Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/FA2B1098B64E11EEA35AB96EC4F9AE02.roa
File: FA2B1098B64E11EEA35AB96EC4F9AE02.roa (raw, json)
Hash identifier: dIAunOI9oKSndKiQNHaT5UYY6V8lI363rzgi1+xrs+g=
Subject key identifier: D9:2F:84:5B:66:E9:BF:84:1A:4B:00:83:74:68:77:4F:67:11:34:96
Certificate issuer: /CN=A917530D/serialNumber=B3992F0D49BAF6A36FDA658E5B459469521E5B44
Certificate serial: 02
Authority key identifier: B3:99:2F:0D:49:BA:F6:A3:6F:DA:65:8E:5B:45:94:69:52:1E:5B:44
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s5kvDUm69qNv2mWOW0WUaVIeW0Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/FA2B1098B64E11EEA35AB96EC4F9AE02.roa
Signing time: Thu 18 Jan 2024 22:14:42 +0000
ROA not before: Thu 18 Jan 2024 22:14:42 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 152333
IP address blocks: 157.10.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 09:10:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917530D/serialNumber=B3992F0D49BAF6A36FDA658E5B459469521E5B44
Validity
Not Before: Jan 18 22:14:42 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65a9a2d1-7fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:53:c0:9d:e2:43:55:49:26:b7:e6:2b:8c:c3:
9b:bd:50:8c:79:3f:a6:d7:4e:d3:48:a2:1b:1a:35:
83:fa:28:46:fb:27:75:02:72:40:95:6b:d5:de:22:
1e:ee:50:b8:b9:b9:64:47:ea:76:73:c3:f1:4c:aa:
82:69:c6:55:dc:3a:ea:10:f9:e6:73:13:f5:a4:b0:
c8:b3:ff:63:f1:27:aa:76:b4:fe:77:b1:8b:93:c7:
2f:f9:5a:3d:92:6d:e1:2c:94:0d:3d:ac:80:2c:d6:
59:fc:23:f0:4d:a1:94:15:c4:f5:b2:cb:04:5e:82:
91:5c:23:79:32:59:0a:0c:eb:78:33:07:14:3d:cb:
58:69:aa:c0:90:c7:23:1e:bd:3c:4e:d2:47:4c:53:
df:85:4c:d3:ab:fd:4e:6f:db:b3:21:4e:4c:89:7d:
87:4c:89:44:3b:02:cf:32:4d:fc:2e:12:19:43:73:
6e:44:fc:b9:95:0b:ea:4d:ed:84:22:b4:8f:47:05:
43:cc:5c:07:2e:e3:cd:c8:62:c3:8b:05:87:c1:fb:
d9:23:f1:a1:82:0e:1e:27:57:2f:60:6d:31:c1:55:
78:b2:19:52:7e:97:ef:45:73:02:de:03:d8:32:36:
b0:5b:50:ec:51:28:40:cf:e6:48:dd:ad:d8:07:fa:
1d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:2F:84:5B:66:E9:BF:84:1A:4B:00:83:74:68:77:4F:67:11:34:96
X509v3 Authority Key Identifier:
keyid:B3:99:2F:0D:49:BA:F6:A3:6F:DA:65:8E:5B:45:94:69:52:1E:5B:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/s5kvDUm69qNv2mWOW0WUaVIeW0Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s5kvDUm69qNv2mWOW0WUaVIeW0Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/FA2B1098B64E11EEA35AB96EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.226.0/24
