Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/AED80FEA74A211EDA517AC36C4F9AE02.roa
File: AED80FEA74A211EDA517AC36C4F9AE02.roa (raw, json)
Hash identifier: N1CgojXSSShKMxtnIrOMDpJLTpLvIh0risf6hdgDLK0=
Subject key identifier: CC:FC:6E:80:B2:04:E3:9B:FB:21:4E:15:BE:21:F9:14:A2:AF:72:C8
Certificate issuer: /CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Certificate serial: 2055
Authority key identifier: 53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/AED80FEA74A211EDA517AC36C4F9AE02.roa
Signing time: Fri 26 May 2023 16:54:15 +0000
ROA not before: Fri 26 May 2023 16:54:15 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 134128
IP address blocks: 59.153.28.0/22 maxlen: 24
103.18.80.0/22 maxlen: 24
103.54.148.0/22 maxlen: 24
180.210.220.0/22 maxlen: 24
2402:3b80::/32 maxlen: 32
2402:3b80::/48 maxlen: 48
2402:3b80:1::/48 maxlen: 48
2402:3b80:2::/48 maxlen: 48
2402:3b80:3::/48 maxlen: 48
2402:3b80:4::/48 maxlen: 48
2402:3b80:5::/48 maxlen: 48
2402:3b80:6::/48 maxlen: 48
2402:3b80:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Jul 2023 09:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8277 (0x2055)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Validity
Not Before: May 26 16:54:15 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6470e437-27a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b3:ad:68:6e:fb:7b:a5:e3:ea:a1:3a:ce:e3:
4d:40:50:54:45:1c:36:0b:aa:3b:e6:da:60:c4:1f:
87:a4:5c:ed:2d:a5:14:81:bb:78:96:a7:53:54:f2:
cf:6e:a9:3d:f6:82:8a:32:da:41:a3:22:d3:c5:49:
b7:25:32:34:7d:81:5d:f9:42:92:e9:5b:0a:73:e6:
ff:7f:01:06:d4:88:4c:ce:8e:da:ad:51:fb:92:58:
9c:d9:f8:14:81:6a:bd:c2:05:da:cf:a8:2b:85:ea:
3a:22:ac:45:b9:cf:00:40:aa:61:a9:08:02:04:22:
88:c5:ac:fb:58:95:c3:11:d7:7e:f7:26:28:e7:d6:
44:00:e5:af:53:f7:03:18:61:d5:86:4f:ef:b9:75:
a4:dd:92:91:1a:26:71:eb:b8:12:c0:f7:4d:d3:6f:
76:6c:a9:91:df:be:20:1c:81:27:5d:57:ca:ca:b9:
f9:ed:14:8e:76:b0:8d:ce:59:b0:92:ea:06:3d:50:
7f:67:3f:bb:dc:fa:54:41:c7:5e:a7:53:83:dd:b2:
11:e7:3c:87:62:f0:a2:61:2a:ce:77:89:db:29:36:
f5:60:ee:1c:3f:f1:89:2a:9d:2b:86:b8:29:82:c2:
c0:61:50:e0:29:2e:ce:8a:52:21:1f:cf:6d:b1:99:
47:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:FC:6E:80:B2:04:E3:9B:FB:21:4E:15:BE:21:F9:14:A2:AF:72:C8
X509v3 Authority Key Identifier:
keyid:53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/U78N14DbA47OFNQEWbq5xo9phTs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/AED80FEA74A211EDA517AC36C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.28.0/22
103.18.80.0/22
103.54.148.0/22
