Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912F387/FE4D78E2B5C111EE95B58341C4F9AE02/23C6BDA42A6B11EFAAD1A542C4F9AE02.roa
File: 23C6BDA42A6B11EFAAD1A542C4F9AE02.roa (raw, json)
Hash identifier: dFHhbXIbyLWQpXW182wZmCdFqH0XazIKwMdvA45RJk0=
Subject key identifier: ED:AD:3C:F8:49:AB:BF:05:10:EC:13:FD:58:80:AE:08:EE:A2:9C:03
Certificate issuer: /CN=A912F387/serialNumber=28188C16EEC90742717278C289CF82F504F25AA9
Certificate serial: 4D
Authority key identifier: 28:18:8C:16:EE:C9:07:42:71:72:78:C2:89:CF:82:F5:04:F2:5A:A9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KBiMFu7JB0JxcnjCic-C9QTyWqk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912F387/FE4D78E2B5C111EE95B58341C4F9AE02/23C6BDA42A6B11EFAAD1A542C4F9AE02.roa
Signing time: Fri 14 Jun 2024 16:28:32 +0000
ROA not before: Fri 14 Jun 2024 16:28:32 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 63801
IP address blocks: 157.10.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jun 2024 17:14:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77 (0x4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912F387/serialNumber=28188C16EEC90742717278C289CF82F504F25AA9
Validity
Not Before: Jun 14 16:28:32 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=666c6fb0-093b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5c:cc:1b:c0:b8:bb:f2:67:86:c5:6c:6a:26:
f4:31:e2:5b:ae:0f:c3:42:69:75:52:72:7f:1b:2f:
6f:e6:72:ad:f4:92:c4:0c:e9:ba:01:6a:ae:f1:a9:
71:1d:04:ec:de:a3:e9:0a:d5:80:25:27:27:65:b6:
d7:a4:08:ee:19:9f:19:0f:c2:f6:7f:17:96:7c:15:
e0:6f:25:af:ee:9a:2e:4c:4f:8d:32:c6:d8:09:04:
6e:16:a8:b0:ff:e4:1b:c7:7d:17:27:23:51:5a:3b:
d9:bc:8c:ed:f8:0b:48:ef:5a:42:38:0b:ba:dc:4b:
0b:f6:12:2e:54:a4:62:97:70:9a:cf:f8:83:da:37:
a0:19:3e:c0:31:38:89:28:bf:ea:0c:6c:96:46:18:
ca:d4:98:61:a1:cf:b9:65:9d:21:97:3e:68:bb:1d:
3b:f2:44:e5:45:d8:2f:65:a0:13:84:8a:cd:c8:e1:
83:c1:98:da:ab:dd:cb:c8:40:6f:b2:2b:09:8d:ca:
0c:07:e9:f7:19:6a:ec:4e:4d:c1:a0:0b:57:d9:46:
bc:c2:36:17:e1:d8:ce:76:ca:35:90:40:3b:de:45:
17:e8:b0:b9:79:b4:e1:66:5a:77:f8:c0:fb:7c:28:
b2:9c:fe:fa:56:a7:10:3f:58:f3:6b:de:21:f1:a2:
fb:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:AD:3C:F8:49:AB:BF:05:10:EC:13:FD:58:80:AE:08:EE:A2:9C:03
X509v3 Authority Key Identifier:
keyid:28:18:8C:16:EE:C9:07:42:71:72:78:C2:89:CF:82:F5:04:F2:5A:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912F387/FE4D78E2B5C111EE95B58341C4F9AE02/KBiMFu7JB0JxcnjCic-C9QTyWqk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KBiMFu7JB0JxcnjCic-C9QTyWqk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F387/FE4D78E2B5C111EE95B58341C4F9AE02/23C6BDA42A6B11EFAAD1A542C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.209.0/24
