Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/09B5CFFE603A11EF98FA2367C4F9AE02.roa
File: 09B5CFFE603A11EF98FA2367C4F9AE02.roa (raw, json)
Hash identifier: OO+qfTfso+Mce9A7dcU0x+ygtzCjwWq8hfcJNREq/Og=
Subject key identifier: A6:A2:0F:5D:BC:0E:E6:71:29:99:03:E2:BC:83:8B:F4:82:C6:A3:27
Certificate issuer: /CN=A91BE056/serialNumber=7C194FEDB8A5C8C976EBDEC8493DF3C3F08CC8E2
Certificate serial: 5C
Authority key identifier: 7C:19:4F:ED:B8:A5:C8:C9:76:EB:DE:C8:49:3D:F3:C3:F0:8C:C8:E2
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fBlP7bilyMl2697IST3zw_CMyOI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/09B5CFFE603A11EF98FA2367C4F9AE02.roa
Signing time: Thu 22 Aug 2024 03:53:06 +0000
ROA not before: Thu 22 Aug 2024 03:53:06 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 142629
IP address blocks: 157.20.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 06:22:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92 (0x5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BE056/serialNumber=7C194FEDB8A5C8C976EBDEC8493DF3C3F08CC8E2
Validity
Not Before: Aug 22 03:53:06 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66c6b622-3b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8d:b8:ab:74:7b:5b:ae:4d:96:3a:1d:d4:c4:
98:d6:75:69:33:c1:78:d7:cf:cd:53:05:fe:42:a6:
1a:d2:80:2b:72:6f:cf:00:82:b7:55:c4:f9:da:19:
ac:a5:44:ce:cc:eb:c5:29:8d:31:0d:71:7d:c9:fa:
66:a9:92:22:9c:bf:4a:b0:55:8d:59:0f:0c:fa:c3:
ab:79:68:c9:6c:19:22:e2:9b:6e:11:3e:f9:d7:6e:
42:b1:c9:90:cd:14:d1:2c:55:a6:62:df:63:de:b6:
dd:ce:79:dd:f5:8a:fa:8c:45:5e:16:6a:c6:f2:1f:
47:7b:4d:6d:63:6b:48:3f:7d:a5:27:35:82:ac:8b:
9a:30:f4:1f:a1:13:98:49:a7:e9:85:11:cd:e4:f9:
70:6e:78:37:48:10:37:e5:65:7e:d0:f5:ec:c8:64:
5e:55:32:5c:13:61:3a:76:a0:d5:01:1f:11:b6:a9:
df:88:e2:2b:ed:16:6b:de:c5:9a:ed:ca:56:d2:8e:
57:f4:4d:1b:71:f7:f8:b5:5b:b9:3a:f7:c6:04:6f:
f3:77:c9:de:fe:37:ff:7b:f3:39:71:32:fc:3a:0d:
a9:13:5e:80:44:28:e6:bf:58:9d:8d:60:99:8a:84:
b0:17:f5:c3:6b:f4:7e:ea:1e:4b:b9:9e:2f:ed:d4:
87:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A2:0F:5D:BC:0E:E6:71:29:99:03:E2:BC:83:8B:F4:82:C6:A3:27
X509v3 Authority Key Identifier:
keyid:7C:19:4F:ED:B8:A5:C8:C9:76:EB:DE:C8:49:3D:F3:C3:F0:8C:C8:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/fBlP7bilyMl2697IST3zw_CMyOI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fBlP7bilyMl2697IST3zw_CMyOI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/09B5CFFE603A11EF98FA2367C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.142.0/24
