Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/25C5A8941E3311EEB45C9457C4F9AE02.roa
File: 25C5A8941E3311EEB45C9457C4F9AE02.roa (raw, json)
Hash identifier: GxOKuHLG5QF9t4Uv6x1vVX14987XULmhSOdf1344nAo=
Subject key identifier: 86:02:37:A7:FA:2C:DE:D3:F8:00:A1:BE:DF:22:4B:8C:C1:59:91:02
Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial: 20B7
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/25C5A8941E3311EEB45C9457C4F9AE02.roa
Signing time: Sun 09 Jul 2023 08:32:32 +0000
ROA not before: Sun 09 Jul 2023 08:32:32 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 132352
IP address blocks: 59.153.200.0/22 maxlen: 24
103.57.20.0/22 maxlen: 24
2402:5380::/32 maxlen: 40
2402:5381::/32 maxlen: 40
Validation: Failed, certificate revoked on Sun 09 Jul 2023 10:32:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8375 (0x20b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Validity
Not Before: Jul 9 08:32:32 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64aa70a0-9b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:98:a1:eb:03:51:32:59:fa:8f:ed:f5:dc:04:
91:82:bc:27:f2:fd:ea:26:4d:a5:aa:c6:c1:10:93:
a1:17:c1:0a:44:d1:50:5a:cb:bd:ad:c1:9a:5d:ee:
e8:5c:09:e4:fd:c6:47:17:48:c9:0d:8c:83:00:a5:
22:88:b4:f8:21:59:77:fc:8c:2d:cc:72:ce:76:b8:
76:b5:07:1f:5d:13:fe:b6:ae:76:d9:f8:ff:6c:46:
e3:37:24:64:e6:20:22:9b:21:97:17:9d:2c:88:ea:
6e:61:c1:f0:f1:8a:bc:46:e8:17:34:d1:13:79:00:
8e:60:14:7d:05:f3:9b:a9:41:44:e9:45:d6:9c:36:
87:99:48:9d:57:21:e6:47:e9:14:94:22:0b:dd:d9:
34:4b:1f:43:82:5a:14:c3:7e:13:f8:aa:a0:d6:fb:
3a:ac:3b:2f:ee:c1:ab:19:d8:42:2c:98:bf:1f:18:
72:0e:25:21:10:bc:16:27:aa:1a:70:13:b7:f3:d8:
09:c4:46:d0:6e:e8:3a:28:a2:0d:39:e4:2b:49:2a:
c5:65:a8:0a:c0:51:e9:b5:dc:3f:75:ec:a3:d9:d7:
a4:33:b2:90:eb:35:96:00:8c:9a:f4:f0:5f:c9:88:
ee:e8:01:f4:31:f7:5a:40:a7:8c:4f:bf:53:f9:d5:
00:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:02:37:A7:FA:2C:DE:D3:F8:00:A1:BE:DF:22:4B:8C:C1:59:91:02
X509v3 Authority Key Identifier:
keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/25C5A8941E3311EEB45C9457C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.200.0/22
103.57.20.0/22
IPv6:
2402:5380::/31
Signature Algorithm: sha256WithRSAEncryption
1f:f2:be:97:ef:c0:3b:60:f5:40:ed:53:65:cb:81:2c:8e:9f:
b5:24:65:87:e2:f0:39:c1:4e:30:df:09:6e:5b:89:20:52:ab:
3a:fa:ef:4b:44:f0:15:5d:3e:e5:31:95:68:0f:7e:8d:a5:44:
9f:8f:f7:4c:0b:22:1d:3a:fd:8a:7d:61:bf:54:90:37:1d:6d:
2a:5e:f4:cd:79:ff:dc:da:9a:f4:a4:b0:76:a1:9e:9d:d7:05:
49:b9:b7:89:89:ef:6b:7e:83:07:77:48:ce:23:5c:a2:dc:af:
79:0f:7a:94:05:b6:be:9a:91:79:11:9f:09:67:5f:a1:d3:c0:
5f:4e:2b:14:29:ec:56:6a:ca:b5:52:a5:9c:6b:5b:c0:be:9e:
0e:f0:fc:ef:7a:75:de:44:c4:19:f0:a3:62:52:0a:96:ae:cb:
45:b7:f8:30:ab:f7:38:b8:e4:d7:f9:f8:7d:bc:ed:9b:20:a8:
37:56:8d:cd:ef:62:15:59:0c:8e:ca:ef:40:56:76:4a:a7:7d:
61:74:c8:90:60:ee:d6:5b:e4:c9:40:e0:e2:4d:9f:c8:18:f5:
af:c6:e5:7b:e0:77:b6:f7:95:93:64:76:4d:ba:8e:9e:c1:fb:
cf:a6:3f:ed:dc:8e:4b:15:d1:76:dd:dd:1e:d6:70:ce:6d:20:
b9:65:84:5e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICILcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjMwNzA5MDgzMjMyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFhNzBhMC05YjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApJih6wNRMln6j+313ASRgrwn8v3qJk2lqsbBEJOhF8EKRNFQWsu9rcGaXe7o
XAnk/cZHF0jJDYyDAKUiiLT4IVl3/IwtzHLOdrh2tQcfXRP+tq522fj/bEbjNyRk
5iAimyGXF50siOpuYcHw8Yq8RugXNNETeQCOYBR9BfObqUFE6UXWnDaHmUidVyHm
R+kUlCIL3dk0Sx9DgloUw34T+Kqg1vs6rDsv7sGrGdhCLJi/HxhyDiUhELwWJ6oa
cBO389gJxEbQbug6KKINOeQrSSrFZagKwFHptdw/deyj2dekM7KQ6zWWAIya9PBf
yYju6AH0MfdaQKeMT79T+dUAdQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIYCN6f6
LN7T+AChvt8iS4zBWZECMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvMjVDNUE4OTQx
RTMzMTFFRUI0NUM5NDU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAI7mcgDBAJnORQwDQQCAAIwBwMFASQCU4AwDQYJKoZIhvcN
AQELBQADggEBAB/yvpfvwDtg9UDtU2XLgSyOn7UkZYfi8DnBTjDfCW5biSBSqzr6
70tE8BVdPuUxlWgPfo2lRJ+P90wLIh06/Yp9Yb9UkDcdbSpe9M15/9zamvSksHah
np3XBUm5t4mJ72t+gwd3SM4jXKLcr3kPepQFtr6akXkRnwlnX6HTwF9OKxQp7FZq
yrVSpZxrW8C+ng7w/O96dd5ExBnwo2JSCpauy0W3+DCr9zi45Nf5+H287ZsgqDdW
jc3vYhVZDI7K70BWdkqnfWF0yJBg7tZb5MlA4OJNn8gY9a/G5Xvgd7b3lZNkdk26
jp7B+8+mP+3cjksV0Xbd3R7WcM5tILllhF4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org