Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/3D3AB8F6A87611EF8B70DB54C4F9AE02.roa
File: 3D3AB8F6A87611EF8B70DB54C4F9AE02.roa (raw, json)
Hash identifier: iOnIfJKvHIYzXvIwPk4uGdNm87xrZInz6V8/6m3pLNI=
Subject key identifier: 93:2D:9F:3C:3C:35:22:E9:42:B3:D5:10:EC:83:0A:1E:83:D8:AB:F7
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 041F
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/3D3AB8F6A87611EF8B70DB54C4F9AE02.roa
Signing time: Fri 22 Nov 2024 02:05:26 +0000
ROA not before: Fri 22 Nov 2024 02:05:26 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150862
IP address blocks: 157.10.42.0/23 maxlen: 23
157.10.44.0/23 maxlen: 23
157.15.108.0/23 maxlen: 23
157.15.110.0/23 maxlen: 23
160.22.106.0/23 maxlen: 23
160.30.20.0/23 maxlen: 23
160.30.156.0/23 maxlen: 23
160.30.192.0/23 maxlen: 23
160.30.200.0/23 maxlen: 23
160.187.122.0/23 maxlen: 23
160.187.226.0/23 maxlen: 23
160.187.228.0/23 maxlen: 23
160.187.246.0/23 maxlen: 23
160.191.54.0/23 maxlen: 23
160.191.138.0/23 maxlen: 23
160.191.174.0/23 maxlen: 23
160.191.242.0/23 maxlen: 23
160.191.244.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 06 Dec 2024 07:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1055 (0x41f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Nov 22 02:05:26 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=673fe6e6-2f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:dc:3f:11:9c:81:28:1e:83:c2:3c:a6:51:07:
16:0e:49:bb:8a:da:30:6b:bb:a8:5f:90:12:16:c0:
a3:0d:68:dd:17:5c:07:b9:59:06:ed:9a:e2:80:3a:
45:22:12:4a:92:d9:f9:d3:7f:5d:fe:f9:29:85:3d:
1d:09:40:1f:b5:81:01:4b:e1:68:53:f0:a6:33:06:
90:24:e0:00:5d:4c:b9:83:eb:d4:a8:ac:f0:12:89:
29:bd:26:04:92:66:73:36:5b:52:54:c4:a5:04:47:
5b:12:23:3d:2d:b4:25:fe:a0:ef:e3:e9:93:40:dd:
ab:05:ef:ee:d0:b6:64:50:f0:79:56:8a:4d:4a:ce:
43:90:31:e7:aa:c8:44:ae:62:cc:b4:4b:89:cf:ad:
1e:03:ce:0b:6b:8b:4c:c0:a7:3f:45:c2:71:e2:c0:
5a:37:1d:e6:ae:da:34:55:e6:f7:f0:e3:1c:b2:3f:
1c:14:0f:eb:d9:6c:5e:95:81:59:24:e5:8d:2d:81:
1b:d8:9a:79:ba:1e:d5:af:22:e5:0f:36:c7:78:d7:
e4:f3:35:09:1d:0f:78:f6:4c:b9:e0:7a:b2:f7:17:
73:f3:a2:6d:50:f9:1f:d0:69:b3:81:b5:64:71:2a:
ff:7e:5d:c7:79:c3:bf:69:12:5c:0a:55:c4:be:5c:
e2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2D:9F:3C:3C:35:22:E9:42:B3:D5:10:EC:83:0A:1E:83:D8:AB:F7
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/3D3AB8F6A87611EF8B70DB54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.42.0-157.10.45.255
157.15.108.0/22
160.22.106.0/23
