Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/D469DD2A6B8011EFAC641735C4F9AE02.roa
File: D469DD2A6B8011EFAC641735C4F9AE02.roa (raw, json)
Hash identifier: AHBpVxQZ00wOigV6QkU+OqG5C1gqErI7UQRqqJfsvMU=
Subject key identifier: 5E:ED:30:16:99:26:EE:4E:31:EF:88:EF:72:94:1F:47:C0:CD:1D:1B
Certificate issuer: /CN=A91BE056/serialNumber=7C194FEDB8A5C8C976EBDEC8493DF3C3F08CC8E2
Certificate serial: 6D
Authority key identifier: 7C:19:4F:ED:B8:A5:C8:C9:76:EB:DE:C8:49:3D:F3:C3:F0:8C:C8:E2
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fBlP7bilyMl2697IST3zw_CMyOI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/D469DD2A6B8011EFAC641735C4F9AE02.roa
Signing time: Thu 05 Sep 2024 12:17:34 +0000
ROA not before: Thu 05 Sep 2024 12:17:34 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 198949
IP address blocks: 157.20.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 01:11:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109 (0x6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BE056/serialNumber=7C194FEDB8A5C8C976EBDEC8493DF3C3F08CC8E2
Validity
Not Before: Sep 5 12:17:34 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66d9a15d-285f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4f:6e:e3:85:23:af:6d:eb:49:27:7b:0e:e5:
71:02:b5:a3:61:ad:fe:3b:e8:8c:95:00:e0:6e:ef:
3e:4a:34:d3:d4:63:3e:86:eb:4e:83:ae:54:96:61:
31:4b:19:7b:f4:ba:57:3e:df:93:5d:cd:7f:0e:ea:
97:70:03:46:2c:2d:ce:b5:09:41:f3:3d:b1:ca:e9:
5b:24:bd:2b:8a:a9:71:a8:22:67:31:be:1d:1c:5b:
44:5d:88:63:f9:25:1f:4f:a0:ba:e9:83:92:be:ed:
22:c0:0f:62:37:10:6e:fb:da:23:56:4d:69:c6:f4:
f2:ee:62:56:7b:48:42:34:68:6a:ef:94:4a:16:53:
ae:45:c9:40:e3:ad:41:9f:84:03:63:4b:38:33:cf:
c4:8f:9f:ee:0e:17:29:66:96:b9:e3:9a:ac:fe:65:
39:eb:ad:77:43:98:71:5a:21:91:e9:12:ce:86:d2:
6c:b7:a8:97:68:71:8c:b6:8a:47:5e:15:88:9e:52:
46:57:6c:99:64:e7:2c:6e:78:5e:ba:b9:77:e8:06:
30:b3:99:17:9e:ca:b4:ec:30:db:0b:b8:12:91:3a:
fd:55:a0:6e:58:8b:af:68:3e:8f:ff:c9:2b:f2:47:
eb:ba:77:74:6c:19:da:7a:e7:09:15:19:0e:68:06:
33:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:ED:30:16:99:26:EE:4E:31:EF:88:EF:72:94:1F:47:C0:CD:1D:1B
X509v3 Authority Key Identifier:
keyid:7C:19:4F:ED:B8:A5:C8:C9:76:EB:DE:C8:49:3D:F3:C3:F0:8C:C8:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/fBlP7bilyMl2697IST3zw_CMyOI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fBlP7bilyMl2697IST3zw_CMyOI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE056/003E1158D78B11EEA2EBD712C4F9AE02/D469DD2A6B8011EFAC641735C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.142.0/24
