Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/4C42DB2895C311EFBFB7082DC4F9AE02.roa
File: 4C42DB2895C311EFBFB7082DC4F9AE02.roa (raw, json)
Hash identifier: HAAMBRL2l2HzDSg4L+jl4XMWLO00qAlQ6oRvHwCjUig=
Subject key identifier: 05:B7:67:0C:A5:C2:50:F9:9E:42:40:B6:9B:F0:81:59:A5:F5:DB:85
Certificate issuer: /CN=A914C002/serialNumber=924A2017564ADAFB2236A20FBF73ADA1B96BFF33
Certificate serial: AB
Authority key identifier: 92:4A:20:17:56:4A:DA:FB:22:36:A2:0F:BF:73:AD:A1:B9:6B:FF:33
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kkogF1ZK2vsiNqIPv3Otoblr_zM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/4C42DB2895C311EFBFB7082DC4F9AE02.roa
Signing time: Sat 16 Nov 2024 13:12:47 +0000
ROA not before: Sat 16 Nov 2024 13:12:47 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 147059
IP address blocks: 157.10.28.0/24 maxlen: 24
157.10.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 14:46:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171 (0xab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C002/serialNumber=924A2017564ADAFB2236A20FBF73ADA1B96BFF33
Validity
Not Before: Nov 16 13:12:47 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=67389a4f-f122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:33:bd:92:41:ed:ad:a3:68:bf:c8:80:eb:a9:
9a:b7:3c:01:e2:10:43:d2:37:f5:4a:26:79:2f:ee:
79:10:71:37:fd:d8:ce:31:32:8f:a7:e3:77:6d:2b:
02:f9:9e:2b:3b:96:d3:da:95:41:93:e5:a4:57:a3:
7b:ee:3d:92:86:f8:4a:df:ba:69:6e:f3:0d:d5:d7:
6a:23:fb:01:ea:05:97:7f:14:76:83:4c:a0:1e:a3:
f9:83:91:af:ce:f7:b8:9d:66:11:62:f7:de:b5:2d:
bd:eb:20:ea:29:0b:b7:ab:56:19:ab:26:a2:55:24:
99:fe:c7:7f:63:d0:6f:0e:2f:a0:43:1a:40:ae:aa:
eb:75:4a:73:4e:f6:16:09:9c:0c:27:e6:e6:33:72:
23:32:22:a9:25:d9:59:65:2c:5a:5e:ec:12:27:09:
9f:38:44:75:95:17:08:b7:07:f1:9d:e9:ba:68:7d:
e3:62:db:24:44:9a:ce:ba:08:ce:a9:69:a8:6c:8c:
bf:dd:08:44:8c:00:6c:4b:57:b4:9f:ca:7c:c4:05:
4a:04:5f:03:2d:69:28:a4:30:5c:0a:9f:e6:c0:f6:
02:e9:4a:aa:cd:e3:6c:6c:df:e6:4f:a1:8b:d9:a7:
15:3f:54:38:90:41:f8:80:0e:cf:9f:74:58:7f:ad:
71:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B7:67:0C:A5:C2:50:F9:9E:42:40:B6:9B:F0:81:59:A5:F5:DB:85
X509v3 Authority Key Identifier:
keyid:92:4A:20:17:56:4A:DA:FB:22:36:A2:0F:BF:73:AD:A1:B9:6B:FF:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/kkogF1ZK2vsiNqIPv3Otoblr_zM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kkogF1ZK2vsiNqIPv3Otoblr_zM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/4C42DB2895C311EFBFB7082DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.28.0/23
