Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915B8D0/41E2BE28EB6E11EE83E3AE51C4F9AE02/95B7EED8EB6E11EEBEC14852C4F9AE02.roa
File: 95B7EED8EB6E11EEBEC14852C4F9AE02.roa (raw, json)
Hash identifier: bktk1pxckh7rNJ+1ZnJkVZTrQwjD7HvYdArQQldo6w8=
Subject key identifier: 65:C8:9F:58:20:F3:A2:20:17:08:00:0E:E5:96:67:54:C0:DF:D6:14
Certificate issuer: /CN=A915B8D0/serialNumber=254EAF6490754F507DB81CE90DDB629B622F4660
Certificate serial: 04
Authority key identifier: 25:4E:AF:64:90:75:4F:50:7D:B8:1C:E9:0D:DB:62:9B:62:2F:46:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JU6vZJB1T1B9uBzpDdtim2IvRmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915B8D0/41E2BE28EB6E11EE83E3AE51C4F9AE02/95B7EED8EB6E11EEBEC14852C4F9AE02.roa
Signing time: Tue 26 Mar 2024 12:45:00 +0000
ROA not before: Tue 26 Mar 2024 12:45:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150142
IP address blocks: 203.26.150.0/24 maxlen: 24
203.26.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915B8D0/serialNumber=254EAF6490754F507DB81CE90DDB629B622F4660
Validity
Not Before: Mar 26 12:45:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6602c34c-3ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1f:f8:a9:09:c4:e8:92:7d:1b:a4:d5:61:b0:
c2:62:57:28:c4:1b:ed:17:e0:f3:cd:51:5e:c8:37:
75:5b:2c:1d:22:a2:43:64:17:c2:88:39:db:22:8d:
f6:37:79:ab:cc:b6:b2:3c:4e:0b:c5:49:1d:e4:12:
6b:e0:cd:9e:82:0e:84:56:62:cb:f2:a2:a6:18:9b:
da:40:e2:fc:06:0a:03:c0:ae:18:76:ce:ee:4b:d6:
31:f9:03:de:db:8b:ab:a0:ba:ab:d0:89:5b:88:e0:
43:9b:d7:15:27:ea:e1:0b:1a:45:28:e2:90:9f:b8:
06:81:47:62:eb:fd:b2:96:87:ed:58:c9:b8:fb:2b:
a8:ea:1c:aa:98:55:30:88:7b:14:06:0d:1d:65:49:
d4:25:ac:63:00:0a:34:d5:4c:4b:20:04:ab:7b:df:
af:39:87:ff:5b:23:96:24:7c:8e:3b:55:5f:65:c1:
11:65:d9:b8:1b:6a:35:bb:72:af:b1:8e:ef:9e:88:
28:74:29:28:cd:0a:33:17:b7:eb:a4:ee:3a:03:28:
04:8e:db:46:b1:f2:90:9b:bc:73:5e:76:65:c7:34:
3d:08:62:2e:28:7c:58:b8:ac:65:f1:f3:16:09:36:
b1:f5:e3:37:f1:2c:32:cc:e8:f2:97:f4:75:9e:4d:
f6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C8:9F:58:20:F3:A2:20:17:08:00:0E:E5:96:67:54:C0:DF:D6:14
X509v3 Authority Key Identifier:
keyid:25:4E:AF:64:90:75:4F:50:7D:B8:1C:E9:0D:DB:62:9B:62:2F:46:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915B8D0/41E2BE28EB6E11EE83E3AE51C4F9AE02/JU6vZJB1T1B9uBzpDdtim2IvRmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JU6vZJB1T1B9uBzpDdtim2IvRmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B8D0/41E2BE28EB6E11EE83E3AE51C4F9AE02/95B7EED8EB6E11EEBEC14852C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.26.150.0/23
