Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F89A2/B396F3C0C54111EEABC2C385C4F9AE02/96547FE8C54211EEAB61EC87C4F9AE02.roa
File: 96547FE8C54211EEAB61EC87C4F9AE02.roa (raw, json)
Hash identifier: QBXFZdQA2r2qm+K75X39pCHcZBc/FU5IoCBbyZS3r/c=
Subject key identifier: 35:23:C2:B1:26:92:C2:2A:69:1F:2B:F2:43:C6:DE:C2:E6:5E:7D:CE
Certificate issuer: /CN=A91F89A2/serialNumber=D8FC795B63CC42573FD5DB44F0A8386C8D643B84
Certificate serial: 02
Authority key identifier: D8:FC:79:5B:63:CC:42:57:3F:D5:DB:44:F0:A8:38:6C:8D:64:3B:84
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2Px5W2PMQlc_1dtE8Kg4bI1kO4Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F89A2/B396F3C0C54111EEABC2C385C4F9AE02/96547FE8C54211EEAB61EC87C4F9AE02.roa
Signing time: Tue 06 Feb 2024 22:53:48 +0000
ROA not before: Tue 06 Feb 2024 22:53:48 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 150746
IP address blocks: 157.15.138.1/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 15 Feb 2024 04:45:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F89A2
Validity
Not Before: Feb 6 22:53:48 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65c2b87b-c942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9a:8a:df:b1:60:a7:e7:f3:92:11:dc:44:8c:
bb:1e:84:c9:f4:ae:ee:80:dd:06:9d:e4:80:e6:69:
cc:13:02:b6:ce:d3:2b:9d:2f:d7:71:19:4b:4a:28:
a6:01:77:40:68:d8:65:cb:8e:e6:fc:64:be:52:b8:
e7:85:2c:9f:72:d0:66:a7:5f:c6:d1:b8:87:a3:09:
32:22:ff:b4:0c:49:34:69:41:17:08:24:68:3e:40:
ce:c7:f0:55:b5:e5:ea:a2:1c:f5:a6:92:7c:50:f8:
9e:83:8a:7a:a8:84:cb:67:f0:37:06:a5:b3:b6:73:
10:43:59:c2:15:8d:7c:70:25:55:47:e6:8d:8d:98:
96:ad:58:39:3c:06:62:41:c3:5a:6a:18:a3:35:6c:
a6:fe:14:cc:cb:f8:6a:a9:60:20:76:0e:fe:4e:0f:
3d:38:02:d9:4c:84:74:be:a9:b2:d9:b5:fb:29:b5:
0b:22:1f:3f:2d:84:9b:51:8b:82:be:eb:b4:6f:68:
f5:c9:8c:5c:81:42:c0:a8:46:20:7e:46:17:17:ec:
a9:30:60:d2:21:ab:69:ae:e2:db:52:0c:c0:27:5b:
80:dc:7d:0d:f6:d3:50:27:88:79:cd:9c:9e:0a:71:
eb:78:aa:59:fd:25:b5:9c:2f:d0:b6:c5:18:7f:2c:
cd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:23:C2:B1:26:92:C2:2A:69:1F:2B:F2:43:C6:DE:C2:E6:5E:7D:CE
X509v3 Authority Key Identifier:
keyid:D8:FC:79:5B:63:CC:42:57:3F:D5:DB:44:F0:A8:38:6C:8D:64:3B:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F89A2/B396F3C0C54111EEABC2C385C4F9AE02/2Px5W2PMQlc_1dtE8Kg4bI1kO4Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2Px5W2PMQlc_1dtE8Kg4bI1kO4Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F89A2/B396F3C0C54111EEABC2C385C4F9AE02/96547FE8C54211EEAB61EC87C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.138.1/32
