Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/F7DF5E441E2711EEAF793A7DC4F9AE02.roa
File: F7DF5E441E2711EEAF793A7DC4F9AE02.roa (raw, json)
Hash identifier: eVTPlrNAqGMa1B7npFYpbQhY7c8gzY3HVfY8ykesunI=
Subject key identifier: A6:2A:DC:80:8A:A2:8A:19:4F:0B:70:2E:21:C9:09:6A:99:57:0A:BE
Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial: 20B2
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/F7DF5E441E2711EEAF793A7DC4F9AE02.roa
Signing time: Sun 09 Jul 2023 07:32:28 +0000
ROA not before: Sun 09 Jul 2023 07:32:28 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 63980
IP address blocks: 59.153.200.0/22 maxlen: 24
103.57.20.0/22 maxlen: 24
2402:5380::/32 maxlen: 40
2402:5381::/32 maxlen: 40
Validation: Failed, certificate revoked on Sun 09 Jul 2023 15:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8370 (0x20b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Validity
Not Before: Jul 9 07:32:28 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64aa628c-a27b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:7e:0b:b3:62:a9:9f:85:f8:b3:f7:98:7b:1d:
8c:c6:cc:80:3d:73:6b:e6:dc:6c:65:8e:1b:10:e5:
8a:c4:1c:58:bc:ff:b7:ac:45:f3:f7:d2:e2:ce:b7:
8c:85:79:db:da:b3:c5:77:07:03:27:fa:66:d5:a1:
37:35:8f:7b:38:1b:6b:4c:e2:d4:15:f2:5d:81:9a:
99:37:4d:e6:bb:b1:a2:d7:3b:b5:4b:49:f7:a2:61:
14:92:25:74:bc:b3:d8:aa:33:56:05:39:d0:fe:a5:
8f:35:21:7e:f3:02:f8:fd:53:7b:46:82:df:31:05:
d4:e9:2d:29:d4:66:ff:45:99:36:9d:78:48:54:40:
b8:8a:ed:5d:2a:07:51:3c:6c:dd:74:08:9d:cc:8a:
69:30:03:42:4a:e0:5f:fe:3d:4a:43:15:d7:27:e6:
6d:8b:d1:5c:0d:cb:bd:ae:00:24:48:5f:20:a5:ed:
81:89:9b:e1:31:65:64:5e:5c:da:97:ea:ee:01:dc:
dd:1c:78:e8:2a:c1:94:3e:77:d9:9a:e7:5c:ad:3d:
f5:85:13:87:cc:9c:01:a9:01:8b:9d:04:03:8b:41:
fd:ef:2e:3e:10:da:70:c3:59:36:10:11:85:df:50:
c4:d5:9f:ca:26:f9:a1:0b:ec:2a:40:63:0c:02:b9:
f7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2A:DC:80:8A:A2:8A:19:4F:0B:70:2E:21:C9:09:6A:99:57:0A:BE
X509v3 Authority Key Identifier:
keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/F7DF5E441E2711EEAF793A7DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.200.0/22
103.57.20.0/22
IPv6:
2402:5380::/31
Signature Algorithm: sha256WithRSAEncryption
7b:ea:4a:f5:01:a8:2c:9e:3d:b2:80:c9:3b:8a:35:e4:0d:72:
11:30:85:94:86:06:81:07:87:45:9c:bb:e5:c4:9a:0f:fc:60:
f0:5b:ed:dd:fd:a5:78:2a:dd:5a:1f:f2:aa:5a:16:46:d5:cf:
66:df:d7:ea:83:9b:fe:d4:08:a5:69:26:3a:4b:78:5a:de:8b:
50:f5:59:fa:19:d2:c9:17:d2:f0:c7:eb:9b:3f:85:a4:71:9c:
58:0d:38:91:76:3a:08:fb:0b:26:82:06:88:03:16:6b:69:a5:
60:6c:9d:65:93:1c:0a:05:b3:ac:f8:84:b7:91:5a:ec:c8:98:
f8:a2:ff:f2:94:0d:ad:5b:d8:54:bb:9e:26:34:35:97:9b:98:
89:14:2e:52:7e:0c:f8:48:a2:82:d3:e1:68:2c:9e:d1:8c:88:
ac:42:d4:e5:61:d8:80:f0:ef:a9:ad:89:97:7d:d4:3c:49:48:
a0:8e:6e:18:f1:61:32:0b:b4:6b:ab:76:50:04:32:9c:70:b9:
d7:0e:a8:a9:9b:30:e4:35:4f:3d:2e:92:fa:9f:2d:82:50:d3:
1b:4a:5a:41:f4:ce:8b:b8:b1:cc:0f:2f:e7:cf:f4:ba:ef:31:
9a:4c:17:53:49:f9:8f:00:ed:cd:7e:89:5d:0a:7d:1e:62:60:
10:9c:68:bc
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICILIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjMwNzA5MDczMjI4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFhNjI4Yy1hMjdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8n4Ls2Kpn4X4s/eYex2MxsyAPXNr5txsZY4bEOWKxBxYvP+3rEXz99LizreM
hXnb2rPFdwcDJ/pm1aE3NY97OBtrTOLUFfJdgZqZN03mu7Gi1zu1S0n3omEUkiV0
vLPYqjNWBTnQ/qWPNSF+8wL4/VN7RoLfMQXU6S0p1Gb/RZk2nXhIVEC4iu1dKgdR
PGzddAidzIppMANCSuBf/j1KQxXXJ+Zti9FcDcu9rgAkSF8gpe2BiZvhMWVkXlza
l+ruAdzdHHjoKsGUPnfZmudcrT31hROHzJwBqQGLnQQDi0H97y4+ENpww1k2EBGF
31DE1Z/KJvmhC+wqQGMMArn36wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKYq3ICK
oooZTwtwLiHJCWqZVwq+MB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvRjdERjVFNDQx
RTI3MTFFRUFGNzkzQTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAI7mcgDBAJnORQwDQQCAAIwBwMFASQCU4AwDQYJKoZIhvcN
AQELBQADggEBAHvqSvUBqCyePbKAyTuKNeQNchEwhZSGBoEHh0Wcu+XEmg/8YPBb
7d39pXgq3Vof8qpaFkbVz2bf1+qDm/7UCKVpJjpLeFrei1D1WfoZ0skX0vDH65s/
haRxnFgNOJF2Ogj7CyaCBogDFmtppWBsnWWTHAoFs6z4hLeRWuzImPii//KUDa1b
2FS7niY0NZebmIkULlJ+DPhIooLT4WgsntGMiKxC1OVh2IDw76mtiZd91DxJSKCO
bhjxYTILtGurdlAEMpxwudcOqKmbMOQ1Tz0ukvqfLYJQ0xtKWkH0zou4scwPL+fP
9LrvMZpMF1NJ+Y8A7c1+iV0KfR5iYBCcaLw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org