Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/02CF9FAC1B1311EE94AC0123C4F9AE02.roa
File: 02CF9FAC1B1311EE94AC0123C4F9AE02.roa (raw, json)
Hash identifier: 9kltWfOPGLHrlJTJIhJBfPoXvHrNV3AZrW1mX/hHk7I=
Subject key identifier: 41:10:84:BD:25:EB:F5:E7:18:61:61:89:1B:50:E7:ED:91:6A:19:D2
Certificate issuer: /CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Certificate serial: 214F
Authority key identifier: 53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/02CF9FAC1B1311EE94AC0123C4F9AE02.roa
Signing time: Wed 26 Jun 2024 16:24:17 +0000
ROA not before: Wed 26 Jun 2024 16:24:16 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 134128
IP address blocks: 59.153.28.0/22 maxlen: 24
103.18.80.0/22 maxlen: 24
103.54.148.0/22 maxlen: 24
2402:3b80::/32 maxlen: 32
2402:3b80::/48 maxlen: 48
2402:3b80:1::/48 maxlen: 48
2402:3b80:2::/48 maxlen: 48
2402:3b80:3::/48 maxlen: 48
2402:3b80:4::/48 maxlen: 48
2402:3b80:5::/48 maxlen: 48
2402:3b80:6::/48 maxlen: 48
2402:3b80:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 08 Sep 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8527 (0x214f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Validity
Not Before: Jun 26 16:24:16 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=667c40b0-ef4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ee:13:a2:e3:98:a5:b2:47:a8:68:31:42:05:
24:23:66:d5:0a:bf:4f:c2:97:e0:17:d5:7f:1c:43:
db:ed:d7:c8:51:3c:cc:68:db:37:dc:17:c1:29:be:
f7:45:34:b3:f1:51:1b:d8:20:20:fb:7c:d5:75:17:
51:0b:94:b6:51:53:9e:63:66:62:09:62:ad:59:17:
37:53:8c:3d:72:6e:02:ef:41:be:68:25:19:76:4b:
af:6b:03:1c:d0:f0:da:0a:eb:24:a5:e0:a4:f8:64:
08:a2:a8:c3:eb:c3:c3:e9:b0:20:8b:f5:92:7f:aa:
c8:f2:42:ea:10:d7:16:9b:1d:1d:36:cc:da:c9:d3:
a2:8d:32:3a:b9:26:55:8f:41:3f:f3:fc:a1:62:f4:
49:e7:aa:49:8a:a1:dd:88:52:8d:00:c6:fb:6f:11:
15:8f:f1:1e:0d:42:22:0f:e1:07:dd:c4:f4:79:f4:
02:d9:f9:fc:42:a8:93:17:6b:33:e8:b7:6d:f8:c9:
d0:8f:f9:93:8c:46:ac:00:72:32:c1:bc:e9:99:ca:
e1:21:da:51:ee:73:8e:78:fb:c4:e2:55:da:76:42:
15:6b:fe:6c:9b:8e:38:34:e3:ff:b1:af:fd:b1:47:
e5:cd:96:08:b1:00:46:d3:45:e5:94:42:be:90:19:
64:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:10:84:BD:25:EB:F5:E7:18:61:61:89:1B:50:E7:ED:91:6A:19:D2
X509v3 Authority Key Identifier:
keyid:53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/U78N14DbA47OFNQEWbq5xo9phTs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/02CF9FAC1B1311EE94AC0123C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.28.0/22
103.18.80.0/22
103.54.148.0/22
IPv6:
2402:3b80::/32
