Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/CE55F94ECFE211EE95FDE47FC4F9AE02.roa
File: CE55F94ECFE211EE95FDE47FC4F9AE02.roa (raw, json)
Hash identifier: I9883E7IzwBUwJCndQ9t9AhgjafVWewvFIOQ/ajKDAs=
Subject key identifier: 13:1B:2C:1B:31:54:EC:A7:E8:DD:BF:0B:DF:D2:9A:3F:BA:8E:47:D3
Certificate issuer: /CN=A91EEE06/serialNumber=5073951E5C1582693A87072EE548C65485B05A2C
Certificate serial: 0372
Authority key identifier: 50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/CE55F94ECFE211EE95FDE47FC4F9AE02.roa
Signing time: Sun 25 Feb 2024 11:38:42 +0000
ROA not before: Sun 25 Feb 2024 11:38:42 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 152151
IP address blocks: 103.152.117.0/24 maxlen: 24
103.152.117.0/26 maxlen: 26
103.152.117.64/26 maxlen: 26
103.152.117.128/26 maxlen: 26
103.152.117.192/26 maxlen: 26
Validation: Failed, certificate revoked on Sun 25 Feb 2024 16:58:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 882 (0x372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEE06/serialNumber=5073951E5C1582693A87072EE548C65485B05A2C
Validity
Not Before: Feb 25 11:38:42 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65db26c1-b89b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b6:dd:3d:20:1d:d4:a9:2e:63:ba:50:ac:4e:
ac:a0:65:aa:bd:3c:e7:a3:fc:5b:cb:56:d7:c4:24:
02:dc:09:e6:d8:28:96:ab:18:5b:b8:a9:90:c6:08:
3a:d6:80:2d:ab:c0:1b:ad:9c:52:91:37:b3:5b:cb:
fa:05:47:44:2f:3d:59:5b:f3:55:3f:55:c3:a1:bc:
0f:64:58:35:32:65:c7:b4:3a:cf:86:34:85:8b:8e:
28:b0:f2:52:02:b2:9c:d5:36:7d:db:b4:13:a5:2e:
10:26:22:67:dd:37:a3:55:d9:12:f8:b6:7d:12:9a:
71:8b:58:3c:dc:0f:f4:c6:6c:e2:40:8b:a4:44:92:
d3:3b:67:8f:1e:b3:97:cc:5a:ab:e3:bb:04:1c:81:
93:d3:c4:b2:6e:18:8f:5e:58:ee:80:1c:e5:18:8d:
75:6c:71:19:ed:8c:ba:72:ee:17:16:f8:6d:e8:a8:
10:cb:00:a0:7c:01:a1:1e:b1:d9:28:f7:fe:12:22:
20:3d:d1:ed:af:a7:9b:26:0d:44:d5:39:05:60:22:
e9:7d:17:60:0b:d4:12:3b:d4:80:cc:c7:25:87:dd:
51:b3:75:fc:64:d3:e8:c8:5b:d5:c6:ab:fa:e2:33:
99:fa:64:b0:24:50:35:ee:17:db:52:b4:6d:56:3e:
6d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:1B:2C:1B:31:54:EC:A7:E8:DD:BF:0B:DF:D2:9A:3F:BA:8E:47:D3
X509v3 Authority Key Identifier:
keyid:50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/UHOVHlwVgmk6hwcu5UjGVIWwWiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/CE55F94ECFE211EE95FDE47FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.117.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:36:d5:a4:b5:de:c4:83:83:db:30:c7:95:9e:ae:5c:8c:f4:
71:b3:6b:df:9a:a4:46:83:3c:6c:be:c8:73:c0:c0:64:07:71:
a6:78:e4:fe:a3:fb:9d:33:c0:24:e5:3d:76:42:1d:92:be:61:
5c:66:fe:00:11:e1:9d:6e:07:ff:61:a1:5b:58:23:93:e7:e8:
be:43:8e:07:4f:b7:de:84:96:c2:86:b0:ff:44:09:ab:97:3a:
0c:57:3e:d6:26:be:e5:83:9d:32:e8:15:43:c8:2f:f7:5c:65:
00:bb:5b:b6:72:86:ec:e3:c1:e0:79:1c:f3:71:e4:bc:1a:73:
d1:90:a1:80:c1:46:1d:85:5f:ae:b4:63:cc:33:82:e5:02:51:
92:f7:57:b3:52:ac:3f:c0:86:2a:2f:70:64:6d:7a:cf:32:58:
39:08:7a:ab:77:34:b5:96:81:13:8b:cb:b7:0c:0b:b9:95:78:
87:c6:92:72:22:25:b5:f5:68:f7:8a:48:07:f8:30:43:05:19:
0f:2e:d5:b7:14:55:7e:84:f4:6d:ed:64:27:92:89:3a:5d:b8:
4d:e1:2d:2f:3d:40:33:54:30:72:1f:d8:4f:af:c6:67:ec:e8:
c9:c6:a9:09:b5:ce:c1:60:aa:14:4e:70:4e:8e:7e:96:12:38:
7d:ba:5e:ef
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA3IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVFMDYxMTAvBgNVBAUTKDUwNzM5NTFFNUMxNTgyNjkzQTg3MDcyRUU1NDhDNjU0
ODVCMDVBMkMwHhcNMjQwMjI1MTEzODQyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRiMjZjMS1iODliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2rbdPSAd1KkuY7pQrE6soGWqvTzno/xby1bXxCQC3Anm2CiWqxhbuKmQxgg6
1oAtq8AbrZxSkTezW8v6BUdELz1ZW/NVP1XDobwPZFg1MmXHtDrPhjSFi44osPJS
ArKc1TZ927QTpS4QJiJn3TejVdkS+LZ9Eppxi1g83A/0xmziQIukRJLTO2ePHrOX
zFqr47sEHIGT08SybhiPXljugBzlGI11bHEZ7Yy6cu4XFvht6KgQywCgfAGhHrHZ
KPf+EiIgPdHtr6ebJg1E1TkFYCLpfRdgC9QSO9SAzMclh91Rs3X8ZNPoyFvVxqv6
4jOZ+mSwJFA17hfbUrRtVj5tBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBMbLBsx
VOyn6N2/C9/Smj+6jkfTMB8GA1UdIwQYMBaAFFBzlR5cFYJpOocHLuVIxlSFsFos
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUwNi8wNTU5RUVBRTVD
QkUxMUVDQjI3M0RDN0NDNEY5QUUwMi9VSE9WSGx3VmdtazZod2N1NVVqR1ZJV3dX
aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VIT1ZIbHdWZ21rNmh3Y3U1VWpHVklXd1dpdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVFMDYvMDU1OUVFQUU1Q0JFMTFFQ0IyNzNEQzdDQzRGOUFFMDIvQ0U1NUY5NEVD
RkUyMTFFRTk1RkRFNDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnmHUwDQYJKoZIhvcNAQELBQADggEBAG021aS13sSDg9sw
x5WerlyM9HGza9+apEaDPGy+yHPAwGQHcaZ45P6j+50zwCTlPXZCHZK+YVxm/gAR
4Z1uB/9hoVtYI5Pn6L5DjgdPt96ElsKGsP9ECauXOgxXPtYmvuWDnTLoFUPIL/dc
ZQC7W7ZyhuzjweB5HPNx5Lwac9GQoYDBRh2FX660Y8wzguUCUZL3V7NSrD/Ahiov
cGRtes8yWDkIeqt3NLWWgROLy7cMC7mVeIfGknIiJbX1aPeKSAf4MEMFGQ8u1bcU
VX6E9G3tZCeSiTpduE3hLS89QDNUMHIf2E+vxmfs6MnGqQm1zsFgqhROcE6OfpYS
OH26Xu8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org