Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/77593C50D98211EFB9A59D25C4F9AE02.roa
File: 77593C50D98211EFB9A59D25C4F9AE02.roa (raw, json)
Hash identifier: WPFI/jT7+/KdASO/Jd8jDZV5KdSxJ/UBNxyIsRzyqUI=
Subject key identifier: 82:2B:DC:EC:E1:DE:11:B3:6B:C5:E2:69:1E:C8:FB:36:5A:84:73:6F
Certificate issuer: /CN=A91C167F/serialNumber=C7338DF1B768C05074CDAED0FDB1A4C14ADFB8B5
Certificate serial: DD
Authority key identifier: C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/77593C50D98211EFB9A59D25C4F9AE02.roa
Signing time: Thu 23 Jan 2025 12:06:24 +0000
ROA not before: Thu 23 Jan 2025 12:06:24 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 150696
IP address blocks: 157.15.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 05:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 221 (0xdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C167F
Validity
Not Before: Jan 23 12:06:24 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=679230c0-fafa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ae:4d:9e:3b:39:e5:77:81:7c:e9:2d:d8:1f:
bc:5c:d2:a6:11:25:ce:11:36:04:bd:f7:93:d5:f2:
39:81:dc:77:10:d2:27:86:64:93:35:33:b1:fb:b0:
03:55:12:bb:d7:b1:40:fa:5e:02:25:c2:2f:6e:32:
e8:41:8a:9b:59:ba:24:dd:d5:14:c7:c0:d6:27:3d:
61:13:bd:ed:98:23:fb:0f:20:21:85:38:aa:0e:24:
f5:4a:73:39:95:8a:b6:b5:40:1a:47:0e:b7:20:1a:
3d:55:99:dc:f5:e1:56:9a:d8:fc:6d:6b:6a:d3:5f:
e1:7b:14:37:c9:4f:b2:c3:8d:73:e7:58:d3:1c:df:
44:2c:7f:29:49:5b:e9:ea:7a:13:45:44:6a:69:ed:
bc:05:35:16:36:b8:24:ab:3f:fc:7e:38:a8:c3:01:
d2:8b:37:21:ca:fc:40:d7:1b:ad:5e:2d:18:45:8a:
aa:3f:9a:41:bd:e9:90:88:f5:e7:f5:89:63:a2:0c:
9a:01:2c:e0:18:5b:46:e3:d0:0e:e4:54:8e:12:40:
95:8b:41:2d:8b:38:f0:1b:0a:93:65:af:1d:79:ee:
0d:94:85:2d:ab:64:69:22:19:d3:ad:2f:2a:92:14:
ed:2c:d9:0e:16:29:23:e8:c5:99:5f:24:2c:1b:6c:
09:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:2B:DC:EC:E1:DE:11:B3:6B:C5:E2:69:1E:C8:FB:36:5A:84:73:6F
X509v3 Authority Key Identifier:
keyid:C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/xzON8bdowFB0za7Q_bGkwUrfuLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/77593C50D98211EFB9A59D25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.135.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:76:f8:eb:fe:d2:46:09:fc:52:0e:5a:64:30:fd:99:89:04:
d7:b7:38:d5:be:7b:cb:ff:d9:5c:b8:f6:69:f3:a4:f2:71:f4:
fe:a4:94:ca:aa:9f:69:62:3c:5c:8d:5b:05:96:1e:4d:ee:a5:
c7:7a:6d:1d:e7:2e:ca:b6:3d:34:fe:e7:1e:b3:84:c2:a7:e5:
d5:87:a6:38:4c:f4:15:58:dc:34:d6:3c:4c:83:e8:b1:05:b0:
4a:ec:80:23:02:9d:b0:b7:78:3c:2e:98:3c:6b:c8:35:3c:13:
69:41:04:0b:3f:a1:f4:f4:b4:89:8e:77:31:fb:60:74:3b:03:
4a:3b:26:04:ed:1d:df:69:20:a5:03:5d:bf:82:e2:32:64:ef:
59:d5:62:92:1f:f1:66:b9:5d:aa:ff:73:e7:cd:b1:05:83:a1:
2a:f9:46:16:1b:76:7c:4c:d2:c3:f1:45:09:0d:8d:f4:c0:bd:
7a:a1:92:fe:f2:48:c1:f9:88:30:99:92:45:2b:7b:8c:ed:d3:
93:c4:23:c2:8b:49:1c:69:0e:0c:a3:17:e1:a4:ec:73:24:0e:
54:55:cf:30:91:34:15:00:ec:c7:b9:d7:b3:35:bf:4c:93:b3:
82:f4:5b:b3:8e:50:c5:fa:2e:d3:5b:4c:17:d0:6a:ba:cc:b5:
fb:b2:02:e8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzE2N0YxMTAvBgNVBAUTKEM3MzM4REYxQjc2OEMwNTA3NENEQUVEMEZEQjFBNEMx
NEFERkI4QjUwHhcNMjUwMTIzMTIwNjI0WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkyMzBjMC1mYWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsq5Nnjs55XeBfOkt2B+8XNKmESXOETYEvfeT1fI5gdx3ENInhmSTNTOx+7AD
VRK717FA+l4CJcIvbjLoQYqbWbok3dUUx8DWJz1hE73tmCP7DyAhhTiqDiT1SnM5
lYq2tUAaRw63IBo9VZnc9eFWmtj8bWtq01/hexQ3yU+yw41z51jTHN9ELH8pSVvp
6noTRURqae28BTUWNrgkqz/8fjiowwHSizchyvxA1xutXi0YRYqqP5pBvemQiPXn
9YljogyaASzgGFtG49AO5FSOEkCVi0EtizjwGwqTZa8dee4NlIUtq2RpIhnTrS8q
khTtLNkOFikj6MWZXyQsG2wJDQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIIr3Ozh
3hGza8XiaR7I+zZahHNvMB8GA1UdIwQYMBaAFMczjfG3aMBQdM2u0P2xpMFK37i1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTY3Ri80QUFCN0JDQUM0
N0QxMUVFOUZDN0M4MEZDNEY5QUUwMi94ek9OOGJkb3dGQjB6YTdRX2JHa3dVcmZ1
TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3h6T044YmRvd0ZCMHphN1FfYkdrd1VyZnVMVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzE2N0YvNEFBQjdCQ0FDNDdEMTFFRTlGQzdDODBGQzRGOUFFMDIvNzc1OTNDNTBE
OTgyMTFFRkI5QTU5RDI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACdD4cwDQYJKoZIhvcNAQELBQADggEBALF2+Ov+0kYJ/FIO
WmQw/ZmJBNe3ONW+e8v/2Vy49mnzpPJx9P6klMqqn2liPFyNWwWWHk3upcd6bR3n
Lsq2PTT+5x6zhMKn5dWHpjhM9BVY3DTWPEyD6LEFsErsgCMCnbC3eDwumDxryDU8
E2lBBAs/ofT0tImOdzH7YHQ7A0o7JgTtHd9pIKUDXb+C4jJk71nVYpIf8Wa5Xar/
c+fNsQWDoSr5RhYbdnxM0sPxRQkNjfTAvXqhkv7ySMH5iDCZkkUre4zt05PEI8KL
SRxpDgyjF+Gk7HMkDlRVzzCRNBUA7Me517M1v0yTs4L0W7OOUMX6LtNbTBfQarrM
tfuyAug=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:41:14 2025 by rpki-client