Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/1A627F167EEC11EF8C3B0616C4F9AE02.roa
File: 1A627F167EEC11EF8C3B0616C4F9AE02.roa (raw, json)
Hash identifier: 8U0xU1e9/k7SB/NlhiCY4VpJ04yiPENRzJjDmq282rg=
Subject key identifier: 7D:08:D9:ED:7B:66:79:75:65:07:CD:8C:63:88:01:D0:D5:5D:88:A0
Certificate issuer: /CN=A91BE056/serialNumber=7C194FEDB8A5C8C976EBDEC8493DF3C3F08CC8E2
Certificate serial: 7C
Authority key identifier: 7C:19:4F:ED:B8:A5:C8:C9:76:EB:DE:C8:49:3D:F3:C3:F0:8C:C8:E2
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fBlP7bilyMl2697IST3zw_CMyOI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/1A627F167EEC11EF8C3B0616C4F9AE02.roa
Signing time: Mon 30 Sep 2024 05:23:19 +0000
ROA not before: Mon 30 Sep 2024 05:23:19 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 15169
IP address blocks: 157.20.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 13:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124 (0x7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BE056/serialNumber=7C194FEDB8A5C8C976EBDEC8493DF3C3F08CC8E2
Validity
Not Before: Sep 30 05:23:19 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fa35c7-d199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1d:30:ad:d6:f8:3d:3d:1d:c9:b7:54:05:c9:
23:45:8b:2f:bb:d0:0a:b4:45:5b:e1:95:b4:f1:6a:
8e:20:c0:c6:70:3f:93:ba:ca:ed:23:ec:e4:75:23:
d1:3f:bb:33:ed:be:ef:17:2a:aa:79:ac:5a:02:d5:
d7:4b:6a:2c:b2:38:44:94:cd:3a:e6:db:05:ef:4d:
5c:3a:43:55:2b:2f:00:a5:68:96:10:7a:ab:cc:67:
5b:2d:d9:c2:be:c3:99:ca:00:38:98:f7:ee:05:fc:
44:c4:ac:0e:1f:13:a5:df:df:20:21:8a:2d:a1:2b:
de:40:05:c9:50:44:bc:87:37:79:87:ef:3c:43:56:
2a:cd:33:61:fc:b4:af:3d:ec:c4:c8:5b:46:1f:38:
3a:d0:d0:e9:a8:57:f2:88:13:d9:ad:a8:43:ec:36:
51:95:18:d2:37:89:4b:ee:67:8b:c6:2c:ac:21:e9:
75:ba:24:c3:b6:f1:cc:7f:b5:11:2f:f6:df:ed:f2:
7c:7b:f0:50:a4:03:d1:13:c4:76:8a:ba:76:78:b0:
27:96:e0:ed:e3:f6:75:57:41:98:3a:53:8b:ae:da:
41:df:ac:38:a4:62:ca:35:00:87:59:4e:8c:2d:90:
c3:88:11:98:a3:16:60:ca:6e:7a:ac:90:68:37:4d:
dc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:08:D9:ED:7B:66:79:75:65:07:CD:8C:63:88:01:D0:D5:5D:88:A0
X509v3 Authority Key Identifier:
keyid:7C:19:4F:ED:B8:A5:C8:C9:76:EB:DE:C8:49:3D:F3:C3:F0:8C:C8:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/fBlP7bilyMl2697IST3zw_CMyOI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fBlP7bilyMl2697IST3zw_CMyOI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/1A627F167EEC11EF8C3B0616C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.142.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:33:80:0e:38:b4:80:03:f0:d6:36:2b:68:9c:8b:bb:64:01:
1f:4d:15:7d:d2:3e:fd:cc:f9:ff:2f:a9:27:74:4d:2f:24:ff:
32:3a:4c:06:a0:35:06:90:a5:53:61:4b:79:5f:c4:f7:a4:33:
f1:ef:d4:76:1f:4d:b8:e2:a4:e6:1f:62:05:6a:d6:13:26:b9:
c8:54:34:1c:51:90:28:fb:61:c7:cc:3e:5e:80:6e:ea:5b:ba:
2c:01:b8:a7:eb:85:5a:f3:3f:56:45:91:4b:58:17:46:7a:c4:
6a:a6:92:e8:db:23:14:72:1d:54:43:82:41:30:aa:74:10:55:
06:01:44:d0:93:85:62:41:5c:23:3d:2b:fe:09:9d:09:8a:20:
1d:9e:aa:ee:98:52:eb:70:df:fb:b8:9f:e7:ce:a4:eb:37:a7:
38:e9:00:09:08:dd:c6:1f:13:db:92:dd:7c:71:21:d3:3a:f6:
49:59:aa:83:8c:df:fa:79:06:cf:22:dc:4a:ff:de:08:c2:f9:
0b:47:4d:9c:8a:c6:b8:22:91:c9:92:dd:09:ca:b8:e8:1b:0b:
ab:c1:f3:a4:3a:8c:8f:d2:12:97:50:38:b9:ff:4f:a5:b0:35:
82:da:1d:82:b1:f0:1d:31:e7:03:9b:c5:8b:e8:65:dc:03:3d:
1b:43:2f:1c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBfDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
RTA1NjExMC8GA1UEBRMoN0MxOTRGRURCOEE1QzhDOTc2RUJERUM4NDkzREYzQzNG
MDhDQzhFMjAeFw0yNDA5MzAwNTIzMTlaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZmEzNWM3LWQxOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHHTCt1vg9PR3Jt1QFySNFiy+70Aq0RVvhlbTxao4gwMZwP5O6yu0j7OR1I9E/
uzPtvu8XKqp5rFoC1ddLaiyyOESUzTrm2wXvTVw6Q1UrLwClaJYQeqvMZ1st2cK+
w5nKADiY9+4F/ETErA4fE6Xf3yAhii2hK95ABclQRLyHN3mH7zxDVirNM2H8tK89
7MTIW0YfODrQ0OmoV/KIE9mtqEPsNlGVGNI3iUvuZ4vGLKwh6XW6JMO28cx/tREv
9t/t8nx78FCkA9ETxHaKunZ4sCeW4O3j9nVXQZg6U4uu2kHfrDikYso1AIdZTowt
kMOIEZijFmDKbnqskGg3TdwlAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUfQjZ7Xtm
eXVlB82MY4gB0NVdiKAwHwYDVR0jBBgwFoAUfBlP7bilyMl2697IST3zw/CMyOIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFMDU2LzAwM0UxMTU4RDc4
QjExRUVBMkVCRDcxMkM0RjlBRTAyL2ZCbFA3YmlseU1sMjY5N0lTVDN6d19DTXlP
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZkJsUDdiaWx5TWwyNjk3SVNUM3p3X0NNeU9JLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RTA1Ni8wMDNFMTE1OEQ3OEIxMUVFQTJFQkQ3MTJDNEY5QUUwMi8xQTYyN0YxNjdF
RUMxMUVGOEMzQjA2MTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0UjjANBgkqhkiG9w0BAQsFAAOCAQEAGzOADji0gAPw1jYr
aJyLu2QBH00VfdI+/cz5/y+pJ3RNLyT/MjpMBqA1BpClU2FLeV/E96Qz8e/Udh9N
uOKk5h9iBWrWEya5yFQ0HFGQKPthx8w+XoBu6lu6LAG4p+uFWvM/VkWRS1gXRnrE
aqaS6NsjFHIdVEOCQTCqdBBVBgFE0JOFYkFcIz0r/gmdCYogHZ6q7phS63Df+7if
586k6zenOOkACQjdxh8T25LdfHEh0zr2SVmqg4zf+nkGzyLcSv/eCML5C0dNnIrG
uCKRyZLdCcq46BsLq8HzpDqMj9ISl1A4uf9PpbA1gtodgrHwHTHnA5vFi+hl3AM9
G0MvHA==
-----END CERTIFICATE-----
Generated at Mon Sep 30 17:34:42 2024 by rpki-client on console-ams.rpki-client.org