Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/FF64AFE87D7D11EDB27D7071C4F9AE02.roa
File: FF64AFE87D7D11EDB27D7071C4F9AE02.roa (raw, json)
Hash identifier: yNGMz8CEFwritaH7ClyDnalEVVniv431v8iA0T+Y5uA=
Subject key identifier: 71:0A:F7:E5:F6:85:A8:35:F2:D4:09:DC:24:4D:45:1D:A4:13:AC:43
Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial: 203A
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/FF64AFE87D7D11EDB27D7071C4F9AE02.roa
Signing time: Fri 16 Dec 2022 20:12:43 +0000
ROA not before: Fri 16 Dec 2022 20:12:43 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 132352
IP address blocks: 59.153.200.0/22 maxlen: 24
103.57.20.0/22 maxlen: 24
2402:5380::/31 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8250 (0x203a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Validity
Not Before: Dec 16 20:12:43 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=639cd13b-ad42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:55:03:26:48:96:9e:5c:93:d7:aa:da:34:21:
25:27:1f:01:af:69:1f:d4:e2:a5:19:58:77:2e:1a:
e8:3b:78:34:da:ff:25:7b:ac:d5:be:c9:71:d4:27:
65:c4:1e:e3:36:3c:e4:ed:a9:24:06:83:a3:1d:dd:
35:b2:d4:9e:aa:72:b6:90:c1:07:4c:4b:5c:83:b7:
a8:2d:25:b0:87:c6:ec:8f:b6:5a:41:55:90:e4:9f:
c7:a9:cc:15:81:a7:a1:2f:05:e7:09:34:58:86:3d:
4c:3b:4c:68:e6:7f:27:4d:ff:cf:69:53:ab:20:31:
26:07:1f:33:a9:4b:a7:25:55:ef:da:29:59:ac:30:
13:79:6e:cd:71:ad:03:8e:a0:d6:99:06:32:f7:a3:
86:15:13:1e:82:34:16:72:29:ed:7c:08:9a:4a:dd:
d1:88:45:96:f9:a7:2e:45:2d:ea:fd:2b:a7:82:3c:
f4:5f:01:0d:83:f8:17:c8:91:3a:6a:93:74:b0:10:
6f:9c:71:43:99:74:90:cd:91:43:df:02:5f:90:1b:
c8:45:55:9f:a0:f7:9d:92:c5:31:22:fe:d2:2b:0f:
4d:83:eb:fc:b8:a5:53:4c:f6:5b:5b:10:50:5b:57:
32:b5:a4:1f:17:94:54:09:4c:47:90:83:b5:d1:e0:
d6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:0A:F7:E5:F6:85:A8:35:F2:D4:09:DC:24:4D:45:1D:A4:13:AC:43
X509v3 Authority Key Identifier:
keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/FF64AFE87D7D11EDB27D7071C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.200.0/22
103.57.20.0/22
IPv6:
2402:5380::/31
Signature Algorithm: sha256WithRSAEncryption
5a:1d:41:1c:82:40:ce:55:ee:89:fe:70:5a:e7:dd:c9:93:b0:
74:10:f8:f4:2b:8a:ff:c9:50:89:17:53:80:a6:b7:7d:f3:73:
1e:ed:5e:02:c9:20:f7:fe:b6:5f:ad:2b:f9:88:8b:73:e1:f5:
3a:a5:6f:9b:bf:a2:8c:95:3a:c9:d0:70:ea:8b:4c:39:52:59:
b0:34:30:d5:98:9c:e4:04:b1:14:d3:92:ec:c9:a1:bb:ae:4e:
2c:f9:f6:4e:75:03:cb:11:94:7f:2c:08:12:e3:c9:7b:e3:c9:
9c:d9:df:c3:97:87:e8:42:f6:3c:7b:ac:bb:0f:6c:76:d9:c8:
94:cc:88:46:b3:25:66:35:fe:c2:5e:fa:15:bf:60:22:5c:e8:
41:3c:fa:36:7d:67:6d:c5:ee:0d:9f:16:fa:82:db:8a:f3:46:
ff:22:db:3e:a4:48:b0:ed:da:38:10:6e:46:8d:c4:6e:56:5c:
0e:e9:31:8a:1d:d4:be:9b:ed:7e:71:75:de:5f:bf:21:be:84:
59:a8:da:53:2a:77:c1:8f:23:98:fa:94:07:98:ec:1b:b9:4f:
75:45:b8:d7:b2:7c:f2:bf:d7:f5:49:25:a0:16:83:18:81:3b:
3f:6a:66:5b:74:8e:d8:49:47:55:bc:82:1f:2f:2d:42:7e:89:
e2:2e:9c:aa
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICIDowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjIxMjE2MjAxMjQzWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzljZDEzYi1hZDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzVUDJkiWnlyT16raNCElJx8Br2kf1OKlGVh3LhroO3g02v8le6zVvslx1Cdl
xB7jNjzk7akkBoOjHd01stSeqnK2kMEHTEtcg7eoLSWwh8bsj7ZaQVWQ5J/HqcwV
gaehLwXnCTRYhj1MO0xo5n8nTf/PaVOrIDEmBx8zqUunJVXv2ilZrDATeW7Nca0D
jqDWmQYy96OGFRMegjQWcintfAiaSt3RiEWW+acuRS3q/Sungjz0XwENg/gXyJE6
apN0sBBvnHFDmXSQzZFD3wJfkBvIRVWfoPedksUxIv7SKw9Ng+v8uKVTTPZbWxBQ
W1cytaQfF5RUCUxHkIO10eDWjQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHEK9+X2
hag18tQJ3CRNRR2kE6xDMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvRkY2NEFGRTg3
RDdEMTFFREIyN0Q3MDcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAI7mcgDBAJnORQwDQQCAAIwBwMFASQCU4AwDQYJKoZIhvcN
AQELBQADggEBAFodQRyCQM5V7on+cFrn3cmTsHQQ+PQriv/JUIkXU4Cmt33zcx7t
XgLJIPf+tl+tK/mIi3Ph9Tqlb5u/ooyVOsnQcOqLTDlSWbA0MNWYnOQEsRTTkuzJ
obuuTiz59k51A8sRlH8sCBLjyXvjyZzZ38OXh+hC9jx7rLsPbHbZyJTMiEazJWY1
/sJe+hW/YCJc6EE8+jZ9Z23F7g2fFvqC24rzRv8i2z6kSLDt2jgQbkaNxG5WXA7p
MYod1L6b7X5xdd5fvyG+hFmo2lMqd8GPI5j6lAeY7Bu5T3VFuNeyfPK/1/VJJaAW
gxiBOz9qZlt0jthJR1W8gh8vLUJ+ieIunKo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:11 2023 by rpki-client on console-ams.rpki-client.org