160.30.20.0/23
160.30.156.0/23
160.30.192.0/23
160.30.200.0/23
160.187.122.0/23
160.187.226.0-160.187.229.255
160.187.246.0/23
160.191.54.0/23
160.191.138.0/23
160.191.174.0/23
160.191.242.0-160.191.245.255
Signature Algorithm: sha256WithRSAEncryption
36:c4:99:92:48:44:a6:f4:99:27:bf:45:d3:5c:b5:e5:61:b4:
b3:66:54:cd:4c:10:25:c3:88:bf:2e:34:cc:5c:06:0c:6f:bc:
69:2d:5b:f2:9b:66:10:bd:6b:36:d9:19:15:40:f8:ae:4e:69:
49:c2:6d:43:a4:da:d3:06:f8:09:7f:e9:40:f5:86:02:51:85:
84:0a:50:79:b8:6c:e4:89:af:e8:d0:4f:41:85:e9:f6:09:0e:
32:a9:e3:19:e5:80:33:ed:1e:5d:34:13:d6:f1:f6:ed:8c:e6:
3b:62:1a:60:17:52:57:63:1b:7d:53:f6:13:89:83:5c:32:bb:
01:4c:9b:00:ed:4e:26:ac:e4:63:01:0d:2b:44:75:39:ac:4f:
0c:4b:d9:ed:8f:49:d1:cd:3d:af:de:48:73:17:45:3e:db:97:
a8:1e:13:ca:f9:7f:f6:81:71:68:73:8a:56:30:7a:10:22:aa:
10:5f:93:b7:13:dc:9d:d6:80:fe:e3:4d:ad:1c:d3:77:8e:19:
0b:73:b5:35:5b:55:fd:f7:6f:f0:ed:6d:6d:ff:e5:2f:a9:3b:
7e:b3:b1:f6:d6:02:88:71:94:df:93:81:6a:87:04:6e:b9:3e:
88:84:9e:d8:91:90:e1:16:3a:cf:b9:a6:67:c1:f4:e2:c8:05:
51:8e:10:99
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgICBB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjQxMTIyMDIwNTI2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNmZTZlNi0yZjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz9w/EZyBKB6DwjymUQcWDkm7itowa7uoX5ASFsCjDWjdF1wHuVkG7ZrigDpF
IhJKktn5039d/vkphT0dCUAftYEBS+FoU/CmMwaQJOAAXUy5g+vUqKzwEokpvSYE
kmZzNltSVMSlBEdbEiM9LbQl/qDv4+mTQN2rBe/u0LZkUPB5VopNSs5DkDHnqshE
rmLMtEuJz60eA84La4tMwKc/RcJx4sBaNx3mrto0Veb38OMcsj8cFA/r2WxelYFZ
JOWNLYEb2Jp5uh7VryLlDzbHeNfk8zUJHQ949ky54Hqy9xdz86JtUPkf0GmzgbVk
cSr/fl3HecO/aRJcClXEvlziQQIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFJMtnzw8
NSLpQrPVEOyDCh6D2Kv3MB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvM0QzQUI4RjZB
ODc2MTFFRjhCNzBEQjU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYUGCCsGAQUFBwEHAQH/
BHYwdDByBAIAATBsMAwDBAGdCioDBAGdCiwDBAKdD2wDBAGgFmoDBAGgHhQDBAGg
HpwDBAGgHsADBAGgHsgDBAGgu3owDAMEAaC74gMEAaC75AMEAaC79gMEAaC/NgME
AaC/igMEAaC/rjAMAwQBoL/yAwQBoL/0MA0GCSqGSIb3DQEBCwUAA4IBAQA2xJmS
SESm9Jknv0XTXLXlYbSzZlTNTBAlw4i/LjTMXAYMb7xpLVvym2YQvWs22RkVQPiu
TmlJwm1DpNrTBvgJf+lA9YYCUYWEClB5uGzkia/o0E9Bhen2CQ4yqeMZ5YAz7R5d
NBPW8fbtjOY7YhpgF1JXYxt9U/YTiYNcMrsBTJsA7U4mrORjAQ0rRHU5rE8MS9nt
j0nRzT2v3khzF0U+25eoHhPK+X/2gXFoc4pWMHoQIqoQX5O3E9yd1oD+402tHNN3
jhkLc7U1W1X992/w7W1t/+UvqTt+s7H21gKIcZTfk4FqhwRuuT6IhJ7YkZDhFjrP
uaZnwfTiyAVRjhCZ
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:54:25 2025 by rpki-client