Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/5B48C4B8CE2011EE968F4E7DC4F9AE02.roa
File: 5B48C4B8CE2011EE968F4E7DC4F9AE02.roa (raw, json)
Hash identifier: tyGsLj6At62PiR79dKCfJ4n0l9r31o8bLDU+nn4sqFU=
Subject key identifier: 5F:9C:2C:CE:83:E4:C6:59:32:28:79:90:F2:C5:65:68:77:53:C7:84
Certificate issuer: /CN=A91EF73D/serialNumber=9A89BB37C54386DA9A87A64FF0094428A3171A47
Certificate serial: 06
Authority key identifier: 9A:89:BB:37:C5:43:86:DA:9A:87:A6:4F:F0:09:44:28:A3:17:1A:47
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mom7N8VDhtqah6ZP8AlEKKMXGkc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/5B48C4B8CE2011EE968F4E7DC4F9AE02.roa
Signing time: Sun 18 Feb 2024 05:43:15 +0000
ROA not before: Sun 18 Feb 2024 05:43:15 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 152476
IP address blocks: 157.20.54.0/23 maxlen: 23
157.20.54.0/24 maxlen: 24
157.20.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 04:18:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF73D/serialNumber=9A89BB37C54386DA9A87A64FF0094428A3171A47
Validity
Not Before: Feb 18 05:43:15 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65d198f2-3aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:68:f3:f5:c0:0b:0c:dd:89:a2:a6:a5:de:3f:
26:fb:07:bc:cf:71:22:2e:d3:1f:5f:f9:93:5c:69:
51:1d:91:0c:80:e9:94:e7:87:a4:c3:1f:24:00:bc:
8d:09:ca:8f:53:5f:bd:8d:7b:07:dd:68:2f:68:87:
6b:3b:83:51:69:8b:00:ba:ae:24:be:4c:7a:c1:f0:
31:41:71:92:ec:a9:04:84:54:26:e1:b4:8c:a5:f5:
c9:7b:6d:18:66:87:f5:86:39:3c:c6:95:b5:c9:5f:
96:b9:0c:89:57:71:4e:b9:7c:a9:3a:aa:40:47:9b:
e3:05:3a:fd:dd:0b:11:b8:33:64:dc:a0:8c:57:91:
95:e2:ee:a1:d6:de:fc:06:05:24:b2:ff:3e:40:78:
74:ce:21:f4:3a:01:3e:4b:a5:25:26:5b:ad:b7:21:
c5:8f:49:44:9d:52:10:5a:30:00:1c:65:37:3a:1a:
21:dd:17:c4:c3:d5:31:dc:35:b3:a6:8a:2c:40:d0:
77:fc:72:4d:3a:8c:06:e3:84:69:34:35:4f:5b:9d:
08:cf:4e:3a:67:8e:a0:18:c3:87:60:46:51:19:0e:
f5:12:de:41:34:0d:7f:f3:c5:46:92:49:ad:67:72:
0f:bb:13:39:5e:9a:92:42:bc:d1:b8:07:09:bc:cc:
90:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9C:2C:CE:83:E4:C6:59:32:28:79:90:F2:C5:65:68:77:53:C7:84
X509v3 Authority Key Identifier:
keyid:9A:89:BB:37:C5:43:86:DA:9A:87:A6:4F:F0:09:44:28:A3:17:1A:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/mom7N8VDhtqah6ZP8AlEKKMXGkc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mom7N8VDhtqah6ZP8AlEKKMXGkc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/5B48C4B8CE2011EE968F4E7DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.54.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:06:67:e4:15:f0:2e:1b:d9:c3:17:40:c3:52:cd:b2:0b:59:
