Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/159D0BC0E1BE11EE8685D925C4F9AE02.roa
File: 159D0BC0E1BE11EE8685D925C4F9AE02.roa (raw, json)
Hash identifier: x0MupyOKsOthpqS76QFB3xb1pt+/w4DyN5LmNRJt510=
Subject key identifier: 6D:38:55:C2:14:50:85:EC:66:BD:D0:33:8E:92:EE:25:C9:9B:5B:4D
Certificate issuer: /CN=A91139AB/serialNumber=D10BAF7AA8DB734B952D036087783C6437843C8F
Certificate serial: 35
Authority key identifier: D1:0B:AF:7A:A8:DB:73:4B:95:2D:03:60:87:78:3C:64:37:84:3C:8F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Quveqjbc0uVLQNgh3g8ZDeEPI8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/159D0BC0E1BE11EE8685D925C4F9AE02.roa
Signing time: Thu 14 Mar 2024 04:48:22 +0000
ROA not before: Thu 14 Mar 2024 04:48:22 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 4857
IP address blocks: 202.147.96.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 14 Mar 2024 22:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53 (0x35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91139AB/serialNumber=D10BAF7AA8DB734B952D036087783C6437843C8F
Validity
Not Before: Mar 14 04:48:22 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65f28196-6b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:37:aa:b6:a2:3e:15:45:ae:e0:0c:ed:e4:ff:
5f:2a:b0:de:52:58:52:88:ec:c9:2a:b6:22:d8:12:
52:d8:5c:6f:29:57:0f:a4:e1:d3:5e:89:da:f9:bc:
3e:11:72:7a:81:62:2c:31:3a:f3:47:1b:dc:97:68:
4e:68:56:bc:9f:8a:7e:0d:fb:c8:0f:f6:43:9e:1f:
76:57:5e:bb:ed:04:d4:d9:0a:7e:ac:95:e6:49:7c:
ca:59:9c:12:cf:7c:bd:43:47:d2:9d:33:0f:12:cf:
45:e5:84:5a:c6:d7:eb:f9:bb:c3:b5:fe:b9:0d:da:
c4:86:ac:2e:76:7b:a3:af:2f:72:a3:67:b2:77:97:
dc:f4:b8:da:23:10:d7:f9:62:17:93:c0:bb:52:3c:
16:2e:d8:88:1d:69:09:81:14:92:e8:4e:c1:ff:5c:
fd:4a:08:14:3e:22:45:18:2b:f9:48:e0:c9:83:eb:
b0:b7:52:67:c3:40:50:61:e4:b4:2b:84:96:01:a1:
98:c4:2b:fc:eb:0c:85:e0:11:6f:ea:ed:3e:4c:90:
71:e9:1e:d4:9e:35:8f:e8:f8:7c:50:e1:29:7a:43:
61:a7:9d:d2:b8:96:0e:18:00:bb:ec:cc:77:bc:7e:
94:b0:5f:8e:6a:51:7a:66:c1:3a:60:49:1a:50:5a:
6d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:38:55:C2:14:50:85:EC:66:BD:D0:33:8E:92:EE:25:C9:9B:5B:4D
X509v3 Authority Key Identifier:
keyid:D1:0B:AF:7A:A8:DB:73:4B:95:2D:03:60:87:78:3C:64:37:84:3C:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/0Quveqjbc0uVLQNgh3g8ZDeEPI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Quveqjbc0uVLQNgh3g8ZDeEPI8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/159D0BC0E1BE11EE8685D925C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.147.96.0/20
