Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915ADC4/2FA434CAAAA611EE963AA63AC4F9AE02/38C3AB20AAE811EE983AB949C4F9AE02.roa
File: 38C3AB20AAE811EE983AB949C4F9AE02.roa (raw, json)
Hash identifier: +X1IHCH0b+8CIvlfk9zc/xCyvYrBgZPsXRLn5G64T40=
Subject key identifier: 1D:DD:69:16:8A:77:6A:BA:23:8A:4B:A8:7E:9E:D6:69:E2:9A:92:33
Certificate issuer: /CN=A915ADC4/serialNumber=C3D893B2291B3A1E1BF5F4F041D1052E2CCBB25A
Certificate serial: 1E
Authority key identifier: C3:D8:93:B2:29:1B:3A:1E:1B:F5:F4:F0:41:D1:05:2E:2C:CB:B2:5A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w9iTsikbOh4b9fTwQdEFLizLslo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915ADC4/2FA434CAAAA611EE963AA63AC4F9AE02/38C3AB20AAE811EE983AB949C4F9AE02.roa
Signing time: Thu 04 Jan 2024 10:05:09 +0000
ROA not before: Thu 04 Jan 2024 10:05:09 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 152300
IP address blocks: 157.10.64.0/23 maxlen: 23
157.10.64.0/24 maxlen: 24
157.10.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 19:17:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915ADC4/serialNumber=C3D893B2291B3A1E1BF5F4F041D1052E2CCBB25A
Validity
Not Before: Jan 4 10:05:09 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=659682d4-f60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:bb:dd:88:46:98:79:a1:82:7b:b9:ff:60:69:
d4:07:a1:89:52:82:1e:ba:95:00:be:67:c1:30:72:
88:16:38:9a:f7:74:65:35:29:0b:12:25:4e:0b:3d:
7d:e3:f0:18:89:fb:57:06:92:88:70:2b:df:48:a6:
00:62:b6:64:e2:d4:16:cd:34:5f:06:ab:35:55:7b:
1e:85:0e:8f:7f:56:5b:85:1c:20:b9:a3:f1:28:fd:
30:53:2e:50:e1:a4:e8:6b:9f:30:f9:a1:db:33:9c:
b0:f9:7a:c8:b3:48:6b:05:5e:68:d2:0b:b7:69:49:
a1:23:b4:4f:63:dc:86:fe:33:2e:6b:03:79:b4:bb:
8f:d1:e1:12:1d:38:0f:b8:ca:17:dd:28:2c:a2:60:
56:1a:2d:05:b9:b1:48:d2:59:c5:10:30:5a:92:2e:
61:66:42:59:1c:5d:33:74:39:51:fb:c1:7f:cf:f4:
63:3d:84:0e:bb:8b:a4:80:bd:de:8d:29:93:d4:41:
5c:6a:a9:b6:79:c1:d4:d3:08:c7:d9:d9:8a:b1:1e:
09:d6:05:ef:b1:ae:a8:31:36:33:a5:7d:8b:cf:a5:
f3:7e:89:cf:f3:e4:9a:bd:eb:06:93:64:02:16:00:
f4:8d:c6:ed:af:4f:42:82:fa:64:64:a2:5a:74:a6:
1b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DD:69:16:8A:77:6A:BA:23:8A:4B:A8:7E:9E:D6:69:E2:9A:92:33
X509v3 Authority Key Identifier:
keyid:C3:D8:93:B2:29:1B:3A:1E:1B:F5:F4:F0:41:D1:05:2E:2C:CB:B2:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915ADC4/2FA434CAAAA611EE963AA63AC4F9AE02/w9iTsikbOh4b9fTwQdEFLizLslo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w9iTsikbOh4b9fTwQdEFLizLslo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915ADC4/2FA434CAAAA611EE963AA63AC4F9AE02/38C3AB20AAE811EE983AB949C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.64.0/23
