Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/6DB43D527D7811ED80E9B955C4F9AE02.roa
File: 6DB43D527D7811ED80E9B955C4F9AE02.roa (raw, json)
Hash identifier: gZItT4W3d8HDIXAHT+Iv3hMl6L+D2j/G+XzyHSY/b0M=
Subject key identifier: 3A:D6:40:69:5D:71:32:8D:B1:AB:70:B7:BD:D6:85:2F:04:49:9E:4A
Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial: 2036
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/6DB43D527D7811ED80E9B955C4F9AE02.roa
Signing time: Fri 16 Dec 2022 19:32:51 +0000
ROA not before: Fri 16 Dec 2022 19:32:51 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 132352
IP address blocks: 59.153.200.0/22 maxlen: 25
103.57.20.0/22 maxlen: 25
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8246 (0x2036)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Validity
Not Before: Dec 16 19:32:51 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=639cc7e3-0521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4d:55:23:a0:c3:14:5e:33:29:2e:38:15:96:
05:a8:b9:ad:74:63:1b:30:68:24:f3:44:54:e5:7a:
e2:b8:0b:15:e7:64:55:79:84:7b:e4:c6:81:ea:25:
93:0f:b1:0a:37:e8:5e:9c:12:3d:9e:66:dc:dd:24:
78:ac:66:92:4f:cd:f9:b7:d1:82:94:01:74:8f:4e:
6a:65:02:b0:3f:c3:f6:50:4e:bf:e1:9c:e9:94:2b:
34:de:fd:2b:da:14:43:e2:cf:57:84:48:06:d8:e0:
cc:94:bc:4f:18:b2:f9:6f:fd:62:7c:40:5d:d8:80:
46:bd:0b:0d:da:e4:48:f4:fc:c6:d1:17:0d:cf:58:
e8:b9:e0:f4:e0:1f:3f:fa:72:dc:6b:92:43:6d:5d:
b3:e1:41:4b:c7:ae:4e:b8:85:5f:5e:7b:87:af:69:
4c:49:59:e3:70:d1:98:bc:f8:5c:e4:d0:04:c1:c5:
b0:c0:a0:77:0f:c5:22:a0:ca:09:76:e5:72:72:9a:
a5:54:4b:69:f4:17:98:49:28:3e:e8:29:4c:4a:1b:
ac:a3:ad:0e:69:0e:93:f1:0d:95:50:28:bb:2b:dc:
c3:55:f3:e8:3c:80:75:83:0a:7e:30:0e:17:34:79:
3f:bd:a8:90:20:e8:d4:4f:bb:93:7f:04:5a:37:df:
36:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D6:40:69:5D:71:32:8D:B1:AB:70:B7:BD:D6:85:2F:04:49:9E:4A
X509v3 Authority Key Identifier:
keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/6DB43D527D7811ED80E9B955C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.200.0/22
103.57.20.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:10:4f:84:71:04:cb:80:91:b7:5e:15:dc:45:eb:65:09:3d:
fb:19:70:78:3e:e1:c2:ea:74:32:5b:10:35:44:1d:b0:43:e9:
f2:12:43:98:7e:92:44:6e:13:b4:76:53:5d:b8:fd:21:56:3e:
2c:f0:50:38:85:11:2e:e4:83:f5:ae:ad:d9:df:49:9e:98:25:
5b:7d:d7:df:7d:1c:f1:95:62:e3:81:97:94:c7:62:1e:6f:23:
e4:b2:e2:cf:04:15:fe:61:03:1f:37:8b:e8:e1:58:d7:3f:a8:
82:2d:ff:1a:be:d6:a1:57:c5:20:44:85:89:d3:92:b1:47:ce:
c8:c9:19:37:e4:e7:11:49:d3:e5:24:11:ef:54:ed:aa:e6:52:
30:fb:b2:82:fb:ab:24:55:cb:3e:0d:4d:6f:15:db:8d:33:2b:
3d:12:68:cc:71:f5:26:be:55:6e:e9:47:79:cf:86:e8:6a:ef:
36:43:ad:fa:5f:db:f4:b3:42:fa:11:45:89:09:96:10:16:ac:
5a:89:02:55:c7:e4:50:91:14:34:c3:fc:73:9e:09:68:18:3f:
01:09:aa:c8:a6:28:af:1d:63:b2:49:09:d5:43:14:c4:96:41:
ec:0c:98:91:8a:60:b9:95:d1:08:ed:e0:ba:2b:12:30:14:dd:
d9:44:d4:2a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICIDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjIxMjE2MTkzMjUxWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzljYzdlMy0wNTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwk1VI6DDFF4zKS44FZYFqLmtdGMbMGgk80RU5XriuAsV52RVeYR75MaB6iWT
D7EKN+henBI9nmbc3SR4rGaST835t9GClAF0j05qZQKwP8P2UE6/4ZzplCs03v0r
2hRD4s9XhEgG2ODMlLxPGLL5b/1ifEBd2IBGvQsN2uRI9PzG0RcNz1joueD04B8/
+nLca5JDbV2z4UFLx65OuIVfXnuHr2lMSVnjcNGYvPhc5NAEwcWwwKB3D8UioMoJ
duVycpqlVEtp9BeYSSg+6ClMShuso60OaQ6T8Q2VUCi7K9zDVfPoPIB1gwp+MA4X
NHk/vaiQIOjUT7uTfwRaN9828QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDrWQGld
cTKNsatwt73WhS8ESZ5KMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvNkRCNDNENTI3
RDc4MTFFRDgwRTlCOTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAI7mcgDBAJnORQwDQYJKoZIhvcNAQELBQADggEBAH0QT4Rx
BMuAkbdeFdxF62UJPfsZcHg+4cLqdDJbEDVEHbBD6fISQ5h+kkRuE7R2U124/SFW
PizwUDiFES7kg/WurdnfSZ6YJVt91999HPGVYuOBl5THYh5vI+Sy4s8EFf5hAx83
i+jhWNc/qIIt/xq+1qFXxSBEhYnTkrFHzsjJGTfk5xFJ0+UkEe9U7armUjD7soL7
qyRVyz4NTW8V240zKz0SaMxx9Sa+VW7pR3nPhuhq7zZDrfpf2/SzQvoRRYkJlhAW
rFqJAlXH5FCRFDTD/HOeCWgYPwEJqsimKK8dY7JJCdVDFMSWQewMmJGKYLmV0Qjt
4LorEjAU3dlE1Co=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org