Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/E8E67AF01E4311EE9E9CDC55C4F9AE02.roa
File: E8E67AF01E4311EE9E9CDC55C4F9AE02.roa (raw, json)
Hash identifier: X5RM9U/2/47/KcaiJ3PGG/MFIP39GZBpM1HVwM3Bd/U=
Subject key identifier: 55:CB:86:6B:3B:B7:B1:7C:2A:AB:34:05:DC:6D:90:6F:B6:85:A4:47
Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial: 20BB
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/E8E67AF01E4311EE9E9CDC55C4F9AE02.roa
Signing time: Sun 09 Jul 2023 10:52:28 +0000
ROA not before: Sun 09 Jul 2023 10:52:28 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 132352
IP address blocks: 59.153.200.0/22 maxlen: 24
103.57.20.0/22 maxlen: 24
2402:5380::/32 maxlen: 36
2402:5380::/33 maxlen: 40
2402:5380:8000::/34 maxlen: 40
2402:5380:c000::/35 maxlen: 40
2402:5380:e000::/36 maxlen: 40
2402:5380:f000::/37 maxlen: 37
2402:5380:f000::/38 maxlen: 38
2402:5380:f000::/39 maxlen: 40
2402:5381::/32 maxlen: 37
2402:5381::/33 maxlen: 40
2402:5381:8000::/34 maxlen: 40
2402:5381:c000::/35 maxlen: 40
2402:5381:e000::/36 maxlen: 40
2402:5381:f000::/37 maxlen: 40
2402:5381:f800::/38 maxlen: 38
2402:5381:f800::/39 maxlen: 39
2402:5381:f800::/40 maxlen: 40
Validation: Failed, certificate revoked on Sun 09 Jul 2023 11:12:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8379 (0x20bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Validity
Not Before: Jul 9 10:52:28 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64aa916c-69a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ce:d7:d1:87:86:bc:1c:8f:01:1a:8a:93:42:
e7:bf:7b:79:b5:d9:ea:f4:86:b6:c4:e8:87:65:55:
16:a6:60:11:95:3b:cb:80:6c:50:f0:94:79:1e:25:
df:81:6a:bc:6d:d4:30:96:16:a8:b7:99:83:05:44:
35:28:99:0a:1d:f7:73:61:3d:0a:08:3b:58:a0:d5:
d0:74:45:5b:22:00:1f:62:55:08:7e:d0:71:a5:95:
ad:41:ae:80:12:4c:fa:e7:1f:4e:fc:e1:ba:b2:aa:
fb:de:1c:05:26:35:19:97:37:df:8c:6e:83:00:d7:
da:25:99:6e:5d:48:98:f1:bf:a1:4a:94:c8:2c:72:
4c:8f:15:02:0e:22:25:cd:a0:b9:b6:e6:41:60:bf:
c6:b0:4d:20:a7:00:2f:c8:21:c3:5d:c0:21:39:2b:
79:52:11:26:9f:85:76:fb:f7:b2:13:b2:ca:8c:db:
14:a4:22:49:cc:63:02:88:3e:5f:60:ed:81:4f:90:
40:a6:84:18:36:fc:26:06:bf:eb:d4:ff:4f:90:cc:
e6:23:40:4d:04:ba:53:55:f9:93:66:b8:63:f3:40:
fb:59:b3:57:3b:0a:cd:74:6e:89:e2:1c:e9:69:4f:
8a:12:e3:db:8e:d0:4e:1f:71:72:ee:65:09:0d:c1:
34:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:CB:86:6B:3B:B7:B1:7C:2A:AB:34:05:DC:6D:90:6F:B6:85:A4:47
X509v3 Authority Key Identifier:
keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/E8E67AF01E4311EE9E9CDC55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.200.0/22
103.57.20.0/22
IPv6:
2402:5380::/31
Signature Algorithm: sha256WithRSAEncryption
55:9d:5b:6b:ee:76:33:02:8a:f4:68:b2:04:7f:d4:78:3d:9d:
64:1c:23:a7:dc:b7:13:5d:28:c1:fe:b6:e8:9d:de:08:0f:a9:
64:8f:95:85:b1:b4:bf:ad:3f:39:1d:80:c4:2f:d9:1b:69:b7:
2e:a8:a6:d3:f6:0f:4c:77:6b:f3:d2:07:56:c0:c5:c6:68:0e:
e7:93:b6:d4:ac:5a:bb:ad:4f:9a:82:9c:e3:81:74:45:a8:e5:
e4:d1:21:50:81:ed:1d:62:2b:88:43:27:c5:b4:69:48:b0:13:
a7:d1:ee:ef:6a:a7:4d:63:b5:85:ca:00:2b:3b:ca:af:b3:75:
73:53:c3:0b:54:29:4c:cd:43:6f:47:82:a4:3a:5e:98:6d:65:
8e:5f:eb:c7:10:3f:37:65:6f:88:c3:77:8b:79:38:a1:ec:1a:
16:55:69:47:2c:55:17:f3:71:a0:5b:e5:55:d4:31:fb:58:01:
64:ae:f6:2b:e2:c2:04:17:d7:be:18:db:43:6a:01:0b:b1:3c:
ea:25:87:49:72:b7:98:4a:da:c0:6c:7b:c8:0b:14:d4:c3:b0:
23:d5:98:6f:01:82:b7:c6:37:55:b8:95:a0:9a:2a:ef:ab:7e:
fc:14:a1:f5:23:22:af:60:c4:17:79:40:79:63:e3:cb:6e:4c:
82:e5:6a:ce
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICILswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjMwNzA5MTA1MjI4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFhOTE2Yy02OWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAps7X0YeGvByPARqKk0Lnv3t5tdnq9Ia2xOiHZVUWpmARlTvLgGxQ8JR5HiXf
gWq8bdQwlhaot5mDBUQ1KJkKHfdzYT0KCDtYoNXQdEVbIgAfYlUIftBxpZWtQa6A
Ekz65x9O/OG6sqr73hwFJjUZlzffjG6DANfaJZluXUiY8b+hSpTILHJMjxUCDiIl
zaC5tuZBYL/GsE0gpwAvyCHDXcAhOSt5UhEmn4V2+/eyE7LKjNsUpCJJzGMCiD5f
YO2BT5BApoQYNvwmBr/r1P9PkMzmI0BNBLpTVfmTZrhj80D7WbNXOwrNdG6J4hzp
aU+KEuPbjtBOH3Fy7mUJDcE0zQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFXLhms7
t7F8Kqs0BdxtkG+2haRHMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvRThFNjdBRjAx
RTQzMTFFRTlFOUNEQzU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAI7mcgDBAJnORQwDQQCAAIwBwMFASQCU4AwDQYJKoZIhvcN
AQELBQADggEBAFWdW2vudjMCivRosgR/1Hg9nWQcI6fctxNdKMH+tuid3ggPqWSP
lYWxtL+tPzkdgMQv2Rtpty6optP2D0x3a/PSB1bAxcZoDueTttSsWrutT5qCnOOB
dEWo5eTRIVCB7R1iK4hDJ8W0aUiwE6fR7u9qp01jtYXKACs7yq+zdXNTwwtUKUzN
Q29HgqQ6XphtZY5f68cQPzdlb4jDd4t5OKHsGhZVaUcsVRfzcaBb5VXUMftYAWSu
9iviwgQX174Y20NqAQuxPOolh0lyt5hK2sBse8gLFNTDsCPVmG8BgrfGN1W4laCa
Ku+rfvwUofUjIq9gxBd5QHlj48tuTILlas4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org