Signature Algorithm: sha256WithRSAEncryption
01:f0:dc:97:d1:e2:8f:b6:f1:38:e1:1e:24:9d:27:b4:95:73:
a4:8f:bb:f3:5b:c0:77:ff:8d:7e:d0:60:1c:23:ab:2e:fe:ce:
e7:f4:ff:f5:39:1e:54:9c:6d:7e:63:b5:11:17:47:ac:08:e5:
5e:47:24:31:39:fb:85:9d:65:33:63:d1:05:b9:fe:23:f2:0f:
69:e9:73:db:b4:f0:d4:84:3a:dd:a5:29:fc:70:f3:ed:09:f2:
fd:79:77:fa:c7:aa:ba:9d:e6:77:f7:9e:40:05:31:d4:3c:fd:
62:11:a5:d1:a1:f8:5d:3c:ce:3e:37:3e:b2:4a:ef:36:a3:ed:
7c:76:51:43:07:83:b3:b6:d3:fd:d7:30:7a:a8:35:2a:f2:7d:
cc:b4:41:d6:ad:3e:32:c3:71:d9:a8:21:17:e2:e7:de:07:42:
a8:cf:4f:da:93:98:f0:3f:ae:e1:0f:e6:ba:60:18:cc:f4:b5:
c5:bf:76:3c:d0:9c:9f:02:22:ef:54:9e:ab:05:80:d4:7a:23:
52:63:12:89:19:91:be:54:79:c9:80:91:53:96:e1:85:6c:f4:
1c:53:96:f8:b9:4f:e7:39:e4:f5:0e:4c:e1:df:12:36:b8:c1:
ac:0e:8f:a4:38:0c:e6:32:53:28:38:90:76:d3:e1:6a:a7:da:
99:01:d1:d8
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QURDNDExMC8GA1UEBRMoQzNEODkzQjIyOTFCM0ExRTFCRjVGNEYwNDFEMTA1MkUy
Q0NCQjI1QTAeFw0yNDAxMDQxMDA1MDlaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OTY4MmQ0LWY2MGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDku92IRph5oYJ7uf9gadQHoYlSgh66lQC+Z8EwcogWOJr3dGU1KQsSJU4LPX3j
8BiJ+1cGkohwK99IpgBitmTi1BbNNF8GqzVVex6FDo9/VluFHCC5o/Eo/TBTLlDh
pOhrnzD5odsznLD5esizSGsFXmjSC7dpSaEjtE9j3Ib+My5rA3m0u4/R4RIdOA+4
yhfdKCyiYFYaLQW5sUjSWcUQMFqSLmFmQlkcXTN0OVH7wX/P9GM9hA67i6SAvd6N
KZPUQVxqqbZ5wdTTCMfZ2YqxHgnWBe+xrqgxNjOlfYvPpfN+ic/z5Jq96waTZAIW
APSNxu2vT0KC+mRkolp0pht1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUHd1pFop3
arojikuofp7WaeKakjMwHwYDVR0jBBgwFoAUw9iTsikbOh4b9fTwQdEFLizLslow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVBREM0LzJGQTQzNENBQUFB
NjExRUU5NjNBQTYzQUM0RjlBRTAyL3c5aVRzaWtiT2g0YjlmVHdRZEVGTGl6THNs
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvdzlpVHNpa2JPaDRiOWZUd1FkRUZMaXpMc2xvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QURDNC8yRkE0MzRDQUFBQTYxMUVFOTYzQUE2M0FDNEY5QUUwMi8zOEMzQUIyMEFB
RTgxMUVFOTgzQUI5NDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0KQDANBgkqhkiG9w0BAQsFAAOCAQEAAfDcl9Hij7bxOOEe
JJ0ntJVzpI+781vAd/+NftBgHCOrLv7O5/T/9TkeVJxtfmO1ERdHrAjlXkckMTn7
hZ1lM2PRBbn+I/IPaelz27Tw1IQ63aUp/HDz7Qny/Xl3+sequp3md/eeQAUx1Dz9
YhGl0aH4XTzOPjc+skrvNqPtfHZRQweDs7bT/dcweqg1KvJ9zLRB1q0+MsNx2agh
F+Ln3gdCqM9P2pOY8D+u4Q/mumAYzPS1xb92PNCcnwIi71SeqwWA1HojUmMSiRmR
vlR5yYCRU5bhhWz0HFOW+LlP5znk9Q5M4d8SNrjBrA6PpDgM5jJTKDiQdtPhaqfa
mQHR2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org