Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91886CC/5121415ED5F511EEB0FA605BC4F9AE02/36AFF164DA1711EEA499A417C4F9AE02.roa
File: 36AFF164DA1711EEA499A417C4F9AE02.roa (raw, json)
Hash identifier: LdO50RdTD1VxTwpUjKNOfgQOFMahR83q9cWtVg99vY4=
Subject key identifier: 10:B2:87:37:56:03:40:77:64:84:63:08:9B:30:82:AC:BF:81:45:81
Certificate issuer: /CN=A91886CC/serialNumber=0B10E5EFEF30F8CE04ED4C5B8F48A9CD24BCBA14
Certificate serial: 27
Authority key identifier: 0B:10:E5:EF:EF:30:F8:CE:04:ED:4C:5B:8F:48:A9:CD:24:BC:BA:14
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CxDl7-8w-M4E7Uxbj0ipzSS8uhQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91886CC/5121415ED5F511EEB0FA605BC4F9AE02/36AFF164DA1711EEA499A417C4F9AE02.roa
Signing time: Wed 01 May 2024 07:08:48 +0000
ROA not before: Wed 01 May 2024 07:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151064
IP address blocks: 157.20.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 12:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39 (0x27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91886CC
Validity
Not Before: May 1 07:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6631ea80-4912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2a:68:d5:80:5d:b8:bb:82:81:83:5d:f5:fb:
4f:36:1c:a0:53:67:56:f2:13:d5:aa:3b:03:27:54:
7b:88:1d:05:f8:5a:f5:c4:3e:27:c4:cf:77:19:aa:
fe:f7:f0:0a:6e:11:ea:1a:7d:a8:12:20:f1:4a:5b:
a6:62:a6:b5:c4:bd:f8:38:4a:ac:88:89:d9:2d:9e:
d8:b7:64:b4:1a:c8:cd:28:83:82:a6:50:04:82:ab:
4f:93:91:8b:ed:3c:23:34:ff:7c:e5:2d:f5:1d:ef:
c1:aa:89:1e:20:e4:e6:7a:53:ba:d3:e2:fd:a8:8b:
f9:2c:2c:c1:80:83:2f:72:18:de:c3:a5:56:b6:a7:
d0:a8:25:6b:5a:9a:8c:67:80:2a:a9:84:69:46:bf:
98:ed:cf:fd:d9:63:4e:4c:10:30:47:59:0e:44:3d:
27:2c:1f:45:54:6a:ea:0f:33:d3:66:5a:58:97:61:
46:4e:44:7f:e7:3a:55:5e:65:e0:d6:2a:76:6e:1f:
62:85:92:19:14:43:b5:24:45:08:62:f6:82:21:0b:
40:c3:87:ff:f9:95:80:95:d1:fb:4b:7a:ae:73:98:
2f:25:51:1c:85:96:06:1e:ae:68:a4:f2:63:61:72:
04:d0:81:f7:7a:06:74:14:b5:21:c7:9b:d4:6e:df:
11:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B2:87:37:56:03:40:77:64:84:63:08:9B:30:82:AC:BF:81:45:81
X509v3 Authority Key Identifier:
keyid:0B:10:E5:EF:EF:30:F8:CE:04:ED:4C:5B:8F:48:A9:CD:24:BC:BA:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91886CC/5121415ED5F511EEB0FA605BC4F9AE02/CxDl7-8w-M4E7Uxbj0ipzSS8uhQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CxDl7-8w-M4E7Uxbj0ipzSS8uhQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91886CC/5121415ED5F511EEB0FA605BC4F9AE02/36AFF164DA1711EEA499A417C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.101.0/24
