Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/12EEA488E06511EEAD11EB1DC4F9AE02.roa
File: 12EEA488E06511EEAD11EB1DC4F9AE02.roa (raw, json)
Hash identifier: F3+zQX+vn1WLWnlamsKqd7Ace6sOzkaVQ2CCuaOshsQ=
Subject key identifier: AE:00:18:F0:8C:12:FF:93:28:BE:54:CB:90:51:D1:EE:59:8F:42:79
Certificate issuer: /CN=A91C167F/serialNumber=C7338DF1B768C05074CDAED0FDB1A4C14ADFB8B5
Certificate serial: 17
Authority key identifier: C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/12EEA488E06511EEAD11EB1DC4F9AE02.roa
Signing time: Tue 12 Mar 2024 11:38:41 +0000
ROA not before: Tue 12 Mar 2024 11:38:41 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 152462
IP address blocks: 157.15.134.0/24 maxlen: 24
157.15.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Mar 2024 11:31:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C167F/serialNumber=C7338DF1B768C05074CDAED0FDB1A4C14ADFB8B5
Validity
Not Before: Mar 12 11:38:41 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65f03ec1-8537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cc:5f:a1:cf:f5:c6:2e:1f:31:02:a7:0b:d8:
28:a6:28:26:34:8b:1a:ec:ac:fe:1f:b6:ed:b3:e4:
b5:43:33:eb:35:9d:e1:e7:d8:c8:7f:72:fa:a2:97:
d5:1c:10:fe:d7:ea:43:db:f0:37:f2:3f:7d:69:85:
73:10:69:ac:0c:4d:78:db:16:65:52:b6:77:ee:46:
07:05:6a:a7:93:92:96:73:23:fa:d3:aa:72:84:d1:
79:5a:b7:56:6a:82:49:02:d0:46:9a:8e:a3:24:18:
96:f9:b3:3d:63:df:c0:64:dc:56:7a:e5:86:4a:62:
a5:67:f9:5e:bf:25:b8:42:7d:ae:a1:89:5d:41:ea:
00:35:b5:0f:2f:fe:e3:6b:73:50:ee:b2:e8:30:25:
bf:8d:0a:01:a4:b4:55:55:77:c3:fa:04:00:be:a3:
9a:86:52:97:3a:ee:c9:0e:10:28:70:63:d8:01:09:
22:bc:42:2d:2a:8b:4b:88:20:e7:03:cf:03:79:d8:
52:19:4c:be:9f:c5:7e:7f:0f:f6:2b:7e:89:6f:07:
43:1b:b3:f7:e8:cf:a1:f6:85:4b:61:5a:cb:89:7e:
f6:5b:ef:92:fc:18:bb:d5:ff:cb:0b:8f:54:fe:36:
bd:6f:9d:a3:62:e0:14:8a:86:c9:10:41:ca:7f:8b:
c2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:00:18:F0:8C:12:FF:93:28:BE:54:CB:90:51:D1:EE:59:8F:42:79
X509v3 Authority Key Identifier:
keyid:C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/xzON8bdowFB0za7Q_bGkwUrfuLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/12EEA488E06511EEAD11EB1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.134.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:0c:98:2a:37:44:a0:68:77:b5:41:0e:23:01:a4:d6:ce:b5:
bb:d9:92:b6:a9:0e:9f:7d:6d:6a:9f:cf:8d:71:3f:46:d1:b5:
95:44:1a:3a:83:43:59:98:d7:78:27:e0:60:d8:9a:82:5f:22:
db:ee:f6:8d:78:0e:60:2d:42:30:a8:75:c6:12:aa:93:8e:78:
e7:00:9e:d2:b7:91:a4:6e:84:cb:a2:d8:e0:90:dc:59:6e:76:
74:c5:35:10:75:07:c3:d3:68:2a:0c:49:00:5e:98:2b:ae:fe:
cc:0f:e0:ed:6d:8f:6c:07:26:05:fd:40:92:a9:5e:f7:e3:c4:
92:09:76:85:0c:41:17:d4:ed:ad:1c:4a:d5:db:96:1e:4c:3a:
49:e0:0b:d8:ce:b5:79:c7:2e:7a:0f:ac:d5:fb:5b:6d:b9:87:
18:59:97:1f:aa:88:c4:f9:97:42:1b:76:f8:81:db:74:2d:48:
7b:17:89:79:f1:d2:62:35:b7:d6:9c:16:7b:d7:ed:cc:e7:a8:
97:6b:7b:fc:06:8f:4e:3b:7f:1c:1a:d5:12:9f:b6:c5:ea:2c:
b1:a7:93:89:4a:60:e1:4e:12:e7:7a:1e:83:06:2e:60:54:36:
dd:f7:48:f2:d1:70:e8:e4:18:40:fe:16:2e:6e:40:2e:06:d8:
a1:8f:de:cf
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MTY3RjExMC8GA1UEBRMoQzczMzhERjFCNzY4QzA1MDc0Q0RBRUQwRkRCMUE0QzE0
QURGQjhCNTAeFw0yNDAzMTIxMTM4NDFaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZjAzZWMxLTg1MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7zF+hz/XGLh8xAqcL2CimKCY0ixrsrP4ftu2z5LVDM+s1neHn2Mh/cvqil9Uc
EP7X6kPb8DfyP31phXMQaawMTXjbFmVStnfuRgcFaqeTkpZzI/rTqnKE0Xlat1Zq
gkkC0EaajqMkGJb5sz1j38Bk3FZ65YZKYqVn+V6/JbhCfa6hiV1B6gA1tQ8v/uNr
c1DusugwJb+NCgGktFVVd8P6BAC+o5qGUpc67skOEChwY9gBCSK8Qi0qi0uIIOcD
zwN52FIZTL6fxX5/D/YrfolvB0Mbs/foz6H2hUthWsuJfvZb75L8GLvV/8sLj1T+
Nr1vnaNi4BSKhskQQcp/i8IhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUrgAY8IwS
/5MovlTLkFHR7lmPQnkwHwYDVR0jBBgwFoAUxzON8bdowFB0za7Q/bGkwUrfuLUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNjdGLzRBQUI3QkNBQzQ3
RDExRUU5RkM3QzgwRkM0RjlBRTAyL3h6T044YmRvd0ZCMHphN1FfYkdrd1VyZnVM
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIveHpPTjhiZG93RkIwemE3UV9iR2t3VXJmdUxVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MTY3Ri80QUFCN0JDQUM0N0QxMUVFOUZDN0M4MEZDNEY5QUUwMi8xMkVFQTQ4OEUw
NjUxMUVFQUQxMUVCMURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0PhjANBgkqhkiG9w0BAQsFAAOCAQEAawyYKjdEoGh3tUEO
IwGk1s61u9mStqkOn31tap/PjXE/RtG1lUQaOoNDWZjXeCfgYNiagl8i2+72jXgO
YC1CMKh1xhKqk4545wCe0reRpG6Ey6LY4JDcWW52dMU1EHUHw9NoKgxJAF6YK67+
zA/g7W2PbAcmBf1Akqle9+PEkgl2hQxBF9TtrRxK1duWHkw6SeAL2M61eccueg+s
1ftbbbmHGFmXH6qIxPmXQht2+IHbdC1IexeJefHSYjW31pwWe9ftzOeol2t7/AaP
Tjt/HBrVEp+2xeossaeTiUpg4U4S53oegwYuYFQ23fdI8tFw6OQYQP4WLm5ALgbY
oY/ezw==
-----END CERTIFICATE-----
Generated at Sun Mar 17 14:37:39 2024 by rpki-client on console-fra.rpki-client.org