Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2CD45FBA9E2411E9B143BE71C4F9AE02/59EA31DE881011EEA7B83F37C4F9AE02.roa
File: 59EA31DE881011EEA7B83F37C4F9AE02.roa (raw, json)
Hash identifier: 9exWgaSrOpttgzH1hAwpb9lyd8Wjn3JihzKJIIyKSYM=
Subject key identifier: 9D:5B:F4:59:11:3B:F0:7C:E9:0C:72:D0:DA:8E:AC:BA:6C:E3:85:29
Certificate issuer: /CN=A91E6856/serialNumber=5382642EBD799A0F8286D0654829ED768430F9E4
Certificate serial: 0D2B
Authority key identifier: 53:82:64:2E:BD:79:9A:0F:82:86:D0:65:48:29:ED:76:84:30:F9:E4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4JkLr15mg-ChtBlSCntdoQw-eQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2CD45FBA9E2411E9B143BE71C4F9AE02/59EA31DE881011EEA7B83F37C4F9AE02.roa
Signing time: Tue 21 Nov 2023 01:50:30 +0000
ROA not before: Tue 21 Nov 2023 01:50:30 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 24433
IP address blocks: 203.15.122.0/24 maxlen: 24
203.27.220.0/24 maxlen: 24
203.27.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3371 (0xd2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6856/serialNumber=5382642EBD799A0F8286D0654829ED768430F9E4
Validity
Not Before: Nov 21 01:50:30 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=655c0ce6-aedb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:74:a0:80:c6:c1:27:d5:95:17:6a:4f:e3:42:
9e:f7:93:b3:38:9f:89:b3:bf:0f:f4:d9:b7:5d:d5:
98:ef:91:35:f8:dc:e5:6b:3e:82:d6:00:cc:77:99:
d8:a5:c7:4e:74:e1:b8:7e:4f:b2:2f:da:1e:26:8c:
9c:52:f1:30:e4:0b:ae:b9:12:07:87:e7:62:6f:17:
a9:5c:70:45:78:30:65:6e:66:2a:63:f0:1a:21:bf:
62:13:c1:a5:e7:ed:06:dd:ca:f1:63:53:89:b7:7d:
48:8b:6f:3b:f8:b5:f1:78:d5:39:c1:81:55:e3:6a:
61:c1:f1:94:15:cc:5e:eb:e7:0b:c3:c2:17:dc:51:
e6:24:8e:cf:12:58:ba:c7:fc:52:72:71:90:5d:35:
1c:8c:bb:8b:0a:87:a0:5e:52:58:03:31:e1:45:c2:
b5:b1:c6:7f:c9:bf:4f:f1:a4:ae:b8:9c:d9:b0:51:
37:b3:60:eb:c7:33:a7:95:21:96:16:8b:60:5b:74:
ba:1a:b4:1c:9d:55:da:75:63:2a:00:0c:b1:f2:45:
44:37:4a:98:a1:a5:5e:c5:08:26:20:0c:71:c3:22:
18:53:66:99:60:69:43:6e:3f:eb:67:0b:88:58:5b:
27:d1:73:a6:47:b4:29:9a:c5:97:5b:2b:5c:68:1f:
e4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5B:F4:59:11:3B:F0:7C:E9:0C:72:D0:DA:8E:AC:BA:6C:E3:85:29
X509v3 Authority Key Identifier:
keyid:53:82:64:2E:BD:79:9A:0F:82:86:D0:65:48:29:ED:76:84:30:F9:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6856/2CD45FBA9E2411E9B143BE71C4F9AE02/U4JkLr15mg-ChtBlSCntdoQw-eQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4JkLr15mg-ChtBlSCntdoQw-eQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2CD45FBA9E2411E9B143BE71C4F9AE02/59EA31DE881011EEA7B83F37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.15.122.0/24
