJL8cvlk1B4pHItpWBpOXdXjFPtMoIDX
mMrI+/N0bqN/HHaumL7MSKextQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKtC/SV0
NSaj/ITrVQJm67CZ9DZfMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvRkM3MUU1NkEw
NDU2MTFFRjk1ODQ0MTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAI7mDwDBABnzbUDBABnzbcwDQYJKoZIhvcNAQELBQADggEB
AEQG6+HvyIWlxSshlNDqhYb2+kygUZc1p0AySs+bJQSfrc6I8L52FHrxqmY3FLXp
WKET2y68MfcW46OT2igIN7DQBD6asrtO+mbifVEUyUcKmrEDyFS8BoMOIa+hFIBq
ALTczTSnLZPO0+z6GABu9EK+wctmHxVoIXwMrHGzRB15MFdaf7srg+6bzbBqi5UE
E5Z8nfsT9yotIoxTmIZodb3ahVEONBNS3K6SMK6mPme2dhCuQfYKheiFjyok+HgX
oeBUv/8+aqu0dJ+QSSTqPq3t+Np8ygx2kSAdJJuDIkSUTtbsuIyNxSy8kZyU6Q+f
ksPgAxQSMdfoMOfU65pqpP4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org