Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/0247EED8B3A411EF9F37ED42C4F9AE02.roa
File: 0247EED8B3A411EF9F37ED42C4F9AE02.roa (raw, json)
Hash identifier: ZK9vgLrINx/WqjwQCs26lYgEzC1FVIIBY9mqWmgEhB4=
Subject key identifier: F9:D7:42:7F:95:06:B8:9E:DB:E8:B9:B9:02:BB:08:21:53:1C:8C:B5
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 0478
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/0247EED8B3A411EF9F37ED42C4F9AE02.roa
Signing time: Fri 06 Dec 2024 07:30:47 +0000
ROA not before: Fri 06 Dec 2024 07:30:47 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150862
IP address blocks: 157.10.42.0/23 maxlen: 23
157.10.44.0/23 maxlen: 23
157.15.108.0/23 maxlen: 23
157.15.110.0/23 maxlen: 23
160.22.106.0/23 maxlen: 23
160.30.20.0/23 maxlen: 23
160.30.156.0/23 maxlen: 23
160.30.192.0/23 maxlen: 23
160.30.200.0/23 maxlen: 23
160.187.122.0/23 maxlen: 23
160.187.226.0/23 maxlen: 23
160.187.228.0/23 maxlen: 23
160.187.246.0/23 maxlen: 23
160.191.54.0/23 maxlen: 23
160.191.138.0/23 maxlen: 23
160.191.174.0/23 maxlen: 23
160.191.242.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 10 Dec 2024 08:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1144 (0x478)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Dec 6 07:30:47 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6752a826-0242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:dd:c5:dc:61:c7:4f:d1:30:fb:2f:33:80:80:
ad:ae:61:98:39:e4:ad:c1:54:c5:40:d0:e9:e4:59:
ad:2e:95:67:b2:af:1a:7d:87:8c:1f:2a:d0:df:c2:
91:29:0b:e6:e7:83:ad:90:4a:f8:fb:e7:8f:a4:d0:
1a:b7:86:6e:47:32:ee:07:e6:5b:6b:1a:e4:a0:de:
01:de:4f:83:f7:f4:db:b3:16:b8:05:5c:8e:80:37:
e1:b1:ae:7e:ae:45:69:5c:6b:e2:11:e1:83:31:ac:
d1:67:df:0b:97:0f:54:ae:71:4d:18:01:31:99:40:
9c:c4:66:e6:ef:63:40:27:8f:11:21:3c:d2:9a:be:
9b:f7:f1:27:09:77:b6:24:48:36:3a:dd:91:4f:1b:
fe:b5:2a:d0:bb:c6:80:55:0b:56:f1:cb:b4:2c:9e:
ea:63:70:23:db:54:66:6d:22:f0:1c:53:14:a4:a7:
e6:77:fc:ce:3c:b1:bb:ca:a6:af:77:f7:13:2f:bd:
4c:db:ab:91:51:d6:db:90:e3:22:1a:4a:0d:29:7d:
47:3e:a8:c9:36:2f:2d:c5:ce:71:36:d3:ce:a7:85:
fa:1a:b2:db:fd:7e:c4:7d:39:b2:77:3a:c0:57:22:
e2:97:56:d1:76:88:67:9a:11:b2:4e:5e:a9:cc:ee:
c9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D7:42:7F:95:06:B8:9E:DB:E8:B9:B9:02:BB:08:21:53:1C:8C:B5
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/0247EED8B3A411EF9F37ED42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.42.0-157.10.45.255
157.15.108.0/22
160.22.106.0/23
