Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915ADC4/2FA434CAAAA611EE963AA63AC4F9AE02/2DF47512F1F611EE8E9FE158C4F9AE02.roa
File: 2DF47512F1F611EE8E9FE158C4F9AE02.roa (raw, json)
Hash identifier: dqDVsUc7UPA/KxmvN49N+uxKcr80CoD32G3+oh2H14c=
Subject key identifier: 36:AA:C2:84:41:51:52:46:7E:27:D7:74:73:58:C4:7D:51:80:F5:49
Certificate issuer: /CN=A915ADC4/serialNumber=C3D893B2291B3A1E1BF5F4F041D1052E2CCBB25A
Certificate serial: 57
Authority key identifier: C3:D8:93:B2:29:1B:3A:1E:1B:F5:F4:F0:41:D1:05:2E:2C:CB:B2:5A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w9iTsikbOh4b9fTwQdEFLizLslo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915ADC4/2FA434CAAAA611EE963AA63AC4F9AE02/2DF47512F1F611EE8E9FE158C4F9AE02.roa
Signing time: Wed 03 Apr 2024 20:10:13 +0000
ROA not before: Wed 03 Apr 2024 20:10:13 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 137707
IP address blocks: 157.10.64.0/23 maxlen: 31
Validation: Failed, certificate revoked on Wed 10 Apr 2024 18:10:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87 (0x57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915ADC4/serialNumber=C3D893B2291B3A1E1BF5F4F041D1052E2CCBB25A
Validity
Not Before: Apr 3 20:10:13 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=660db7a5-6fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:76:6d:8d:85:fe:7b:63:79:78:ec:d8:e6:9b:
75:86:83:a8:6e:6a:1a:b5:65:0d:8a:4b:97:a9:93:
ea:14:52:99:a8:3b:d3:9a:80:a2:60:f3:12:a5:00:
65:f3:f8:68:ad:f3:9b:4f:cb:31:6a:16:49:12:5e:
0e:92:e0:e2:9b:5f:84:94:7d:4f:26:c4:5e:a3:23:
ba:fa:a2:94:4b:74:fc:70:db:46:f4:33:12:5c:ae:
ab:ac:12:a3:e0:5c:b9:fd:09:2c:53:40:ea:35:b7:
44:a1:e2:1c:e0:3b:5d:ea:18:d6:8d:71:99:78:66:
2c:d0:fd:c3:fe:28:ef:eb:79:76:41:84:4d:8c:eb:
7a:a2:9e:c4:2a:41:86:8e:c4:73:e6:fd:bb:88:e7:
1e:59:08:95:60:27:cb:15:e1:90:86:d5:9a:5f:be:
7b:77:2c:51:d8:4b:e1:b0:21:b0:0d:00:f3:5e:cb:
59:b7:d4:04:5d:c1:a1:a1:df:70:27:5d:ff:cd:74:
40:5a:37:f7:c4:7a:56:c0:88:bc:c9:12:fe:2a:a7:
11:5f:1a:01:f7:99:6c:45:1f:9d:b6:62:65:fa:fc:
ca:48:f9:62:ce:05:a8:4e:0c:77:f1:91:55:f3:11:
66:be:7e:96:81:00:ad:59:9f:7e:ec:1b:e4:05:fb:
02:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AA:C2:84:41:51:52:46:7E:27:D7:74:73:58:C4:7D:51:80:F5:49
X509v3 Authority Key Identifier:
keyid:C3:D8:93:B2:29:1B:3A:1E:1B:F5:F4:F0:41:D1:05:2E:2C:CB:B2:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915ADC4/2FA434CAAAA611EE963AA63AC4F9AE02/w9iTsikbOh4b9fTwQdEFLizLslo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w9iTsikbOh4b9fTwQdEFLizLslo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915ADC4/2FA434CAAAA611EE963AA63AC4F9AE02/2DF47512F1F611EE8E9FE158C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.64.0/23
