Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/EF945410E45111EE806F0F28C4F9AE02.roa
File: EF945410E45111EE806F0F28C4F9AE02.roa (raw, json)
Hash identifier: LdBzW/vYGG+8YX23IDR1PyheIiuJrb2T4FAYscG3Q4E=
Subject key identifier: 35:3A:0F:88:E3:0B:B3:36:DE:02:FF:CD:E6:56:69:10:6E:4B:A7:AB
Certificate issuer: /CN=A91C167F/serialNumber=C7338DF1B768C05074CDAED0FDB1A4C14ADFB8B5
Certificate serial: 20
Authority key identifier: C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/EF945410E45111EE806F0F28C4F9AE02.roa
Signing time: Sun 17 Mar 2024 13:02:20 +0000
ROA not before: Sun 17 Mar 2024 13:02:20 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 152462
IP address blocks: 157.15.134.0/24 maxlen: 24
157.15.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 03:28:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32 (0x20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C167F/serialNumber=C7338DF1B768C05074CDAED0FDB1A4C14ADFB8B5
Validity
Not Before: Mar 17 13:02:20 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65f6e9db-eb05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d6:81:9f:ae:b3:66:b6:09:c9:c4:bb:b9:fc:
f2:99:c0:bd:5a:7c:83:a0:b9:8f:84:da:3c:58:8d:
1b:c9:52:0b:e0:99:6b:3b:a6:0e:33:be:df:4a:e9:
34:28:2e:0f:77:f0:c6:2b:b9:9a:8b:68:85:1a:ac:
cd:b1:e2:35:80:40:9f:fa:8e:1e:06:3c:eb:e9:35:
83:de:cd:f9:6d:61:93:cc:05:5f:78:05:22:9a:c0:
fe:6b:72:84:81:c7:6a:cb:13:e9:3d:99:cd:3c:e7:
fc:99:b1:d1:23:9d:3b:e3:f7:a0:3b:b0:6e:ad:94:
ed:ee:9c:5d:e8:2a:d6:1b:11:60:c0:50:eb:61:17:
55:48:10:19:94:11:16:1e:67:8d:2d:9e:78:4d:41:
4c:17:0c:99:a0:7f:c8:1b:4f:04:5e:66:d4:b5:17:
db:62:13:04:32:0f:a0:f9:f8:db:ad:7c:df:f2:ec:
40:c9:93:f4:80:af:ad:d9:ec:dc:dd:11:c1:78:8c:
b0:ec:92:ad:f4:f1:82:09:a1:e1:fe:fa:96:99:45:
b9:c2:a8:ab:4e:68:32:fe:08:05:62:07:b4:55:fb:
7d:35:db:d8:5d:28:29:a7:8f:11:36:fe:41:a5:bc:
3f:7b:dd:e1:3e:69:62:aa:31:3a:bb:e4:0f:1a:e5:
99:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3A:0F:88:E3:0B:B3:36:DE:02:FF:CD:E6:56:69:10:6E:4B:A7:AB
X509v3 Authority Key Identifier:
keyid:C7:33:8D:F1:B7:68:C0:50:74:CD:AE:D0:FD:B1:A4:C1:4A:DF:B8:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/xzON8bdowFB0za7Q_bGkwUrfuLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xzON8bdowFB0za7Q_bGkwUrfuLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C167F/4AAB7BCAC47D11EE9FC7C80FC4F9AE02/EF945410E45111EE806F0F28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.134.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:f1:a1:99:58:e6:eb:d6:99:3b:01:12:0c:e1:38:8d:3d:13:
