Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/6C19180AFBA811EE90C35514C4F9AE02.roa
File: 6C19180AFBA811EE90C35514C4F9AE02.roa (raw, json)
Hash identifier: ow8s3VvGW6hqx8mWu2QkYaiodhlJaJkZtIgKdEqKOvg=
Subject key identifier: 64:B8:8A:76:FF:9E:A5:1E:FF:A8:7E:22:2D:B8:89:70:9D:86:B4:52
Certificate issuer: /CN=A91EF73D/serialNumber=9A89BB37C54386DA9A87A64FF0094428A3171A47
Certificate serial: 27
Authority key identifier: 9A:89:BB:37:C5:43:86:DA:9A:87:A6:4F:F0:09:44:28:A3:17:1A:47
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mom7N8VDhtqah6ZP8AlEKKMXGkc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/6C19180AFBA811EE90C35514C4F9AE02.roa
Signing time: Tue 16 Apr 2024 04:18:48 +0000
ROA not before: Tue 16 Apr 2024 04:18:48 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 152476
IP address blocks: 157.20.54.0/23 maxlen: 23
157.20.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 04:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39 (0x27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF73D, serialNumber=9A89BB37C54386DA9A87A64FF0094428A3171A47
Validity
Not Before: Apr 16 04:18:48 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=661dfc28-6d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c7:f2:f4:42:77:b6:5f:1d:29:56:b6:e9:7e:
81:d8:dc:53:f5:3d:f0:f4:0a:35:8b:7a:67:96:e0:
fe:ee:26:ab:91:39:f5:fa:1a:1b:e0:5d:29:8e:06:
3a:b5:18:53:b2:02:b7:db:b7:9f:10:f7:ce:3e:5c:
82:22:81:5d:7c:41:f5:a6:11:7b:3c:10:a8:d0:9f:
17:91:0e:5a:5f:61:59:cf:f3:82:98:94:8b:50:4f:
7d:47:fc:10:9e:9a:47:ab:26:ad:13:b7:84:52:6e:
22:be:87:5d:13:4b:8f:de:75:c7:d6:b6:f1:1c:86:
5a:b9:d5:9c:a2:8a:c9:79:94:54:e8:51:78:37:75:
9b:d2:fa:f6:ae:b1:a5:c0:ab:ba:dd:3c:f1:07:34:
1f:2a:46:e7:a1:bc:6a:a7:d1:a3:ff:46:3e:da:c0:
69:47:ef:9d:9a:4c:88:3a:1e:cf:48:21:88:17:2b:
70:ef:04:df:9d:9a:bb:9d:30:0a:e1:73:19:29:e3:
98:53:1b:9e:5b:f6:d5:d8:7b:d3:bb:82:5a:b4:bd:
95:ae:d7:54:e7:f4:67:e5:74:ce:70:8d:8e:ed:f2:
d0:4e:dd:b0:ed:d1:55:7f:86:7b:cd:78:a3:ff:3e:
f8:6e:85:23:1e:43:5d:33:f6:2d:18:18:a3:fa:c6:
5e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B8:8A:76:FF:9E:A5:1E:FF:A8:7E:22:2D:B8:89:70:9D:86:B4:52
X509v3 Authority Key Identifier:
keyid:9A:89:BB:37:C5:43:86:DA:9A:87:A6:4F:F0:09:44:28:A3:17:1A:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/mom7N8VDhtqah6ZP8AlEKKMXGkc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mom7N8VDhtqah6ZP8AlEKKMXGkc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF73D/C92B3232CE1F11EEAC62617CC4F9AE02/6C19180AFBA811EE90C35514C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.54.0/23
