Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/284DF16EAC9111EFB428E558C4F9AE02.roa
File: 284DF16EAC9111EFB428E558C4F9AE02.roa (raw, json)
Hash identifier: VmHeKJmtePOulBSbk9+BOFxcQS90pQTrfML+Txhvw4o=
Subject key identifier: F3:03:0A:66:43:D2:33:12:3D:8C:45:5E:4C:31:1B:FB:6F:CC:55:84
Certificate issuer: /CN=A91364F5/serialNumber=6163A9554C330679F7EA16678B108D964EC1C802
Certificate serial: 8F
Authority key identifier: 61:63:A9:55:4C:33:06:79:F7:EA:16:67:8B:10:8D:96:4E:C1:C8:02
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YWOpVUwzBnn36hZnixCNlk7ByAI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/284DF16EAC9111EFB428E558C4F9AE02.roa
Signing time: Wed 27 Nov 2024 07:28:12 +0000
ROA not before: Wed 27 Nov 2024 07:28:12 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 132298
IP address blocks: 157.20.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Dec 2024 07:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143 (0x8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91364F5, serialNumber=6163A9554C330679F7EA16678B108D964EC1C802
Validity
Not Before: Nov 27 07:28:12 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6746ca0c-72b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:aa:c2:4e:ab:62:e3:5d:70:31:fa:0c:b1:4c:
a9:1c:45:50:89:4b:80:7d:7d:cb:52:1f:a7:c7:8e:
b7:d8:41:56:bb:d9:0b:af:0e:6a:72:b6:14:2a:80:
c8:bb:89:80:aa:fd:7a:7d:9d:64:1e:75:94:4d:a3:
13:b8:8d:e6:de:e3:ba:31:68:74:a4:02:0a:2e:37:
26:da:57:d8:ef:6a:0a:68:48:96:53:1b:af:69:f5:
5a:ed:9d:20:84:a4:fc:b0:8d:5d:07:72:2e:72:12:
12:14:97:c3:68:e7:b4:7a:1c:e7:9c:2b:e2:3b:ad:
f9:33:de:9a:9e:4b:0f:90:08:a2:fe:7f:51:d4:0b:
a8:f6:ed:92:3f:fb:45:b5:82:25:f2:60:b5:cb:f0:
9d:63:57:39:0d:d4:15:8c:47:e7:9c:31:98:c1:12:
7e:04:7b:21:95:f1:8c:1c:2a:e1:34:ae:c2:aa:30:
66:cd:db:2d:47:11:14:e7:54:68:bd:e9:2d:83:86:
40:6b:f6:73:ef:fe:c7:bb:22:2d:96:78:e2:54:a9:
6c:1a:14:e6:08:b0:30:81:3f:06:ce:c4:7d:f5:00:
6b:c2:9f:f4:8a:8d:32:37:0b:9d:76:ba:b2:bb:36:
c4:e6:39:a5:85:33:c9:13:a8:ee:43:8b:5b:77:82:
0a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:03:0A:66:43:D2:33:12:3D:8C:45:5E:4C:31:1B:FB:6F:CC:55:84
X509v3 Authority Key Identifier:
keyid:61:63:A9:55:4C:33:06:79:F7:EA:16:67:8B:10:8D:96:4E:C1:C8:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/YWOpVUwzBnn36hZnixCNlk7ByAI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YWOpVUwzBnn36hZnixCNlk7ByAI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/284DF16EAC9111EFB428E558C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.151.0/24
