Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/0F8D82DCD9FD11EEA4312983C4F9AE02.roa
File: 0F8D82DCD9FD11EEA4312983C4F9AE02.roa (raw, json)
Hash identifier: o70V3rgTm8yRRylFlCudRELCYk4ehTX4M2+Mtzto8oo=
Subject key identifier: 3A:8A:F0:81:CB:32:62:7F:78:A0:F5:6E:80:54:B6:BB:6C:6B:2F:AA
Certificate issuer: /CN=A91364F5/serialNumber=6163A9554C330679F7EA16678B108D964EC1C802
Certificate serial: 03
Authority key identifier: 61:63:A9:55:4C:33:06:79:F7:EA:16:67:8B:10:8D:96:4E:C1:C8:02
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YWOpVUwzBnn36hZnixCNlk7ByAI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/0F8D82DCD9FD11EEA4312983C4F9AE02.roa
Signing time: Mon 04 Mar 2024 07:59:01 +0000
ROA not before: Mon 04 Mar 2024 07:59:01 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 152606
IP address blocks: 157.20.150.0/23 maxlen: 23
157.20.150.0/24 maxlen: 24
157.20.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 07:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91364F5, serialNumber=6163A9554C330679F7EA16678B108D964EC1C802
Validity
Not Before: Mar 4 07:59:01 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65e57f44-db2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6b:95:28:ae:c6:e7:d1:73:ad:f4:73:dc:aa:
04:dc:a2:3f:ad:56:3d:79:3d:33:d7:47:d2:e9:7b:
5e:32:ac:02:24:04:b2:38:95:fb:b9:0a:a9:a4:af:
2d:2b:71:b7:77:e2:4e:17:11:30:22:de:71:62:d7:
6c:6d:de:24:e0:b4:45:f6:a4:78:ca:25:0e:80:c7:
5f:9f:da:45:c4:3a:74:eb:54:61:e4:e8:0f:b2:58:
5c:92:e1:5d:b2:c4:83:d4:4a:9c:78:97:9b:89:b7:
2b:c5:b8:e4:94:e1:76:5a:17:b5:14:84:28:21:fc:
78:79:2c:27:4c:81:84:88:a7:01:bd:1c:e1:9d:7c:
17:7c:63:a3:44:56:8c:54:07:d3:b7:44:c2:11:84:
c6:a4:b2:c5:92:69:87:a0:d1:bd:a5:41:58:53:b8:
e3:9d:81:45:02:54:61:b5:87:0f:ed:c8:47:42:34:
2f:af:b7:f8:5b:32:1b:77:eb:65:18:34:d4:4c:69:
ae:61:29:d9:77:1b:51:c7:50:e3:4f:8e:d0:a0:b9:
af:5b:eb:1d:a9:91:8e:4f:00:c7:df:b1:ed:19:07:
f8:27:f6:90:b7:dc:de:a2:fa:a2:dd:2b:da:7a:df:
61:eb:48:c4:b0:b5:31:da:4c:4d:40:ec:24:bd:b9:
85:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8A:F0:81:CB:32:62:7F:78:A0:F5:6E:80:54:B6:BB:6C:6B:2F:AA
X509v3 Authority Key Identifier:
keyid:61:63:A9:55:4C:33:06:79:F7:EA:16:67:8B:10:8D:96:4E:C1:C8:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/YWOpVUwzBnn36hZnixCNlk7ByAI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YWOpVUwzBnn36hZnixCNlk7ByAI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/0F8D82DCD9FD11EEA4312983C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.150.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:df:39:10:9a:cf:27:9b:fd:e2:6d:6d:ed:4a:a0:5c:d7:00:
