Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9153490/8F52488ED05411EEAF799F16C4F9AE02/C9DC0E8CD06211EE926C9844C4F9AE02.roa
File: C9DC0E8CD06211EE926C9844C4F9AE02.roa (raw, json)
Hash identifier: Ez9hbtyyMCz/CJ8A6HxEW0+Ob5BkUgVxktY0slg1bDI=
Subject key identifier: 1E:27:2C:92:9D:5D:1C:56:B4:C8:96:37:90:D1:33:3D:DF:E0:57:2D
Certificate issuer: /CN=A9153490/serialNumber=47F50C958BF9CF545C601ADEB04F8A05E101D9A5
Certificate serial: 03
Authority key identifier: 47:F5:0C:95:8B:F9:CF:54:5C:60:1A:DE:B0:4F:8A:05:E1:01:D9:A5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R_UMlYv5z1RcYBresE-KBeEB2aU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9153490/8F52488ED05411EEAF799F16C4F9AE02/C9DC0E8CD06211EE926C9844C4F9AE02.roa
Signing time: Wed 21 Feb 2024 02:42:01 +0000
ROA not before: Wed 21 Feb 2024 02:42:01 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 139623
IP address blocks: 157.15.218.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 26 Mar 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9153490/serialNumber=47F50C958BF9CF545C601ADEB04F8A05E101D9A5
Validity
Not Before: Feb 21 02:42:01 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65d562f8-33ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:30:b0:94:a6:bf:e0:c3:47:01:c9:3a:a8:91:
6e:bd:ad:44:46:10:f0:3e:a0:ae:a8:2d:75:63:ae:
4b:63:79:d8:70:e0:91:c0:d6:74:b6:65:b6:62:73:
ab:16:9f:0c:80:3b:e8:b6:7e:d4:6e:e8:6f:9e:7b:
6b:85:9e:47:72:16:62:bd:c1:fe:bc:9e:d3:b2:3b:
a4:40:42:d2:0b:18:e3:b1:38:df:fa:24:91:df:57:
50:5c:6d:ae:1b:3c:62:42:a2:f5:6b:32:bf:24:f1:
7f:26:ba:11:36:6b:07:5b:07:b0:9e:d3:81:76:03:
66:fd:50:81:ee:68:a7:69:27:4d:69:58:e6:8b:f3:
30:42:85:f8:26:10:16:eb:9f:37:83:b0:c9:b7:f3:
60:03:2f:40:50:12:bb:ad:ec:cc:19:e0:61:2b:15:
0a:4c:b4:bb:0b:2a:e8:78:87:e6:2f:a0:c7:f0:71:
28:68:27:db:33:2a:5f:46:c6:25:8d:b8:3e:5c:02:
85:6b:9d:8c:46:ee:22:2a:a4:9c:4c:73:41:59:f9:
b5:e2:cf:a9:ba:1f:85:1f:b5:1d:57:c2:3d:a0:cc:
be:76:a8:5a:57:07:4f:03:f0:2d:81:af:ea:58:72:
dc:28:2d:7c:16:0f:15:f8:42:b6:97:76:fa:80:6c:
a4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:27:2C:92:9D:5D:1C:56:B4:C8:96:37:90:D1:33:3D:DF:E0:57:2D
X509v3 Authority Key Identifier:
keyid:47:F5:0C:95:8B:F9:CF:54:5C:60:1A:DE:B0:4F:8A:05:E1:01:D9:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9153490/8F52488ED05411EEAF799F16C4F9AE02/R_UMlYv5z1RcYBresE-KBeEB2aU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R_UMlYv5z1RcYBresE-KBeEB2aU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153490/8F52488ED05411EEAF799F16C4F9AE02/C9DC0E8CD06211EE926C9844C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.218.0/23
