Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/E45FED36B6B911EE8E72C641C4F9AE02.roa
File: E45FED36B6B911EE8E72C641C4F9AE02.roa (raw, json)
Hash identifier: 5OORX5XNWB7KrtpnYk8CEeij5YdgFO6/jm4Ah8WYw74=
Subject key identifier: E5:5D:BF:22:9D:61:48:37:2F:7C:4D:44:2C:70:5D:01:F9:26:41:9F
Certificate issuer: /CN=A91D63AF/serialNumber=3474C2539861100AFD963A163C802D0264F8EC7D
Certificate serial: 06
Authority key identifier: 34:74:C2:53:98:61:10:0A:FD:96:3A:16:3C:80:2D:02:64:F8:EC:7D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NHTCU5hhEAr9ljoWPIAtAmT47H0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/E45FED36B6B911EE8E72C641C4F9AE02.roa
Signing time: Fri 19 Jan 2024 11:00:01 +0000
ROA not before: Fri 19 Jan 2024 11:00:01 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 152339
IP address blocks: 157.10.250.0/24 maxlen: 24
157.10.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 11:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D63AF/serialNumber=3474C2539861100AFD963A163C802D0264F8EC7D
Validity
Not Before: Jan 19 11:00:01 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65aa5631-6468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f5:e0:30:be:53:2b:50:52:fa:09:cf:5d:c6:
cd:93:b7:d7:a9:ce:7c:bc:1c:61:bc:17:ef:98:73:
0e:d2:88:a6:ba:8e:0f:37:42:3c:c8:9b:e9:55:d0:
2b:25:58:35:25:63:5e:d0:02:d0:2a:9d:01:7e:7b:
53:02:d2:c5:5f:73:82:d7:fe:48:45:e1:01:e8:6c:
88:2a:0e:81:cc:98:a5:1f:1c:f7:40:b1:1a:ce:f7:
54:f8:3c:ea:40:49:69:51:20:fb:4c:e3:69:e4:4d:
70:56:2f:9b:2e:84:fc:55:a3:86:2c:b8:9f:0b:db:
c5:1f:73:81:77:2a:7b:ff:5a:0b:1e:bb:e1:7b:3c:
e7:03:b3:13:39:8b:86:6c:1f:ae:82:a7:99:b2:a2:
5e:e7:b2:2d:32:2f:07:6d:6e:07:9b:fd:ee:7f:7f:
ed:b1:c1:22:cb:50:3d:fb:92:38:e5:40:a7:e2:02:
df:2d:c9:98:52:9a:a8:1c:6e:83:d5:88:81:96:0f:
3c:ab:69:11:63:4e:43:73:1e:eb:5c:e3:e2:76:63:
21:04:83:78:57:f3:60:4f:9e:60:d8:59:19:a2:a7:
38:b5:d7:fa:6d:7c:d1:3e:e8:49:de:7f:c4:a9:ba:
cd:06:b8:8e:a1:0d:f9:5e:fe:b4:b6:b3:2e:bc:03:
d8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:5D:BF:22:9D:61:48:37:2F:7C:4D:44:2C:70:5D:01:F9:26:41:9F
X509v3 Authority Key Identifier:
keyid:34:74:C2:53:98:61:10:0A:FD:96:3A:16:3C:80:2D:02:64:F8:EC:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/NHTCU5hhEAr9ljoWPIAtAmT47H0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NHTCU5hhEAr9ljoWPIAtAmT47H0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/E45FED36B6B911EE8E72C641C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.250.0/23
