Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/4D8064A40B9111EF8D53D069C4F9AE02.roa
File: 4D8064A40B9111EF8D53D069C4F9AE02.roa (raw, json)
Hash identifier: He/o2w/cCzoaL76YzuR7jL0ChxqgT6uQH9yOUAznYio=
Subject key identifier: A9:F0:67:7A:D0:C9:20:D5:67:34:18:07:B0:77:63:60:13:74:18:1F
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 199D
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/4D8064A40B9111EF8D53D069C4F9AE02.roa
Signing time: Mon 06 May 2024 10:13:37 +0000
ROA not before: Mon 06 May 2024 10:13:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139555
IP address blocks: 157.66.152.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 12:44:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6557 (0x199d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Validity
Not Before: May 6 10:13:37 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6638ad51-ba30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:18:dd:26:99:4b:35:55:f8:f5:e5:50:e9:88:
94:a4:79:06:5e:61:c5:60:44:f2:f0:3b:39:06:4d:
bf:e8:76:4d:e5:70:8f:1b:46:a0:4e:49:90:a3:fc:
01:43:fd:55:b1:ad:a7:b1:8c:2e:cc:26:dc:19:e3:
e2:57:65:71:11:73:6c:9a:66:2b:3c:f1:b6:6f:56:
6a:c4:f7:94:0c:ec:e4:f4:4f:3b:e7:3f:74:69:4f:
6d:75:de:da:56:18:ec:81:64:c2:ab:65:90:be:72:
b4:6d:63:5d:a6:f3:6c:c8:ec:05:c5:a4:1d:47:46:
a4:7a:fa:da:7d:8c:e6:21:61:a5:f9:a0:4e:ce:88:
a3:94:87:3b:e4:24:77:5d:53:0b:e6:28:d0:1e:b8:
a3:9f:88:aa:00:f0:00:41:8e:65:fe:4f:58:93:e6:
8a:e1:61:bf:05:c2:74:2a:81:4b:c9:b1:c9:bd:3e:
41:ca:bc:1b:69:23:8c:f9:f9:df:4e:40:a4:de:60:
2c:69:21:91:f8:cc:35:a5:5a:94:4d:bb:ca:ad:22:
dd:d1:f8:96:d1:1b:2f:2c:a8:01:bb:e2:ce:20:bd:
10:fe:86:41:a9:3f:2c:e5:c6:8b:61:ad:39:86:21:
6b:01:3d:62:df:03:72:9d:1e:f6:3f:31:dc:b4:8e:
8b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F0:67:7A:D0:C9:20:D5:67:34:18:07:B0:77:63:60:13:74:18:1F
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/4D8064A40B9111EF8D53D069C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.152.0/23
Signature Algorithm: sha256WithRSAEncryption
19:06:6d:bb:e5:45:86:a2:0f:3f:94:52:f6:e4:d1:27:98:a0:
de:02:b7:9f:b5:ee:85:63:32:95:49:a5:50:f8:79:a4:84:7c:
43:66:e5:9d:2a:8d:2f:30:ac:34:4c:32:72:3e:67:ca:2c:28:
2c:82:99:c5:f1:c5:c8:d4:dd:c7:a7:6a:73:07:b9:70:fb:ae:
4e:56:80:4f:c1:01:3c:d0:1c:c4:b9:8c:83:e2:da:86:e4:e2:
90:0d:5f:31:3e:6f:97:c8:c0:83:69:c4:d2:f2:82:03:6e:14:
7b:7a:61:47:46:a4:aa:a7:b6:0b:eb:e2:f8:97:21:d5:87:9d:
85:5c:57:1e:ef:cc:b4:00:ff:21:3b:8d:c8:68:33:a6:0f:2e:
3e:cf:54:56:78:31:7f:29:a7:d0:b5:14:c4:21:2b:eb:71:4b:
a7:5e:2e:c6:59:03:c0:79:d9:68:ef:e5:1a:23:fa:d3:e0:39:
ee:ee:c9:88:af:cc:80:f1:17:a4:49:6f:58:30:5e:8d:34:30:
22:62:09:c8:06:37:45:0e:36:5d:af:7e:59:a8:0f:97:91:64:
db:c7:b2:26:35:c5:19:96:4e:ad:a9:8b:4d:20:4d:59:13:9d:
dd:db:a9:f3:93:7a:eb:1a:7a:0a:95:fc:2d:9c:d2:c7:a2:47:
b2:a4:ca:a1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGZ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQwNTA2MTAxMzM3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4YWQ1MS1iYTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9xjdJplLNVX49eVQ6YiUpHkGXmHFYETy8Ds5Bk2/6HZN5XCPG0agTkmQo/wB
Q/1Vsa2nsYwuzCbcGePiV2VxEXNsmmYrPPG2b1ZqxPeUDOzk9E875z90aU9tdd7a
VhjsgWTCq2WQvnK0bWNdpvNsyOwFxaQdR0akevrafYzmIWGl+aBOzoijlIc75CR3
XVML5ijQHrijn4iqAPAAQY5l/k9Yk+aK4WG/BcJ0KoFLybHJvT5ByrwbaSOM+fnf
TkCk3mAsaSGR+Mw1pVqUTbvKrSLd0fiW0RsvLKgBu+LOIL0Q/oZBqT8s5caLYa05
hiFrAT1i3wNynR72PzHctI6LkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKnwZ3rQ
ySDVZzQYB7B3Y2ATdBgfMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNEQ4MDY0QTQw
QjkxMTFFRjhENTNEMDY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdQpgwDQYJKoZIhvcNAQELBQADggEBABkGbbvlRYaiDz+U
Uvbk0SeYoN4Ct5+17oVjMpVJpVD4eaSEfENm5Z0qjS8wrDRMMnI+Z8osKCyCmcXx
xcjU3cenanMHuXD7rk5WgE/BATzQHMS5jIPi2obk4pANXzE+b5fIwINpxNLyggNu
FHt6YUdGpKqntgvr4viXIdWHnYVcVx7vzLQA/yE7jchoM6YPLj7PVFZ4MX8pp9C1
FMQhK+txS6deLsZZA8B52Wjv5Roj+tPgOe7uyYivzIDxF6RJb1gwXo00MCJiCcgG
N0UONl2vflmoD5eRZNvHsiY1xRmWTq2pi00gTVkTnd3bqfOTeusaegqV/C2c0sei
R7KkyqE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:26 2024 by rpki-client on console-ams.rpki-client.org