Signature Algorithm: sha256WithRSAEncryption
41:78:62:7f:b9:bc:1d:65:43:b8:51:56:90:04:1a:06:98:16:
8b:4b:3b:82:87:4e:df:00:31:67:77:02:85:25:bb:ec:a5:a3:
71:18:dc:ef:44:12:69:c8:2b:92:ce:46:09:6a:15:15:09:e4:
6f:3d:bb:73:cb:fa:f5:ae:4f:80:f2:30:d2:d8:cb:b1:72:86:
38:e7:b1:da:1a:94:49:fd:6c:13:b8:32:b8:f2:fa:bf:e4:f9:
4e:89:ff:fe:c6:17:6a:57:8c:09:aa:6d:10:32:a8:4e:5f:17:
48:3d:83:eb:46:7d:12:ee:8e:1a:35:7a:53:db:71:6a:a4:b0:
91:7b:45:26:38:d0:53:28:de:50:a6:3f:40:56:d8:02:7d:4f:
52:02:7d:78:71:c9:e1:ee:00:57:ed:70:b6:c1:89:ba:e4:3f:
c2:85:86:4c:ac:2e:d8:5e:5b:87:d2:4b:f2:f4:09:31:9d:cf:
ef:84:fb:85:83:dc:52:74:09:5d:b0:77:d9:cb:a0:ce:94:b3:
a9:7c:76:f7:ba:f5:e6:81:1b:9b:9c:99:03:ba:6e:40:01:4c:
85:49:90:a2:46:23:d5:fe:a3:05:4a:1a:05:16:17:83:9c:fd:
54:85:5c:04:25:94:44:67:45:67:8b:e1:80:99:05:13:6f:7e:
06:2b:c7:37
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
ODZDQzExMC8GA1UEBRMoMEIxMEU1RUZFRjMwRjhDRTA0RUQ0QzVCOEY0OEE5Q0Qy
NEJDQkExNDAeFw0yNDA1MDEwNzA4NDhaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzFlYTgwLTQ5MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtKmjVgF24u4KBg131+082HKBTZ1byE9WqOwMnVHuIHQX4WvXEPifEz3cZqv73
8ApuEeoafagSIPFKW6ZiprXEvfg4SqyIidktnti3ZLQayM0og4KmUASCq0+TkYvt
PCM0/3zlLfUd78GqiR4g5OZ6U7rT4v2oi/ksLMGAgy9yGN7DpVa2p9CoJWtamoxn
gCqphGlGv5jtz/3ZY05MEDBHWQ5EPScsH0VUauoPM9NmWliXYUZORH/nOlVeZeDW
KnZuH2KFkhkUQ7UkRQhi9oIhC0DDh//5lYCV0ftLeq5zmC8lURyFlgYermik8mNh
cgTQgfd6BnQUtSHHm9Ru3xGDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUELKHN1YD
QHdkhGMImzCCrL+BRYEwHwYDVR0jBBgwFoAUCxDl7+8w+M4E7Uxbj0ipzSS8uhQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg4NkNDLzUxMjE0MTVFRDVG
NTExRUVCMEZBNjA1QkM0RjlBRTAyL0N4RGw3LTh3LU00RTdVeGJqMGlwelNTOHVo
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvQ3hEbDctOHctTTRFN1V4YmowaXB6U1M4dWhRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
ODZDQy81MTIxNDE1RUQ1RjUxMUVFQjBGQTYwNUJDNEY5QUUwMi8zNkFGRjE2NERB
MTcxMUVFQTQ5OUE0MTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0UZTANBgkqhkiG9w0BAQsFAAOCAQEAQXhif7m8HWVDuFFW
kAQaBpgWi0s7godO3wAxZ3cChSW77KWjcRjc70QSacgrks5GCWoVFQnkbz27c8v6
9a5PgPIw0tjLsXKGOOex2hqUSf1sE7gyuPL6v+T5Ton//sYXaleMCaptEDKoTl8X
SD2D60Z9Eu6OGjV6U9txaqSwkXtFJjjQUyjeUKY/QFbYAn1PUgJ9eHHJ4e4AV+1w
tsGJuuQ/woWGTKwu2F5bh9JL8vQJMZ3P74T7hYPcUnQJXbB32cugzpSzqXx297r1
5oEbm5yZA7puQAFMhUmQokYj1f6jBUoaBRYXg5z9VIVcBCWURGdFZ4vhgJkFE29+
BivHNw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:53 2025 by rpki-client