Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/9F3BF8DC4E1A11EF9669C513C4F9AE02.roa
File: 9F3BF8DC4E1A11EF9669C513C4F9AE02.roa (raw, json)
Hash identifier: nLD94qcOsJKh82YOhUiWMbu0QjCQEBNJXHTJ1O4qS9s=
Subject key identifier: 53:16:81:3D:BC:DA:E0:FB:06:B3:00:4E:4C:9B:EF:71:6A:F7:7F:B4
Certificate issuer: /CN=A91C167F/serialNumber=C7338DF1B768C05074CDAED0FDB1A4C14ADFB8B5
Certificate serial: 69
Authority key identifier: C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/9F3BF8DC4E1A11EF9669C513C4F9AE02.roa
Signing time: Tue 30 Jul 2024 02:22:52 +0000
ROA not before: Tue 30 Jul 2024 02:22:52 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 133866
IP address blocks: 157.15.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Oct 2024 17:26:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105 (0x69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C167F/serialNumber=C7338DF1B768C05074CDAED0FDB1A4C14ADFB8B5
Validity
Not Before: Jul 30 02:22:52 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66a84e7c-e1bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:de:28:45:03:c1:2f:8f:9b:d6:66:61:17:f3:
24:5c:ba:a4:a3:61:f1:5f:74:61:ad:a8:ca:0b:87:
4a:60:83:02:c7:a8:33:01:b4:89:2d:b4:e5:f9:af:
a9:09:ce:99:7d:7b:96:ed:7b:c9:18:a3:b1:6e:b1:
c0:e3:ee:f3:79:dc:de:78:7f:42:ce:2a:ac:c0:57:
b1:49:48:1f:43:a2:e1:30:e2:59:fc:d4:a1:c4:a8:
c7:cf:6b:5e:00:84:cb:8b:49:44:7d:98:38:ae:6c:
c2:6d:55:31:cd:d2:f0:e7:3d:e2:97:c3:5c:ea:3d:
88:98:e4:81:6f:ff:32:92:ce:a4:6e:dc:99:09:48:
c7:de:3e:0d:0b:b0:6e:2e:e7:f8:20:3f:2e:00:b8:
81:cf:08:22:5e:0c:3e:1e:96:6f:12:77:42:2e:33:
5f:c2:70:4f:42:2f:bc:42:e9:ac:d5:e1:9f:4d:79:
67:ff:f3:21:1b:96:61:60:97:d2:f2:f5:97:7c:b7:
ac:b2:4e:ba:52:b9:ef:9e:92:43:ac:8b:08:ea:f6:
9e:f3:54:c8:ac:74:f6:3c:f2:7e:51:96:86:ad:4c:
4c:2d:a7:c4:40:ee:f0:28:93:9c:70:e4:b2:8d:5a:
d6:22:eb:7d:d2:6c:1d:4d:92:56:46:59:43:6f:e4:
57:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:16:81:3D:BC:DA:E0:FB:06:B3:00:4E:4C:9B:EF:71:6A:F7:7F:B4
X509v3 Authority Key Identifier:
keyid:C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/xzON8bdowFB0za7Q_bGkwUrfuLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/9F3BF8DC4E1A11EF9669C513C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.135.0/24
Signature Algorithm: sha256WithRSAEncryption
28:4c:f2:58:0e:97:3d:1c:7a:15:3a:8f:48:2c:0d:df:9a:dc:
af:13:d6:91:24:21:5b:01:95:21:f2:7a:c6:3c:8f:2f:b1:60:
1a:3c:15:91:c6:14:41:6e:7d:b2:da:d0:7b:c5:4c:51:a6:36:
5b:59:a9:9f:7d:44:ef:a8:b5:75:3b:39:5a:7a:fa:8e:0f:70:
1b:eb:fb:29:18:32:f0:01:66:55:2e:8e:fa:e3:4a:4a:8a:62:
9b:89:16:ca:7a:e1:95:64:f8:d0:01:e1:a1:f9:77:07:01:3a:
f1:2b:3d:74:a4:21:cf:5a:01:b2:31:89:04:86:e8:c2:42:43:
cd:79:cb:f3:46:8c:59:a3:82:c9:cb:8d:6d:cd:b5:e7:4e:e9:
57:21:e0:e8:48:5f:fb:0d:b9:db:f5:75:50:db:36:77:cb:e0:
a4:9d:39:e9:75:ed:38:fa:7c:54:b4:14:78:14:c0:42:89:64:
8e:2c:db:c4:08:ae:a4:84:10:1a:8f:5e:5e:53:e9:ce:1c:2a:
dc:dd:b4:48:ec:a4:82:e3:38:d4:b6:00:33:eb:f2:52:e9:2f:
9a:99:37:ed:01:d2:72:a3:70:a5:57:02:fb:42:19:1b:9e:6d:
84:ce:67:46:f1:f8:1a:15:ad:36:35:31:d6:5f:5b:78:45:e1:
fc:91:07:1d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBaTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MTY3RjExMC8GA1UEBRMoQzczMzhERjFCNzY4QzA1MDc0Q0RBRUQwRkRCMUE0QzE0
QURGQjhCNTAeFw0yNDA3MzAwMjIyNTJaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YTg0ZTdjLWUxYmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCx3ihFA8Evj5vWZmEX8yRcuqSjYfFfdGGtqMoLh0pggwLHqDMBtIkttOX5r6kJ
zpl9e5bte8kYo7FuscDj7vN53N54f0LOKqzAV7FJSB9DouEw4ln81KHEqMfPa14A
hMuLSUR9mDiubMJtVTHN0vDnPeKXw1zqPYiY5IFv/zKSzqRu3JkJSMfePg0LsG4u
5/ggPy4AuIHPCCJeDD4elm8Sd0IuM1/CcE9CL7xC6azV4Z9NeWf/8yEblmFgl9Ly
9Zd8t6yyTrpSue+ekkOsiwjq9p7zVMisdPY88n5RloatTEwtp8RA7vAok5xw5LKN
WtYi633SbB1NklZGWUNv5FezAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUUxaBPbza
4PsGswBOTJvvcWr3f7QwHwYDVR0jBBgwFoAUxzON8bdowFB0za7Q/bGkwUrfuLUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNjdGLzRBQUI3QkNBQzQ3
RDExRUU5RkM3QzgwRkM0RjlBRTAyL3h6T044YmRvd0ZCMHphN1FfYkdrd1VyZnVM
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIveHpPTjhiZG93RkIwemE3UV9iR2t3VXJmdUxVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MTY3Ri80QUFCN0JDQUM0N0QxMUVFOUZDN0M4MEZDNEY5QUUwMi85RjNCRjhEQzRF
MUExMUVGOTY2OUM1MTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0PhzANBgkqhkiG9w0BAQsFAAOCAQEAKEzyWA6XPRx6FTqP
SCwN35rcrxPWkSQhWwGVIfJ6xjyPL7FgGjwVkcYUQW59strQe8VMUaY2W1mpn31E
76i1dTs5Wnr6jg9wG+v7KRgy8AFmVS6O+uNKSopim4kWynrhlWT40AHhofl3BwE6
8Ss9dKQhz1oBsjGJBIbowkJDzXnL80aMWaOCycuNbc21507pVyHg6Ehf+w252/V1
UNs2d8vgpJ056XXtOPp8VLQUeBTAQolkjizbxAiupIQQGo9eXlPpzhwq3N20SOyk
guM41LYAM+vyUukvmpk37QHScqNwpVcC+0IZG55thM5nRvH4GhWtNjUx1l9beEXh
/JEHHQ==
-----END CERTIFICATE-----
Generated at Sat Oct 5 20:04:04 2024 by rpki-client on console-ams.rpki-client.org