Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/DEA7138CF71F11EE84F40563C4F9AE02.roa
File: DEA7138CF71F11EE84F40563C4F9AE02.roa (raw, json)
Hash identifier: AxtmKOtPwMdUp/5p2sKooteee7tjgY2N7atiZeUsEnE=
Subject key identifier: 44:2A:6A:B2:2E:9B:81:C1:0B:DA:65:4C:07:CE:4B:65:0F:C0:59:3F
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 0295
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/DEA7138CF71F11EE84F40563C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:31:07 +0000
ROA not before: Thu 05 Sep 2024 03:31:07 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 151918
IP address blocks: 157.66.48.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 20 Mar 2025 15:20:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 661 (0x295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Sep 5 03:31:07 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d925fb-d06c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cf:fc:5a:5b:96:69:f2:70:54:5e:5c:21:a0:
d1:60:c5:41:59:8a:59:20:1b:fe:88:6e:ec:39:d4:
30:a0:48:77:bc:06:f6:25:62:8e:38:5c:45:74:65:
49:f8:0f:39:8c:26:2d:42:ae:67:6d:00:82:f8:17:
f8:d2:57:68:3d:82:92:99:0a:0e:1c:de:6e:87:7a:
90:24:e1:a6:72:f0:51:87:51:4d:f3:c1:1c:46:a4:
f7:28:06:8f:90:b5:71:a1:bb:82:7a:5c:b9:01:34:
57:7e:c8:e2:99:84:8e:6b:c2:75:98:41:b1:46:cf:
2c:54:67:25:2b:c2:fb:69:76:8a:e1:13:4e:f1:23:
5c:d8:5f:e0:19:1c:50:a5:44:10:a2:5f:3c:31:e5:
aa:e2:56:af:e3:af:34:b3:b1:bc:a6:12:d4:bd:ee:
21:ef:29:27:87:db:b1:c8:6d:b0:55:a1:ab:68:fc:
a6:33:34:6b:f6:09:36:39:ba:fd:5c:aa:4a:cb:f7:
7a:6a:12:42:c5:26:5d:6f:86:a1:67:a8:4f:34:a7:
f8:a9:d1:2b:0a:d5:df:2a:2c:2d:ed:d6:b2:d2:60:
89:ff:ac:fa:79:1a:a3:9c:de:b6:44:3a:cc:d3:e5:
63:fa:33:40:28:cd:ab:08:41:62:c3:62:9c:61:86:
5c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:2A:6A:B2:2E:9B:81:C1:0B:DA:65:4C:07:CE:4B:65:0F:C0:59:3F
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/DEA7138CF71F11EE84F40563C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.48.0/23
Signature Algorithm: sha256WithRSAEncryption
69:d2:49:e5:bd:18:79:e1:2c:f8:00:9f:7c:b0:d7:b0:a5:5c:
16:40:ce:25:de:60:dd:13:f0:14:07:2b:42:6b:b2:07:fe:38:
7c:58:5f:f2:bc:2f:30:b5:db:34:86:7c:72:5a:91:5c:14:ef:
ed:70:fa:94:54:e0:bf:73:cb:7c:bb:a3:0a:01:3e:dd:bc:21:
04:08:e7:c5:ff:de:0b:e7:bd:9b:4e:fd:1d:5b:14:d0:9c:48:
83:e6:79:5c:79:66:58:c0:6b:0e:48:14:11:38:60:cc:e1:9c:
7b:ae:bf:d2:60:59:96:02:e6:94:6e:d0:7b:50:c2:ce:03:2d:
c1:19:ae:d3:9f:9b:54:6e:08:1f:3f:86:e5:88:df:57:18:c0:
a7:4d:a1:1a:21:ad:c9:83:3d:54:d6:a3:55:a2:a5:74:36:be:
b8:de:93:ce:85:8b:36:55:fc:2d:2c:ec:70:32:27:33:18:57:
cc:48:70:c9:a8:9a:ac:bd:2d:0d:98:b2:fa:5b:e0:bd:61:99:
31:e8:3f:5a:7a:17:fa:46:34:e3:18:9e:90:4c:64:06:a3:ec:
4f:f8:f8:4b:80:d4:7b:9e:d0:b2:cb:0e:26:d5:d2:f3:ec:71:
a0:02:26:5f:04:c0:b2:42:2b:78:b9:bf:08:ae:91:5f:67:8d:
07:f5:6d:21
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICApUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjQwOTA1MDMzMTA3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjVmYi1kMDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvs/8WluWafJwVF5cIaDRYMVBWYpZIBv+iG7sOdQwoEh3vAb2JWKOOFxFdGVJ
+A85jCYtQq5nbQCC+Bf40ldoPYKSmQoOHN5uh3qQJOGmcvBRh1FN88EcRqT3KAaP
kLVxobuCely5ATRXfsjimYSOa8J1mEGxRs8sVGclK8L7aXaK4RNO8SNc2F/gGRxQ
pUQQol88MeWq4lav4680s7G8phLUve4h7yknh9uxyG2wVaGraPymMzRr9gk2Obr9
XKpKy/d6ahJCxSZdb4ahZ6hPNKf4qdErCtXfKiwt7day0mCJ/6z6eRqjnN62RDrM
0+Vj+jNAKM2rCEFiw2KcYYZcvwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEQqarIu
m4HBC9plTAfOS2UPwFk/MB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvREVBNzEzOENG
NzFGMTFFRTg0RjQwNTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdQjAwDQYJKoZIhvcNAQELBQADggEBAGnSSeW9GHnhLPgA
n3yw17ClXBZAziXeYN0T8BQHK0Jrsgf+OHxYX/K8LzC12zSGfHJakVwU7+1w+pRU
4L9zy3y7owoBPt28IQQI58X/3gvnvZtO/R1bFNCcSIPmeVx5ZljAaw5IFBE4YMzh
nHuuv9JgWZYC5pRu0HtQws4DLcEZrtOfm1RuCB8/huWI31cYwKdNoRohrcmDPVTW
o1WipXQ2vrjek86FizZV/C0s7HAyJzMYV8xIcMmomqy9LQ2Ysvpb4L1hmTHoP1p6
F/pGNOMYnpBMZAaj7E/4+EuA1Hue0LLLDibV0vPscaACJl8EwLJCK3i5vwiukV9n
jQf1bSE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:16:25 2025 by rpki-client