203.27.220.0/23
Signature Algorithm: sha256WithRSAEncryption
66:7f:cf:23:a4:a2:bb:8d:e6:87:85:d5:11:2b:79:eb:4d:2b:
ca:f2:b5:96:4c:a5:df:19:32:59:06:78:ce:6e:40:12:7f:31:
81:06:88:ac:78:02:3a:9e:4b:1e:74:00:19:3a:3a:c6:fd:50:
ca:29:ee:02:ac:31:b3:51:3e:2c:f9:da:2f:c5:e4:d4:04:de:
ea:4b:c9:7c:ef:7b:98:4c:50:1b:9c:8d:87:85:da:77:a2:37:
d5:1e:ec:d2:94:4a:03:1f:84:e7:d2:6f:bb:50:9e:ad:aa:f3:
0e:08:b5:2e:32:bc:6c:23:b2:9f:66:e5:5c:46:66:86:24:ab:
f7:1a:b6:3f:35:e6:ac:1b:bc:bd:bb:5c:92:2c:f0:0b:fb:8d:
4b:d9:13:aa:7a:6e:a9:3b:8e:ca:de:6a:76:5a:80:7e:56:82:
47:c7:32:9a:32:cb:b4:f5:cb:b9:44:c8:a6:1d:61:48:9e:75:
06:3f:5a:07:de:49:06:91:0b:67:b3:6c:db:44:e4:f1:39:60:
33:f7:f7:39:03:7e:58:4f:c3:1c:2a:1d:8a:7d:75:ef:ba:ef:
1f:09:e3:5b:4c:fb:bd:44:65:c7:e9:4e:e4:13:4f:1b:9f:17:
3a:83:ff:66:07:73:79:fd:2e:a7:42:c9:c1:70:b0:b8:9f:99:
50:f9:c3:7b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDSswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTY4NTYxMTAvBgNVBAUTKDUzODI2NDJFQkQ3OTlBMEY4Mjg2RDA2NTQ4MjlFRDc2
ODQzMEY5RTQwHhcNMjMxMTIxMDE1MDMwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVjMGNlNi1hZWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7nSggMbBJ9WVF2pP40Ke95OzOJ+Js78P9Nm3XdWY75E1+Nzlaz6C1gDMd5nY
pcdOdOG4fk+yL9oeJoycUvEw5AuuuRIHh+dibxepXHBFeDBlbmYqY/AaIb9iE8Gl
5+0G3crxY1OJt31Ii287+LXxeNU5wYFV42phwfGUFcxe6+cLw8IX3FHmJI7PEli6
x/xScnGQXTUcjLuLCoegXlJYAzHhRcK1scZ/yb9P8aSuuJzZsFE3s2DrxzOnlSGW
FotgW3S6GrQcnVXadWMqAAyx8kVEN0qYoaVexQgmIAxxwyIYU2aZYGlDbj/rZwuI
WFsn0XOmR7QpmsWXWytcaB/kwwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJ1b9FkR
O/B86Qxy0NqOrLps44UpMB8GA1UdIwQYMBaAFFOCZC69eZoPgobQZUgp7XaEMPnk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yQ0Q0NUZCQTlF
MjQxMUU5QjE0M0JFNzFDNEY5QUUwMi9VNEprTHIxNW1nLUNodEJsU0NudGRvUXct
ZVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U0SmtMcjE1bWctQ2h0QmxTQ250ZG9Rdy1lUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTY4NTYvMkNENDVGQkE5RTI0MTFFOUIxNDNCRTcxQzRGOUFFMDIvNTlFQTMxREU4
ODEwMTFFRUE3QjgzRjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLD3oDBAHLG9wwDQYJKoZIhvcNAQELBQADggEBAGZ/zyOk
oruN5oeF1REreetNK8rytZZMpd8ZMlkGeM5uQBJ/MYEGiKx4AjqeSx50ABk6Osb9
UMop7gKsMbNRPiz52i/F5NQE3upLyXzve5hMUBucjYeF2neiN9Ue7NKUSgMfhOfS
b7tQnq2q8w4ItS4yvGwjsp9m5VxGZoYkq/catj815qwbvL27XJIs8Av7jUvZE6p6
bqk7jsreanZagH5WgkfHMpoyy7T1y7lEyKYdYUiedQY/WgfeSQaRC2ezbNtE5PE5
YDP39zkDflhPwxwqHYp9de+67x8J41tM+71EZcfpTuQTTxufFzqD/2YHc3n9LqdC
ycFwsLifmVD5w3s=
-----END CERTIFICATE-----
Generated at Tue Nov 21 02:58:57 2023 by rpki-client on console-fra.rpki-client.org