Signature Algorithm: sha256WithRSAEncryption
e3:d3:8a:4e:23:9f:b6:34:16:7f:55:e3:7b:ac:98:96:09:74:
e1:bf:fb:b3:36:45:f0:81:c5:af:99:3d:ec:8c:54:aa:6c:17:
d3:c5:ba:70:69:cb:f4:ad:14:68:04:1e:e4:fe:30:c6:f2:1f:
3f:ed:67:3f:1e:ab:2b:1a:4d:60:03:cd:d9:c6:86:47:10:24:
d0:0d:64:c7:ba:72:05:91:47:16:43:0b:22:6a:d9:a6:15:d4:
a6:44:0f:c5:46:26:30:0b:8b:a8:49:eb:60:0e:c1:94:e7:56:
d3:55:19:c4:6a:c0:c7:dd:80:8c:62:47:c7:f9:b8:66:98:c0:
ef:e9:37:63:af:f8:e5:da:57:f1:a5:09:cf:69:37:a2:d4:01:
0f:55:ca:f2:5f:be:b0:b5:78:4b:cb:70:c9:a5:16:36:d4:ea:
13:7a:1a:be:e8:7d:46:32:5a:ca:da:44:e3:76:6a:71:0c:e0:
26:1a:0a:39:b6:8c:73:f2:29:88:9c:44:03:30:e4:02:9a:1d:
36:ac:85:8a:b8:85:63:3b:0a:41:74:db:14:f7:16:69:af:7d:
db:2e:0c:ef:67:51:2f:b2:d0:15:d4:33:90:bb:d5:52:bd:de:
ac:7e:78:80:88:84:44:1f:c8:cb:0f:3f:c3:c4:78:e7:bf:51:
ec:9f:c8:74
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
MzQ5MDExMC8GA1UEBRMoNDdGNTBDOTU4QkY5Q0Y1NDVDNjAxQURFQjA0RjhBMDVF
MTAxRDlBNTAeFw0yNDAyMjEwMjQyMDFaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZDU2MmY4LTMzZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/MLCUpr/gw0cByTqokW69rURGEPA+oK6oLXVjrktjedhw4JHA1nS2ZbZic6sW
nwyAO+i2ftRu6G+ee2uFnkdyFmK9wf68ntOyO6RAQtILGOOxON/6JJHfV1Bcba4b
PGJCovVrMr8k8X8muhE2awdbB7Ce04F2A2b9UIHuaKdpJ01pWOaL8zBChfgmEBbr
nzeDsMm382ADL0BQErut7MwZ4GErFQpMtLsLKuh4h+YvoMfwcShoJ9szKl9GxiWN
uD5cAoVrnYxG7iIqpJxMc0FZ+bXiz6m6H4UftR1Xwj2gzL52qFpXB08D8C2Br+pY
ctwoLXwWDxX4QraXdvqAbKRTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUHicskp1d
HFa0yJY3kNEzPd/gVy0wHwYDVR0jBBgwFoAUR/UMlYv5z1RcYBresE+KBeEB2aUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUzNDkwLzhGNTI0ODhFRDA1
NDExRUVBRjc5OUYxNkM0RjlBRTAyL1JfVU1sWXY1ejFSY1lCcmVzRS1LQmVFQjJh
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvUl9VTWxZdjV6MVJjWUJyZXNFLUtCZUVCMmFVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MzQ5MC84RjUyNDg4RUQwNTQxMUVFQUY3OTlGMTZDNEY5QUUwMi9DOURDMEU4Q0Qw
NjIxMUVFOTI2Qzk4NDRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0P2jANBgkqhkiG9w0BAQsFAAOCAQEA49OKTiOftjQWf1Xj
e6yYlgl04b/7szZF8IHFr5k97IxUqmwX08W6cGnL9K0UaAQe5P4wxvIfP+1nPx6r
KxpNYAPN2caGRxAk0A1kx7pyBZFHFkMLImrZphXUpkQPxUYmMAuLqEnrYA7BlOdW
01UZxGrAx92AjGJHx/m4ZpjA7+k3Y6/45dpX8aUJz2k3otQBD1XK8l++sLV4S8tw
yaUWNtTqE3oavuh9RjJaytpE43ZqcQzgJhoKObaMc/IpiJxEAzDkApodNqyFiriF
YzsKQXTbFPcWaa992y4M72dRL7LQFdQzkLvVUr3erH54gIiERB/Iyw8/w8R4579R
7J/IdA==
-----END CERTIFICATE-----
Generated at Wed Mar 27 01:46:10 2024 by rpki-client on console-fra.rpki-client.org