Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/CEC3498AA67A11EFA2928C76C4F9AE02.roa
File: CEC3498AA67A11EFA2928C76C4F9AE02.roa (raw, json)
Hash identifier: rKfFnOy+XtC6BSsi/sLzyDlJ3V5ECCrJJ77H6TIINX8=
Subject key identifier: 53:B2:21:BF:2D:CE:FE:59:D5:7A:76:3F:A1:FF:68:BD:EF:04:E1:91
Certificate issuer: /CN=A917530D/serialNumber=B3992F0D49BAF6A36FDA658E5B459469521E5B44
Certificate serial: A9
Authority key identifier: B3:99:2F:0D:49:BA:F6:A3:6F:DA:65:8E:5B:45:94:69:52:1E:5B:44
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s5kvDUm69qNv2mWOW0WUaVIeW0Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/CEC3498AA67A11EFA2928C76C4F9AE02.roa
Signing time: Tue 19 Nov 2024 13:33:06 +0000
ROA not before: Tue 19 Nov 2024 13:33:06 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 140210
IP address blocks: 157.10.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 00:34:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169 (0xa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917530D, serialNumber=B3992F0D49BAF6A36FDA658E5B459469521E5B44
Validity
Not Before: Nov 19 13:33:06 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=673c9391-8197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:33:8d:21:be:66:a4:07:3c:53:27:5a:ed:52:
88:55:9c:a2:d4:7c:65:40:1b:3a:42:f8:ce:90:2c:
20:1b:02:b5:80:45:9d:18:57:af:a5:89:8a:18:0e:
b3:af:5c:6c:6c:a4:20:31:5e:a9:7e:44:56:e6:8b:
89:7b:2d:71:51:0e:55:22:b4:ca:b1:f2:d1:3c:b9:
72:49:35:02:a1:f7:e7:45:35:6e:3a:b2:b1:42:c9:
5e:d0:6f:a5:63:1b:04:8c:14:a2:2a:26:d8:49:85:
bc:d5:b5:8c:ed:76:f8:c9:08:0a:55:e4:f4:b5:53:
02:56:cf:48:88:25:b4:ce:bb:39:82:20:f3:39:bf:
80:d5:20:b8:6f:98:c7:c1:08:34:a9:20:34:87:c1:
4d:ff:da:9c:8a:a6:69:60:2d:5a:bb:9c:ae:af:f6:
18:ac:61:df:60:e9:63:ca:cd:0a:25:84:ed:d9:0b:
9b:ef:43:c7:97:dd:66:1d:8a:df:01:47:5a:5c:a9:
d5:ec:03:40:6b:c4:22:3c:66:fa:f1:0e:ad:3b:1c:
af:a9:75:ce:82:09:e2:07:cb:15:26:95:f0:73:f4:
95:e4:34:bd:eb:1c:6a:fa:1d:3f:68:0c:74:24:67:
e2:0c:a4:a9:87:04:7c:3d:07:93:24:1b:38:a9:04:
c0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B2:21:BF:2D:CE:FE:59:D5:7A:76:3F:A1:FF:68:BD:EF:04:E1:91
X509v3 Authority Key Identifier:
keyid:B3:99:2F:0D:49:BA:F6:A3:6F:DA:65:8E:5B:45:94:69:52:1E:5B:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/s5kvDUm69qNv2mWOW0WUaVIeW0Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s5kvDUm69qNv2mWOW0WUaVIeW0Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/CEC3498AA67A11EFA2928C76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.227.0/24