Signature Algorithm: sha256WithRSAEncryption
35:36:31:24:d8:02:48:08:13:9a:5e:a4:01:04:12:95:10:92:
2e:7a:aa:06:ca:63:8f:83:de:0d:64:49:54:36:8c:27:bc:a4:
07:06:f1:6a:36:c1:9f:f8:9c:a3:1e:1d:17:3b:db:4c:be:9f:
a3:2c:e9:9c:e6:b4:fa:2d:07:6a:33:a9:e3:07:53:61:ac:22:
36:23:2e:7f:40:ab:c0:2d:8b:dc:5c:34:af:65:ec:29:91:e5:
f0:19:e0:a2:a5:e7:16:03:63:d9:61:47:34:40:cf:a7:f3:aa:
bd:f3:b5:37:47:47:08:88:df:30:c9:35:60:c0:40:f0:7b:0e:
7f:0a:85:7b:ac:dc:20:55:95:71:a6:c4:0b:70:f4:a0:44:d2:
7e:a7:c0:f5:45:62:06:d4:30:61:5a:7b:34:f9:8e:04:5d:6b:
ae:35:c9:87:f2:c8:c5:52:75:10:ef:02:50:ec:41:3c:55:96:
9d:74:d5:6a:b7:57:a2:75:ed:1e:ae:a0:11:08:a0:91:87:cc:
94:89:32:fb:64:37:41:0f:d8:74:f7:92:e7:ed:b8:33:51:2d:
e2:42:3c:04:fd:5b:73:0c:d2:47:b4:b3:c4:62:00:83:12:b2:
4c:a2:39:ef:fa:23:93:4d:9f:ee:73:18:a2:49:95:bb:0a:f0:
01:1a:f5:30
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBVzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QURDNDExMC8GA1UEBRMoQzNEODkzQjIyOTFCM0ExRTFCRjVGNEYwNDFEMTA1MkUy
Q0NCQjI1QTAeFw0yNDA0MDMyMDEwMTNaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MGRiN2E1LTZmYjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYdm2Nhf57Y3l47Njmm3WGg6huahq1ZQ2KS5epk+oUUpmoO9OagKJg8xKlAGXz
+Git85tPyzFqFkkSXg6S4OKbX4SUfU8mxF6jI7r6opRLdPxw20b0MxJcrqusEqPg
XLn9CSxTQOo1t0Sh4hzgO13qGNaNcZl4ZizQ/cP+KO/reXZBhE2M63qinsQqQYaO
xHPm/buI5x5ZCJVgJ8sV4ZCG1Zpfvnt3LFHYS+GwIbANAPNey1m31ARdwaGh33An
Xf/NdEBaN/fEelbAiLzJEv4qpxFfGgH3mWxFH522YmX6/MpI+WLOBahODHfxkVXz
EWa+fpaBAK1Zn37sG+QF+wKBAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNqrChEFR
UkZ+J9d0c1jEfVGA9UkwHwYDVR0jBBgwFoAUw9iTsikbOh4b9fTwQdEFLizLslow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVBREM0LzJGQTQzNENBQUFB
NjExRUU5NjNBQTYzQUM0RjlBRTAyL3c5aVRzaWtiT2g0YjlmVHdRZEVGTGl6THNs
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvdzlpVHNpa2JPaDRiOWZUd1FkRUZMaXpMc2xvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QURDNC8yRkE0MzRDQUFBQTYxMUVFOTYzQUE2M0FDNEY5QUUwMi8yREY0NzUxMkYx
RjYxMUVFOEU5RkUxNThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0KQDANBgkqhkiG9w0BAQsFAAOCAQEANTYxJNgCSAgTml6k
AQQSlRCSLnqqBspjj4PeDWRJVDaMJ7ykBwbxajbBn/icox4dFzvbTL6foyzpnOa0
+i0HajOp4wdTYawiNiMuf0CrwC2L3Fw0r2XsKZHl8BngoqXnFgNj2WFHNEDPp/Oq
vfO1N0dHCIjfMMk1YMBA8HsOfwqFe6zcIFWVcabEC3D0oETSfqfA9UViBtQwYVp7
NPmOBF1rrjXJh/LIxVJ1EO8CUOxBPFWWnXTVardXonXtHq6gEQigkYfMlIky+2Q3
QQ/YdPeS5+24M1Et4kI8BP1bcwzSR7SzxGIAgxKyTKI57/ojk02f7nMYokmVuwrw
ARr1MA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org