Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/2222FB28C99211EEA4374F37C4F9AE02.roa
File: 2222FB28C99211EEA4374F37C4F9AE02.roa (raw, json)
Hash identifier: 9tNQG3/7Si3CGY9p/w297i84NRfz6qtMqmFsn0pnPMU=
Subject key identifier: ED:2D:5F:AF:F8:78:5A:2F:F0:24:AF:1B:A8:5E:E1:C4:03:C7:95:10
Certificate issuer: /CN=A9131711/serialNumber=B57B207F0E1C1BA873A0793582C7A8134098674C
Certificate serial: 03
Authority key identifier: B5:7B:20:7F:0E:1C:1B:A8:73:A0:79:35:82:C7:A8:13:40:98:67:4C
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/2222FB28C99211EEA4374F37C4F9AE02.roa
Signing time: Mon 12 Feb 2024 10:33:17 +0000
ROA not before: Mon 12 Feb 2024 10:33:17 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 152473
IP address blocks: 157.15.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 19:23:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9131711/serialNumber=B57B207F0E1C1BA873A0793582C7A8134098674C
Validity
Not Before: Feb 12 10:33:17 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65c9f3ed-b79b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:61:66:60:6a:d9:44:03:e1:95:17:f3:29:4a:
1d:0f:e1:c7:07:1d:d7:c2:dc:d1:b5:cc:27:92:68:
52:a5:10:19:9b:28:ce:5a:84:7b:2a:a5:09:9d:70:
fb:2d:94:fa:ee:ca:19:5f:f9:a4:d8:f7:11:25:89:
a1:fa:9a:fb:16:53:d2:11:a2:1f:85:63:9c:a7:b8:
59:c7:58:4b:cf:ef:64:dd:8a:fe:f9:c0:14:aa:21:
87:69:52:fe:5e:8d:16:0e:44:29:db:6b:57:2e:1d:
d0:f3:4a:4e:92:fd:51:15:60:6c:5b:70:0a:ef:c8:
fa:0f:db:d5:6c:98:b8:33:fc:64:36:f1:71:56:47:
ff:a5:d0:7a:dc:f2:07:54:08:54:33:b6:73:c3:61:
19:6b:3e:c1:9b:09:9f:ed:61:29:c9:75:9d:e7:14:
56:59:43:4b:f2:7b:98:6e:ea:89:bf:72:93:00:fb:
74:8b:0c:9b:0b:30:fa:50:1f:8f:4c:ae:e0:c2:c0:
b1:be:e8:e3:af:41:26:d7:59:6e:27:4e:1f:cf:91:
2c:1e:17:4b:92:95:b5:a6:e8:ec:4e:96:18:9d:ba:
2f:26:83:e5:ac:bc:ac:eb:6b:d8:7c:1c:cc:ef:b3:
b7:12:a2:16:01:d9:44:03:78:40:f7:d1:e6:5b:02:
ce:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:2D:5F:AF:F8:78:5A:2F:F0:24:AF:1B:A8:5E:E1:C4:03:C7:95:10
X509v3 Authority Key Identifier:
keyid:B5:7B:20:7F:0E:1C:1B:A8:73:A0:79:35:82:C7:A8:13:40:98:67:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/2222FB28C99211EEA4374F37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.222.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:ed:68:e0:02:22:91:f2:5d:9c:fb:2c:17:00:52:86:2d:ec:
fa:e5:fb:af:05:bc:26:e2:a1:04:68:15:d4:8f:dc:cd:32:a9:
a1:75:a2:88:75:35:40:9b:83:05:37:25:ee:67:c1:53:f4:be:
82:84:66:ec:e3:a1:32:9a:f7:e4:47:2d:dc:c0:57:c5:65:98:
a3:39:15:d1:d4:32:64:2a:43:48:f1:fb:22:cb:df:1b:e5:3a:
09:11:6f:4c:4e:51:e1:b9:8a:85:39:b9:14:bd:d8:57:8e:0d:
47:9a:52:3c:f9:b1:04:92:ec:c1:b3:e5:dc:2c:cc:64:03:d0:
22:8a:4b:42:57:01:ca:8b:4c:30:84:bc:05:22:96:91:17:95:
39:60:ff:35:fc:87:8c:7c:56:5f:c6:d4:52:63:51:4c:09:a5:
7a:5a:4b:3e:f4:16:6b:5a:43:01:1b:4a:9b:d9:c4:5b:fa:d9:
03:a0:8b:1d:b9:35:dc:6a:77:32:a6:7a:dc:79:a0:f8:d5:f0:
94:ca:31:5b:9f:55:b1:51:78:29:6a:1a:8e:7e:84:02:1b:fe:
d9:a6:19:7b:0e:a7:83:95:d6:45:cb:ef:9d:de:d0:46:f8:4c:
d5:3a:ef:c7:2f:ce:a5:70:9b:fc:8b:34:58:ac:d8:ca:a1:68:
a8:75:79:c5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
MTcxMTExMC8GA1UEBRMoQjU3QjIwN0YwRTFDMUJBODczQTA3OTM1ODJDN0E4MTM0
MDk4Njc0QzAeFw0yNDAyMTIxMDMzMTdaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YzlmM2VkLWI3OWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8YWZgatlEA+GVF/MpSh0P4ccHHdfC3NG1zCeSaFKlEBmbKM5ahHsqpQmdcPst
lPruyhlf+aTY9xEliaH6mvsWU9IRoh+FY5ynuFnHWEvP72Tdiv75wBSqIYdpUv5e
jRYORCnba1cuHdDzSk6S/VEVYGxbcArvyPoP29VsmLgz/GQ28XFWR/+l0Hrc8gdU
CFQztnPDYRlrPsGbCZ/tYSnJdZ3nFFZZQ0vye5hu6om/cpMA+3SLDJsLMPpQH49M
ruDCwLG+6OOvQSbXWW4nTh/PkSweF0uSlbWm6OxOlhidui8mg+WsvKzra9h8HMzv
s7cSohYB2UQDeED30eZbAs6RAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU7S1fr/h4
Wi/wJK8bqF7hxAPHlRAwHwYDVR0jBBgwFoAUtXsgfw4cG6hzoHk1gseoE0CYZ0ww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMxNzExLzlGREQyREEwQzk5
MTExRUU4OTFCQTQxOUM0RjlBRTAyL3RYc2dmdzRjRzZoem9IazFnc2VvRTBDWVow
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvdFhzZ2Z3NGNHNmh6b0hrMWdzZW9FMENZWjB3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MTcxMS85RkREMkRBMEM5OTExMUVFODkxQkE0MTlDNEY5QUUwMi8yMjIyRkIyOEM5
OTIxMUVFQTQzNzRGMzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0P3jANBgkqhkiG9w0BAQsFAAOCAQEAo+1o4AIikfJdnPss
FwBShi3s+uX7rwW8JuKhBGgV1I/czTKpoXWiiHU1QJuDBTcl7mfBU/S+goRm7OOh
Mpr35Ect3MBXxWWYozkV0dQyZCpDSPH7IsvfG+U6CRFvTE5R4bmKhTm5FL3YV44N
R5pSPPmxBJLswbPl3CzMZAPQIopLQlcByotMMIS8BSKWkReVOWD/NfyHjHxWX8bU
UmNRTAmlelpLPvQWa1pDARtKm9nEW/rZA6CLHbk13Gp3MqZ63Hmg+NXwlMoxW59V
sVF4KWoajn6EAhv+2aYZew6ng5XWRcvvnd7QRvhM1Trvxy/OpXCb/Is0WKzYyqFo
qHV5xQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org