180.210.220.0/22
IPv6:
2402:3b80::/32
Signature Algorithm: sha256WithRSAEncryption
83:26:2c:22:77:6f:1a:c4:d0:46:fe:52:53:1a:6b:2e:cb:65:
c4:f2:c3:e8:48:29:1d:62:9c:c8:5d:57:0a:b4:93:b1:5c:36:
f7:2d:6a:3b:9b:8b:cf:8a:cd:4c:22:72:0c:25:43:1b:23:6e:
70:8f:d2:6a:68:18:cb:8d:42:69:86:e1:4e:ad:4e:04:e4:fd:
33:78:57:c0:49:a7:57:6e:31:4f:d2:51:ad:19:a5:c7:da:e0:
80:5c:f9:49:cb:c6:55:92:2f:21:dc:b0:c1:4c:ec:3d:ed:7f:
04:52:d8:27:53:62:34:b4:67:5d:ac:36:ab:6d:a2:4c:42:79:
15:fe:c0:3d:48:db:c6:5c:13:d1:97:a4:75:eb:dd:4a:4f:a7:
e2:68:bb:1d:c5:c4:cb:33:fd:9a:7e:70:9f:aa:26:50:f9:3c:
6a:08:92:d9:f5:83:cd:3a:ca:64:40:57:82:54:96:07:84:a2:
22:7e:64:c7:77:1d:60:9b:6c:e5:dd:71:d6:80:d1:c2:d4:2a:
80:37:1f:1d:d9:80:e1:98:5f:82:c4:f7:9f:7e:cf:6c:50:6d:
17:96:9e:02:b3:b8:73:99:cf:63:28:a5:23:df:97:f7:68:8b:
49:16:ff:5f:53:44:18:eb:13:c5:7a:30:a5:be:3d:ae:81:4f:
9e:1a:7f:b7
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICIFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDRDYxMTAvBgNVBAUTKDUzQkYwREQ3ODBEQjAzOEVDRTE0RDQwNDU5QkFCOUM2
OEY2OTg1M0IwHhcNMjMwNTI2MTY1NDE1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDcwZTQzNy0yN2EzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo7OtaG77e6Xj6qE6zuNNQFBURRw2C6o75tpgxB+HpFztLaUUgbt4lqdTVPLP
bqk99oKKMtpBoyLTxUm3JTI0fYFd+UKS6VsKc+b/fwEG1IhMzo7arVH7klic2fgU
gWq9wgXaz6grheo6IqxFuc8AQKphqQgCBCKIxaz7WJXDEdd+9yYo59ZEAOWvU/cD
GGHVhk/vuXWk3ZKRGiZx67gSwPdN0292bKmR374gHIEnXVfKyrn57RSOdrCNzlmw
kuoGPVB/Zz+73PpUQcdep1OD3bIR5zyHYvCiYSrOd4nbKTb1YO4cP/GJKp0rhrgp
gsLAYVDgKS7OilIhH89tsZlH3QIDAQABo4ICtjCCArIwHQYDVR0OBBYEFMz8boCy
BOOb+yFOFb4h+RSir3LIMB8GA1UdIwQYMBaAFFO/DdeA2wOOzhTUBFm6ucaPaYU7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkNENi8xRTlFMUFBQ0Qy
RUExMUU1QUZCMUUyNENDNEY5QUUwMi9VNzhOMTREYkE0N09GTlFFV2JxNXhvOXBo
VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3OE4xNERiQTQ3T0ZOUUVXYnE1eG85cGhUcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDRDYvMUU5RTFBQUNEMkVBMTFFNUFGQjFFMjRDQzRGOUFFMDIvQUVEODBGRUE3
NEEyMTFFREE1MTdBQzM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAI7mRwDBAJnElADBAJnNpQDBAK00twwDQQCAAIwBwMFACQC
O4AwDQYJKoZIhvcNAQELBQADggEBAIMmLCJ3bxrE0Eb+UlMaay7LZcTyw+hIKR1i
nMhdVwq0k7FcNvctajubi8+KzUwicgwlQxsjbnCP0mpoGMuNQmmG4U6tTgTk/TN4
V8BJp1duMU/SUa0Zpcfa4IBc+UnLxlWSLyHcsMFM7D3tfwRS2CdTYjS0Z12sNqtt
okxCeRX+wD1I28ZcE9GXpHXr3UpPp+Joux3FxMsz/Zp+cJ+qJlD5PGoIktn1g806
ymRAV4JUlgeEoiJ+ZMd3HWCbbOXdcdaA0cLUKoA3Hx3ZgOGYX4LE959+z2xQbReW
ngKzuHOZz2MopSPfl/doi0kW/19TRBjrE8V6MKW+Pa6BT54af7c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org