Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/8C9D985C1E2D11EE9670AA22C4F9AE02.roa
File: 8C9D985C1E2D11EE9670AA22C4F9AE02.roa (raw, json)
Hash identifier: BsjxqwxHUCptUNyuybuXDQu2N4Xm6NCzbIfKpMSZm4I=
Subject key identifier: 2A:0D:8B:05:2E:E2:D1:18:E2:0C:90:11:4C:CF:B3:DF:1A:4A:7B:91
Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial: 20B4
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/8C9D985C1E2D11EE9670AA22C4F9AE02.roa
Signing time: Sun 09 Jul 2023 07:52:28 +0000
ROA not before: Sun 09 Jul 2023 07:52:28 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 132352
IP address blocks: 59.153.200.0/22 maxlen: 24
103.57.20.0/22 maxlen: 24
2402:5380::/32 maxlen: 40
2402:5381::/32 maxlen: 40
Validation: Failed, certificate revoked on Sun 09 Jul 2023 08:12:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8372 (0x20b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Validity
Not Before: Jul 9 07:52:28 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64aa673b-fe67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:85:4a:11:b6:19:b2:6f:c0:a9:fc:8a:6d:c9:
13:a4:ea:2a:ed:ce:91:85:5a:bd:79:8f:53:74:b7:
13:55:a5:38:e9:98:75:3f:77:63:1c:b9:85:e8:64:
47:96:05:00:11:56:1d:f2:34:07:c0:e7:94:66:a3:
26:ed:aa:35:ef:a8:0d:c1:31:8e:f7:97:3a:53:2d:
bd:e6:33:fd:32:5c:3e:d0:cd:dd:5c:77:a8:5a:e7:
6f:73:73:7f:83:9e:56:01:61:11:2f:9b:98:e3:af:
78:aa:d7:e4:b2:4b:fa:96:ac:42:a4:ee:de:22:0f:
63:b3:22:c5:54:6c:c8:dc:cb:43:d2:9f:dd:fe:59:
30:81:24:a0:03:3b:7c:81:14:42:cd:a6:ba:42:3f:
cf:99:88:da:92:73:3a:21:15:d4:0e:84:a8:f1:59:
2d:97:21:f1:63:0c:5a:d7:6e:75:43:0d:da:b0:e5:
77:d0:9f:21:51:e4:6e:da:a5:f3:33:6d:56:22:0a:
2c:2c:13:ca:12:27:ce:aa:0b:82:39:4a:6b:38:1a:
e5:94:c6:03:d2:91:bf:25:52:1d:2d:13:fd:fa:d4:
d3:ec:b8:47:d0:78:00:45:a0:0c:b6:a6:5e:40:ef:
c1:66:53:9f:9d:c9:f9:e2:1a:ab:3e:ed:f9:af:80:
21:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0D:8B:05:2E:E2:D1:18:E2:0C:90:11:4C:CF:B3:DF:1A:4A:7B:91
X509v3 Authority Key Identifier:
keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/8C9D985C1E2D11EE9670AA22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.200.0/22
103.57.20.0/22
IPv6:
2402:5380::/31
Signature Algorithm: sha256WithRSAEncryption
c9:06:9a:28:ff:ff:dc:ea:2c:64:85:d6:f2:15:c4:ba:4c:de:
16:a3:c6:3b:a0:94:3c:63:ac:24:70:9a:58:49:55:7a:e4:88:
18:11:9e:c2:67:0e:ea:e5:73:b6:6f:a0:04:e3:be:cf:92:91:
ce:a3:82:cd:52:d8:96:90:c0:c8:6a:c3:be:e6:f5:28:78:80:
b9:b5:c9:2e:5a:a4:67:25:95:9b:20:64:e8:4b:92:dc:0f:13:
ad:5a:43:fd:d8:2c:84:39:69:5d:f9:d1:90:b5:03:a0:53:4e:
ef:b2:a1:22:ad:52:30:ca:cf:5e:d6:16:8a:69:da:1b:a6:16:
1d:8e:a5:ee:85:f9:d3:25:5c:04:6a:11:9e:e5:50:34:4a:58:
ae:c7:dd:c7:9b:4b:98:39:5f:3f:88:44:f9:7a:58:42:ff:36:
94:cf:12:e8:54:f0:e0:d1:af:d5:71:38:ff:f0:0b:b6:3e:be:
f6:fe:67:c4:21:4c:e5:38:f7:27:26:ab:89:7f:82:05:6c:fa:
52:91:a7:4a:c1:38:9e:f2:8e:0f:e1:ee:6f:2a:fd:23:41:64:
45:a6:a2:81:18:1e:45:71:14:52:33:46:95:4a:d3:72:ee:e6:
7c:b3:fe:73:8e:f4:04:3a:af:d0:31:71:19:f0:47:f3:9f:6e:
e7:d5:55:d3
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICILQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjMwNzA5MDc1MjI4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFhNjczYi1mZTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxoVKEbYZsm/AqfyKbckTpOoq7c6RhVq9eY9TdLcTVaU46Zh1P3djHLmF6GRH
lgUAEVYd8jQHwOeUZqMm7ao176gNwTGO95c6Uy295jP9Mlw+0M3dXHeoWudvc3N/
g55WAWERL5uY4694qtfkskv6lqxCpO7eIg9jsyLFVGzI3MtD0p/d/lkwgSSgAzt8
gRRCzaa6Qj/PmYjaknM6IRXUDoSo8VktlyHxYwxa1251Qw3asOV30J8hUeRu2qXz
M21WIgosLBPKEifOqguCOUprOBrllMYD0pG/JVIdLRP9+tTT7LhH0HgARaAMtqZe
QO/BZlOfncn54hqrPu35r4AhwwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFCoNiwUu
4tEY4gyQEUzPs98aSnuRMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvOEM5RDk4NUMx
RTJEMTFFRTk2NzBBQTIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAI7mcgDBAJnORQwDQQCAAIwBwMFASQCU4AwDQYJKoZIhvcN
AQELBQADggEBAMkGmij//9zqLGSF1vIVxLpM3hajxjuglDxjrCRwmlhJVXrkiBgR
nsJnDurlc7ZvoATjvs+Skc6jgs1S2JaQwMhqw77m9Sh4gLm1yS5apGcllZsgZOhL
ktwPE61aQ/3YLIQ5aV350ZC1A6BTTu+yoSKtUjDKz17WFopp2humFh2Ope6F+dMl
XARqEZ7lUDRKWK7H3cebS5g5Xz+IRPl6WEL/NpTPEuhU8ODRr9VxOP/wC7Y+vvb+
Z8QhTOU49ycmq4l/ggVs+lKRp0rBOJ7yjg/h7m8q/SNBZEWmooEYHkVxFFIzRpVK
03Lu5nyz/nOO9AQ6r9AxcRnwR/OfbufVVdM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org