Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/324521F4B08611EE98AB2E4FC4F9AE02.roa
File: 324521F4B08611EE98AB2E4FC4F9AE02.roa (raw, json)
Hash identifier: j0+qywwChOONGNWibyh6cKMht2bDuVGIeRSO17m3+Fg=
Subject key identifier: 5A:05:77:AD:B2:26:03:EA:2B:52:8E:C5:BF:00:47:49:C4:AE:82:3B
Certificate issuer: /CN=A91620E0/serialNumber=74E5BB9B6D3CC7F8C29A83BDC8492B9659F0EE17
Certificate serial: 0BFA
Authority key identifier: 74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/324521F4B08611EE98AB2E4FC4F9AE02.roa
Signing time: Thu 11 Jan 2024 13:34:51 +0000
ROA not before: Thu 11 Jan 2024 13:34:51 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 55385
IP address blocks: 152.58.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 09:51:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3066 (0xbfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91620E0/serialNumber=74E5BB9B6D3CC7F8C29A83BDC8492B9659F0EE17
Validity
Not Before: Jan 11 13:34:51 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=659fee7b-bf50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:3a:0d:8c:36:99:bd:39:a8:b1:e3:d6:cb:
17:b0:4d:92:bc:88:7c:3a:b0:e7:78:e3:29:24:09:
18:d7:52:00:59:e5:47:d0:9f:0c:c9:fb:77:6c:b8:
77:b0:49:c4:e8:36:aa:24:aa:2c:fc:95:48:64:73:
c6:bb:70:5a:3a:ef:08:8d:25:01:99:0f:11:82:a7:
e5:de:a4:16:42:87:df:1d:2a:f4:de:f0:7c:4b:02:
a4:fe:2e:19:21:4a:e1:7f:b7:fa:42:e4:ee:20:1b:
bd:b5:5e:58:c8:99:d8:10:d7:d1:30:db:dc:47:ba:
a3:4b:a0:c1:25:6e:69:7f:3f:99:03:2e:ee:70:4f:
34:78:c7:be:f4:e9:7c:78:dd:ac:54:44:71:7a:bb:
cc:d9:8d:dd:2e:c1:c8:9a:6e:58:d0:ce:98:e0:99:
a1:4f:67:60:05:fd:7f:26:50:a9:f2:90:7a:8b:42:
82:e7:6f:b2:2f:c4:2c:3a:2c:de:05:a5:81:84:a8:
1f:44:5c:e8:d9:71:9e:d7:0d:0c:e3:79:f8:22:9e:
97:59:98:6b:5e:dc:a3:3d:c3:c3:34:3b:29:1b:cc:
5e:53:f9:36:d1:54:dd:95:a4:71:79:d1:be:8d:58:
ef:c1:47:db:d1:53:66:d2:e3:99:2f:b6:cd:aa:9e:
0d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:05:77:AD:B2:26:03:EA:2B:52:8E:C5:BF:00:47:49:C4:AE:82:3B
X509v3 Authority Key Identifier:
keyid:74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/324521F4B08611EE98AB2E4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.58.237.0/24
Signature Algorithm: sha256WithRSAEncryption
10:1f:68:56:c6:c1:f4:fb:5b:06:8e:43:73:1b:b6:1b:ab:69:
09:a8:5b:32:29:d2:d3:68:a2:d5:d7:a8:0f:33:77:8c:7c:d5:
d5:f4:cb:6c:4e:ad:80:0b:d3:f0:08:85:6e:08:c1:54:cf:d3:
b8:ac:80:96:3b:1a:1b:97:a0:f2:3c:fe:bb:34:bd:70:04:1a:
de:c4:75:67:a0:2a:b4:f6:cf:2f:b1:05:24:0c:ed:4b:be:09:
b9:25:08:dd:1d:63:34:07:ec:36:66:7b:24:d7:58:0b:93:0f:
42:36:27:74:24:51:71:10:3d:1e:76:28:ec:5c:54:92:29:0b:
91:bc:ab:b3:8c:e2:9a:0c:f9:83:54:10:6e:d4:5e:6b:d3:de:
07:ba:e1:5c:19:51:aa:1b:32:92:56:61:4f:5e:ea:13:e7:cd:
f1:e2:b7:05:66:64:ce:2a:07:17:d4:c3:9c:fb:0e:25:58:ab:
a1:c5:3b:33:4d:81:93:8f:f0:8d:27:f0:c5:02:fd:6e:6f:41:
2c:13:f5:2b:83:69:f2:25:ac:46:48:f2:88:94:cb:bf:2e:7f:
d6:6c:5c:91:55:52:8a:45:ce:f0:41:ef:3e:08:0b:5b:f0:d8:
af:2c:c0:5f:25:ff:ad:a1:0f:34:3d:1b:cb:6f:50:17:81:b3:
73:cd:18:fb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC/owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIwRTAxMTAvBgNVBAUTKDc0RTVCQjlCNkQzQ0M3RjhDMjlBODNCREM4NDkyQjk2
NTlGMEVFMTcwHhcNMjQwMTExMTMzNDUxWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTlmZWU3Yi1iZjUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqis6DYw2mb05qLHj1ssXsE2SvIh8OrDneOMpJAkY11IAWeVH0J8Myft3bLh3
sEnE6DaqJKos/JVIZHPGu3BaOu8IjSUBmQ8Rgqfl3qQWQoffHSr03vB8SwKk/i4Z
IUrhf7f6QuTuIBu9tV5YyJnYENfRMNvcR7qjS6DBJW5pfz+ZAy7ucE80eMe+9Ol8
eN2sVERxervM2Y3dLsHImm5Y0M6Y4JmhT2dgBf1/JlCp8pB6i0KC52+yL8QsOize
BaWBhKgfRFzo2XGe1w0M43n4Ip6XWZhrXtyjPcPDNDspG8xeU/k20VTdlaRxedG+
jVjvwUfb0VNm0uOZL7bNqp4NXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFoFd62y
JgPqK1KOxb8AR0nEroI7MB8GA1UdIwQYMBaAFHTlu5ttPMf4wpqDvchJK5ZZ8O4X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjBFMC9EOTY0QjQ4MjMx
MEUxMUVBOUMzQ0U3MkZDNEY5QUUwMi9kT1c3bTIwOHhfakNtb085eUVrcmxsbnc3
aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2RPVzdtMjA4eF9qQ21vTzl5RWtybGxudzdoYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIwRTAvRDk2NEI0ODIzMTBFMTFFQTlDM0NFNzJGQzRGOUFFMDIvMzI0NTIxRjRC
MDg2MTFFRTk4QUIyRTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACYOu0wDQYJKoZIhvcNAQELBQADggEBABAfaFbGwfT7WwaO
Q3MbthuraQmoWzIp0tNootXXqA8zd4x81dX0y2xOrYAL0/AIhW4IwVTP07isgJY7
GhuXoPI8/rs0vXAEGt7EdWegKrT2zy+xBSQM7Uu+CbklCN0dYzQH7DZmeyTXWAuT
D0I2J3QkUXEQPR52KOxcVJIpC5G8q7OM4poM+YNUEG7UXmvT3ge64VwZUaobMpJW
YU9e6hPnzfHitwVmZM4qBxfUw5z7DiVYq6HFOzNNgZOP8I0n8MUC/W5vQSwT9SuD
afIlrEZI8oiUy78uf9ZsXJFVUopFzvBB7z4IC1vw2K8swF8l/62hDzQ9G8tvUBeB
s3PNGPs=
-----END CERTIFICATE-----
Generated at Thu Feb 1 13:28:25 2024 by rpki-client on console-ams.rpki-client.org