Signature Algorithm: sha256WithRSAEncryption
11:f6:6c:b8:f2:6d:0c:4d:62:0b:33:ac:91:a4:85:b5:39:e2:
4f:c0:3d:da:dd:e5:bc:c2:40:4f:c5:c2:b9:54:96:9d:cf:e5:
e5:88:b7:7a:c9:ec:3c:7a:5d:0c:48:84:ea:1c:5a:04:00:58:
b7:aa:c8:be:19:5b:ec:0d:af:ed:cd:cc:a2:ff:eb:8f:59:c4:
c0:b8:e2:8b:78:bc:66:f2:1d:e9:a3:3d:ba:fe:97:4e:0a:7b:
68:ae:32:66:e3:8f:d3:c0:bc:49:29:69:4c:69:b0:0d:c7:47:
d9:69:ae:5a:d7:13:a4:a9:d2:a8:c2:00:1e:9c:a5:d0:3a:70:
0f:97:37:e5:96:a4:9e:f1:d5:39:98:e0:53:16:a4:db:7b:ff:
3a:c5:26:21:da:e4:f2:0e:93:d0:a3:e7:e1:a7:c0:32:57:cc:
7c:09:f0:d2:2e:4d:6c:5c:8c:4e:2e:66:fd:fe:de:0d:13:04:
76:5e:d2:32:33:4f:ae:c1:6d:ca:58:fa:7a:21:5f:29:aa:c0:
26:71:fc:32:7a:14:59:60:4a:1e:a9:a6:b1:dd:88:aa:02:9e:
ed:2a:57:48:6b:55:be:a6:43:34:bc:11:1b:db:11:37:1b:73:
20:e0:3e:70:79:40:e4:b9:ae:2d:79:d8:7e:97:92:9a:6e:ad:
96:97:d0:65
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RjczRDExMC8GA1UEBRMoOUE4OUJCMzdDNTQzODZEQTlBODdBNjRGRjAwOTQ0MjhB
MzE3MUE0NzAeFw0yNDA0MTYwNDE4NDhaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MWRmYzI4LTZkNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/x/L0Qne2Xx0pVrbpfoHY3FP1PfD0CjWLemeW4P7uJquROfX6GhvgXSmOBjq1
GFOyArfbt58Q984+XIIigV18QfWmEXs8EKjQnxeRDlpfYVnP84KYlItQT31H/BCe
mkerJq0Tt4RSbiK+h10TS4/edcfWtvEchlq51Zyiisl5lFToUXg3dZvS+vausaXA
q7rdPPEHNB8qRuehvGqn0aP/Rj7awGlH752aTIg6Hs9IIYgXK3DvBN+dmrudMArh
cxkp45hTG55b9tXYe9O7glq0vZWu11Tn9GfldM5wjY7t8tBO3bDt0VV/hnvNeKP/
PvhuhSMeQ10z9i0YGKP6xl51AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZLiKdv+e
pR7/qH4iLbiJcJ2GtFIwHwYDVR0jBBgwFoAUmom7N8VDhtqah6ZP8AlEKKMXGkcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGNzNEL0M5MkIzMjMyQ0Ux
RjExRUVBQzYyNjE3Q0M0RjlBRTAyL21vbTdOOFZEaHRxYWg2WlA4QWxFS0tNWEdr
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbW9tN044VkRodHFhaDZaUDhBbEVLS01YR2tjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RjczRC9DOTJCMzIzMkNFMUYxMUVFQUM2MjYxN0NDNEY5QUUwMi82QzE5MTgwQUZC
QTgxMUVFOTBDMzU1MTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0UNjANBgkqhkiG9w0BAQsFAAOCAQEAEfZsuPJtDE1iCzOs
kaSFtTniT8A92t3lvMJAT8XCuVSWnc/l5Yi3esnsPHpdDEiE6hxaBABYt6rIvhlb
7A2v7c3Mov/rj1nEwLjii3i8ZvId6aM9uv6XTgp7aK4yZuOP08C8SSlpTGmwDcdH
2WmuWtcTpKnSqMIAHpyl0DpwD5c35ZaknvHVOZjgUxak23v/OsUmIdrk8g6T0KPn
4afAMlfMfAnw0i5NbFyMTi5m/f7eDRMEdl7SMjNPrsFtylj6eiFfKarAJnH8MnoU
WWBKHqmmsd2IqgKe7SpXSGtVvqZDNLwRG9sRNxtzIOA+cHlA5LmuLXnYfpeSmm6t
lpfQZQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:52:28 2025 by rpki-client