Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/420AE1DCE0A611EEB9305221C4F9AE02.roa
File: 420AE1DCE0A611EEB9305221C4F9AE02.roa (raw, json)
Hash identifier: vcB+zNFt/XiCPR1kW5FAslb7alEfc7RZvA2LVya+flw=
Subject key identifier: AA:74:0A:65:F6:0C:05:D0:98:38:22:9C:95:A3:09:D7:2E:80:AC:CE
Certificate issuer: /CN=A9131711/serialNumber=B57B207F0E1C1BA873A0793582C7A8134098674C
Certificate serial: 16
Authority key identifier: B5:7B:20:7F:0E:1C:1B:A8:73:A0:79:35:82:C7:A8:13:40:98:67:4C
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/420AE1DCE0A611EEB9305221C4F9AE02.roa
Signing time: Tue 12 Mar 2024 19:25:17 +0000
ROA not before: Tue 12 Mar 2024 19:25:17 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 152473
IP address blocks: 157.15.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Mar 2024 23:03:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9131711/serialNumber=B57B207F0E1C1BA873A0793582C7A8134098674C
Validity
Not Before: Mar 12 19:25:17 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65f0ac1d-74b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:cf:10:10:4c:ac:3c:e8:a1:b8:d4:e6:dd:b3:
ba:8d:d4:5a:45:05:a9:6e:e1:0d:88:3e:36:3c:fe:
5a:13:d4:d9:cd:1c:e4:6f:e1:df:2b:e4:7d:cc:95:
2b:6c:23:45:80:74:d7:83:40:07:24:55:d3:60:0b:
57:2a:a0:3c:e9:0f:56:0f:4e:b1:d8:87:e5:27:b9:
4c:da:e6:56:50:06:82:c3:42:42:91:95:97:96:51:
84:fe:49:10:b5:c5:56:ff:90:4e:17:b9:2f:7a:a9:
63:85:f3:5e:40:a0:ae:ee:59:bc:f1:b1:c3:69:91:
b3:67:9c:fc:78:ca:43:14:ed:cd:c2:b5:ba:c0:18:
02:66:63:70:a4:56:63:63:29:d6:12:21:8e:67:3c:
75:07:26:26:f9:93:7a:48:56:43:78:89:ef:19:d0:
ba:10:fd:71:39:d8:7c:77:c1:2d:f8:5d:0d:3b:04:
f3:77:7a:d0:cd:ab:f2:77:e0:c5:b7:5a:c8:82:e1:
fd:69:e1:1e:68:a1:36:cb:1d:a6:50:14:bc:30:27:
9a:75:87:76:81:8e:5a:0c:ea:24:b6:f4:2c:74:62:
d6:14:3b:d1:89:95:87:e2:56:44:57:9a:41:b8:d3:
a9:a4:4a:da:2e:2e:92:b1:7b:6a:0c:ca:18:5a:ca:
0a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:74:0A:65:F6:0C:05:D0:98:38:22:9C:95:A3:09:D7:2E:80:AC:CE
X509v3 Authority Key Identifier:
keyid:B5:7B:20:7F:0E:1C:1B:A8:73:A0:79:35:82:C7:A8:13:40:98:67:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/420AE1DCE0A611EEB9305221C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.222.0/24
Signature Algorithm: sha256WithRSAEncryption
82:da:ee:b7:30:a5:23:af:64:01:6f:e2:03:b2:de:c3:58:54:
7c:a9:a9:a1:fd:71:87:34:40:e3:d5:ed:c9:1e:a0:8a:ba:cd:
