Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/7DB874ACAF9A11EE8F6EC05CC4F9AE02.roa
File: 7DB874ACAF9A11EE8F6EC05CC4F9AE02.roa (raw, json)
Hash identifier: K3U1P+b0yPHnt2k6GD2a2apG7PxhkVj67Qo5tHYsL4o=
Subject key identifier: F6:8B:60:C5:F2:06:6B:4A:83:6C:C1:AA:2D:ED:8E:F2:B0:4E:F6:9A
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 77
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/7DB874ACAF9A11EE8F6EC05CC4F9AE02.roa
Signing time: Thu 29 Feb 2024 09:27:49 +0000
ROA not before: Thu 29 Feb 2024 09:27:49 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 150862
IP address blocks: 157.10.42.0/23 maxlen: 23
157.10.44.0/23 maxlen: 23
157.15.38.0/23 maxlen: 23
157.15.108.0/23 maxlen: 23
157.15.110.0/23 maxlen: 23
157.20.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 06 Mar 2024 12:45:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119 (0x77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Feb 29 09:27:49 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65e04e15-a3ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:07:ad:76:33:e2:b7:42:fe:ab:fa:96:d9:e8:
ec:41:05:43:01:8d:fa:9b:1c:ea:ee:37:70:95:cb:
a5:e9:58:66:44:48:fb:d9:95:c7:e1:42:18:8d:ce:
c8:f1:34:4a:d6:c5:dc:8d:8f:2e:30:32:ac:43:ae:
2b:8f:e4:97:92:de:62:6c:fb:52:11:67:90:f1:24:
53:b2:9c:aa:a2:38:0c:32:da:49:e3:6e:80:19:a3:
40:99:d5:74:86:2f:22:c6:13:de:dd:4e:84:68:06:
82:e3:b7:de:63:cc:73:ab:90:76:98:8b:9a:20:ef:
0c:a7:44:22:3d:6d:a3:2c:16:b0:0a:1b:6a:96:da:
ce:a8:23:f2:da:3b:03:9d:4c:df:56:b9:e9:80:a8:
35:62:59:bf:dd:df:ea:0f:cb:0c:c2:da:b5:4a:2d:
dd:41:51:16:94:2e:84:2c:7f:93:53:06:35:d7:1e:
7c:fa:2a:ad:02:49:2d:60:f9:57:97:3a:1e:7e:2c:
42:f2:c1:89:17:59:95:32:57:e4:9c:61:9b:c3:b9:
a7:52:3a:d7:6b:da:43:9a:38:eb:2c:71:07:41:0d:
c9:bb:c4:f3:5c:8a:b2:29:24:a5:25:9d:60:de:29:
db:cc:9e:23:54:13:65:15:78:3b:c3:d7:9c:58:80:
a2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:8B:60:C5:F2:06:6B:4A:83:6C:C1:AA:2D:ED:8E:F2:B0:4E:F6:9A
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/7DB874ACAF9A11EE8F6EC05CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.42.0-157.10.45.255
157.15.38.0/23
157.15.108.0/22
157.20.62.0/23
Signature Algorithm: sha256WithRSAEncryption
91:4b:26:95:f0:93:41:b7:c2:97:9d:57:5a:8b:b5:72:16:ee:
6e:04:fe:0d:d4:fe:d9:02:cb:d0:aa:42:7d:68:37:72:4b:35:
56:35:b0:e2:a5:ac:a0:bb:45:c4:44:68:72:a9:cb:43:8d:61:
8f:01:26:b7:ec:5b:25:8e:d5:2d:fe:9a:15:e9:2a:23:70:f2:
3c:d6:39:5f:55:8d:f3:78:d6:75:3a:48:a1:ef:cf:08:e1:5a:
d1:3c:03:fb:b3:02:c7:c6:bf:75:a4:17:bb:e9:7e:c3:dc:80:
28:51:50:e1:3c:28:ae:5a:9d:94:99:a2:d4:3d:da:6f:75:a1:
22:aa:81:f2:41:51:27:55:af:48:bc:ff:37:ca:61:6f:8a:58:
be:da:2d:4e:5b:3b:88:1c:70:18:15:f8:5a:72:fe:77:31:f9:
95:82:55:e4:74:22:3c:8d:06:2e:38:71:98:5e:2a:db:1b:dc:
95:20:b5:4d:1c:f2:c8:04:14:d9:75:aa:c7:e6:b5:ba:df:1c:
2b:c2:ce:75:a0:cf:17:d7:03:5b:30:fb:e2:59:96:ce:06:9a:
a2:c2:90:00:e6:08:b2:ea:3f:7e:f5:65:c2:4c:d0:a0:ba:a5:
8f:02:6c:b5:36:77:36:b1:88:af:a9:10:6c:a5:15:0d:f3:37:
f4:c2:3d:61
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBdzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NTYwQTExMC8GA1UEBRMoOEFDNzIxMjk4RjkyRTEwQTJFRTMwNTFBRkJDOTExNDI4
NEY4MEUxMjAeFw0yNDAyMjkwOTI3NDlaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZTA0ZTE1LWEzY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7B612M+K3Qv6r+pbZ6OxBBUMBjfqbHOruN3CVy6XpWGZESPvZlcfhQhiNzsjx
NErWxdyNjy4wMqxDriuP5JeS3mJs+1IRZ5DxJFOynKqiOAwy2knjboAZo0CZ1XSG
LyLGE97dToRoBoLjt95jzHOrkHaYi5og7wynRCI9baMsFrAKG2qW2s6oI/LaOwOd
TN9WuemAqDViWb/d3+oPywzC2rVKLd1BURaULoQsf5NTBjXXHnz6Kq0CSS1g+VeX
Oh5+LELywYkXWZUyV+ScYZvDuadSOtdr2kOaOOsscQdBDcm7xPNcirIpJKUlnWDe
KdvMniNUE2UVeDvD15xYgKKDAgMBAAGjggKvMIICqzAdBgNVHQ4EFgQU9otgxfIG
a0qDbMGqLe2O8rBO9powHwYDVR0jBBgwFoAUischKY+S4Qou4wUa+8kRQoT4DhIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1NjBBLzIwOTU4NjE4QTlE
RjExRUVBMzU2QTQzRUM0RjlBRTAyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERo
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvaXNjaEtZLVM0UW91NHdVYS04a1JRb1Q0RGhJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NTYwQS8yMDk1ODYxOEE5REYxMUVFQTM1NkE0M0VDNEY5QUUwMi83REI4NzRBQ0FG
OUExMUVFOEY2RUMwNUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIDAMAwQBnQoqAwQBnQosAwQBnQ8mAwQCnQ9sAwQBnRQ+MA0GCSqG
SIb3DQEBCwUAA4IBAQCRSyaV8JNBt8KXnVdai7VyFu5uBP4N1P7ZAsvQqkJ9aDdy
SzVWNbDipaygu0XERGhyqctDjWGPASa37FsljtUt/poV6SojcPI81jlfVY3zeNZ1
Okih788I4VrRPAP7swLHxr91pBe76X7D3IAoUVDhPCiuWp2UmaLUPdpvdaEiqoHy
QVEnVa9IvP83ymFvili+2i1OWzuIHHAYFfhacv53MfmVglXkdCI8jQYuOHGYXirb
G9yVILVNHPLIBBTZdarH5rW63xwrws51oM8X1wNbMPviWZbOBpqiwpAA5giy6j9+
9WXCTNCguqWPAmy1Nnc2sYivqRBspRUN8zf0wj1h
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org