Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/A951C72602C411EF99642E6DC4F9AE02.roa
File: A951C72602C411EF99642E6DC4F9AE02.roa (raw, json)
Hash identifier: zcFFmtlEH3Sh90Ox7ymnQnI8fc1EqwtRsrEnxTzRh8s=
Subject key identifier: 8E:45:34:F6:88:07:E3:04:D1:8F:01:FF:FE:C9:BD:34:3F:D7:76:77
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0BA5
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/A951C72602C411EF99642E6DC4F9AE02.roa
Signing time: Thu 25 Apr 2024 06:06:32 +0000
ROA not before: Thu 25 Apr 2024 06:06:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38026
IP address blocks: 59.152.60.0/24 maxlen: 24
59.152.61.0/24 maxlen: 24
59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
103.205.180.0/24 maxlen: 24
103.205.181.0/24 maxlen: 24
103.205.182.0/24 maxlen: 24
103.205.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 06:58:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2981 (0xba5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Apr 25 06:06:32 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6629f2e8-e71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:23:f4:b8:9b:73:08:94:76:9c:79:9f:77:6d:
d1:98:5b:45:94:5c:31:9d:e6:ef:aa:a0:73:18:17:
ea:2e:e3:b5:cf:95:2c:8e:80:e9:18:d3:de:ce:d1:
b6:9b:a9:39:fd:6e:46:c0:18:0b:c8:18:05:34:bb:
31:0e:13:c7:d9:5a:be:f2:83:8d:08:71:f4:01:6a:
8b:0e:bd:45:5a:7d:56:4b:d3:84:07:ce:03:03:74:
77:5a:f3:45:70:16:43:1d:23:3c:2c:bc:80:99:c8:
fe:e0:c6:b8:38:87:5d:5b:1d:fb:bd:cc:d2:9c:3e:
1d:b4:8e:86:87:86:8b:b8:21:91:48:0c:a9:74:e9:
66:f6:fa:bb:33:b7:a7:33:cc:ff:29:e1:0e:29:87:
69:32:a2:09:50:6c:d2:61:3d:83:26:62:2c:eb:bf:
93:28:5d:b2:ca:1a:88:8b:ad:82:c1:7b:45:f2:f5:
24:27:8b:07:45:b5:ca:3a:f4:65:bc:a5:65:1a:90:
11:78:e9:81:ae:bb:ef:4d:5b:c0:cc:f3:a0:60:2b:
3b:7b:b9:d6:aa:f9:65:79:69:eb:26:23:a7:56:67:
fa:98:74:44:c4:34:68:e1:bc:dc:87:55:13:04:d2:
50:0e:98:be:86:2f:fb:1d:28:8f:21:59:93:e9:dc:
00:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:45:34:F6:88:07:E3:04:D1:8F:01:FF:FE:C9:BD:34:3F:D7:76:77
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/A951C72602C411EF99642E6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.60.0/22
103.205.180.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:74:bd:16:b6:8e:06:ce:bc:10:67:2b:6d:82:3a:11:9b:e3:
75:c6:5f:d7:9e:c9:92:48:0f:3b:17:bc:d0:a5:4d:b4:85:e1:
51:08:93:ec:20:24:f0:72:19:e3:12:f5:fa:72:a9:12:3e:18:
f9:9f:c0:7a:e9:ce:ad:c9:94:52:05:fd:1d:18:2f:97:64:82:
8f:b6:7e:04:08:85:91:8b:50:75:52:8a:06:34:5c:cb:95:29:
39:87:3f:50:0f:65:f3:73:bf:d3:d9:94:0a:6d:6a:ad:ca:fe:
bf:02:ee:5b:d7:24:12:28:a4:83:d1:4a:93:f0:33:0f:6e:9a:
8c:a1:48:9a:9c:3f:52:e6:65:0f:c6:4e:f2:65:74:10:b9:f3:
98:86:5f:07:3d:00:e7:9e:0c:3a:9c:ac:d7:b1:54:d0:e1:db:
70:4d:04:8b:af:5d:d5:91:8f:55:0b:f0:37:f3:2c:98:cf:a2:
c1:08:e0:00:4f:f3:d8:47:8d:ba:d8:6f:38:ab:b7:e6:59:ac:
50:ac:54:de:2c:27:8d:87:e2:6c:a2:f4:f3:7d:fa:70:6d:38:
c7:02:6d:57:e4:0b:43:7b:3f:5e:da:0c:14:f3:1b:f6:cc:43:
0d:46:7b:2e:40:9f:a9:0c:33:42:7b:ff:f8:b3:1a:10:f2:37:
16:a4:98:a5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC6UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwNDI1MDYwNjMyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI5ZjJlOC1lNzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuiP0uJtzCJR2nHmfd23RmFtFlFwxnebvqqBzGBfqLuO1z5UsjoDpGNPeztG2
m6k5/W5GwBgLyBgFNLsxDhPH2Vq+8oONCHH0AWqLDr1FWn1WS9OEB84DA3R3WvNF
cBZDHSM8LLyAmcj+4Ma4OIddWx37vczSnD4dtI6Gh4aLuCGRSAypdOlm9vq7M7en
M8z/KeEOKYdpMqIJUGzSYT2DJmIs67+TKF2yyhqIi62CwXtF8vUkJ4sHRbXKOvRl
vKVlGpAReOmBrrvvTVvAzPOgYCs7e7nWqvlleWnrJiOnVmf6mHRExDRo4bzch1UT
BNJQDpi+hi/7HSiPIVmT6dwAEQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFI5FNPaI
B+ME0Y8B//7JvTQ/13Z3MB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvQTk1MUM3MjYw
MkM0MTFFRjk5NjQyRTZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAI7mDwDBAJnzbQwDQYJKoZIhvcNAQELBQADggEBALF0vRa2
jgbOvBBnK22COhGb43XGX9eeyZJIDzsXvNClTbSF4VEIk+wgJPByGeMS9fpyqRI+
GPmfwHrpzq3JlFIF/R0YL5dkgo+2fgQIhZGLUHVSigY0XMuVKTmHP1APZfNzv9PZ
lAptaq3K/r8C7lvXJBIopIPRSpPwMw9umoyhSJqcP1LmZQ/GTvJldBC585iGXwc9
AOeeDDqcrNexVNDh23BNBIuvXdWRj1UL8DfzLJjPosEI4ABP89hHjbrYbzirt+ZZ
rFCsVN4sJ42H4myi9PN9+nBtOMcCbVfkC0N7P17aDBTzG/bMQw1Gey5An6kMM0J7
//izGhDyNxakmKU=
-----END CERTIFICATE-----
Generated at Thu Apr 25 08:19:55 2024 by rpki-client on console-ams.rpki-client.org