Signature Algorithm: sha256WithRSAEncryption
94:93:f1:0a:e7:45:3b:34:f0:af:ee:5b:c1:76:57:6f:c2:db:
b1:b7:e0:4a:05:b3:ed:bf:b7:e5:91:c5:f4:f1:ad:a1:a1:16:
c0:28:bc:6b:d0:e6:06:16:9c:40:35:37:54:78:71:fc:7a:8d:
7c:97:a4:8d:cd:b2:2d:13:b5:fe:4b:09:33:e7:cd:45:c5:7d:
dc:0c:3d:33:a9:f0:41:d3:b1:3c:7f:8c:9a:b4:27:ad:9f:47:
ba:a5:d9:6b:29:3c:be:fb:bc:bd:9f:88:48:08:5e:61:f4:16:
10:e0:c3:d0:5d:98:c6:04:2c:81:8f:6f:8f:f7:a2:c4:6f:fb:
3b:4b:e1:d3:2b:fc:dd:3f:57:ed:75:35:18:b5:da:ee:ca:5f:
b9:9e:30:5f:6b:0f:63:b0:08:54:00:27:8d:3f:97:70:30:29:
a0:7b:e5:66:98:3a:bb:f6:61:67:94:be:d8:94:bc:ad:98:b0:
1b:4f:d8:f6:49:43:a6:07:16:2e:1d:df:7e:5c:a9:ba:32:12:
4e:06:bd:3d:b7:7b:5f:ca:0d:be:d9:1c:fc:a6:5f:b8:53:08:
fc:e4:38:60:59:f7:ae:86:8e:29:89:0e:0e:40:67:0f:c9:bf:
c9:61:59:e4:a4:9d:da:b8:13:6d:96:5a:a7:ac:fe:9d:42:45:
19:b4:93:c1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RjM4NzExMC8GA1UEBRMoMjgxODhDMTZFRUM5MDc0MjcxNzI3OEMyODlDRjgyRjUw
NEYyNUFBOTAeFw0yNDA2MTQxNjI4MzJaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NmM2ZmIwLTA5M2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDoXMwbwLi78meGxWxqJvQx4luuD8NCaXVScn8bL2/mcq30ksQM6boBaq7xqXEd
BOzeo+kK1YAlJydlttekCO4ZnxkPwvZ/F5Z8FeBvJa/umi5MT40yxtgJBG4WqLD/
5BvHfRcnI1FaO9m8jO34C0jvWkI4C7rcSwv2Ei5UpGKXcJrP+IPaN6AZPsAxOIko
v+oMbJZGGMrUmGGhz7llnSGXPmi7HTvyROVF2C9loBOEis3I4YPBmNqr3cvIQG+y
KwmNygwH6fcZauxOTcGgC1fZRrzCNhfh2M52yjWQQDveRRfosLl5tOFmWnf4wPt8
KLKc/vpWpxA/WPNr3iHxovs3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU7a08+Emr
vwUQ7BP9WICuCO6inAMwHwYDVR0jBBgwFoAUKBiMFu7JB0JxcnjCic+C9QTyWqkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJGMzg3L0ZFNEQ3OEUyQjVD
MTExRUU5NUI1ODM0MUM0RjlBRTAyL0tCaU1GdTdKQjBKeGNuakNpYy1DOVFUeVdx
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvS0JpTUZ1N0pCMEp4Y25qQ2ljLUM5UVR5V3FrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RjM4Ny9GRTRENzhFMkI1QzExMUVFOTVCNTgzNDFDNEY5QUUwMi8yM0M2QkRBNDJB
NkIxMUVGQUFEMUE1NDJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0K0TANBgkqhkiG9w0BAQsFAAOCAQEAlJPxCudFOzTwr+5b
wXZXb8LbsbfgSgWz7b+35ZHF9PGtoaEWwCi8a9DmBhacQDU3VHhx/HqNfJekjc2y
LRO1/ksJM+fNRcV93Aw9M6nwQdOxPH+MmrQnrZ9HuqXZayk8vvu8vZ+ISAheYfQW
EODD0F2YxgQsgY9vj/eixG/7O0vh0yv83T9X7XU1GLXa7spfuZ4wX2sPY7AIVAAn
jT+XcDApoHvlZpg6u/ZhZ5S+2JS8rZiwG0/Y9klDpgcWLh3fflypujISTga9Pbd7
X8oNvtkc/KZfuFMI/OQ4YFn3roaOKYkODkBnD8m/yWFZ5KSd2rgTbZZap6z+nUJF
GbSTwQ==
-----END CERTIFICATE-----
Generated at Wed Jun 19 23:17:49 2024 by rpki-client on console-ams.rpki-client.org