Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/B45D344C8F7911EF90F6941FC4F9AE02.roa
File: B45D344C8F7911EF90F6941FC4F9AE02.roa (raw, json)
Hash identifier: IwG41/v32DGnAzEUwm2fWrp5jpFSCenIV1xWWix510E=
Subject key identifier: 09:D6:B1:A0:53:A4:1E:DF:3C:A7:E3:A5:B7:5E:DE:B7:91:C0:8B:3C
Certificate issuer: /CN=A9152787/serialNumber=5D946D4F479D37BCE1700CB0BADD51A2C3DF620F
Certificate serial: 02
Authority key identifier: 5D:94:6D:4F:47:9D:37:BC:E1:70:0C:B0:BA:DD:51:A2:C3:DF:62:0F
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XZRtT0edN7zhcAywut1RosPfYg8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/B45D344C8F7911EF90F6941FC4F9AE02.roa
Signing time: Mon 21 Oct 2024 06:57:15 +0000
ROA not before: Mon 21 Oct 2024 06:57:15 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 151495
IP address blocks: 157.20.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 13:55:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152787, serialNumber=5D946D4F479D37BCE1700CB0BADD51A2C3DF620F
Validity
Not Before: Oct 21 06:57:15 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6715fb4b-5070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8e:f1:f3:f6:e4:93:b8:e5:d1:c3:22:a6:2e:
81:7c:e0:2e:86:31:6e:07:df:a4:63:1b:92:f6:fb:
75:57:07:f4:a5:b6:0d:ab:54:62:a8:07:94:c6:bf:
23:42:5b:61:50:b5:3e:dc:94:8b:19:52:ee:9e:5f:
6e:5b:aa:82:2b:9f:08:9b:0b:a7:43:b1:32:5d:ce:
1d:47:77:e9:27:e8:5f:0d:b5:b1:f7:9f:ee:9e:e5:
9e:51:22:6c:b4:40:d8:56:a7:0d:16:98:48:b5:e9:
d6:e0:37:53:47:1a:a5:c5:b8:2d:68:fb:2e:c3:07:
27:f8:4b:0e:6e:e2:66:9b:fa:64:d3:4a:7a:00:eb:
f7:01:77:82:f9:2f:e9:88:24:c8:1c:a2:22:45:b5:
f8:33:82:56:c3:a4:ac:7f:e3:9a:f1:e9:d0:d7:ca:
83:13:53:cd:72:7b:0c:07:3c:05:12:24:df:38:a4:
f6:7d:2a:5a:68:46:31:2a:86:98:57:ba:f8:c2:41:
59:27:2e:fc:84:9b:b2:d5:fb:5c:9d:f0:9a:53:c9:
08:16:76:79:87:10:3e:ce:d9:eb:fa:bd:7d:22:82:
b4:dc:42:2c:74:89:f9:42:ca:d3:6c:6e:3c:b9:12:
e6:e7:0d:c9:a7:10:c8:82:05:42:97:03:33:ac:80:
6e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D6:B1:A0:53:A4:1E:DF:3C:A7:E3:A5:B7:5E:DE:B7:91:C0:8B:3C
X509v3 Authority Key Identifier:
keyid:5D:94:6D:4F:47:9D:37:BC:E1:70:0C:B0:BA:DD:51:A2:C3:DF:62:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XZRtT0edN7zhcAywut1RosPfYg8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/B45D344C8F7911EF90F6941FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.65.0/24
Signature Algorithm: sha256WithRSAEncryption
