Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/31BC96E6C4B211EEB78D2C7FC4F9AE02.roa
File: 31BC96E6C4B211EEB78D2C7FC4F9AE02.roa (raw, json)
Hash identifier: qjN+gvkhgFxaETR17SIs9faGpLblrOLlqSNpJSWTqds=
Subject key identifier: C2:39:28:08:E2:8D:49:83:B6:FD:6B:92:6B:80:E1:5A:98:22:96:72
Certificate issuer: /CN=A91C167F/serialNumber=C7338DF1B768C05074CDAED0FDB1A4C14ADFB8B5
Certificate serial: 03
Authority key identifier: C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/31BC96E6C4B211EEB78D2C7FC4F9AE02.roa
Signing time: Tue 06 Feb 2024 05:40:11 +0000
ROA not before: Tue 06 Feb 2024 05:40:11 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 152462
IP address blocks: 157.15.134.0/23 maxlen: 23
157.15.134.0/24 maxlen: 24
157.15.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 11:38:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C167F/serialNumber=C7338DF1B768C05074CDAED0FDB1A4C14ADFB8B5
Validity
Not Before: Feb 6 05:40:11 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65c1c63b-b107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9e:24:b9:2c:f1:50:4a:17:b7:d1:af:ce:79:
9f:51:30:d1:e2:db:4f:8d:e9:3c:80:f8:c4:68:f6:
67:8e:f1:05:fb:f3:f4:7f:14:cf:86:c9:0d:b1:9a:
00:6c:6d:d0:c5:24:38:3e:72:bf:57:4d:4f:42:9c:
f2:30:19:d0:49:a6:d4:38:e7:df:c6:2b:b1:ee:66:
89:07:ef:97:e6:1d:fc:35:db:3b:37:03:0b:61:d3:
cf:fc:1a:81:e8:00:34:c6:53:57:d5:ef:4e:6e:24:
94:40:df:e3:06:dc:70:8f:65:e3:04:06:2f:a4:c8:
80:ff:d4:f7:26:b2:cb:ae:65:74:10:01:de:2d:15:
db:4f:37:4d:ff:d6:da:39:68:3f:28:76:b6:66:f1:
b2:af:cf:54:24:c8:37:e7:8b:56:2d:2c:c0:1d:5f:
5a:ee:d4:ca:0e:e1:d8:46:7f:57:61:c5:bd:e5:fd:
a2:f6:cf:89:6b:e9:54:36:52:62:3c:6b:3a:7c:f4:
e6:d7:26:14:00:d1:46:06:b2:49:b6:65:38:31:c4:
9b:89:ff:b0:b9:d5:51:78:2b:2e:ed:27:47:e5:ae:
21:00:06:ea:56:19:6a:7c:c1:07:37:60:b5:2f:35:
5d:61:0d:d0:92:8b:80:88:d0:ae:07:e5:ea:f8:71:
e7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:39:28:08:E2:8D:49:83:B6:FD:6B:92:6B:80:E1:5A:98:22:96:72
X509v3 Authority Key Identifier:
keyid:C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/xzON8bdowFB0za7Q_bGkwUrfuLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/31BC96E6C4B211EEB78D2C7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.134.0/23
Signature Algorithm: sha256WithRSAEncryption
40:ed:95:77:f3:71:06:30:d8:dd:25:20:38:ef:25:bf:30:02:
