Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4EF9/75A0CD14D13711EEAA9F1980C4F9AE02/F0F9FE48D13911EEB887584FC4F9AE02.roa
File: F0F9FE48D13911EEB887584FC4F9AE02.roa (raw, json)
Hash identifier: 3WysyLVYgFkQuUsT7S7B1Q4LWibYZ8x3XQJo0m43zhs=
Subject key identifier: 35:59:0C:69:3E:6D:57:55:BD:F6:EE:29:EF:B5:D5:56:9D:61:2A:B7
Certificate issuer: /CN=A91A4EF9/serialNumber=872C9368656C778357C2A5A99BECFFF677550AC8
Certificate serial: 03
Authority key identifier: 87:2C:93:68:65:6C:77:83:57:C2:A5:A9:9B:EC:FF:F6:77:55:0A:C8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hyyTaGVsd4NXwqWpm-z_9ndVCsg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4EF9/75A0CD14D13711EEAA9F1980C4F9AE02/F0F9FE48D13911EEB887584FC4F9AE02.roa
Signing time: Thu 22 Feb 2024 04:22:08 +0000
ROA not before: Thu 22 Feb 2024 04:22:08 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 152301
IP address blocks: 157.10.72.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 16:20:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4EF9/serialNumber=872C9368656C778357C2A5A99BECFFF677550AC8
Validity
Not Before: Feb 22 04:22:08 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65d6cbf0-bfac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:8f:ea:14:27:b3:22:1e:01:4b:2f:8e:1f:f6:
7e:fa:0c:e6:2b:a3:55:31:51:ea:8b:2b:2e:71:70:
95:cc:19:74:cc:0a:2c:53:19:d5:be:86:eb:b7:31:
63:7b:6e:bb:e9:04:6b:e4:9f:ff:57:61:2a:9a:a1:
c1:8b:57:26:e8:67:c8:c8:de:10:72:4a:39:26:21:
53:7d:5b:bb:99:60:dd:8e:d6:e4:42:9d:a8:77:bf:
c2:5e:d3:8d:65:c7:37:eb:be:eb:b3:f9:08:13:be:
e1:aa:8f:dd:fd:11:81:d6:20:9c:d6:41:01:4c:77:
6b:64:a9:4b:a9:8c:f4:34:9c:63:41:65:4e:b9:a8:
f6:30:09:ed:66:22:dd:2a:2d:f3:83:33:db:85:27:
9e:02:7d:4c:57:e6:ef:ea:09:ac:c0:86:5c:c1:29:
57:a3:91:c9:32:89:5a:31:a9:9a:e2:59:30:6d:e2:
89:5a:8b:9c:0d:b6:16:4f:c4:5a:fd:6e:e7:8a:9f:
b9:36:49:86:ff:17:77:a0:2c:b9:b7:65:3f:23:b8:
9f:3f:1a:e5:a5:f7:b8:78:62:00:08:8f:a4:cf:78:
39:f9:b4:a4:7d:c2:0b:e6:d7:b2:54:25:8f:87:64:
ee:29:c1:02:ce:fa:a5:48:35:96:1e:c0:69:02:41:
c3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:59:0C:69:3E:6D:57:55:BD:F6:EE:29:EF:B5:D5:56:9D:61:2A:B7
X509v3 Authority Key Identifier:
keyid:87:2C:93:68:65:6C:77:83:57:C2:A5:A9:9B:EC:FF:F6:77:55:0A:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4EF9/75A0CD14D13711EEAA9F1980C4F9AE02/hyyTaGVsd4NXwqWpm-z_9ndVCsg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hyyTaGVsd4NXwqWpm-z_9ndVCsg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4EF9/75A0CD14D13711EEAA9F1980C4F9AE02/F0F9FE48D13911EEB887584FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.72.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:7d:4b:4d:f3:26:2d:87:c9:eb:70:52:3f:55:48:24:e9:08:
