Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/7B06DD60B6D411EF843AE965C4F9AE02.roa
File: 7B06DD60B6D411EF843AE965C4F9AE02.roa (raw, json)
Hash identifier: 2WYBXrGxTbNAGbPGnhYzSZl9XU1wNt5oRnpdOvRAjPU=
Subject key identifier: 07:0A:49:8B:04:C0:B0:2B:20:07:25:BD:E3:EB:76:1E:45:CA:DB:56
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 058C
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/7B06DD60B6D411EF843AE965C4F9AE02.roa
Signing time: Thu 20 Mar 2025 15:44:30 +0000
ROA not before: Thu 20 Mar 2025 15:44:30 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150862
IP address blocks: 157.10.42.0/23 maxlen: 23
157.10.44.0/23 maxlen: 23
157.15.108.0/23 maxlen: 23
157.15.110.0/23 maxlen: 23
160.22.106.0/23 maxlen: 23
160.30.20.0/23 maxlen: 23
160.30.156.0/23 maxlen: 23
160.30.192.0/23 maxlen: 23
160.30.200.0/23 maxlen: 23
160.187.122.0/23 maxlen: 23
160.187.226.0/23 maxlen: 23
160.187.228.0/23 maxlen: 23
160.187.246.0/23 maxlen: 23
160.191.54.0/23 maxlen: 23
160.191.138.0/23 maxlen: 23
160.191.174.0/23 maxlen: 23
161.248.98.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 21 Mar 2025 07:40:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1420 (0x58c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Mar 20 15:44:30 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67dc37dd-c934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d2:e3:bf:51:fa:b2:3b:35:a0:e4:c6:03:00:
49:73:46:62:b8:40:94:41:f8:9b:f0:78:f7:0c:da:
3b:92:4e:6f:6d:f3:44:b1:84:29:59:32:57:a0:a8:
08:e2:00:a1:85:8b:1e:af:93:75:9e:49:1e:a1:01:
2a:9a:8e:24:35:6c:4a:e8:64:97:6a:f8:f2:05:21:
37:6b:8b:27:38:04:65:4a:86:2c:85:46:2d:f7:51:
3e:06:25:46:df:24:f7:96:5f:e4:2a:04:9a:87:92:
02:2f:56:ef:0a:0c:f4:15:23:e6:e1:5a:ec:4f:72:
69:ad:12:60:53:d9:99:05:35:75:fe:f8:c0:45:13:
a5:71:52:58:c7:14:ee:8f:b6:94:d3:4c:e3:48:a6:
52:8d:39:3b:80:13:e0:2c:67:02:e0:15:c5:e6:8d:
45:ca:99:d7:ce:e5:fe:4b:d5:75:da:9b:47:a3:d6:
09:17:eb:e3:20:4e:fa:36:40:90:92:b9:bc:e3:1d:
74:78:b3:e0:86:11:e3:c4:18:87:54:b6:15:65:67:
7b:94:49:d3:4e:79:37:e8:94:7a:28:d9:9b:34:e9:
b5:19:ee:25:83:46:62:8e:cf:62:f7:9b:02:21:21:
e0:a2:1e:2d:df:9a:2c:3d:db:5f:2a:39:ab:82:4d:
62:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0A:49:8B:04:C0:B0:2B:20:07:25:BD:E3:EB:76:1E:45:CA:DB:56
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/7B06DD60B6D411EF843AE965C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.42.0-157.10.45.255
157.15.108.0/22
160.22.106.0/23