6a:bc:77:3f:87:78:f3:c1:b6:67:6d:ff:8d:eb:9e:a0:25:5d:
3b:fa:32:de:06:8a:d5:e4:aa:cd:cf:8e:2b:82:74:05:20:fb:
1e:c9:d1:47:a3:49:cc:09:8a:45:bd:8f:af:84:dc:88:af:b8:
4f:9c:0d:3c:eb:1a:ac:55:57:24:11:be:c0:6f:35:ad:32:d5:
02:b4:44:8d:4d:f1:81:de:cc:db:2b:6d:b1:c5:32:a0:aa:88:
b2:0e:e5:39:16:7e:1e:9d:97:de:76:d4:fb:9b:8a:ef:a5:e5:
c7:4c:86:4f:2b:9a:87:f9:9c:dd:c1:0d:54:a3:56:0a:e0:64:
59:76:32:35:3b:2f:da:17:86:13:94:b0:c6:2a:f0:a9:c1:ef:
99:b4:c0:7c:d1:93:77:d2:2e:e0:7b:ef:40:d0:6c:4b:9f:ce:
a3:52:e5:44:27:3f:7a:29:f2:88:e1:bc:32:eb:89:79:b7:15:
63:82:c1:af:5c:df:dd:26:33:1b:c0:a1:76:5b:8b:e3:c8:b2:
45:05:fe:44:4b:45:f1:95:21:1e:18:18:db:e5:e6:20:52:36:
68:5d:c1:19:e9:ae:39:f2:eb:42:bc:c4:4c:84:00:8d:3a:ca:
04:fc:ec:d6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
NjRGNTExMC8GA1UEBRMoNjE2M0E5NTU0QzMzMDY3OUY3RUExNjY3OEIxMDhEOTY0
RUMxQzgwMjAeFw0yNDAzMDQwNzU5MDFaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZTU3ZjQ0LWRiMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDca5Uorsbn0XOt9HPcqgTcoj+tVj15PTPXR9Lpe14yrAIkBLI4lfu5Cqmkry0r
cbd34k4XETAi3nFi12xt3iTgtEX2pHjKJQ6Ax1+f2kXEOnTrVGHk6A+yWFyS4V2y
xIPUSpx4l5uJtyvFuOSU4XZaF7UUhCgh/Hh5LCdMgYSIpwG9HOGdfBd8Y6NEVoxU
B9O3RMIRhMakssWSaYeg0b2lQVhTuOOdgUUCVGG1hw/tyEdCNC+vt/hbMht362UY
NNRMaa5hKdl3G1HHUONPjtCgua9b6x2pkY5PAMffse0ZB/gn9pC33N6i+qLdK9p6
32HrSMSwtTHaTE1A7CS9uYXRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUOorwgcsy
Yn94oPVugFS2u2xrL6owHwYDVR0jBBgwFoAUYWOpVUwzBnn36hZnixCNlk7ByAIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM2NEY1LzVCNUI5M0VDRDlG
OTExRUU5RUFFNUQ3REM0RjlBRTAyL1lXT3BWVXd6Qm5uMzZoWm5peENObGs3QnlB
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvWVdPcFZVd3pCbm4zNmhabml4Q05sazdCeUFJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
NjRGNS81QjVCOTNFQ0Q5RjkxMUVFOUVBRTVEN0RDNEY5QUUwMi8wRjhEODJEQ0Q5
RkQxMUVFQTQzMTI5ODNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0UljANBgkqhkiG9w0BAQsFAAOCAQEAyd85EJrPJ5v94m1t
7UqgXNcAarx3P4d488G2Z23/jeueoCVdO/oy3gaK1eSqzc+OK4J0BSD7HsnRR6NJ
zAmKRb2Pr4TciK+4T5wNPOsarFVXJBG+wG81rTLVArREjU3xgd7M2yttscUyoKqI
sg7lORZ+Hp2X3nbU+5uK76Xlx0yGTyuah/mc3cENVKNWCuBkWXYyNTsv2heGE5Sw
xirwqcHvmbTAfNGTd9Iu4HvvQNBsS5/Oo1LlRCc/einyiOG8MuuJebcVY4LBr1zf
3SYzG8ChdluL48iyRQX+REtF8ZUhHhgY2+XmIFI2aF3BGemuOfLrQrzETIQAjTrK
BPzs1g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:01:13 2025 by rpki-client