58:0e:18:23:af:b3:77:d1:e7:01:c2:8c:cf:a9:9d:3d:a3:f3:
53:e9:3d:d5:b5:04:84:f4:a2:f5:84:d4:6d:85:5a:52:08:d6:
9b:15:ec:50:07:54:ee:ad:c4:68:1b:78:13:d9:8b:ec:1f:00:
71:68:3d:7d:ef:8e:2f:d4:30:5d:10:93:b3:09:5a:de:f7:38:
ee:8a:6d:6f:43:c0:63:21:29:9e:d1:56:b6:4e:6d:f9:bd:43:
fc:08:36:0b:4c:f2:30:6f:75:10:7f:e6:e8:8f:3c:61:78:be:
1e:ad:f4:ca:dc:52:11:f1:86:a4:82:8d:f4:43:6b:32:8d:7d:
dc:40:a1:91:db:03:b7:8a:c7:8d:54:0c:0c:29:4a:8e:74:1b:
c3:e6:a0:c9:19:00:db:65:58:f0:16:c2:52:76:37:54:11:63:
52:a6:22:71:03:4b:f5:37:15:5d:92:a2:34:aa:1f:82:50:d8:
ae:e3:33:52:9e:af:8c:87:9c:90:69:9c:a9:ee:e7:6c:d6:91:
9d:27:06:d7:1a:95:08:91:8f:8b:fa:ab:bb:54:5e:2f:40:45:
02:b2:62:b7:d8:05:68:49:c7:8c:e7:d6:6f:6e:b2:22:74:2e:
aa:4b:b8:ce
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NEVGOTExMC8GA1UEBRMoODcyQzkzNjg2NTZDNzc4MzU3QzJBNUE5OUJFQ0ZGRjY3
NzU1MEFDODAeFw0yNDAyMjIwNDIyMDhaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZDZjYmYwLWJmYWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDkj+oUJ7MiHgFLL44f9n76DOYro1UxUeqLKy5xcJXMGXTMCixTGdW+huu3MWN7
brvpBGvkn/9XYSqaocGLVyboZ8jI3hBySjkmIVN9W7uZYN2O1uRCnah3v8Je041l
xzfrvuuz+QgTvuGqj939EYHWIJzWQQFMd2tkqUupjPQ0nGNBZU65qPYwCe1mIt0q
LfODM9uFJ54CfUxX5u/qCazAhlzBKVejkckyiVoxqZriWTBt4olai5wNthZPxFr9
bueKn7k2SYb/F3egLLm3ZT8juJ8/GuWl97h4YgAIj6TPeDn5tKR9wgvm17JUJY+H
ZO4pwQLO+qVINZYewGkCQcMTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNVkMaT5t
V1W99u4p77XVVp1hKrcwHwYDVR0jBBgwFoAUhyyTaGVsd4NXwqWpm+z/9ndVCsgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0RUY5Lzc1QTBDRDE0RDEz
NzExRUVBQTlGMTk4MEM0RjlBRTAyL2h5eVRhR1ZzZDROWHdxV3BtLXpfOW5kVkNz
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvaHl5VGFHVnNkNE5Yd3FXcG0tel85bmRWQ3NnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NEVGOS83NUEwQ0QxNEQxMzcxMUVFQUE5RjE5ODBDNEY5QUUwMi9GMEY5RkU0OEQx
MzkxMUVFQjg4NzU4NEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0KSDANBgkqhkiG9w0BAQsFAAOCAQEAG31LTfMmLYfJ63BS
P1VIJOkIWA4YI6+zd9HnAcKMz6mdPaPzU+k91bUEhPSi9YTUbYVaUgjWmxXsUAdU
7q3EaBt4E9mL7B8AcWg9fe+OL9QwXRCTswla3vc47optb0PAYyEpntFWtk5t+b1D
/Ag2C0zyMG91EH/m6I88YXi+Hq30ytxSEfGGpIKN9ENrMo193EChkdsDt4rHjVQM
DClKjnQbw+agyRkA22VY8BbCUnY3VBFjUqYicQNL9TcVXZKiNKofglDYruMzUp6v
jIeckGmcqe7nbNaRnScG1xqVCJGPi/qru1ReL0BFArJit9gFaEnHjOfWb26yInQu
qku4zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org