31:eb:60:d9:c2:68:03:0e:2c:89:37:37:d1:41:83:1a:80:8f:
e3:44:9e:77:ac:b7:e7:af:f8:7f:a7:a6:53:4d:f5:41:a5:5e:
8d:11:ea:20:5c:03:cb:93:f6:f5:9b:4e:14:cc:ba:9b:75:96:
40:fb:9a:6c:5c:ef:5f:33:44:e7:da:57:67:cd:39:40:0f:cc:
d4:bf:c7:17:b1:de:2a:a3:4a:02:36:a1:86:eb:e5:95:28:ec:
4c:fd:51:6f:f9:b6:c2:89:a1:13:2a:25:db:c7:ee:6d:84:64:
e5:a9:12:cd:ce:b6:4e:cc:5d:29:e0:17:0f:a5:27:e3:3f:84:
be:f3:8d:d2:80:7a:a7:cf:de:a6:82:d0:c2:e8:ff:be:bd:ab:
af:41:3a:85:71:79:0f:f8:e5:7e:13:77:3e:30:84:12:71:1c:
b0:9a:07:b7:54:28:de:d9:53:73:ff:73:52:4c:57:59:58:82:
27:2f:5d:c4:08:fc:bc:ef:67:e6:a6:3e:fc:51:e2:36:41:cb:
78:65:a7:ee:15:a3:cc:02:fe:12:50:54:24:eb:80:46:c8:54:
b1:63:91:11:ab:3c:88:e5:a7:9f:8d:aa:8b:0b:7f:94:f8:1f:
09:01:c7:16:4b:c6:e5:71:ab:b0:ca:eb:77:ae:a7:67:60:b8:
c0:06:56:ee
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
Mjc4NzExMC8GA1UEBRMoNUQ5NDZENEY0NzlEMzdCQ0UxNzAwQ0IwQkFERDUxQTJD
M0RGNjIwRjAeFw0yNDEwMjEwNjU3MTVaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MTVmYjRiLTUwNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrjvHz9uSTuOXRwyKmLoF84C6GMW4H36RjG5L2+3VXB/Sltg2rVGKoB5TGvyNC
W2FQtT7clIsZUu6eX25bqoIrnwibC6dDsTJdzh1Hd+kn6F8NtbH3n+6e5Z5RImy0
QNhWpw0WmEi16dbgN1NHGqXFuC1o+y7DByf4Sw5u4mab+mTTSnoA6/cBd4L5L+mI
JMgcoiJFtfgzglbDpKx/45rx6dDXyoMTU81yewwHPAUSJN84pPZ9KlpoRjEqhphX
uvjCQVknLvyEm7LV+1yd8JpTyQgWdnmHED7O2ev6vX0igrTcQix0iflCytNsbjy5
EubnDcmnEMiCBUKXAzOsgG5DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUCdaxoFOk
Ht88p+Olt17et5HAizwwHwYDVR0jBBgwFoAUXZRtT0edN7zhcAywut1RosPfYg8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUyNzg3LzIyODY1NjJBOEY3
OTExRUY5MkFDNzgxRUM0RjlBRTAyL1haUnRUMGVkTjd6aGNBeXd1dDFSb3NQZlln
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvWFpSdFQwZWRON3poY0F5d3V0MVJvc1BmWWc4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
Mjc4Ny8yMjg2NTYyQThGNzkxMUVGOTJBQzc4MUVDNEY5QUUwMi9CNDVEMzQ0QzhG
NzkxMUVGOTBGNjk0MUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJ0UQTANBgkqhkiG9w0BAQsFAAOCAQEAMetg2cJoAw4siTc3
0UGDGoCP40Sed6y356/4f6emU031QaVejRHqIFwDy5P29ZtOFMy6m3WWQPuabFzv
XzNE59pXZ805QA/M1L/HF7HeKqNKAjahhuvllSjsTP1Rb/m2womhEyol28fubYRk
5akSzc62TsxdKeAXD6Un4z+EvvON0oB6p8/epoLQwuj/vr2rr0E6hXF5D/jlfhN3
PjCEEnEcsJoHt1Qo3tlTc/9zUkxXWViCJy9dxAj8vO9n5qY+/FHiNkHLeGWn7hWj
zAL+ElBUJOuARshUsWOREas8iOWnn42qiwt/lPgfCQHHFkvG5XGrsMrrd66nZ2C4
wAZW7g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:59:41 2025 by rpki-client