Signature Algorithm: sha256WithRSAEncryption
95:a3:c7:cb:b2:51:3a:95:15:6a:9b:b2:08:02:0a:da:61:3e:
ea:a6:1f:fd:6c:f6:d7:27:1e:dc:79:84:61:66:b6:9d:0d:a4:
3e:fe:57:89:89:47:8d:50:af:44:36:b9:b7:e2:2a:76:19:51:
62:f8:7d:78:2d:4b:cf:6f:dd:5f:f1:20:8e:90:77:0f:1c:77:
67:fe:2e:e7:e7:ee:89:cd:8a:25:42:59:79:16:e7:cd:3d:9d:
97:8d:f4:77:0d:3d:3c:6d:d3:db:ce:ff:f7:93:33:5d:9f:5f:
11:44:16:7d:5d:05:6a:15:98:6f:28:8c:78:0a:00:12:8b:cb:
87:e8:6e:c6:9c:87:d9:22:00:83:af:cd:c2:1a:17:4c:58:9e:
12:68:d6:2a:cb:2e:cf:eb:f6:49:e2:f4:fc:60:a2:2e:8e:a1:
22:94:fe:c7:b2:99:98:c6:a3:d2:fb:3f:c1:58:a7:eb:4a:52:
30:55:02:0a:ac:e0:63:ee:9a:7e:c9:f5:30:81:b2:d1:d4:df:
b7:38:bf:94:dd:f3:06:68:d0:81:6b:76:4e:ca:78:f3:88:45:
ee:d4:6c:17:c6:ab:06:93:fb:c9:dd:c6:76:94:54:32:16:94:
4c:1c:7f:48:ac:c7:86:0a:5f:66:3e:58:72:3c:d9:2a:7b:d9:
ee:73:1a:9f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzY0RjUxMTAvBgNVBAUTKDYxNjNBOTU1NEMzMzA2NzlGN0VBMTY2NzhCMTA4RDk2
NEVDMUM4MDIwHhcNMjQxMTI3MDcyODEyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ2Y2EwYy03MmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5qrCTqti411wMfoMsUypHEVQiUuAfX3LUh+nx4632EFWu9kLrw5qcrYUKoDI
u4mAqv16fZ1kHnWUTaMTuI3m3uO6MWh0pAIKLjcm2lfY72oKaEiWUxuvafVa7Z0g
hKT8sI1dB3IuchISFJfDaOe0ehznnCviO635M96anksPkAii/n9R1Auo9u2SP/tF
tYIl8mC1y/CdY1c5DdQVjEfnnDGYwRJ+BHshlfGMHCrhNK7CqjBmzdstRxEU51Ro
vektg4ZAa/Zz7/7HuyItlnjiVKlsGhTmCLAwgT8GzsR99QBrwp/0io0yNwuddrqy
uzbE5jmlhTPJE6juQ4tbd4IKCwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPMDCmZD
0jMSPYxFXkwxG/tvzFWEMB8GA1UdIwQYMBaAFGFjqVVMMwZ59+oWZ4sQjZZOwcgC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjRGNS81QjVCOTNFQ0Q5
RjkxMUVFOUVBRTVEN0RDNEY5QUUwMi9ZV09wVlV3ekJubjM2aFpuaXhDTmxrN0J5
QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1lXT3BWVXd6Qm5uMzZoWm5peENObGs3QnlBSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzY0RjUvNUI1QjkzRUNEOUY5MTFFRTlFQUU1RDdEQzRGOUFFMDIvMjg0REYxNkVB
QzkxMTFFRkI0MjhFNTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACdFJcwDQYJKoZIhvcNAQELBQADggEBAJWjx8uyUTqVFWqb
sggCCtphPuqmH/1s9tcnHtx5hGFmtp0NpD7+V4mJR41Qr0Q2ubfiKnYZUWL4fXgt
S89v3V/xII6Qdw8cd2f+Lufn7onNiiVCWXkW5809nZeN9HcNPTxt09vO//eTM12f
XxFEFn1dBWoVmG8ojHgKABKLy4fobsach9kiAIOvzcIaF0xYnhJo1irLLs/r9kni
9Pxgoi6OoSKU/seymZjGo9L7P8FYp+tKUjBVAgqs4GPumn7J9TCBstHU37c4v5Td
8wZo0IFrdk7KePOIRe7UbBfGqwaT+8ndxnaUVDIWlEwcf0isx4YKX2Y+WHI82Sp7
2e5zGp8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:30:12 2025 by rpki-client