e2:9c:50:ff:45:b7:b2:51:15:7c:10:07:3b:89:57:91:e5:8a:
c4:69:0d:ef:73:6a:a4:e2:84:73:e2:06:06:9b:b9:93:2e:ce:
f2:b4:73:da:f0:95:17:64:5d:74:b0:25:96:d3:5f:87:a8:15:
ad:43:a3:25:4e:c0:4a:f0:68:bc:58:db:38:f9:b7:33:f7:89:
f1:e5:b4:8a:55:c0:08:20:50:41:16:65:8b:e7:3a:98:91:1d:
09:6c:7e:ab:f1:10:c1:08:0e:1e:5f:23:c7:99:a2:1e:fa:b5:
15:fd:96:d1:b0:67:7c:e0:70:80:34:ca:9c:41:a5:86:38:01:
19:e0:fb:c1:79:c7:b2:4d:d6:19:77:bf:f0:3c:be:c5:de:55:
7d:d8:29:e4:55:51:8c:4c:a6:98:9b:06:19:69:d1:1b:06:7f:
2b:93:35:69:10:8c:cd:4a:71:d1:c9:49:7b:ed:05:90:4b:5d:
32:1f:e4:62:13:4e:6c:8e:a6:b0:15:74:ed:50:5f:ae:6d:d9:
e3:99:24:c1:7c:e6:36:5c:94:19:a2:e9:f2:82:1d:de:ce:eb:
f1:6b:fe:66:5b:7d:7c:85:41:93:f2:2f:ba:b6:2c:65:3f:2b:
3d:e9:be:bc
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RjczRDExMC8GA1UEBRMoOUE4OUJCMzdDNTQzODZEQTlBODdBNjRGRjAwOTQ0MjhB
MzE3MUE0NzAeFw0yNDAyMTgwNTQzMTVaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZDE5OGYyLTNhZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDKaPP1wAsM3YmipqXePyb7B7zPcSIu0x9f+ZNcaVEdkQyA6ZTnh6TDHyQAvI0J
yo9TX72NewfdaC9oh2s7g1FpiwC6riS+THrB8DFBcZLsqQSEVCbhtIyl9cl7bRhm
h/WGOTzGlbXJX5a5DIlXcU65fKk6qkBHm+MFOv3dCxG4M2TcoIxXkZXi7qHW3vwG
BSSy/z5AeHTOIfQ6AT5LpSUmW623IcWPSUSdUhBaMAAcZTc6GiHdF8TD1THcNbOm
iixA0Hf8ck06jAbjhGk0NU9bnQjPTjpnjqAYw4dgRlEZDvUS3kE0DX/zxUaSSa1n
cg+7EzlempJCvNG4Bwm8zJC9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUX5wszoPk
xlkyKHmQ8sVlaHdTx4QwHwYDVR0jBBgwFoAUmom7N8VDhtqah6ZP8AlEKKMXGkcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGNzNEL0M5MkIzMjMyQ0Ux
RjExRUVBQzYyNjE3Q0M0RjlBRTAyL21vbTdOOFZEaHRxYWg2WlA4QWxFS0tNWEdr
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbW9tN044VkRodHFhaDZaUDhBbEVLS01YR2tjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RjczRC9DOTJCMzIzMkNFMUYxMUVFQUM2MjYxN0NDNEY5QUUwMi81QjQ4QzRCOENF
MjAxMUVFOTY4RjRFN0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0UNjANBgkqhkiG9w0BAQsFAAOCAQEAWwZn5BXwLhvZwxdA
w1LNsgtZ4pxQ/0W3slEVfBAHO4lXkeWKxGkN73NqpOKEc+IGBpu5ky7O8rRz2vCV
F2RddLAlltNfh6gVrUOjJU7ASvBovFjbOPm3M/eJ8eW0ilXACCBQQRZli+c6mJEd
CWx+q/EQwQgOHl8jx5miHvq1Ff2W0bBnfOBwgDTKnEGlhjgBGeD7wXnHsk3WGXe/
8Dy+xd5Vfdgp5FVRjEymmJsGGWnRGwZ/K5M1aRCMzUpx0clJe+0FkEtdMh/kYhNO
bI6msBV07VBfrm3Z45kkwXzmNlyUGaLp8oId3s7r8Wv+Zlt9fIVBk/IvurYsZT8r
Pem+vA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org