f5:69:e2:40:1d:e4:92:5e:f2:d0:0f:5e:fc:7a:01:d2:0d:cc:
66:d4:f0:94:e1:58:9e:c9:c6:15:e5:b9:9e:00:30:86:0d:77:
3b:53:8d:56:98:cb:37:cf:ee:96:38:23:be:d2:b3:ad:a4:af:
f3:53:42:4f:62:4f:a7:1b:95:fc:4f:6f:c4:80:30:dd:70:85:
16:b1:86:46:89:32:b3:94:68:11:57:7c:58:77:db:b5:51:49:
4e:ae:e7:ad:57:a9:16:b1:0f:37:dd:15:bf:a0:1f:2d:08:3e:
fd:ce:f1:c9:29:08:39:7b:ff:82:f0:b0:79:98:93:c7:84:d8:
6f:9e:46:3b:3a:5f:9c:43:bf:4c:6c:83:2f:0e:4a:95:53:e1:
2e:3d:4c:13:d3:59:c8:46:48:04:93:6f:f0:4f:83:44:18:87:
cd:d1:43:04:56:3f:7b:a8:04:ab:71:63:58:30:b5:cf:10:e5:
6b:5a:8a:4f:50:0e:3c:ad:89:b0:29:e8:a7:80:15:b5:c2:fd:
de:a8:49:3d:32:62:55:3c:3e:fd:40:8c:99:a0:52:cd:81:72:
a7:fe:08:65:9c:3f:c3:c1:9b:06:08:2c:21:35:ac:28:95:cf:
20:4a:e9:81
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MTY3RjExMC8GA1UEBRMoQzczMzhERjFCNzY4QzA1MDc0Q0RBRUQwRkRCMUE0QzE0
QURGQjhCNTAeFw0yNDAyMDYwNTQwMTFaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YzFjNjNiLWIxMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDpniS5LPFQShe30a/OeZ9RMNHi20+N6TyA+MRo9meO8QX78/R/FM+GyQ2xmgBs
bdDFJDg+cr9XTU9CnPIwGdBJptQ459/GK7HuZokH75fmHfw12zs3Awth08/8GoHo
ADTGU1fV705uJJRA3+MG3HCPZeMEBi+kyID/1PcmssuuZXQQAd4tFdtPN03/1to5
aD8odrZm8bKvz1QkyDfni1YtLMAdX1ru1MoO4dhGf1dhxb3l/aL2z4lr6VQ2UmI8
azp89ObXJhQA0UYGskm2ZTgxxJuJ/7C51VF4Ky7tJ0flriEABupWGWp8wQc3YLUv
NV1hDdCSi4CI0K4H5er4cedhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwjkoCOKN
SYO2/WuSa4DhWpgilnIwHwYDVR0jBBgwFoAUxzON8bdowFB0za7Q/bGkwUrfuLUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNjdGLzRBQUI3QkNBQzQ3
RDExRUU5RkM3QzgwRkM0RjlBRTAyL3h6T044YmRvd0ZCMHphN1FfYkdrd1VyZnVM
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIveHpPTjhiZG93RkIwemE3UV9iR2t3VXJmdUxVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MTY3Ri80QUFCN0JDQUM0N0QxMUVFOUZDN0M4MEZDNEY5QUUwMi8zMUJDOTZFNkM0
QjIxMUVFQjc4RDJDN0ZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0PhjANBgkqhkiG9w0BAQsFAAOCAQEAQO2Vd/NxBjDY3SUg
OO8lvzAC9WniQB3kkl7y0A9e/HoB0g3MZtTwlOFYnsnGFeW5ngAwhg13O1ONVpjL
N8/uljgjvtKzraSv81NCT2JPpxuV/E9vxIAw3XCFFrGGRokys5RoEVd8WHfbtVFJ
Tq7nrVepFrEPN90Vv6AfLQg+/c7xySkIOXv/gvCweZiTx4TYb55GOzpfnEO/TGyD
Lw5KlVPhLj1ME9NZyEZIBJNv8E+DRBiHzdFDBFY/e6gEq3FjWDC1zxDla1qKT1AO
PK2JsCnop4AVtcL93qhJPTJiVTw+/UCMmaBSzYFyp/4IZZw/w8GbBggsITWsKJXP
IErpgQ==
-----END CERTIFICATE-----
Generated at Tue Mar 12 14:28:06 2024 by rpki-client on console-ams.rpki-client.org