Signature Algorithm: sha256WithRSAEncryption
21:5d:82:e4:e8:0f:97:2c:62:9c:2b:d2:38:d1:35:e4:14:75:
2e:15:b6:63:ae:38:89:22:2c:5d:31:60:89:48:4d:38:c5:12:
88:b3:11:b1:60:61:ed:cf:61:af:15:a1:e7:f0:f2:96:33:c6:
6c:90:2a:8e:75:b1:2a:06:b4:77:12:19:d4:7a:dc:cb:7c:00:
a0:d5:68:67:f5:7f:5e:48:f8:54:2c:41:5b:d8:6e:6b:37:c3:
33:d4:17:97:d0:7c:47:bd:3c:dd:bc:2a:ff:5c:66:74:13:d4:
ca:08:1e:40:33:23:b0:c8:fc:db:1f:b7:ff:4d:06:51:3c:d7:
5d:7c:15:c6:a7:ba:e0:f1:d9:49:3d:13:21:4f:5a:d5:cf:42:
73:94:f7:98:68:56:ed:05:6a:14:87:51:10:b7:0d:0a:47:a9:
ee:d9:3f:08:39:9b:43:72:98:70:df:f5:18:9f:3a:50:95:1e:
af:6f:a9:46:1b:47:8e:54:1b:b6:2c:dc:7a:08:e5:89:f2:9d:
36:61:91:1a:2a:e0:cd:92:1a:89:77:cf:d7:4b:b4:7d:cd:df:
1d:13:a3:a3:b5:01:15:b1:17:40:75:ee:1f:44:03:73:ea:83:
cd:9d:e5:c1:ee:1e:bf:37:a8:32:fa:72:0c:47:0d:4d:4e:d2:
00:8f:39:8b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NjNBRjExMC8GA1UEBRMoMzQ3NEMyNTM5ODYxMTAwQUZEOTYzQTE2M0M4MDJEMDI2
NEY4RUM3RDAeFw0yNDAxMTkxMTAwMDFaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YWE1NjMxLTY0NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCo9eAwvlMrUFL6Cc9dxs2Tt9epzny8HGG8F++Ycw7SiKa6jg83QjzIm+lV0Csl
WDUlY17QAtAqnQF+e1MC0sVfc4LX/khF4QHobIgqDoHMmKUfHPdAsRrO91T4POpA
SWlRIPtM42nkTXBWL5suhPxVo4YsuJ8L28Ufc4F3Knv/Wgseu+F7POcDsxM5i4Zs
H66Cp5myol7nsi0yLwdtbgeb/e5/f+2xwSLLUD37kjjlQKfiAt8tyZhSmqgcboPV
iIGWDzyraRFjTkNzHutc4+J2YyEEg3hX82BPnmDYWRmipzi11/ptfNE+6Enef8Sp
us0GuI6hDfle/rS2sy68A9g1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU5V2/Ip1h
SDcvfE1ELHBdAfkmQZ8wHwYDVR0jBBgwFoAUNHTCU5hhEAr9ljoWPIAtAmT47H0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ2M0FGLzRERkU2ODI0QjZC
NzExRUVBOUQ3RkMzQUM0RjlBRTAyL05IVENVNWhoRUFyOWxqb1dQSUF0QW1UNDdI
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvTkhUQ1U1aGhFQXI5bGpvV1BJQXRBbVQ0N0gwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NjNBRi80REZFNjgyNEI2QjcxMUVFQTlEN0ZDM0FDNEY5QUUwMi9FNDVGRUQzNkI2
QjkxMUVFOEU3MkM2NDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0K+jANBgkqhkiG9w0BAQsFAAOCAQEAIV2C5OgPlyxinCvS
ONE15BR1LhW2Y644iSIsXTFgiUhNOMUSiLMRsWBh7c9hrxWh5/DyljPGbJAqjnWx
Kga0dxIZ1Hrcy3wAoNVoZ/V/Xkj4VCxBW9huazfDM9QXl9B8R7083bwq/1xmdBPU
yggeQDMjsMj82x+3/00GUTzXXXwVxqe64PHZST0TIU9a1c9Cc5T3mGhW7QVqFIdR
ELcNCkep7tk/CDmbQ3KYcN/1GJ86UJUer2+pRhtHjlQbtizcegjlifKdNmGRGirg
zZIaiXfP10u0fc3fHROjo7UBFbEXQHXuH0QDc+qDzZ3lwe4evzeoMvpyDEcNTU7S
AI85iw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org