Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/B9B07F6C028E11EF8BC46564C4F9AE02.roa
File: B9B07F6C028E11EF8BC46564C4F9AE02.roa (raw, json)
Hash identifier: qc3AzaKrD5PhnHjWHS47VaYqKjKePiyDQebR9wTV5Pk=
Subject key identifier: DE:5E:63:3E:62:FA:08:A3:9B:A9:55:CC:BA:17:9E:C8:96:1E:FA:3F
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 198A
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/B9B07F6C028E11EF8BC46564C4F9AE02.roa
Signing time: Wed 24 Apr 2024 23:02:30 +0000
ROA not before: Wed 24 Apr 2024 23:02:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 152513
IP address blocks: 157.66.152.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 12:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6538 (0x198a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Validity
Not Before: Apr 24 23:02:30 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66298f85-6a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:df:74:c0:11:5c:ea:cf:8b:5a:34:76:a5:0e:
d7:ed:c1:14:ad:a8:be:a5:42:6d:ce:d6:40:60:b0:
81:26:87:32:60:cc:d8:82:69:de:5e:7a:0d:dd:29:
e8:95:83:32:8b:32:bf:d1:8d:55:59:aa:cc:97:9c:
2f:28:79:7a:08:fb:b1:90:ae:ff:a7:50:45:58:32:
f9:c6:7b:86:5d:6e:fe:ad:27:e2:7b:c7:3e:92:54:
b8:c0:c6:01:c8:de:bc:9f:a0:e2:1c:70:0f:5f:54:
17:e6:55:df:90:f1:fe:12:a1:c9:a9:24:08:72:73:
01:73:3a:25:8b:dc:77:99:39:66:8a:f9:d1:b8:b1:
ac:04:29:91:99:4d:51:e2:3e:0d:70:41:8e:f5:8c:
d8:8f:e0:57:4d:55:92:f1:19:3e:9e:2e:f0:ba:1a:
88:86:40:48:90:2d:32:59:be:71:af:5c:a4:fd:ce:
79:d5:28:9c:d3:f2:a4:6f:18:35:05:a0:99:22:4f:
c8:b0:0f:15:c4:03:a6:a0:65:24:c0:54:28:0d:88:
f3:ca:15:9b:87:ec:06:20:18:35:16:a2:d6:9f:2d:
b1:6a:95:4c:34:88:ea:19:44:67:d8:e6:28:d5:52:
e6:b8:9a:22:41:9d:97:9f:4f:e0:1d:f9:87:f6:2f:
75:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5E:63:3E:62:FA:08:A3:9B:A9:55:CC:BA:17:9E:C8:96:1E:FA:3F
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/B9B07F6C028E11EF8BC46564C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.152.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:ef:c8:2a:af:a4:0e:11:ad:76:99:aa:a7:96:74:09:6d:c7:
54:dc:fe:23:7f:18:16:03:10:57:8b:e8:ed:d8:7f:14:16:70:
ba:a1:d4:d7:ae:a1:c2:23:d9:e0:2d:5a:78:f4:64:c6:54:8e:
86:28:c1:29:df:63:07:72:f9:7e:d8:46:13:ac:56:d7:15:a5:
93:c2:7d:29:c1:62:a8:e0:88:75:1b:4a:d9:54:d6:2f:db:60:
f8:29:1d:66:4a:b8:b5:8a:ca:bd:e5:d7:d4:42:d7:ef:d6:a0:
3c:b3:5a:f9:6f:fb:df:01:56:92:66:67:b9:c0:8d:44:28:3e:
aa:3a:4d:e9:40:2a:d0:4e:36:a6:93:68:57:54:12:59:ef:76:
23:db:0c:73:59:a3:38:23:6d:37:65:2d:9c:83:0d:39:72:8c:
2f:84:c9:f5:78:f3:99:39:fd:9a:30:36:f2:d1:4c:47:aa:e3:
df:3c:6b:19:72:b1:0a:be:f7:77:f2:d3:d9:17:04:ca:7e:dc:
b8:a8:98:18:f7:6f:92:63:b8:11:c1:7e:40:77:c6:80:cc:bf:
f7:84:9b:7f:91:b4:a5:96:23:b0:7d:94:3f:96:0a:a4:de:c3:
2a:c1:ac:f4:60:90:10:83:03:77:b3:39:5a:31:39:a4:53:7f:
9a:6c:7d:e3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQwNDI0MjMwMjMwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI5OGY4NS02YTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1N90wBFc6s+LWjR2pQ7X7cEUrai+pUJtztZAYLCBJocyYMzYgmneXnoN3Sno
lYMyizK/0Y1VWarMl5wvKHl6CPuxkK7/p1BFWDL5xnuGXW7+rSfie8c+klS4wMYB
yN68n6DiHHAPX1QX5lXfkPH+EqHJqSQIcnMBczoli9x3mTlmivnRuLGsBCmRmU1R
4j4NcEGO9YzYj+BXTVWS8Rk+ni7wuhqIhkBIkC0yWb5xr1yk/c551Sic0/Kkbxg1
BaCZIk/IsA8VxAOmoGUkwFQoDYjzyhWbh+wGIBg1FqLWny2xapVMNIjqGURn2OYo
1VLmuJoiQZ2Xn0/gHfmH9i91EQIDAQABo4IClTCCApEwHQYDVR0OBBYEFN5eYz5i
+gijm6lVzLoXnsiWHvo/MB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjlCMDdGNkMw
MjhFMTFFRjhCQzQ2NTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdQpgwDQYJKoZIhvcNAQELBQADggEBAF3vyCqvpA4RrXaZ
qqeWdAltx1Tc/iN/GBYDEFeL6O3YfxQWcLqh1NeuocIj2eAtWnj0ZMZUjoYowSnf
Ywdy+X7YRhOsVtcVpZPCfSnBYqjgiHUbStlU1i/bYPgpHWZKuLWKyr3l19RC1+/W
oDyzWvlv+98BVpJmZ7nAjUQoPqo6TelAKtBONqaTaFdUElnvdiPbDHNZozgjbTdl
LZyDDTlyjC+EyfV485k5/ZowNvLRTEeq4988axlysQq+93fy09kXBMp+3LiomBj3
b5JjuBHBfkB3xoDMv/eEm3+RtKWWI7B9lD+WCqTewyrBrPRgkBCDA3ezOVoxOaRT
f5psfeM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org