Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4DC7/F3F1020EBB1011ECB675EF51C4F9AE02/59EF0228BB1511EC8BD0C17EC4F9AE02.roa
File: 59EF0228BB1511EC8BD0C17EC4F9AE02.roa (raw, json)
Hash identifier: 2q5+bjn7nmk9SgO/vyuOr+AM+YekJjDk+NKFHyHuNtA=
Subject key identifier: 5E:C4:5B:77:9B:31:F1:E7:AB:C6:B2:8F:89:4C:F0:F6:18:C2:FC:EA
Certificate issuer: /CN=A91B4DC7/serialNumber=B88911178068D575DFDDF84940CABEAF451C8C2B
Certificate serial: 0260
Authority key identifier: B8:89:11:17:80:68:D5:75:DF:DD:F8:49:40:CA:BE:AF:45:1C:8C:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uIkRF4Bo1XXf3fhJQMq-r0UcjCs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B4DC7/F3F1020EBB1011ECB675EF51C4F9AE02/59EF0228BB1511EC8BD0C17EC4F9AE02.roa
Signing time: Thu 01 Feb 2024 03:35:21 +0000
ROA not before: Thu 01 Feb 2024 03:35:21 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 149055
IP address blocks: 103.177.138.0/24 maxlen: 24
103.177.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 11:45:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 608 (0x260)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B4DC7/serialNumber=B88911178068D575DFDDF84940CABEAF451C8C2B
Validity
Not Before: Feb 1 03:35:21 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65bb1179-b83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1b:f5:34:7a:18:f9:5d:79:91:28:c1:fa:84:
5c:d5:d9:bb:9b:68:2d:54:9b:06:9b:9b:95:ea:bc:
e0:57:91:c2:31:47:be:b5:ed:42:0c:11:72:39:7c:
3a:ee:33:73:6a:2f:69:96:09:28:e8:6f:d8:65:34:
6c:d5:67:55:15:5e:81:15:84:c6:ed:3b:aa:1a:49:
d1:d2:18:56:7f:3c:50:01:29:89:74:fe:1e:6f:00:
27:97:47:dd:73:9b:78:29:31:f9:0e:60:9f:fa:ca:
6c:b8:00:d4:00:fe:56:8c:36:d9:d2:60:f6:d7:00:
3f:03:c0:d5:66:5e:24:ba:fc:fb:97:be:e8:f4:14:
4a:55:dd:fb:b4:8f:52:bf:b9:55:32:6c:02:b0:13:
c1:af:f7:0b:33:12:f4:dd:2b:cf:08:9e:a9:bf:ce:
0c:a4:a5:92:2a:2e:82:cb:f6:50:81:be:5b:86:4e:
81:f7:c6:bf:9e:14:06:78:de:7f:4f:41:ad:2d:81:
e8:9b:9b:17:5f:bf:73:22:74:e4:00:2b:e5:d3:0f:
26:19:98:3f:94:49:ca:34:a2:a7:c6:fa:7b:a1:a3:
45:a9:6e:7f:57:44:8c:e4:c1:73:11:9d:98:7f:6f:
99:6d:f6:63:b0:da:1d:eb:40:14:c6:c5:73:fb:37:
83:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C4:5B:77:9B:31:F1:E7:AB:C6:B2:8F:89:4C:F0:F6:18:C2:FC:EA
X509v3 Authority Key Identifier:
keyid:B8:89:11:17:80:68:D5:75:DF:DD:F8:49:40:CA:BE:AF:45:1C:8C:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B4DC7/F3F1020EBB1011ECB675EF51C4F9AE02/uIkRF4Bo1XXf3fhJQMq-r0UcjCs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uIkRF4Bo1XXf3fhJQMq-r0UcjCs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4DC7/F3F1020EBB1011ECB675EF51C4F9AE02/59EF0228BB1511EC8BD0C17EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.138.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:74:80:7a:7f:70:3a:4b:63:66:f3:f6:8d:d1:11:43:47:58:
8f:c5:70:b3:d3:91:f6:5b:82:9a:52:4c:98:97:47:97:71:ca:
94:39:e8:5c:2b:c9:ad:83:60:c4:80:bc:dd:41:a6:6e:49:3b:
65:e2:f9:fe:4b:39:4d:a9:45:fc:44:f0:58:e7:43:73:a8:30:
d0:59:78:cb:96:39:2d:e2:b0:07:de:e8:46:fb:12:9b:b9:b6:
8d:cf:aa:9e:68:05:07:45:71:0b:f3:df:cc:0d:09:09:c3:e1:
72:aa:a7:07:9a:83:33:eb:14:c8:a9:06:0e:ca:4d:43:36:81:
6c:8e:20:fe:ee:02:3f:33:d0:52:a8:f4:b6:2b:f6:8b:d6:cf:
32:ff:d2:6a:df:4d:a9:56:91:cd:cb:28:df:27:3e:5a:71:ca:
1f:b9:c4:90:4b:b4:ed:97:38:b7:3e:ba:8e:8b:4c:73:20:f2:
05:a0:a4:a2:c0:ff:c8:63:f6:0b:e6:f4:96:6d:a1:a9:d8:ba:
2d:7b:a7:d8:c9:1e:89:34:3c:40:c7:84:3c:aa:41:17:07:59:
b1:b6:cc:ce:c9:6a:86:5b:64:07:f7:8b:be:a3:68:71:62:96:
0a:ab:98:a8:c9:b4:be:5a:1e:9a:0d:88:7d:2d:16:9e:ca:e1:
38:76:07:9b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjREQzcxMTAvBgNVBAUTKEI4ODkxMTE3ODA2OEQ1NzVERkRERjg0OTQwQ0FCRUFG
NDUxQzhDMkIwHhcNMjQwMjAxMDMzNTIxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJiMTE3OS1iODNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApxv1NHoY+V15kSjB+oRc1dm7m2gtVJsGm5uV6rzgV5HCMUe+te1CDBFyOXw6
7jNzai9plgko6G/YZTRs1WdVFV6BFYTG7TuqGknR0hhWfzxQASmJdP4ebwAnl0fd
c5t4KTH5DmCf+spsuADUAP5WjDbZ0mD21wA/A8DVZl4kuvz7l77o9BRKVd37tI9S
v7lVMmwCsBPBr/cLMxL03SvPCJ6pv84MpKWSKi6Cy/ZQgb5bhk6B98a/nhQGeN5/
T0GtLYHom5sXX79zInTkACvl0w8mGZg/lEnKNKKnxvp7oaNFqW5/V0SM5MFzEZ2Y
f2+ZbfZjsNod60AUxsVz+zeD+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFF7EW3eb
MfHnq8ayj4lM8PYYwvzqMB8GA1UdIwQYMBaAFLiJEReAaNV13934SUDKvq9FHIwr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNERDNy9GM0YxMDIwRUJC
MTAxMUVDQjY3NUVGNTFDNEY5QUUwMi91SWtSRjRCbzFYWGYzZmhKUU1xLXIwVWNq
Q3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VJa1JGNEJvMVhYZjNmaEpRTXEtcjBVY2pDcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjREQzcvRjNGMTAyMEVCQjEwMTFFQ0I2NzVFRjUxQzRGOUFFMDIvNTlFRjAyMjhC
QjE1MTFFQzhCRDBDMTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnsYowDQYJKoZIhvcNAQELBQADggEBAKB0gHp/cDpLY2bz
9o3REUNHWI/FcLPTkfZbgppSTJiXR5dxypQ56Fwrya2DYMSAvN1Bpm5JO2Xi+f5L
OU2pRfxE8FjnQ3OoMNBZeMuWOS3isAfe6Eb7Epu5to3Pqp5oBQdFcQvz38wNCQnD
4XKqpweagzPrFMipBg7KTUM2gWyOIP7uAj8z0FKo9LYr9ovWzzL/0mrfTalWkc3L
KN8nPlpxyh+5xJBLtO2XOLc+uo6LTHMg8gWgpKLA/8hj9gvm9JZtoanYui17p9jJ
Hok0PEDHhDyqQRcHWbG2zM7JaoZbZAf3i76jaHFilgqrmKjJtL5aHpoNiH0tFp7K
4Th2B5s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org