45:67:04:d0:9c:88:4d:68:44:9f:70:be:7e:fe:87:89:d6:d5:
69:a5:d3:8e:80:82:0f:5d:6e:af:20:50:da:98:5f:cb:2f:a2:
1a:31:90:17:cc:23:8a:21:2f:64:10:45:d8:ce:79:7c:57:3f:
92:eb:8a:63:a1:b1:c5:c3:ec:49:cc:5d:8b:2c:7c:ab:ae:89:
a8:d8:c7:22:7f:e8:b3:06:76:d6:dd:45:2c:d6:39:1a:4c:64:
83:0b:b1:d3:ac:62:46:90:8b:fd:d7:d3:dc:7e:7a:b3:92:fe:
2e:e9:73:68:ec:bb:dd:63:90:12:4f:f7:52:73:c9:5e:c9:38:
2b:36:82:7a:0e:37:45:8e:88:7e:17:8c:5e:dd:80:80:fd:99:
23:91:17:19:87:8c:11:f0:06:32:3e:32:94:3b:06:e3:8c:3a:
f9:42:f6:eb:71:d4:5a:e5:d3:ff:63:db:25:ea:d3:3c:1a:77:
04:c1:63:38:43:9a:d1:2c:cd:e7:c9:aa:42:b5:c9:d3:3c:2e:
b9:2c:c1:3b:e9:0c:2a:b6:ca:4e:35:ca:a2:c7:4b:d3:b1:57:
a6:eb:af:0a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
MTcxMTExMC8GA1UEBRMoQjU3QjIwN0YwRTFDMUJBODczQTA3OTM1ODJDN0E4MTM0
MDk4Njc0QzAeFw0yNDAzMTIxOTI1MTdaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZjBhYzFkLTc0YjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDqzxAQTKw86KG41Obds7qN1FpFBalu4Q2IPjY8/loT1NnNHORv4d8r5H3MlSts
I0WAdNeDQAckVdNgC1cqoDzpD1YPTrHYh+UnuUza5lZQBoLDQkKRlZeWUYT+SRC1
xVb/kE4XuS96qWOF815AoK7uWbzxscNpkbNnnPx4ykMU7c3CtbrAGAJmY3CkVmNj
KdYSIY5nPHUHJib5k3pIVkN4ie8Z0LoQ/XE52Hx3wS34XQ07BPN3etDNq/J34MW3
WsiC4f1p4R5ooTbLHaZQFLwwJ5p1h3aBjloM6iS29Cx0YtYUO9GJlYfiVkRXmkG4
06mkStouLpKxe2oMyhhaygphAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUqnQKZfYM
BdCYOCKclaMJ1y6ArM4wHwYDVR0jBBgwFoAUtXsgfw4cG6hzoHk1gseoE0CYZ0ww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMxNzExLzlGREQyREEwQzk5
MTExRUU4OTFCQTQxOUM0RjlBRTAyL3RYc2dmdzRjRzZoem9IazFnc2VvRTBDWVow
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvdFhzZ2Z3NGNHNmh6b0hrMWdzZW9FMENZWjB3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MTcxMS85RkREMkRBMEM5OTExMUVFODkxQkE0MTlDNEY5QUUwMi80MjBBRTFEQ0Uw
QTYxMUVFQjkzMDUyMjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0P3jANBgkqhkiG9w0BAQsFAAOCAQEAgtrutzClI69kAW/i
A7Lew1hUfKmpof1xhzRA49XtyR6girrNRWcE0JyITWhEn3C+fv6HidbVaaXTjoCC
D11uryBQ2phfyy+iGjGQF8wjiiEvZBBF2M55fFc/kuuKY6GxxcPsScxdiyx8q66J
qNjHIn/oswZ21t1FLNY5Gkxkgwux06xiRpCL/dfT3H56s5L+LulzaOy73WOQEk/3
UnPJXsk4KzaCeg43RY6IfheMXt2AgP2ZI5EXGYeMEfAGMj4ylDsG44w6+UL263HU
WuXT/2PbJerTPBp3BMFjOEOa0SzN58mqQrXJ0zwuuSzBO+kMKrbKTjXKosdL07FX
puuvCg==
-----END CERTIFICATE-----
Generated at Sun Mar 17 02:05:21 2024 by rpki-client on console-ams.rpki-client.org