Signature Algorithm: sha256WithRSAEncryption
ae:24:2c:72:f1:f3:e5:ea:02:c4:79:e0:b9:5c:ba:5e:bb:27:
72:21:7d:41:db:ff:6f:a1:2a:a0:9b:c1:cf:27:3a:8c:9d:ac:
bb:38:a9:4e:a9:07:20:60:7d:e5:85:83:0e:0d:63:41:7e:11:
36:c4:36:78:a9:93:b8:2e:20:d3:ed:05:fe:34:68:87:67:b5:
79:0f:61:eb:76:2a:27:6e:fe:74:21:b7:e7:e9:b8:ae:a5:7c:
a7:88:f5:5a:47:68:b3:59:e7:e7:2f:d8:1e:82:6f:79:5a:bc:
00:05:0d:f3:70:88:45:ff:e9:bd:b6:53:1c:f2:3f:9d:03:cd:
dc:bd:a9:45:2c:33:a5:dd:89:40:53:3a:1a:0c:73:8d:44:45:
79:e0:c6:d9:b9:22:6d:aa:f5:ef:ea:e0:f8:0f:8e:78:e9:1f:
4f:c4:7e:af:20:d6:22:fd:7d:23:d8:87:8b:e8:61:98:4d:46:
83:db:a1:bd:da:50:79:48:f6:fe:f1:c8:a6:f9:bf:6e:cc:58:
3a:12:e5:20:cb:e3:49:da:de:e5:63:bf:89:a9:fa:53:fb:6e:
ad:c9:1b:d8:da:07:84:50:f4:45:c7:60:99:48:f1:44:19:4a:
2f:ca:c3:61:47:93:a7:f0:fc:32:96:11:d9:4f:31:cc:7e:a5:
cd:2a:c9:b7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
ODlBMjExMC8GA1UEBRMoRDhGQzc5NUI2M0NDNDI1NzNGRDVEQjQ0RjBBODM4NkM4
RDY0M0I4NDAeFw0yNDAyMDYyMjUzNDhaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YzJiODdiLWM5NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxmorfsWCn5/OSEdxEjLsehMn0ru6A3Qad5IDmacwTArbO0yudL9dxGUtKKKYB
d0Bo2GXLjub8ZL5SuOeFLJ9y0GanX8bRuIejCTIi/7QMSTRpQRcIJGg+QM7H8FW1
5eqiHPWmknxQ+J6DinqohMtn8DcGpbO2cxBDWcIVjXxwJVVH5o2NmJatWDk8BmJB
w1pqGKM1bKb+FMzL+GqpYCB2Dv5ODz04AtlMhHS+qbLZtfsptQsiHz8thJtRi4K+
67RvaPXJjFyBQsCoRiB+RhcX7KkwYNIhq2mu4ttSDMAnW4DcfQ3201AniHnNnJ4K
cet4qln9JbWcL9C2xRh/LM1bAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUNSPCsSaS
wippHyvyQ8bewuZefc4wHwYDVR0jBBgwFoAU2Px5W2PMQlc/1dtE8Kg4bI1kO4Qw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4OUEyL0IzOTZGM0MwQzU0
MTExRUVBQkMyQzM4NUM0RjlBRTAyLzJQeDVXMlBNUWxjXzFkdEU4S2c0Ykkxa080
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvMlB4NVcyUE1RbGNfMWR0RThLZzRiSTFrTzRRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
ODlBMi9CMzk2RjNDMEM1NDExMUVFQUJDMkMzODVDNEY5QUUwMi85NjU0N0ZFOEM1
NDIxMUVFQUI2MUVDODdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAEwBwMFAJ0PigEwDQYJKoZIhvcNAQELBQADggEBAK4kLHLx8+XqAsR5
4Llcul67J3IhfUHb/2+hKqCbwc8nOoydrLs4qU6pByBgfeWFgw4NY0F+ETbENnip
k7guINPtBf40aIdntXkPYet2Kidu/nQht+fpuK6lfKeI9VpHaLNZ5+cv2B6Cb3la
vAAFDfNwiEX/6b22UxzyP50Dzdy9qUUsM6XdiUBTOhoMc41ERXngxtm5Im2q9e/q
4PgPjnjpH0/Efq8g1iL9fSPYh4voYZhNRoPbob3aUHlI9v7xyKb5v27MWDoS5SDL
40na3uVjv4mp+lP7bq3JG9jaB4RQ9EXHYJlI8UQZSi/Kw2FHk6fw/DKWEdlPMcx+
pc0qybc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:42:34 2025 by rpki-client