Signature Algorithm: sha256WithRSAEncryption
69:fc:49:4f:be:81:65:f8:44:a5:7b:9d:89:61:68:c8:e6:cf:
a6:0e:a2:a2:5c:ec:1b:23:6b:a5:a0:1e:23:cf:32:c6:e1:2b:
36:97:7c:27:b0:84:be:76:c0:0e:c2:71:ab:86:35:be:db:d6:
31:b2:92:27:d6:e0:c7:f5:16:26:ed:38:3e:b3:bf:f7:2f:52:
9a:f8:ce:5f:ba:52:21:61:7f:c5:eb:48:fa:3e:00:91:bc:67:
db:46:02:bc:21:b6:f7:1f:07:c9:40:5a:3f:50:be:4f:12:dd:
81:91:80:3b:7b:5b:8e:18:a7:7e:c5:13:14:97:e2:71:4f:4e:
b9:95:b6:6b:39:9b:eb:9d:aa:5a:71:a0:76:58:99:c1:02:a4:
5c:f9:63:ec:9b:b9:bb:b9:3b:64:7a:0a:23:06:c9:17:e7:0e:
f4:17:ad:57:a8:3f:da:20:5e:4e:d2:11:aa:26:e8:1e:4e:e2:
a5:5a:bf:b8:a1:7c:a3:4a:56:52:7d:5b:f8:a3:41:33:52:d6:
d2:50:fb:be:f0:8f:0c:98:23:27:fc:b0:27:c2:ae:f0:19:d5:
94:83:24:50:6a:83:42:1e:53:8d:c4:3b:1d:b3:6a:57:2c:87:
ca:92:60:0b:89:18:b4:e9:0f:4e:22:c8:71:f0:bc:ce:d2:e2:
60:e9:6b:57
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NTMwRDExMC8GA1UEBRMoQjM5OTJGMEQ0OUJBRjZBMzZGREE2NThFNUI0NTk0Njk1
MjFFNUI0NDAeFw0yNDAxMTgyMjE0NDJaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YTlhMmQxLTdmZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlU8Cd4kNVSSa35iuMw5u9UIx5P6bXTtNIohsaNYP6KEb7J3UCckCVa9XeIh7u
ULi5uWRH6nZzw/FMqoJpxlXcOuoQ+eZzE/WksMiz/2PxJ6p2tP53sYuTxy/5Wj2S
beEslA09rIAs1ln8I/BNoZQVxPWyywRegpFcI3kyWQoM63gzBxQ9y1hpqsCQxyMe
vTxO0kdMU9+FTNOr/U5v27MhTkyJfYdMiUQ7As8yTfwuEhlDc25E/LmVC+pN7YQi
tI9HBUPMXAcu483IYsOLBYfB+9kj8aGCDh4nVy9gbTHBVXiyGVJ+l+9FcwLeA9gy
NrBbUOxRKEDP5kjdrdgH+h3LAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU2S+EW2bp
v4QaSwCDdGh3T2cRNJYwHwYDVR0jBBgwFoAUs5kvDUm69qNv2mWOW0WUaVIeW0Qw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1MzBEL0REN0UwOTFDQjY0
QjExRUU5MTQ2Mzc2MEM0RjlBRTAyL3M1a3ZEVW02OXFOdjJtV09XMFdVYVZJZVcw
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvczVrdkRVbTY5cU52Mm1XT1cwV1VhVkllVzBRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NTMwRC9ERDdFMDkxQ0I2NEIxMUVFOTE0NjM3NjBDNEY5QUUwMi9GQTJCMTA5OEI2
NEUxMUVFQTM1QUI5NkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0K4jANBgkqhkiG9w0BAQsFAAOCAQEAafxJT76BZfhEpXud
iWFoyObPpg6iolzsGyNrpaAeI88yxuErNpd8J7CEvnbADsJxq4Y1vtvWMbKSJ9bg
x/UWJu04PrO/9y9SmvjOX7pSIWF/xetI+j4Akbxn20YCvCG29x8HyUBaP1C+TxLd
gZGAO3tbjhinfsUTFJficU9OuZW2azmb652qWnGgdliZwQKkXPlj7Ju5u7k7ZHoK
IwbJF+cO9BetV6g/2iBeTtIRqiboHk7ipVq/uKF8o0pWUn1b+KNBM1LW0lD7vvCP
DJgjJ/ywJ8Ku8BnVlIMkUGqDQh5TjcQ7HbNqVyyHypJgC4kYtOkPTiLIcfC8ztLi
YOlrVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org