Signature Algorithm: sha256WithRSAEncryption
04:b1:cc:b5:75:79:90:69:d9:28:93:33:a7:d9:3a:c4:08:6c:
0f:d8:ff:2d:b2:d9:ff:46:9e:17:52:4a:8c:0c:63:98:a5:01:
76:44:14:66:54:b3:4d:94:90:fd:bc:28:ac:7c:9f:7f:2f:2b:
08:82:b7:1e:ac:c0:44:0b:fe:d7:ca:fc:d5:2f:e3:e9:1c:f1:
d2:37:06:17:5c:e4:eb:0b:0d:18:8b:63:63:cc:13:d4:85:83:
51:b9:34:7a:37:f9:42:06:8c:0a:0e:3d:99:24:b8:8f:eb:29:
b0:c4:96:64:5f:8a:5f:ef:0b:b0:a8:a8:6d:b7:b5:b4:2e:17:
ec:84:5c:39:ec:a9:18:00:a9:c7:34:e6:b8:4c:67:fc:65:01:
2d:90:81:2a:ba:96:98:46:c8:69:95:b3:dd:7a:e9:93:40:94:
1a:ef:17:3d:57:a1:02:6d:6b:49:6f:01:99:51:ab:3e:d8:c9:
a9:fe:e3:34:36:c0:91:66:9f:53:ac:02:af:1c:b5:e3:d2:03:
6a:36:d1:a2:8f:ff:f5:d0:39:43:8f:0e:f4:39:8f:00:2d:d2:
ba:24:34:53:9b:ef:37:86:96:c1:57:85:a4:66:03:92:db:5b:
ab:eb:27:4d:28:dc:fb:79:c0:ae:3b:b0:e7:a4:f3:fc:a2:ec:
1d:db:6b:fa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEMwMDIxMTAvBgNVBAUTKDkyNEEyMDE3NTY0QURBRkIyMjM2QTIwRkJGNzNBREEx
Qjk2QkZGMzMwHhcNMjQxMTE2MTMxMjQ3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM4OWE0Zi1mMTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzO9kkHtraNov8iA66matzwB4hBD0jf1SiZ5L+55EHE3/djOMTKPp+N3bSsC
+Z4rO5bT2pVBk+WkV6N77j2ShvhK37ppbvMN1ddqI/sB6gWXfxR2g0ygHqP5g5Gv
zve4nWYRYvfetS296yDqKQu3q1YZqyaiVSSZ/sd/Y9BvDi+gQxpArqrrdUpzTvYW
CZwMJ+bmM3IjMiKpJdlZZSxaXuwSJwmfOER1lRcItwfxnem6aH3jYtskRJrOugjO
qWmobIy/3QhEjABsS1e0n8p8xAVKBF8DLWkopDBcCp/mwPYC6UqqzeNsbN/mT6GL
2acVP1Q4kEH4gA7Pn3RYf61xjwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAW3Zwyl
wlD5nkJAtpvwgVml9duFMB8GA1UdIwQYMBaAFJJKIBdWStr7IjaiD79zraG5a/8z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzAwMi9DMDFEMEMwQ0E5
MjUxMUVFQUM0QkRCNTdDNEY5QUUwMi9ra29nRjFaSzJ2c2lOcUlQdjNPdG9ibHJf
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2trb2dGMVpLMnZzaU5xSVB2M090b2Jscl96TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEMwMDIvQzAxRDBDMENBOTI1MTFFRUFDNEJEQjU3QzRGOUFFMDIvNEM0MkRCMjg5
NUMzMTFFRkJGQjcwODJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdChwwDQYJKoZIhvcNAQELBQADggEBAASxzLV1eZBp2SiT
M6fZOsQIbA/Y/y2y2f9GnhdSSowMY5ilAXZEFGZUs02UkP28KKx8n38vKwiCtx6s
wEQL/tfK/NUv4+kc8dI3Bhdc5OsLDRiLY2PME9SFg1G5NHo3+UIGjAoOPZkkuI/r
KbDElmRfil/vC7CoqG23tbQuF+yEXDnsqRgAqcc05rhMZ/xlAS2QgSq6lphGyGmV
s9166ZNAlBrvFz1XoQJta0lvAZlRqz7Yyan+4zQ2wJFmn1OsAq8ctePSA2o20aKP
//XQOUOPDvQ5jwAt0rokNFOb7zeGlsFXhaRmA5LbW6vrJ00o3Pt5wK47sOek8/yi
7B3ba/o=
-----END CERTIFICATE-----
Generated at Thu Jan 2 17:41:28 2025 by rpki-client on console.sobornost.net