Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/6DC4EA46D4D711EE89EF955BC4F9AE02.roa
File: 6DC4EA46D4D711EE89EF955BC4F9AE02.roa (raw, json)
Hash identifier: TFvuT2j7xhOQ9DnXd5Wz8L9B2PIED3NsSBdgGGNvbjc=
Subject key identifier: EA:32:62:C3:2C:63:AE:FB:98:B0:7B:86:ED:8D:03:A6:A9:B5:49:4F
Certificate issuer: /CN=A9190D72/serialNumber=A54CB7742AABCF4E58E5D4C1F3B9D12DAD91B406
Certificate serial: 03
Authority key identifier: A5:4C:B7:74:2A:AB:CF:4E:58:E5:D4:C1:F3:B9:D1:2D:AD:91:B4:06
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pUy3dCqrz05Y5dTB87nRLa2RtAY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/6DC4EA46D4D711EE89EF955BC4F9AE02.roa
Signing time: Mon 26 Feb 2024 18:47:02 +0000
ROA not before: Mon 26 Feb 2024 18:47:02 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 152586
IP address blocks: 157.20.104.0/24 maxlen: 24
157.20.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 18:34:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9190D72/serialNumber=A54CB7742AABCF4E58E5D4C1F3B9D12DAD91B406
Validity
Not Before: Feb 26 18:47:02 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65dcdca6-63ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fe:a0:a1:43:32:bc:8a:17:ac:46:b2:5d:e9:
8e:cb:29:f1:26:ad:1e:df:3f:0f:4b:ac:01:41:c5:
11:a5:44:8b:3b:ea:c7:b3:35:b0:de:9f:18:31:1c:
b0:c7:34:f8:47:88:5c:b2:5e:05:77:ec:67:7e:09:
b2:9f:e7:fc:48:03:f1:84:ea:c7:74:3f:bf:1f:8e:
b2:02:9e:ba:d0:79:21:6d:a0:fb:d8:f0:0f:ea:8e:
55:8f:94:fe:b2:00:c2:5b:f4:ec:d4:5d:5b:cc:41:
34:a6:1c:05:1c:4d:6e:ca:08:13:27:c9:c0:fe:63:
79:fa:18:df:ad:4f:20:d1:31:12:bc:77:89:f7:bf:
79:cf:81:9f:29:ca:84:14:cd:75:11:a5:4a:3a:80:
60:5a:fd:3f:c7:0c:53:66:52:91:0d:59:f9:78:f6:
e6:b8:42:96:18:a2:88:17:a6:f6:4f:29:52:76:66:
e9:d2:1e:d4:09:6b:f5:3d:14:10:db:7e:2f:52:e7:
1d:2c:af:f8:eb:c6:cd:1c:ec:76:55:d6:86:ee:95:
dd:87:5b:53:16:dd:01:db:9c:a4:b6:02:6b:b7:22:
f8:38:fa:c9:f2:2c:2f:23:ce:cd:8e:78:a6:24:24:
66:4c:24:7b:60:30:10:9c:44:eb:b4:bf:6e:72:15:
db:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:32:62:C3:2C:63:AE:FB:98:B0:7B:86:ED:8D:03:A6:A9:B5:49:4F
X509v3 Authority Key Identifier:
keyid:A5:4C:B7:74:2A:AB:CF:4E:58:E5:D4:C1:F3:B9:D1:2D:AD:91:B4:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/pUy3dCqrz05Y5dTB87nRLa2RtAY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pUy3dCqrz05Y5dTB87nRLa2RtAY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/6DC4EA46D4D711EE89EF955BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.104.0/23