Signature Algorithm: sha256WithRSAEncryption
34:35:0a:88:bd:9e:d2:53:e3:5f:1a:48:cd:e1:d1:69:16:35:
73:9a:39:80:a1:78:b7:c2:93:1f:36:9f:d5:58:52:8a:1b:50:
41:5e:69:ad:86:79:51:9e:c9:c0:17:d3:89:76:20:a3:7d:01:
cc:6d:b4:2d:53:32:35:83:7e:58:90:ee:88:ce:bb:f8:14:e8:
66:24:e7:dc:ae:1e:7d:c8:f0:2e:2b:ad:20:7d:85:13:2c:c3:
4e:f8:7b:cc:ce:48:67:2d:f8:8d:91:84:39:a8:ed:29:3a:c4:
b6:27:38:fc:6e:ab:dd:af:1e:4f:6e:fd:7e:c5:ae:83:8a:cd:
bf:07:4b:4d:2b:26:10:12:f3:58:86:d0:b5:e4:8a:f9:b4:4e:
ce:91:42:10:14:85:5d:fe:a0:fe:f4:1a:c3:0d:63:55:ed:01:
d4:c8:52:d7:ab:fa:9c:f7:25:b7:f3:e0:22:c5:e0:39:a6:41:
df:1c:70:fe:af:23:70:12:4b:ce:18:69:2a:ad:b8:94:a3:e0:
0a:26:28:aa:5f:d1:f3:0d:21:fd:58:d3:d9:53:61:04:43:6c:
92:82:2f:cd:15:9f:41:2d:c3:bd:27:32:e0:a9:15:df:01:92:
67:58:bd:f0:bd:ff:31:83:f5:73:5c:be:31:26:8f:0f:b2:ac:
78:a1:51:39
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBbTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
RTA1NjExMC8GA1UEBRMoN0MxOTRGRURCOEE1QzhDOTc2RUJERUM4NDkzREYzQzNG
MDhDQzhFMjAeFw0yNDA5MDUxMjE3MzRaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZDlhMTVkLTI4NWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQT27jhSOvbetJJ3sO5XECtaNhrf476IyVAOBu7z5KNNPUYz6G606DrlSWYTFL
GXv0ulc+35NdzX8O6pdwA0YsLc61CUHzPbHK6VskvSuKqXGoImcxvh0cW0RdiGP5
JR9PoLrpg5K+7SLAD2I3EG772iNWTWnG9PLuYlZ7SEI0aGrvlEoWU65FyUDjrUGf
hANjSzgzz8SPn+4OFylmlrnjmqz+ZTnrrXdDmHFaIZHpEs6G0my3qJdocYy2ikde
FYieUkZXbJlk5yxueF66uXfoBjCzmReeyrTsMNsLuBKROv1VoG5Yi69oPo//ySvy
R+u6d3RsGdp65wkVGQ5oBjN3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUXu0wFpkm
7k4x74jvcpQfR8DNHRswHwYDVR0jBBgwFoAUfBlP7bilyMl2697IST3zw/CMyOIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFMDU2LzAwM0UxMTU4RDc4
QjExRUVBMkVCRDcxMkM0RjlBRTAyL2ZCbFA3YmlseU1sMjY5N0lTVDN6d19DTXlP
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZkJsUDdiaWx5TWwyNjk3SVNUM3p3X0NNeU9JLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RTA1Ni8wMDNFMTE1OEQ3OEIxMUVFQTJFQkQ3MTJDNEY5QUUwMi9ENDY5REQyQTZC
ODAxMUVGQUM2NDE3MzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0UjjANBgkqhkiG9w0BAQsFAAOCAQEANDUKiL2e0lPjXxpI
zeHRaRY1c5o5gKF4t8KTHzaf1VhSihtQQV5prYZ5UZ7JwBfTiXYgo30BzG20LVMy
NYN+WJDuiM67+BToZiTn3K4efcjwLiutIH2FEyzDTvh7zM5IZy34jZGEOajtKTrE
tic4/G6r3a8eT279fsWug4rNvwdLTSsmEBLzWIbQteSK+bROzpFCEBSFXf6g/vQa
ww1jVe0B1MhS16v6nPclt/PgIsXgOaZB3xxw/q8jcBJLzhhpKq24lKPgCiYoql/R
8w0h/VjT2VNhBENskoIvzRWfQS3DvScy4KkV3wGSZ1i98L3/MYP1c1y+MSaPD7Ks
eKFROQ==
-----END CERTIFICATE-----
Generated at Wed Sep 18 06:05:06 2024 by rpki-client on console-fra.rpki-client.org