Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/9D700FB2B75611EEA8990542C4F9AE02.roa
File: 9D700FB2B75611EEA8990542C4F9AE02.roa (raw, json)
Hash identifier: niqUwhMzaUF4EKIPbYDpydHEwpaHYOKeJiR20bI4q4g=
Subject key identifier: C1:33:CA:65:44:9C:41:D5:E1:D7:26:EE:AC:11:FF:95:64:06:8E:5C
Certificate issuer: /CN=A91C6CAF/serialNumber=9F02DA3AB5FB45317507C48021CE0A8B937255C9
Certificate serial: 05
Authority key identifier: 9F:02:DA:3A:B5:FB:45:31:75:07:C4:80:21:CE:0A:8B:93:72:55:C9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/9D700FB2B75611EEA8990542C4F9AE02.roa
Signing time: Sat 20 Jan 2024 05:41:53 +0000
ROA not before: Sat 20 Jan 2024 05:41:53 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 152334
IP address blocks: 157.10.238.0/24 maxlen: 24
157.10.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 06:11:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6CAF/serialNumber=9F02DA3AB5FB45317507C48021CE0A8B937255C9
Validity
Not Before: Jan 20 05:41:53 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65ab5d21-4a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ad:1a:d4:af:1a:44:85:e7:fb:42:9e:44:a5:
92:63:85:60:c1:1a:ef:82:02:a3:1f:b6:44:04:64:
46:6f:11:61:1e:70:7c:1f:ee:56:57:21:74:f2:db:
33:2b:79:7a:47:b0:93:22:95:a5:6e:21:df:92:25:
ca:e9:95:dc:48:3c:83:5f:3c:12:48:99:a6:00:0e:
f7:1b:16:a3:ec:2c:51:b9:76:6b:11:f4:d1:30:ce:
e3:bf:96:c1:4a:dc:c7:27:96:f8:76:f6:9f:b1:c9:
18:0e:92:f5:6d:9f:66:63:90:2a:fd:21:dc:49:53:
b5:e2:16:a4:d8:3f:0d:ce:75:e7:07:91:05:a2:1c:
9a:0f:8e:d3:51:65:8b:21:85:5e:09:56:f0:11:22:
d2:8e:20:b4:77:3b:9a:24:05:6b:96:2c:38:be:ac:
1a:02:49:49:2a:c3:82:e6:0a:4c:42:b3:31:78:88:
7f:44:b6:eb:69:40:f6:dd:31:e1:0c:ba:5f:00:94:
67:b3:f2:7f:fb:63:a8:5d:b5:a0:7d:98:15:29:e3:
2e:2c:e1:f9:57:07:26:62:6a:5d:e7:89:cb:c4:e8:
99:0b:f8:1c:ba:c4:f4:59:da:1c:98:92:90:98:dc:
92:fb:05:6b:e6:28:6f:0a:5e:19:95:9a:87:0b:89:
75:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:33:CA:65:44:9C:41:D5:E1:D7:26:EE:AC:11:FF:95:64:06:8E:5C
X509v3 Authority Key Identifier:
keyid:9F:02:DA:3A:B5:FB:45:31:75:07:C4:80:21:CE:0A:8B:93:72:55:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/nwLaOrX7RTF1B8SAIc4Ki5NyVck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/9D700FB2B75611EEA8990542C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.238.0/23
Signature Algorithm: sha256WithRSAEncryption
53:04:56:f0:fb:d1:2a:26:8a:db:e6:7c:85:23:f1:79:33:62:
81:17:24:57:4e:04:e7:49:89:fa:2a:94:93:06:9d:60:36:66:
22:20:37:b3:16:35:8d:4a:b2:14:03:13:36:a8:75:93:1f:31:
c8:8c:a7:bd:6c:d3:f4:58:89:34:37:da:b4:dd:12:36:af:98:
11:23:39:a5:5f:51:42:91:1e:97:77:de:4a:37:53:ae:58:dd:
1a:1a:64:1c:a9:69:30:98:3c:fd:ab:ad:9e:92:49:ab:8e:68:
39:f9:e4:e3:5b:3e:2d:b9:c5:15:5d:3c:2b:fe:3e:b2:2b:fa:
21:38:0f:ef:47:0c:d0:83:6b:d6:78:78:56:ba:84:c2:99:c0:
e5:f0:61:6d:40:24:c6:0b:7b:bd:98:1a:52:fb:1e:e0:60:df:
09:15:9b:26:7e:f5:6f:b5:f0:d6:44:b3:40:31:d3:3c:1d:01:
a9:92:e9:de:a7:da:30:15:20:4a:c0:5e:21:21:ca:5a:11:2b:
5e:37:48:7f:fb:3e:84:fa:91:2f:da:ff:f4:0a:a1:3d:34:b2:
97:ea:ed:03:8c:9e:38:c9:49:3b:6f:e2:9c:5a:a5:31:f9:1b:
00:3c:36:68:3a:2a:e2:81:5a:49:80:38:54:7e:8e:b6:8c:75:
0a:d6:79:39
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NkNBRjExMC8GA1UEBRMoOUYwMkRBM0FCNUZCNDUzMTc1MDdDNDgwMjFDRTBBOEI5
MzcyNTVDOTAeFw0yNDAxMjAwNTQxNTNaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YWI1ZDIxLTRhNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDvrRrUrxpEhef7Qp5EpZJjhWDBGu+CAqMftkQEZEZvEWEecHwf7lZXIXTy2zMr
eXpHsJMilaVuId+SJcrpldxIPINfPBJImaYADvcbFqPsLFG5dmsR9NEwzuO/lsFK
3Mcnlvh29p+xyRgOkvVtn2ZjkCr9IdxJU7XiFqTYPw3OdecHkQWiHJoPjtNRZYsh
hV4JVvARItKOILR3O5okBWuWLDi+rBoCSUkqw4LmCkxCszF4iH9EtutpQPbdMeEM
ul8AlGez8n/7Y6hdtaB9mBUp4y4s4flXByZial3nicvE6JkL+By6xPRZ2hyYkpCY
3JL7BWvmKG8KXhmVmocLiXWrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwTPKZUSc
QdXh1yburBH/lWQGjlwwHwYDVR0jBBgwFoAUnwLaOrX7RTF1B8SAIc4Ki5NyVckw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2Q0FGL0YzRTBGQUU0QjZG
NDExRUVBQzIwMzgxMEM0RjlBRTAyL253TGFPclg3UlRGMUI4U0FJYzRLaTVOeVZj
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbndMYU9yWDdSVEYxQjhTQUljNEtpNU55VmNrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NkNBRi9GM0UwRkFFNEI2RjQxMUVFQUMyMDM4MTBDNEY5QUUwMi85RDcwMEZCMkI3
NTYxMUVFQTg5OTA1NDJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0K7jANBgkqhkiG9w0BAQsFAAOCAQEAUwRW8PvRKiaK2+Z8
hSPxeTNigRckV04E50mJ+iqUkwadYDZmIiA3sxY1jUqyFAMTNqh1kx8xyIynvWzT
9FiJNDfatN0SNq+YESM5pV9RQpEel3feSjdTrljdGhpkHKlpMJg8/autnpJJq45o
Ofnk41s+LbnFFV08K/4+siv6ITgP70cM0INr1nh4VrqEwpnA5fBhbUAkxgt7vZga
Uvse4GDfCRWbJn71b7Xw1kSzQDHTPB0BqZLp3qfaMBUgSsBeISHKWhErXjdIf/s+
hPqRL9r/9AqhPTSyl+rtA4yeOMlJO2/inFqlMfkbADw2aDoq4oFaSYA4VH6Otox1
CtZ5OQ==
-----END CERTIFICATE-----
Generated at Tue Feb 27 06:52:53 2024 by rpki-client on console-ams.rpki-client.org