Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/32A6DB4AB73B11EEA2712F58C4F9AE02.roa
File: 32A6DB4AB73B11EEA2712F58C4F9AE02.roa (raw, json)
Hash identifier: 3vrQkqbwhdcXz1lQE7WxOmVY9tmKw7ghYefyYTbI+Bc=
Subject key identifier: 36:66:10:A0:AF:47:F8:95:33:B9:95:60:E0:A6:5C:EF:96:0D:35:37
Certificate issuer: /CN=A91C6CAF/serialNumber=9F02DA3AB5FB45317507C48021CE0A8B937255C9
Certificate serial: 03
Authority key identifier: 9F:02:DA:3A:B5:FB:45:31:75:07:C4:80:21:CE:0A:8B:93:72:55:C9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/32A6DB4AB73B11EEA2712F58C4F9AE02.roa
Signing time: Sat 20 Jan 2024 02:25:38 +0000
ROA not before: Sat 20 Jan 2024 02:25:38 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 152334
IP address blocks: 157.10.238.0/23 maxlen: 23
157.10.238.0/24 maxlen: 24
157.10.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 05:41:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6CAF/serialNumber=9F02DA3AB5FB45317507C48021CE0A8B937255C9
Validity
Not Before: Jan 20 02:25:38 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65ab2f21-0b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:96:71:d2:d7:59:e6:98:8e:a8:a7:be:fb:66:
c1:d7:72:ce:c8:73:1f:dd:69:9e:78:7e:05:a7:9a:
e0:d7:ac:a2:a7:73:06:75:ec:27:33:ee:7e:79:7e:
d6:5f:3c:f8:f2:7e:1a:0f:78:97:94:68:ce:ab:5e:
01:b6:1d:33:24:66:2e:52:ad:12:f8:ff:6e:be:60:
98:39:69:ac:6c:a6:15:91:de:b0:07:84:d0:24:5d:
ed:d5:d1:ce:a5:1b:79:62:a6:cd:b6:2f:e8:29:e8:
9c:d0:6c:47:af:dd:b3:a0:5a:24:a5:13:87:c4:97:
fa:c3:dc:61:1a:be:c8:d1:c3:52:f8:6d:89:c3:0b:
b5:1d:be:67:24:11:c8:ad:c8:c0:de:28:f7:aa:5e:
3b:b2:19:74:7e:9f:0b:31:2f:f0:a2:07:82:c9:73:
d5:fd:48:ad:11:84:84:60:28:0f:ef:a7:c5:93:bf:
40:60:35:62:f5:ca:22:33:91:09:6e:3f:d8:4f:f0:
1d:a0:eb:1b:66:78:74:d5:6c:cc:ba:04:e5:ae:a5:
69:40:44:fd:49:bd:de:07:9f:32:bd:88:2d:db:fb:
7c:7e:a9:4d:3f:dc:34:f6:16:f2:96:d0:7e:a1:d0:
28:27:e6:ee:26:3a:66:ba:be:97:9f:6e:c4:c4:fb:
ac:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:66:10:A0:AF:47:F8:95:33:B9:95:60:E0:A6:5C:EF:96:0D:35:37
X509v3 Authority Key Identifier:
keyid:9F:02:DA:3A:B5:FB:45:31:75:07:C4:80:21:CE:0A:8B:93:72:55:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/nwLaOrX7RTF1B8SAIc4Ki5NyVck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/32A6DB4AB73B11EEA2712F58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.238.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:7c:58:47:f8:8e:60:e4:b2:85:41:0b:4d:98:80:d2:fa:19:
8a:ef:a8:80:38:35:6f:e6:d6:c7:b9:5b:39:cb:3e:2a:29:fb:
f9:5f:f5:ad:c4:8a:4e:c2:62:8e:14:aa:73:3a:9c:8d:44:62:
21:1f:ae:9d:0b:d8:ef:07:6c:f9:5c:8b:e8:f7:4a:7f:4b:ea:
df:ff:c1:cc:34:02:db:5c:3a:f9:65:e8:12:a3:ce:d8:ba:f9:
15:77:39:07:47:be:81:27:88:22:ab:b3:8d:14:bf:61:cd:c5:
c9:22:28:b9:4c:de:51:88:d4:e2:64:5f:60:00:9f:e1:9f:8e:
af:ab:1e:bb:d2:be:1b:3a:06:d1:61:02:f6:4e:6e:7b:88:02:
27:27:6e:2f:20:23:7f:ca:9b:c5:6f:c7:f9:25:47:00:fa:c3:
24:57:14:a1:e6:12:9d:b8:f7:b0:b6:de:6e:d2:5a:4a:df:aa:
29:4c:9c:7f:30:da:1f:3c:02:f3:61:90:f1:a1:ed:c4:e1:8d:
f8:4c:45:0c:1d:ef:cd:ac:4f:9c:f4:ab:ed:44:b9:f5:c0:53:
27:44:40:db:c4:2a:e7:a2:82:f5:f3:70:d2:fe:b6:d5:90:f0:
7d:40:0a:55:2e:d6:5e:2a:ef:bf:09:86:8f:31:f6:57:4b:34:
44:f1:24:cf
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NkNBRjExMC8GA1UEBRMoOUYwMkRBM0FCNUZCNDUzMTc1MDdDNDgwMjFDRTBBOEI5
MzcyNTVDOTAeFw0yNDAxMjAwMjI1MzhaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YWIyZjIxLTBiNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIlnHS11nmmI6op777ZsHXcs7Icx/daZ54fgWnmuDXrKKncwZ17Ccz7n55ftZf
PPjyfhoPeJeUaM6rXgG2HTMkZi5SrRL4/26+YJg5aaxsphWR3rAHhNAkXe3V0c6l
G3lips22L+gp6JzQbEev3bOgWiSlE4fEl/rD3GEavsjRw1L4bYnDC7UdvmckEcit
yMDeKPeqXjuyGXR+nwsxL/CiB4LJc9X9SK0RhIRgKA/vp8WTv0BgNWL1yiIzkQlu
P9hP8B2g6xtmeHTVbMy6BOWupWlARP1Jvd4HnzK9iC3b+3x+qU0/3DT2FvKW0H6h
0Cgn5u4mOma6vpefbsTE+6wzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNmYQoK9H
+JUzuZVg4KZc75YNNTcwHwYDVR0jBBgwFoAUnwLaOrX7RTF1B8SAIc4Ki5NyVckw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2Q0FGL0YzRTBGQUU0QjZG
NDExRUVBQzIwMzgxMEM0RjlBRTAyL253TGFPclg3UlRGMUI4U0FJYzRLaTVOeVZj
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbndMYU9yWDdSVEYxQjhTQUljNEtpNU55VmNrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NkNBRi9GM0UwRkFFNEI2RjQxMUVFQUMyMDM4MTBDNEY5QUUwMi8zMkE2REI0QUI3
M0IxMUVFQTI3MTJGNThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0K7jANBgkqhkiG9w0BAQsFAAOCAQEAP3xYR/iOYOSyhUEL
TZiA0voZiu+ogDg1b+bWx7lbOcs+Kin7+V/1rcSKTsJijhSqczqcjURiIR+unQvY
7wds+VyL6PdKf0vq3//BzDQC21w6+WXoEqPO2Lr5FXc5B0e+gSeIIquzjRS/Yc3F
ySIouUzeUYjU4mRfYACf4Z+Or6seu9K+GzoG0WEC9k5ue4gCJyduLyAjf8qbxW/H
+SVHAPrDJFcUoeYSnbj3sLbebtJaSt+qKUycfzDaHzwC82GQ8aHtxOGN+ExFDB3v
zaxPnPSr7US59cBTJ0RA28Qq56KC9fNw0v621ZDwfUAKVS7WXirvvwmGjzH2V0s0
RPEkzw==
-----END CERTIFICATE-----
Generated at Sat Jan 20 08:13:05 2024 by rpki-client on console-ams.rpki-client.org