Signature Algorithm: sha256WithRSAEncryption
90:47:90:04:a5:0f:15:e8:14:ca:7a:c3:42:15:cb:13:fb:40:
65:49:1d:13:80:fb:a3:c2:75:6e:b6:5c:af:49:d9:74:54:2b:
78:ec:1a:64:ad:9f:4a:3a:09:c3:db:fc:6e:82:b1:e0:9d:e3:
d2:db:2a:8f:a5:9e:3e:0b:9f:56:0e:bf:25:97:23:a1:22:ca:
d2:00:af:35:5c:6f:98:a2:86:4b:fc:b7:23:92:ed:86:79:48:
49:8f:0b:7e:be:a1:29:e1:5d:01:e4:d5:4c:99:6c:04:d4:f6:
b9:f9:77:d6:46:17:04:dd:17:01:b4:56:2a:01:d0:83:b2:a6:
01:35:44:75:5b:bd:59:f6:42:5c:b4:a9:be:b2:8e:6a:71:75:
2b:63:55:09:14:56:ff:77:e0:6c:12:e3:8f:cc:a4:50:f5:3d:
28:80:4f:ac:bb:18:9f:b5:2d:1b:f1:82:af:74:e4:68:4c:c9:
77:ee:85:f6:22:ca:9e:ed:8a:df:16:16:9c:5f:6c:df:cb:c5:
05:a7:97:3a:71:a0:80:4a:3b:f1:8e:63:46:b9:f7:2a:ed:7a:
9f:31:1c:44:68:86:16:ba:56:ec:47:f4:49:98:74:f8:fc:71:
e0:60:90:55:48:c3:00:cc:ec:b1:05:c2:4c:ef:21:11:e3:45:
3f:66:d4:96
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QjhEMDExMC8GA1UEBRMoMjU0RUFGNjQ5MDc1NEY1MDdEQjgxQ0U5MEREQjYyOUI2
MjJGNDY2MDAeFw0yNDAzMjYxMjQ1MDBaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDJjMzRjLTNlZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCjH/ipCcTokn0bpNVhsMJiVyjEG+0X4PPNUV7IN3VbLB0iokNkF8KIOdsijfY3
eavMtrI8TgvFSR3kEmvgzZ6CDoRWYsvyoqYYm9pA4vwGCgPArhh2zu5L1jH5A97b
i6uguqvQiVuI4EOb1xUn6uELGkUo4pCfuAaBR2Lr/bKWh+1Yybj7K6jqHKqYVTCI
exQGDR1lSdQlrGMACjTVTEsgBKt73685h/9bI5YkfI47VV9lwRFl2bgbajW7cq+x
ju+eiCh0KSjNCjMXt+uk7joDKASO20ax8pCbvHNedmXHND0IYi4ofFi4rGXx8xYJ
NrH14zfxLDLM6PKX9HWeTfYdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZcifWCDz
oiAXCAAO5ZZnVMDf1hQwHwYDVR0jBBgwFoAUJU6vZJB1T1B9uBzpDdtim2IvRmAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVCOEQwLzQxRTJCRTI4RUI2
RTExRUU4M0UzQUU1MUM0RjlBRTAyL0pVNnZaSkIxVDFCOXVCenBEZHRpbTJJdlJt
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSlU2dlpKQjFUMUI5dUJ6cERkdGltMkl2Um1BLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QjhEMC80MUUyQkUyOEVCNkUxMUVFODNFM0FFNTFDNEY5QUUwMi85NUI3RUVEOEVC
NkUxMUVFQkVDMTQ4NTJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcsaljANBgkqhkiG9w0BAQsFAAOCAQEAkEeQBKUPFegUynrD
QhXLE/tAZUkdE4D7o8J1brZcr0nZdFQreOwaZK2fSjoJw9v8boKx4J3j0tsqj6We
PgufVg6/JZcjoSLK0gCvNVxvmKKGS/y3I5LthnlISY8Lfr6hKeFdAeTVTJlsBNT2
ufl31kYXBN0XAbRWKgHQg7KmATVEdVu9WfZCXLSpvrKOanF1K2NVCRRW/3fgbBLj
j8ykUPU9KIBPrLsYn7UtG/GCr3TkaEzJd+6F9iLKnu2K3xYWnF9s38vFBaeXOnGg
gEo78Y5jRrn3Ku16nzEcRGiGFrpW7Ef0SZh0+Pxx4GCQVUjDAMzssQXCTO8hEeNF
P2bUlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-ams.rpki-client.org