Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/F715FBE610FF11EF85135A6AC4F9AE02.roa
File: F715FBE610FF11EF85135A6AC4F9AE02.roa (raw, json)
Hash identifier: +jv41Ydxev53M4NL1YqsLjdFdAbbTXAGMCm32yOUQ9I=
Subject key identifier: 4C:2F:22:78:93:83:A5:DC:FE:99:3E:30:A2:FF:66:2F:DB:DA:C7:FD
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 0297
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/F715FBE610FF11EF85135A6AC4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:31:09 +0000
ROA not before: Thu 05 Sep 2024 03:31:09 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 151932
IP address blocks: 157.66.222.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 20 Mar 2025 15:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 663 (0x297)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Sep 5 03:31:09 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d925fd-76e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:70:9f:c3:19:c1:52:3b:01:7c:d7:77:d2:dd:
a8:53:78:d7:bf:88:59:e4:26:fd:8c:bf:e1:1c:97:
20:42:51:68:9d:92:94:44:a5:8a:be:6a:b4:23:77:
8c:a3:16:d4:cc:4e:f6:9d:0c:10:10:d4:0f:ae:ed:
52:cd:d4:2d:a2:2d:95:99:25:0f:9d:ad:f1:19:57:
07:03:18:a7:20:43:dd:bd:8d:54:93:46:80:0c:c7:
42:ca:68:0d:47:a6:0e:7f:02:e9:1f:19:2d:fc:b2:
9e:63:c8:3b:40:b7:47:91:3d:8d:32:11:bb:da:1d:
ae:e3:e7:12:83:19:04:c8:cc:29:e1:fa:03:3f:7c:
50:7f:56:0e:61:2f:1a:37:97:91:85:4d:ce:aa:e8:
07:dd:ac:5a:2c:59:b9:52:4b:d1:0b:a7:ad:7c:7a:
3d:c2:8e:7d:9d:8b:69:2f:50:e9:9d:b2:91:0a:9a:
c3:9d:c0:2c:34:0c:06:c7:7b:4f:b1:73:fb:29:59:
39:62:56:27:37:65:5d:1e:25:fa:1b:4c:92:c5:5d:
f7:19:22:90:72:66:a8:27:4c:0f:bb:f3:d6:cf:5c:
f2:a8:45:8b:63:b8:1e:e7:51:22:ec:06:79:4b:fb:
06:4c:65:3d:8b:b5:46:2c:d2:cf:2d:d5:6b:91:78:
57:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:2F:22:78:93:83:A5:DC:FE:99:3E:30:A2:FF:66:2F:DB:DA:C7:FD
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/F715FBE610FF11EF85135A6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.222.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:e8:06:9e:bb:31:94:ee:11:c5:df:03:95:94:46:a1:8d:d7:
a2:6d:03:3c:5f:b5:3f:c4:fc:a0:24:8d:8b:70:2e:b4:4f:0b:
fa:0c:03:db:2a:1e:79:57:0c:2f:bd:0a:5b:ef:f5:c3:b5:cf:
3a:82:27:6d:2a:0f:3e:73:bb:e9:98:a9:00:7a:6e:9d:17:cc:
fd:a5:78:e9:4e:42:c8:f3:ba:92:0e:06:dc:76:c0:c8:ce:04:
5b:74:96:ae:ba:99:53:27:3f:9e:39:72:e9:37:39:e2:ce:65:
df:54:71:06:0f:a0:f9:69:c0:33:5a:f5:e7:dc:90:8c:24:4f:
67:06:72:70:34:d3:2d:40:0a:ec:ad:80:6c:81:03:84:21:c1:
9b:86:aa:e9:7f:f6:0c:6d:4d:ad:6f:22:bf:2d:12:ee:78:00:
51:67:8a:d6:43:96:a4:fa:d0:7f:63:c1:2d:21:ed:50:d7:03:
d3:a5:d8:f5:aa:ad:b6:c4:83:64:9c:0b:4f:02:f7:d6:a6:d5:
44:4b:11:cb:33:c8:0b:83:2f:79:f6:2a:10:77:e4:26:84:01:
87:35:ee:a9:d5:58:7a:76:d9:cb:30:26:31:88:a0:ee:cd:cc:
ac:6e:37:22:51:b4:ce:31:02:1a:91:47:ac:97:f5:97:45:82:
5f:94:91:f4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICApcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjQwOTA1MDMzMTA5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjVmZC03NmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqXCfwxnBUjsBfNd30t2oU3jXv4hZ5Cb9jL/hHJcgQlFonZKURKWKvmq0I3eM
oxbUzE72nQwQENQPru1SzdQtoi2VmSUPna3xGVcHAxinIEPdvY1Uk0aADMdCymgN
R6YOfwLpHxkt/LKeY8g7QLdHkT2NMhG72h2u4+cSgxkEyMwp4foDP3xQf1YOYS8a
N5eRhU3OqugH3axaLFm5UkvRC6etfHo9wo59nYtpL1DpnbKRCprDncAsNAwGx3tP
sXP7KVk5YlYnN2VdHiX6G0ySxV33GSKQcmaoJ0wPu/PWz1zyqEWLY7ge51Ei7AZ5
S/sGTGU9i7VGLNLPLdVrkXhX+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFEwvIniT
g6Xc/pk+MKL/Zi/b2sf9MB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvRjcxNUZCRTYx
MEZGMTFFRjg1MTM1QTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdQt4wDQYJKoZIhvcNAQELBQADggEBAB3oBp67MZTuEcXf
A5WURqGN16JtAzxftT/E/KAkjYtwLrRPC/oMA9sqHnlXDC+9Clvv9cO1zzqCJ20q
Dz5zu+mYqQB6bp0XzP2leOlOQsjzupIOBtx2wMjOBFt0lq66mVMnP545cuk3OeLO
Zd9UcQYPoPlpwDNa9efckIwkT2cGcnA00y1ACuytgGyBA4QhwZuGqul/9gxtTa1v
Ir8tEu54AFFnitZDlqT60H9jwS0h7VDXA9Ol2PWqrbbEg2ScC08C99am1URLEcsz
yAuDL3n2KhB35CaEAYc17qnVWHp22cswJjGIoO7NzKxuNyJRtM4xAhqRR6yX9ZdF
gl+UkfQ=
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:22:03 2025 by rpki-client