Signature Algorithm: sha256WithRSAEncryption
25:9e:3d:dd:c2:ce:8b:7d:cc:03:ec:70:95:4c:4a:ef:a6:bf:
d4:dd:80:6c:4a:bf:20:36:56:a8:fe:ed:57:30:63:8d:a4:88:
87:4e:d8:6f:8f:e9:c7:d0:f7:88:4d:be:75:e7:e1:83:7e:2e:
cc:e1:2d:6e:18:96:ef:37:fa:ea:f5:9c:bb:ed:1b:16:cc:9a:
6d:2d:1e:73:98:29:28:61:2b:d1:4a:ac:16:e9:10:a5:45:b9:
48:fe:be:9c:2d:e7:17:f2:ee:9d:6e:49:f2:5f:76:36:dd:1c:
16:c2:67:c6:d5:06:68:7c:d2:18:51:b8:26:78:01:32:6c:ac:
71:f4:98:77:01:40:72:6f:21:13:f2:e0:4e:2d:ba:68:e4:1d:
d5:49:7e:bc:5d:59:1f:a0:98:21:a0:4c:8d:07:90:58:1b:73:
bc:60:f0:4a:d6:35:02:f6:83:97:63:81:38:a0:3d:d8:0f:02:
2b:9d:21:1a:1a:57:11:88:c4:73:5a:ee:db:27:67:44:20:76:
c5:8d:14:5d:1a:6e:a7:b5:ff:aa:c3:76:5a:6b:4a:e9:ca:3b:
f5:fc:b5:9e:36:e6:3c:3c:fc:d4:38:b0:08:80:bb:cd:f6:34:
fb:93:45:64:af:5d:db:1c:17:d9:71:82:35:12:70:3e:fa:3a:
f5:f2:e7:34
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBXDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
RTA1NjExMC8GA1UEBRMoN0MxOTRGRURCOEE1QzhDOTc2RUJERUM4NDkzREYzQzNG
MDhDQzhFMjAeFw0yNDA4MjIwMzUzMDZaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YzZiNjIyLTNiNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDVjbirdHtbrk2WOh3UxJjWdWkzwXjXz81TBf5CphrSgCtyb88AgrdVxPnaGayl
RM7M68UpjTENcX3J+mapkiKcv0qwVY1ZDwz6w6t5aMlsGSLim24RPvnXbkKxyZDN
FNEsVaZi32Pett3Oed31ivqMRV4WasbyH0d7TW1ja0g/faUnNYKsi5ow9B+hE5hJ
p+mFEc3k+XBueDdIEDflZX7Q9ezIZF5VMlwTYTp2oNUBHxG2qd+I4ivtFmvexZrt
ylbSjlf0TRtx9/i1W7k698YEb/N3yd7+N/978zlxMvw6DakTXoBEKOa/WJ2NYJmK
hLAX9cNr9H7qHku5ni/t1Ic3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUpqIPXbwO
5nEpmQPivIOL9ILGoycwHwYDVR0jBBgwFoAUfBlP7bilyMl2697IST3zw/CMyOIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFMDU2LzAwM0UxMTU4RDc4
QjExRUVBMkVCRDcxMkM0RjlBRTAyL2ZCbFA3YmlseU1sMjY5N0lTVDN6d19DTXlP
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZkJsUDdiaWx5TWwyNjk3SVNUM3p3X0NNeU9JLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RTA1Ni8wMDNFMTE1OEQ3OEIxMUVFQTJFQkQ3MTJDNEY5QUUwMi8wOUI1Q0ZGRTYw
M0ExMUVGOThGQTIzNjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0UjjANBgkqhkiG9w0BAQsFAAOCAQEAJZ493cLOi33MA+xw
lUxK76a/1N2AbEq/IDZWqP7tVzBjjaSIh07Yb4/px9D3iE2+defhg34uzOEtbhiW
7zf66vWcu+0bFsyabS0ec5gpKGEr0UqsFukQpUW5SP6+nC3nF/LunW5J8l92Nt0c
FsJnxtUGaHzSGFG4JngBMmyscfSYdwFAcm8hE/LgTi26aOQd1Ul+vF1ZH6CYIaBM
jQeQWBtzvGDwStY1AvaDl2OBOKA92A8CK50hGhpXEYjEc1ru2ydnRCB2xY0UXRpu
p7X/qsN2WmtK6co79fy1njbmPDz81DiwCIC7zfY0+5NFZK9d2xwX2XGCNRJwPvo6
9fLnNA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:28:52 2024 by rpki-client on console-ams.rpki-client.org