Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/81B9E0A6AF8911EEB9587446C4F9AE02.roa
File: 81B9E0A6AF8911EEB9587446C4F9AE02.roa (raw, json)
Hash identifier: JHxaipZ1wIvGYG+Zt3XlJ2Zy3zT8C9h1/hC61qxRDrA=
Subject key identifier: 26:0C:0C:F5:2C:AF:F9:A3:AB:39:7B:16:BF:BF:71:E2:10:0B:D5:F5
Certificate issuer: /CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2
Certificate serial: 03
Authority key identifier: 70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/81B9E0A6AF8911EEB9587446C4F9AE02.roa
Signing time: Wed 10 Jan 2024 07:26:02 +0000
ROA not before: Wed 10 Jan 2024 07:26:02 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 9484
IP address blocks: 157.10.38.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 12 Sep 2024 07:57:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2
Validity
Not Before: Jan 10 07:26:02 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=659e4689-a0ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:36:74:cf:ba:a6:1d:04:8b:e0:d5:2a:5c:d9:
c4:aa:10:2e:4e:58:c8:4c:68:89:28:72:a5:4c:08:
3f:b2:e8:e7:1f:bc:28:8d:6a:b4:a7:c1:90:8d:f6:
da:40:2c:99:6a:07:b3:aa:93:40:29:31:a9:c4:bf:
2a:98:29:79:3e:88:12:c8:2c:05:af:f5:2a:8b:2b:
10:1c:80:87:44:9c:f0:ba:96:af:63:7a:79:16:67:
4e:ba:3f:b1:f9:eb:4f:d6:63:89:d8:bb:40:a4:f8:
e3:76:66:ef:e2:97:cf:7e:d0:68:71:f6:23:8c:2a:
e6:03:7c:c7:ba:43:4d:41:d6:5e:39:96:a9:52:86:
82:08:92:a1:21:ef:0b:ff:50:09:5f:97:79:70:2b:
09:21:b8:05:9c:0a:f9:a8:80:b3:0c:96:f8:90:2d:
b3:a6:51:cc:57:ea:75:fb:14:9a:0c:f2:85:71:b7:
77:11:62:0a:aa:f7:f4:c8:5b:db:3f:b4:31:f6:dc:
e4:e7:51:5f:9d:6f:50:40:96:37:ca:e9:56:92:7e:
de:17:a9:06:20:e6:f3:84:2d:17:62:5a:3f:e1:8f:
18:a1:12:dd:63:e8:2f:6c:27:8f:b7:cd:53:f0:a6:
b6:05:94:99:0d:8e:ff:f4:b3:81:84:75:8b:3c:6b:
a9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:0C:0C:F5:2C:AF:F9:A3:AB:39:7B:16:BF:BF:71:E2:10:0B:D5:F5
X509v3 Authority Key Identifier:
keyid:70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/81B9E0A6AF8911EEB9587446C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.38.0/23
Signature Algorithm: sha256WithRSAEncryption
c7:25:2f:d8:29:25:70:16:a0:e1:78:42:50:ac:f5:d6:49:52:
9d:cb:90:a8:e2:e1:b0:c0:16:9e:ac:bf:79:2e:62:36:8d:f5:
8d:55:a5:e5:28:a5:47:69:f9:43:b6:0a:b2:c8:a9:7d:1c:77:
87:5c:2d:eb:9c:e9:b4:9c:33:1e:6e:fc:fa:2d:45:84:17:61:
46:37:79:49:c4:c7:60:c3:04:1c:43:22:e5:1c:e4:bf:73:f1:
fb:2e:56:d7:5a:b3:a2:7e:d1:72:6b:84:80:ce:a0:74:70:a3:
13:a6:b2:4e:3e:f1:95:c0:cd:7b:fa:ee:52:5d:7f:ec:0f:b2:
4e:be:f5:1b:e6:55:08:f7:8b:43:87:81:72:29:c1:d3:64:39:
c2:14:ec:27:9c:34:78:d6:21:d0:8a:ed:c5:84:34:ee:68:a5:
55:93:4a:e7:fb:ea:86:4e:c4:75:20:85:43:27:ca:9e:fb:24:
1f:da:3a:1e:42:b4:b2:55:c9:f1:5e:f2:28:24:5e:ed:e9:60:
f4:df:c1:5f:7d:ba:3f:7d:73:96:d0:3d:b6:8f:81:8a:3e:97:
b6:c7:54:cb:87:d9:f1:51:c6:b2:b9:ca:6f:27:e7:8b:da:5c:
b7:f1:9a:50:ca:8c:e9:7f:bb:62:75:7f:0b:4f:93:f9:67:0c:
85:71:4a:91
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MUQxNjExMC8GA1UEBRMoNzA4RjFFMDcxMzM4NTVDODA3NEVFRDVGOEM4M0I0NDY2
QTYwN0FDMjAeFw0yNDAxMTAwNzI2MDJaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OWU0Njg5LWEwYWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBNnTPuqYdBIvg1Spc2cSqEC5OWMhMaIkocqVMCD+y6OcfvCiNarSnwZCN9tpA
LJlqB7Oqk0ApManEvyqYKXk+iBLILAWv9SqLKxAcgIdEnPC6lq9jenkWZ066P7H5
60/WY4nYu0Ck+ON2Zu/il89+0Ghx9iOMKuYDfMe6Q01B1l45lqlShoIIkqEh7wv/
UAlfl3lwKwkhuAWcCvmogLMMlviQLbOmUcxX6nX7FJoM8oVxt3cRYgqq9/TIW9s/
tDH23OTnUV+db1BAljfK6VaSft4XqQYg5vOELRdiWj/hjxihEt1j6C9sJ4+3zVPw
prYFlJkNjv/0s4GEdYs8a6mrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJgwM9Syv
+aOrOXsWv79x4hAL1fUwHwYDVR0jBBgwFoAUcI8eBxM4VcgHTu1fjIO0RmpgesIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcxRDE2LzY1NkQxN0E4QUU5
QzExRUU5MTFBRkI2M0M0RjlBRTAyL2NJOGVCeE00VmNnSFR1MWZqSU8wUm1wZ2Vz
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvY0k4ZUJ4TTRWY2dIVHUxZmpJTzBSbXBnZXNJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MUQxNi82NTZEMTdBOEFFOUMxMUVFOTExQUZCNjNDNEY5QUUwMi84MUI5RTBBNkFG
ODkxMUVFQjk1ODc0NDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0KJjANBgkqhkiG9w0BAQsFAAOCAQEAxyUv2CklcBag4XhC
UKz11klSncuQqOLhsMAWnqy/eS5iNo31jVWl5SilR2n5Q7YKssipfRx3h1wt65zp
tJwzHm78+i1FhBdhRjd5ScTHYMMEHEMi5Rzkv3Px+y5W11qzon7RcmuEgM6gdHCj
E6ayTj7xlcDNe/ruUl1/7A+yTr71G+ZVCPeLQ4eBcinB02Q5whTsJ5w0eNYh0Irt
xYQ07milVZNK5/vqhk7EdSCFQyfKnvskH9o6HkK0slXJ8V7yKCRe7elg9N/BX326
P31zltA9to+Bij6XtsdUy4fZ8VHGsrnKbyfni9pct/GaUMqM6X+7YnV/C0+T+WcM
hXFKkQ==
-----END CERTIFICATE-----
Generated at Thu Sep 12 09:32:11 2024 by rpki-client on console-ams.rpki-client.org