160.30.20.0/23
160.30.156.0/23
160.30.192.0/23
160.30.200.0/23
160.187.122.0/23
160.187.226.0-160.187.229.255
160.187.246.0/23
160.191.54.0/23
160.191.138.0/23
160.191.174.0/23
161.248.98.0/23
Signature Algorithm: sha256WithRSAEncryption
06:4a:90:63:f1:11:91:ae:2f:f4:be:32:f4:2f:7d:10:2c:d5:
d0:38:41:32:36:2e:ac:33:70:6d:f0:42:0c:0a:54:f5:a7:38:
28:84:cf:43:07:d2:94:90:b1:55:a5:66:af:81:d4:73:ad:e1:
91:b4:85:08:44:37:92:b7:85:c8:c3:e7:9f:2d:b4:36:fe:52:
b3:21:99:b9:98:97:06:ef:43:6e:4c:e8:e7:f0:23:28:bf:40:
b6:59:20:64:3b:50:de:36:01:77:26:c3:d9:df:f4:6f:92:5c:
c2:3a:dd:ec:50:08:8a:d9:e9:74:01:83:ed:56:51:43:b9:b5:
a6:23:59:0f:9d:89:2c:10:e5:e7:6d:47:52:65:1f:ba:36:71:
15:91:a9:d9:3f:8a:10:4f:ce:61:51:f9:32:f0:dd:e1:a9:2e:
65:a7:65:56:30:05:ad:b6:f7:88:a8:fa:1f:49:15:ae:73:7c:
e3:79:fb:7e:57:9a:ed:f2:f9:39:8b:d8:6c:0b:32:b2:57:b1:
fe:db:58:be:28:e8:55:35:6c:81:33:4d:54:97:40:a6:cc:64:
85:63:22:d8:bb:c2:8f:4c:31:9f:ff:a0:83:d1:3c:88:4c:06:
8d:d6:4d:bb:9b:cc:3c:28:3d:f3:81:89:7c:88:3b:c4:b8:8c:
14:fa:16:47
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgICBYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwMzIwMTU0NDMwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjMzdkZC1jOTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA49Ljv1H6sjs1oOTGAwBJc0ZiuECUQfib8Hj3DNo7kk5vbfNEsYQpWTJXoKgI
4gChhYser5N1nkkeoQEqmo4kNWxK6GSXavjyBSE3a4snOARlSoYshUYt91E+BiVG
3yT3ll/kKgSah5ICL1bvCgz0FSPm4VrsT3JprRJgU9mZBTV1/vjARROlcVJYxxTu
j7aU00zjSKZSjTk7gBPgLGcC4BXF5o1FypnXzuX+S9V12ptHo9YJF+vjIE76NkCQ
krm84x10eLPghhHjxBiHVLYVZWd7lEnTTnk36JR6KNmbNOm1Ge4lg0Zijs9i95sC
ISHgoh4t35osPdtfKjmrgk1ilQIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFAcKSYsE
wLArIAclvePrdh5FyttWMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvN0IwNkRENjBC
NkQ0MTFFRjg0M0FFOTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfQYIKwYBBQUHAQcBAf8E
bjBsMGoEAgABMGQwDAMEAZ0KKgMEAZ0KLAMEAp0PbAMEAaAWagMEAaAeFAMEAaAe
nAMEAaAewAMEAaAeyAMEAaC7ejAMAwQBoLviAwQBoLvkAwQBoLv2AwQBoL82AwQB
oL+KAwQBoL+uAwQBofhiMA0GCSqGSIb3DQEBCwUAA4IBAQAGSpBj8RGRri/0vjL0
L30QLNXQOEEyNi6sM3Bt8EIMClT1pzgohM9DB9KUkLFVpWavgdRzreGRtIUIRDeS
t4XIw+efLbQ2/lKzIZm5mJcG70NuTOjn8CMov0C2WSBkO1DeNgF3JsPZ3/RvklzC
Ot3sUAiK2el0AYPtVlFDubWmI1kPnYksEOXnbUdSZR+6NnEVkanZP4oQT85hUfky
8N3hqS5lp2VWMAWttveIqPofSRWuc3zjeft+V5rt8vk5i9hsCzKyV7H+21i+KOhV
NWyBM01Ul0CmzGSFYyLYu8KPTDGf/6CD0TyITAaN1k27m8w8KD3zgYl8iDvEuIwU
+hZH
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:34:51 2025 by rpki-client