Signature Algorithm: sha256WithRSAEncryption
a6:84:aa:4c:62:18:d1:5c:65:c1:e7:fe:48:23:50:5d:b8:e4:
6c:3b:41:e4:a7:7d:30:32:9d:ac:eb:93:6a:22:00:37:cb:f5:
02:a2:7d:31:f8:6e:56:37:bc:ad:ff:96:0e:ba:23:84:67:c8:
fb:1a:13:69:36:f7:4e:94:c0:3f:b6:7e:94:c9:7b:a4:14:c0:
fb:ab:15:1d:77:6a:e0:31:a2:b7:59:04:a5:0b:82:3f:4f:fa:
16:3a:38:d2:38:53:fa:0d:46:dd:07:5b:49:cf:8d:6b:f5:57:
02:63:12:21:cd:fa:f4:24:d6:13:c7:a3:37:72:64:b8:a1:6b:
0e:7f:d5:ed:18:43:97:78:2d:be:f6:2c:fe:57:a8:46:15:93:
e5:e1:93:b9:db:0d:3c:ca:52:db:aa:ef:56:dc:32:79:10:89:
78:d8:e9:9e:32:d7:84:dd:4f:c7:c4:45:96:f8:63:47:82:bb:
79:65:fb:96:c6:45:1d:d9:9b:7c:44:47:48:d0:4d:94:23:4c:
72:e3:ac:a4:1d:3f:71:10:1d:2a:c9:b6:f2:bb:71:7f:ad:88:
e2:5b:0b:23:3e:01:1d:1b:30:0a:ff:56:0f:fc:87:09:c0:a6:
a5:52:ad:8a:36:da:67:a0:61:db:5d:5b:24:11:7c:0e:32:7a:
5a:20:41:d6
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICIU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDRDYxMTAvBgNVBAUTKDUzQkYwREQ3ODBEQjAzOEVDRTE0RDQwNDU5QkFCOUM2
OEY2OTg1M0IwHhcNMjQwNjI2MTYyNDE2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdjNDBiMC1lZjRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwu4TouOYpbJHqGgxQgUkI2bVCr9PwpfgF9V/HEPb7dfIUTzMaNs33BfBKb73
RTSz8VEb2CAg+3zVdRdRC5S2UVOeY2ZiCWKtWRc3U4w9cm4C70G+aCUZdkuvawMc
0PDaCuskpeCk+GQIoqjD68PD6bAgi/WSf6rI8kLqENcWmx0dNszaydOijTI6uSZV
j0E/8/yhYvRJ56pJiqHdiFKNAMb7bxEVj/EeDUIiD+EH3cT0efQC2fn8QqiTF2sz
6Ldt+MnQj/mTjEasAHIywbzpmcrhIdpR7nOOePvE4lXadkIVa/5sm444NOP/sa/9
sUflzZYIsQBG00XllEK+kBlk2QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFEEQhL0l
6/XnGGFhiRtQ5+2RahnSMB8GA1UdIwQYMBaAFFO/DdeA2wOOzhTUBFm6ucaPaYU7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkNENi8xRTlFMUFBQ0Qy
RUExMUU1QUZCMUUyNENDNEY5QUUwMi9VNzhOMTREYkE0N09GTlFFV2JxNXhvOXBo
VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3OE4xNERiQTQ3T0ZOUUVXYnE1eG85cGhUcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDRDYvMUU5RTFBQUNEMkVBMTFFNUFGQjFFMjRDQzRGOUFFMDIvMDJDRjlGQUMx
QjEzMTFFRTk0QUMwMTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAI7mRwDBAJnElADBAJnNpQwDQQCAAIwBwMFACQCO4AwDQYJ
KoZIhvcNAQELBQADggEBAKaEqkxiGNFcZcHn/kgjUF245Gw7QeSnfTAynazrk2oi
ADfL9QKifTH4blY3vK3/lg66I4RnyPsaE2k2906UwD+2fpTJe6QUwPurFR13auAx
ordZBKULgj9P+hY6ONI4U/oNRt0HW0nPjWv1VwJjEiHN+vQk1hPHozdyZLihaw5/
1e0YQ5d4Lb72LP5XqEYVk+Xhk7nbDTzKUtuq71bcMnkQiXjY6Z4y14TdT8fERZb4
Y0eCu3ll+5bGRR3Zm3xER0jQTZQjTHLjrKQdP3EQHSrJtvK7cX+tiOJbCyM+AR0b
MAr/Vg/8hwnApqVSrYo22megYdtdWyQRfA4yelogQdY=
-----END CERTIFICATE-----
Generated at Sun Sep 8 12:45:38 2024 by rpki-client on console-ams.rpki-client.org