Signature Algorithm: sha256WithRSAEncryption
99:35:2f:c0:4e:56:81:8b:46:2e:e4:0b:fb:e7:bc:49:91:f8:
b9:d0:ac:d7:5f:05:98:58:9d:29:e9:7f:b4:9d:98:21:79:25:
6a:1a:05:91:9f:4f:80:f7:86:08:0b:19:64:78:90:63:45:ca:
61:8b:41:ee:4e:f7:6b:76:3d:b1:7c:19:d5:a1:69:cb:5e:c9:
c9:73:a2:97:72:3b:29:f2:e3:c2:47:d8:59:d7:2f:1c:28:9e:
01:d4:b3:c4:3c:2d:46:8c:51:85:df:c8:0a:60:03:bf:3d:80:
7e:be:1f:c9:98:ee:1b:0d:18:96:08:d3:20:e4:f1:1b:19:35:
55:77:05:4e:73:0a:e9:36:f1:df:70:ab:85:7c:1e:1a:d9:b5:
d4:75:8d:f0:09:55:b6:c7:15:2d:51:8e:58:92:32:9e:ce:d0:
15:82:3c:18:d7:ad:d5:a4:b1:3d:37:2d:98:4d:e2:00:8d:ff:
9b:2c:c5:8f:4a:58:02:9f:fe:69:5c:cb:f5:95:ae:f0:c6:1d:
ce:b6:df:f2:5a:b8:62:ca:ba:26:2b:2b:3c:02:bb:27:f8:ea:
4c:5e:55:b8:8f:2d:3c:ef:91:10:13:40:5f:d8:4b:7a:f2:73:
32:4a:32:26:2a:ba:49:12:75:d7:2a:01:80:e9:51:64:8c:fb:
f4:89:99:98
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MEQ3MjExMC8GA1UEBRMoQTU0Q0I3NzQyQUFCQ0Y0RTU4RTVENEMxRjNCOUQxMkRB
RDkxQjQwNjAeFw0yNDAyMjYxODQ3MDJaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZGNkY2E2LTYzYWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1/qChQzK8ihesRrJd6Y7LKfEmrR7fPw9LrAFBxRGlRIs76sezNbDenxgxHLDH
NPhHiFyyXgV37Gd+CbKf5/xIA/GE6sd0P78fjrICnrrQeSFtoPvY8A/qjlWPlP6y
AMJb9OzUXVvMQTSmHAUcTW7KCBMnycD+Y3n6GN+tTyDRMRK8d4n3v3nPgZ8pyoQU
zXURpUo6gGBa/T/HDFNmUpENWfl49ua4QpYYoogXpvZPKVJ2ZunSHtQJa/U9FBDb
fi9S5x0sr/jrxs0c7HZV1obuld2HW1MW3QHbnKS2Amu3Ivg4+snyLC8jzs2OeKYk
JGZMJHtgMBCcROu0v25yFds3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU6jJiwyxj
rvuYsHuG7Y0Dpqm1SU8wHwYDVR0jBBgwFoAUpUy3dCqrz05Y5dTB87nRLa2RtAYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkwRDcyLzZBQzk4OUYwRDQ4
MjExRUU4N0Q1RDcyNEM0RjlBRTAyL3BVeTNkQ3FyejA1WTVkVEI4N25STGEyUnRB
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvcFV5M2RDcXJ6MDVZNWRUQjg3blJMYTJSdEFZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MEQ3Mi82QUM5ODlGMEQ0ODIxMUVFODdENUQ3MjRDNEY5QUUwMi82REM0RUE0NkQ0
RDcxMUVFODlFRjk1NUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0UaDANBgkqhkiG9w0BAQsFAAOCAQEAmTUvwE5WgYtGLuQL
++e8SZH4udCs118FmFidKel/tJ2YIXklahoFkZ9PgPeGCAsZZHiQY0XKYYtB7k73
a3Y9sXwZ1aFpy17JyXOil3I7KfLjwkfYWdcvHCieAdSzxDwtRoxRhd/ICmADvz2A
fr4fyZjuGw0YlgjTIOTxGxk1VXcFTnMK6Tbx33CrhXweGtm11HWN8AlVtscVLVGO
WJIyns7QFYI8GNet1aSxPTctmE3iAI3/myzFj0pYAp/+aVzL9ZWu8MYdzrbf8lq4
Ysq6JisrPAK7J/jqTF5VuI8tPO+REBNAX9hLevJzMkoyJiq6SRJ11yoBgOlRZIz7
9ImZmA==
-----END CERTIFICATE-----
Generated at Thu Jul 25 21:18:57 2024 by rpki-client on console-ams.rpki-client.org