dd:99:01:3c:24:f4:af:94:4e:d3:93:6e:98:25:0e:fe:fa:d4:
15:f6:1b:f5:f5:c8:f6:8e:5f:9b:77:3f:2c:1e:f2:f4:01:6b:
1f:57:7e:9b:b5:78:70:09:f0:a0:8d:99:c4:63:29:15:38:60:
05:02:40:b0:bc:0c:de:46:ca:f1:1c:96:c3:fc:2c:3c:83:8e:
a8:1a:09:26:bd:03:c1:62:78:e7:5b:1a:91:10:c1:ee:40:da:
89:ac:4e:98:f0:b6:4c:1e:ce:03:99:22:e3:62:13:58:b4:d4:
79:9c:97:9e:a8:e1:88:94:61:5a:3f:90:b7:4a:72:0e:79:8b:
b5:29:08:84:3d:8a:3c:e5:ec:6e:01:e3:21:3e:69:12:dd:62:
40:8e:38:b2:fe:1b:d8:33:07:0e:96:6e:d5:03:0a:21:67:45:
11:76:da:54:0b:b5:6c:de:c2:7f:59:24:a5:b7:a0:b6:d5:77:
a1:53:c2:3e:a1:5f:41:12:ea:5a:f5:a7:15:dc:d6:7e:7e:b2:
40:e7:93:cf:50:e7:3c:f1:b6:57:ee:7a:93:9d:0c:89:00:11:
e7:6b:d2:88:ea:8e:a9:c1:9c:b2:16:90:23:f1:29:08:1c:46:
98:3c:45:bb
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MTY3RjExMC8GA1UEBRMoQzczMzhERjFCNzY4QzA1MDc0Q0RBRUQwRkRCMUE0QzE0
QURGQjhCNTAeFw0yNDAzMTcxMzAyMjBaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZjZlOWRiLWViMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDP1oGfrrNmtgnJxLu5/PKZwL1afIOguY+E2jxYjRvJUgvgmWs7pg4zvt9K6TQo
Lg938MYruZqLaIUarM2x4jWAQJ/6jh4GPOvpNYPezfltYZPMBV94BSKawP5rcoSB
x2rLE+k9mc085/yZsdEjnTvj96A7sG6tlO3unF3oKtYbEWDAUOthF1VIEBmUERYe
Z40tnnhNQUwXDJmgf8gbTwReZtS1F9tiEwQyD6D5+NutfN/y7EDJk/SAr63Z7Nzd
EcF4jLDskq308YIJoeH++paZRbnCqKtOaDL+CAViB7RV+30129hdKCmnjxE2/kGl
vD973eE+aWKqMTq75A8a5ZllAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNToPiOML
szbeAv/N5lZpEG5Lp6swHwYDVR0jBBgwFoAUxzON8bdowFB0za7Q/bGkwUrfuLUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNjdGLzRBQUI3QkNBQzQ3
RDExRUU5RkM3QzgwRkM0RjlBRTAyL3h6T044YmRvd0ZCMHphN1FfYkdrd1VyZnVM
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIveHpPTjhiZG93RkIwemE3UV9iR2t3VXJmdUxVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MTY3Ri80QUFCN0JDQUM0N0QxMUVFOUZDN0M4MEZDNEY5QUUwMi9FRjk0NTQxMEU0
NTExMUVFODA2RjBGMjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0PhjANBgkqhkiG9w0BAQsFAAOCAQEAivGhmVjm69aZOwES
DOE4jT0T3ZkBPCT0r5RO05NumCUO/vrUFfYb9fXI9o5fm3c/LB7y9AFrH1d+m7V4
cAnwoI2ZxGMpFThgBQJAsLwM3kbK8RyWw/wsPIOOqBoJJr0DwWJ451sakRDB7kDa
iaxOmPC2TB7OA5ki42ITWLTUeZyXnqjhiJRhWj+Qt0pyDnmLtSkIhD2KPOXsbgHj
IT5pEt1iQI44sv4b2DMHDpZu1QMKIWdFEXbaVAu1bN7Cf1kkpbegttV3oVPCPqFf
QRLqWvWnFdzWfn6yQOeTz1DnPPG2V+56k50MiQAR52vSiOqOqcGcshaQI/EpCBxG
mDxFuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org