160.30.20.0/23
160.30.156.0/23
160.30.192.0/23
160.30.200.0/23
160.187.122.0/23
160.187.226.0-160.187.229.255
160.187.246.0/23
160.191.54.0/23
160.191.138.0/23
160.191.174.0/23
160.191.242.0/23
Signature Algorithm: sha256WithRSAEncryption
62:55:dd:c6:4c:00:1e:22:65:bf:fa:47:db:12:8a:93:49:6a:
6e:06:7b:0c:ac:b6:f1:61:3b:fe:ae:cd:a8:e2:8c:a8:d7:e9:
b7:18:52:92:53:94:57:07:6b:a1:ae:b7:75:5b:a8:81:01:e2:
73:e8:6e:dd:d5:db:7a:7b:9b:ef:e8:4e:33:ff:d6:0b:81:cf:
67:a7:a2:c3:42:bf:42:eb:ed:8e:2d:8a:1c:c9:0e:5d:f9:48:
79:1a:73:fe:4e:35:8f:8d:bc:d3:27:db:bf:b7:65:ae:b3:ef:
77:45:20:02:1b:4f:10:96:39:ba:db:12:d8:55:08:d2:25:30:
68:1c:3e:4b:c4:e5:fb:08:e0:d8:35:4d:c0:fe:f8:ed:12:55:
97:0f:3f:bb:6e:9d:e4:e6:82:4d:94:bb:dc:76:ca:ed:f0:f0:
07:57:2d:52:c5:3f:cb:ac:87:68:14:3d:cd:05:84:61:df:a0:
04:b5:57:1e:02:3c:5b:12:91:18:33:7c:9b:9d:41:62:05:14:
43:5f:70:82:ae:f3:f1:86:95:5e:d2:84:ea:19:cf:eb:8a:84:
33:3d:43:47:42:ed:c5:f3:20:9f:7e:90:22:6f:a6:9e:8f:cc:
a4:fe:26:88:ba:66:36:8c:ee:9f:ea:39:6c:88:f8:0c:a4:92:
08:06:f1:5b
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgICBHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjQxMjA2MDczMDQ3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUyYTgyNi0wMjQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1d3F3GHHT9Ew+y8zgICtrmGYOeStwVTFQNDp5FmtLpVnsq8afYeMHyrQ38KR
KQvm54OtkEr4++ePpNAat4ZuRzLuB+ZbaxrkoN4B3k+D9/Tbsxa4BVyOgDfhsa5+
rkVpXGviEeGDMazRZ98Llw9UrnFNGAExmUCcxGbm72NAJ48RITzSmr6b9/EnCXe2
JEg2Ot2RTxv+tSrQu8aAVQtW8cu0LJ7qY3Aj21RmbSLwHFMUpKfmd/zOPLG7yqav
d/cTL71M26uRUdbbkOMiGkoNKX1HPqjJNi8txc5xNtPOp4X6GrLb/X7EfTmydzrA
VyLil1bRdohnmhGyTl6pzO7JdQIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFPnXQn+V
Brie2+i5uQK7CCFTHIy1MB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvMDI0N0VFRDhC
M0E0MTFFRjlGMzdFRDQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfQYIKwYBBQUHAQcBAf8E
bjBsMGoEAgABMGQwDAMEAZ0KKgMEAZ0KLAMEAp0PbAMEAaAWagMEAaAeFAMEAaAe
nAMEAaAewAMEAaAeyAMEAaC7ejAMAwQBoLviAwQBoLvkAwQBoLv2AwQBoL82AwQB
oL+KAwQBoL+uAwQBoL/yMA0GCSqGSIb3DQEBCwUAA4IBAQBiVd3GTAAeImW/+kfb
EoqTSWpuBnsMrLbxYTv+rs2o4oyo1+m3GFKSU5RXB2uhrrd1W6iBAeJz6G7d1dt6
e5vv6E4z/9YLgc9np6LDQr9C6+2OLYocyQ5d+Uh5GnP+TjWPjbzTJ9u/t2Wus+93
RSACG08Qljm62xLYVQjSJTBoHD5LxOX7CODYNU3A/vjtElWXDz+7bp3k5oJNlLvc
dsrt8PAHVy1SxT/LrIdoFD3NBYRh36AEtVceAjxbEpEYM3ybnUFiBRRDX3CCrvPx
hpVe0oTqGc/rioQzPUNHQu3F8yCffpAib6aej8yk/iaIumY2jO6f6jlsiPgMpJII
BvFb
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:19:34 2025 by rpki-client