Signature Algorithm: sha256WithRSAEncryption
56:78:a0:bb:59:a9:66:9c:2b:20:09:f7:56:db:5d:85:ea:be:
98:64:48:56:79:b0:02:43:ef:1a:40:0f:5d:67:cb:02:ca:73:
59:cd:8c:ae:9c:48:5f:4f:b0:d7:fc:b9:8f:7a:59:ee:74:49:
81:51:cd:07:59:96:4e:50:55:59:a3:cb:da:15:9d:5d:c9:16:
9a:52:95:00:37:41:cf:37:74:fa:f2:7b:6d:5f:90:0f:cb:17:
58:9a:26:a9:f1:d5:27:09:0f:be:e1:b8:89:24:03:0c:4e:ad:
a5:1a:cb:6b:b8:a6:91:16:50:9d:52:02:d8:0f:5c:5a:87:9f:
4b:9c:6e:d3:f9:8a:08:75:23:b4:52:0f:1f:47:46:24:97:c4:
51:00:b2:11:d7:18:c7:15:86:50:64:18:f1:01:48:10:bd:a9:
38:80:e6:ba:6c:f0:84:11:07:cc:ed:56:35:68:9e:4a:e1:7c:
c2:ec:52:9a:4f:b2:76:c9:d3:1f:b9:28:6e:0b:e2:53:db:21:
18:21:c3:1f:4b:cc:bd:8c:44:1e:04:83:56:e7:9f:fa:90:e1:
41:5f:c8:99:2a:99:77:14:cd:a4:84:fb:42:68:52:8a:59:a1:
5c:5e:24:6f:7d:1e:b1:12:0f:fe:a2:60:72:2c:be:cc:97:96:
e1:ce:c2:5e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MzlBQjExMC8GA1UEBRMoRDEwQkFGN0FBOERCNzM0Qjk1MkQwMzYwODc3ODNDNjQz
Nzg0M0M4RjAeFw0yNDAzMTQwNDQ4MjJaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZjI4MTk2LTZiNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQChN6q2oj4VRa7gDO3k/18qsN5SWFKI7MkqtiLYElLYXG8pVw+k4dNeidr5vD4R
cnqBYiwxOvNHG9yXaE5oVryfin4N+8gP9kOeH3ZXXrvtBNTZCn6sleZJfMpZnBLP
fL1DR9KdMw8Sz0XlhFrG1+v5u8O1/rkN2sSGrC52e6OvL3KjZ7J3l9z0uNojENf5
YheTwLtSPBYu2IgdaQmBFJLoTsH/XP1KCBQ+IkUYK/lI4MmD67C3UmfDQFBh5LQr
hJYBoZjEK/zrDIXgEW/q7T5MkHHpHtSeNY/o+HxQ4Sl6Q2GnndK4lg4YALvszHe8
fpSwX45qUXpmwTpgSRpQWm1NAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUbThVwhRQ
hexmvdAzjpLuJcmbW00wHwYDVR0jBBgwFoAU0Quveqjbc0uVLQNgh3g8ZDeEPI8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEzOUFCLzE1OEQ0OTA2MjU1
QjExRUJBOUY1NjAxQUM0RjlBRTAyLzBRdXZlcWpiYzB1VkxRTmdoM2c4WkRlRVBJ
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMFF1dmVxamJjMHVWTFFOZ2gzZzhaRGVFUEk4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MzlBQi8xNThENDkwNjI1NUIxMUVCQTlGNTYwMUFDNEY5QUUwMi8xNTlEMEJDMEUx
QkUxMUVFODY4NUQ5MjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBMqTYDANBgkqhkiG9w0BAQsFAAOCAQEAVnigu1mpZpwrIAn3
Vttdheq+mGRIVnmwAkPvGkAPXWfLAspzWc2MrpxIX0+w1/y5j3pZ7nRJgVHNB1mW
TlBVWaPL2hWdXckWmlKVADdBzzd0+vJ7bV+QD8sXWJomqfHVJwkPvuG4iSQDDE6t
pRrLa7imkRZQnVIC2A9cWoefS5xu0/mKCHUjtFIPH0dGJJfEUQCyEdcYxxWGUGQY
8QFIEL2pOIDmumzwhBEHzO1WNWieSuF8wuxSmk+ydsnTH7kobgviU9shGCHDH0vM
vYxEHgSDVuef+pDhQV/ImSqZdxTNpIT7QmhSilmhXF4kb30esRIP/qJgciy+zJeW
4c7CXg==
-----END CERTIFICATE-----
Generated at Thu Mar 14 23:52:34 2024 by rpki-client on console-ams.rpki-client.org