Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/AA5843EC406311EB9A4FD119C4F9AE02.roa
File: AA5843EC406311EB9A4FD119C4F9AE02.roa (raw, json)
Hash identifier: sk/pGjP3yn2WbaYhXuqCRFz2xQey/8KxoSKajJ9gLM0=
Subject key identifier: 98:D9:6E:45:B9:FD:3D:2A:83:E2:60:9E:82:57:DF:DD:C9:A9:62:53
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 34EA
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/AA5843EC406311EB9A4FD119C4F9AE02.roa
Signing time: Sun 02 Apr 2023 15:01:03 +0000
ROA not before: Sun 02 Apr 2023 15:01:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55714
IP address blocks: 39.62.0.0/19 maxlen: 24
39.62.32.0/21 maxlen: 24
39.62.40.0/21 maxlen: 24
39.62.48.0/20 maxlen: 24
59.103.16.0/22 maxlen: 24
59.103.32.0/19 maxlen: 24
59.103.64.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13546 (0x34ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Apr 2 15:01:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=642998ae-6566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:87:5e:da:09:79:a6:39:9e:3d:d2:30:e8:
28:a8:42:61:5b:68:d5:92:bd:17:a0:a3:0d:46:b0:
e1:a7:6c:73:54:99:ab:65:3e:56:15:ae:b5:d6:1c:
48:de:00:a0:4b:29:b7:43:0a:10:e8:1f:03:5e:e4:
10:6f:01:f5:47:7b:e9:99:b0:9d:0f:0c:c5:64:e4:
2b:0d:e6:5a:4b:f7:49:41:ac:50:44:1b:ca:73:58:
3b:88:b4:2b:ab:17:34:3f:50:92:e3:2f:7a:26:a7:
92:33:96:41:84:44:e6:a5:d2:90:63:e0:d7:52:3a:
c9:35:1d:1b:a5:b9:e1:d6:94:46:5a:a4:97:fc:f2:
4a:7e:4c:e9:4d:c7:30:c9:82:63:e5:19:5c:a8:13:
c1:5b:31:9e:a3:f5:56:dc:7c:51:a7:7e:d2:58:91:
54:7e:1a:d1:2f:ee:cc:55:d1:e8:2b:fb:98:a6:ec:
82:0f:37:c6:d0:d8:87:31:96:10:41:51:66:33:40:
be:90:ef:24:1d:ce:a0:65:56:97:56:3a:a1:24:94:
6b:30:a2:28:eb:df:2a:62:f1:52:36:21:65:49:c6:
28:f9:2d:58:5f:c2:0b:61:18:b6:ae:31:16:6c:ba:
15:fc:b4:b7:aa:72:cd:ad:ca:98:2c:2e:5b:a3:bb:
76:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D9:6E:45:B9:FD:3D:2A:83:E2:60:9E:82:57:DF:DD:C9:A9:62:53
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/AA5843EC406311EB9A4FD119C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.62.0.0/18
59.103.16.0/22
59.103.32.0-59.103.71.255
Signature Algorithm: sha256WithRSAEncryption
a8:29:e8:97:9d:8f:12:65:7b:ad:71:b2:db:7f:ae:1c:98:dc:
ac:7f:69:d6:ff:24:4d:b6:7f:50:4d:ff:5a:13:4b:97:3c:87:
08:aa:21:59:4e:7f:b8:4f:8c:d6:ca:55:29:14:9b:7a:21:c4:
dd:a8:ed:99:31:72:00:d4:1f:a2:73:ac:43:f8:d2:89:95:9b:
5a:de:b6:16:78:6a:96:0f:7f:3d:a9:5b:54:ef:2b:36:c4:8e:
5f:c1:01:e1:7b:8d:c5:42:cf:11:9d:e6:8c:24:6b:e5:86:ec:
0e:d8:6d:68:a3:25:c8:8a:bd:f7:2a:da:90:6f:94:b5:0f:23:
1d:a0:1d:be:05:a8:8d:e8:97:20:f0:08:72:3e:4a:56:be:e0:
c6:6b:a8:a3:46:19:5e:64:50:67:04:61:1e:2b:d5:89:e5:bb:
41:39:d7:67:fa:da:49:24:15:f7:dd:3a:87:c9:f4:fc:32:03:
c4:50:c7:c5:3c:34:34:47:2f:2d:66:f1:34:f4:8e:d9:58:1a:
48:79:b7:3e:f7:12:af:1d:1b:11:74:fc:33:86:20:3b:61:a7:
46:4b:27:6a:56:6f:1c:fa:d8:bd:3f:3f:22:13:02:46:9d:8f:
b6:94:34:dd:48:40:ae:3c:40:5e:6e:03:89:68:0d:3e:a9:1a:
72:c6:3d:45
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICNOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjMwNDAyMTUwMTAzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI5OThhZS02NTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvjWHXtoJeaY5nj3SMOgoqEJhW2jVkr0XoKMNRrDhp2xzVJmrZT5WFa611hxI
3gCgSym3QwoQ6B8DXuQQbwH1R3vpmbCdDwzFZOQrDeZaS/dJQaxQRBvKc1g7iLQr
qxc0P1CS4y96JqeSM5ZBhETmpdKQY+DXUjrJNR0bpbnh1pRGWqSX/PJKfkzpTccw
yYJj5RlcqBPBWzGeo/VW3HxRp37SWJFUfhrRL+7MVdHoK/uYpuyCDzfG0NiHMZYQ
QVFmM0C+kO8kHc6gZVaXVjqhJJRrMKIo698qYvFSNiFlScYo+S1YX8ILYRi2rjEW
bLoV/LS3qnLNrcqYLC5bo7t2eQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFJjZbkW5
/T0qg+JgnoJX393JqWJTMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvQUE1ODQzRUM0
MDYzMTFFQjlBNEZEMTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAYnPgADBAI7ZxAwDAMEBTtnIAMEAztnQDANBgkqhkiG9w0B
AQsFAAOCAQEAqCnol52PEmV7rXGy23+uHJjcrH9p1v8kTbZ/UE3/WhNLlzyHCKoh
WU5/uE+M1spVKRSbeiHE3ajtmTFyANQfonOsQ/jSiZWbWt62Fnhqlg9/PalbVO8r
NsSOX8EB4XuNxULPEZ3mjCRr5YbsDthtaKMlyIq99yrakG+UtQ8jHaAdvgWojeiX
IPAIcj5KVr7gxmuoo0YZXmRQZwRhHivVieW7QTnXZ/raSSQV9906h8n0/DIDxFDH
xTw0NEcvLWbxNPSO2VgaSHm3PvcSrx0bEXT8M4YgO2GnRksnalZvHPrYvT8/IhMC
Rp2PtpQ03UhArjxAXm4DiWgNPqkacsY9RQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:59 2023 by rpki-client on console-ams.rpki-client.org