Signature Algorithm: sha256WithRSAEncryption
90:dd:e5:17:81:e1:21:05:50:db:0a:6e:e0:9f:81:23:82:b9:
f5:31:92:70:68:7e:85:f2:9f:3a:3b:40:71:77:71:a9:5c:80:
76:15:84:a4:8a:2f:db:f0:14:1c:71:1c:6a:fa:78:3f:1c:ca:
4c:95:16:30:25:01:96:a2:d9:38:fb:ed:cd:af:34:c9:1e:92:
2c:11:b8:90:a0:13:45:7f:73:d8:6f:48:b9:f3:84:e3:a7:e1:
d4:77:90:4a:04:6a:2f:a9:54:f1:ae:85:ab:5e:58:a7:7f:49:
6b:3e:15:92:f4:ea:e6:b4:f6:00:58:aa:ff:48:55:c1:24:c2:
01:63:fb:20:dc:ff:40:09:36:1a:1a:f8:f9:15:6f:09:bd:4b:
0a:d7:82:0e:ea:43:59:21:0d:91:0d:01:f0:9c:ca:0e:0a:98:
d5:07:06:64:e3:b1:ba:31:29:a6:b1:5a:ca:7f:3f:4a:e1:91:
01:c1:51:49:c3:0e:38:f3:58:a6:ca:bf:ca:e2:b2:7b:48:8e:
d0:39:1d:1b:94:8c:22:76:75:24:14:04:95:ed:67:9f:c3:6b:
4f:60:7a:b3:8a:ee:3b:26:29:2b:79:81:76:14:78:41:b8:c6:
44:19:b8:4a:d6:b6:cd:62:55:f6:c9:1f:ce:ef:85:f9:2e:5e:
e6:cf:8e:05
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzUzMEQxMTAvBgNVBAUTKEIzOTkyRjBENDlCQUY2QTM2RkRBNjU4RTVCNDU5NDY5
NTIxRTVCNDQwHhcNMjQxMTE5MTMzMzA2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNjOTM5MS04MTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsjONIb5mpAc8Uyda7VKIVZyi1HxlQBs6QvjOkCwgGwK1gEWdGFevpYmKGA6z
r1xsbKQgMV6pfkRW5ouJey1xUQ5VIrTKsfLRPLlySTUCoffnRTVuOrKxQsle0G+l
YxsEjBSiKibYSYW81bWM7Xb4yQgKVeT0tVMCVs9IiCW0zrs5giDzOb+A1SC4b5jH
wQg0qSA0h8FN/9qciqZpYC1au5yur/YYrGHfYOljys0KJYTt2Qub70PHl91mHYrf
AUdaXKnV7ANAa8QiPGb68Q6tOxyvqXXOggniB8sVJpXwc/SV5DS96xxq+h0/aAx0
JGfiDKSphwR8PQeTJBs4qQTAOwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFOyIb8t
zv5Z1Xp2P6H/aL3vBOGRMB8GA1UdIwQYMBaAFLOZLw1Juvajb9pljltFlGlSHltE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTMwRC9ERDdFMDkxQ0I2
NEIxMUVFOTE0NjM3NjBDNEY5QUUwMi9zNWt2RFVtNjlxTnYybVdPVzBXVWFWSWVX
MFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3M1a3ZEVW02OXFOdjJtV09XMFdVYVZJZVcwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzUzMEQvREQ3RTA5MUNCNjRCMTFFRTkxNDYzNzYwQzRGOUFFMDIvQ0VDMzQ5OEFB
NjdBMTFFRkEyOTI4Qzc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACdCuMwDQYJKoZIhvcNAQELBQADggEBAJDd5ReB4SEFUNsK
buCfgSOCufUxknBofoXynzo7QHF3calcgHYVhKSKL9vwFBxxHGr6eD8cykyVFjAl
AZai2Tj77c2vNMkekiwRuJCgE0V/c9hvSLnzhOOn4dR3kEoEai+pVPGuhateWKd/
SWs+FZL06ua09gBYqv9IVcEkwgFj+yDc/0AJNhoa+PkVbwm9SwrXgg7qQ1khDZEN
AfCcyg4KmNUHBmTjsboxKaaxWsp/P0rhkQHBUUnDDjjzWKbKv8risntIjtA5HRuU
jCJ2dSQUBJXtZ5/Da09gerOK7jsmKSt5gXYUeEG4xkQZuErWts1iVfbJH87vhfku
XubPjgU=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:19:34 2025 by rpki-client