Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9169CD3/812286D2471111E5A4496335C4F9AE02/0AEF32C6FC3611EC95130A10C4F9AE02.roa
File: 0AEF32C6FC3611EC95130A10C4F9AE02.roa (raw, json)
Hash identifier: 8dwynd3RZbviY1uNy907rvr1t+ufW4bC+BhZKP/imRA=
Subject key identifier: 4C:58:BB:6D:E9:6B:1F:6B:48:9E:70:0F:FE:CD:48:E1:E2:7B:AF:C9
Certificate issuer: /CN=A9169CD3/serialNumber=AC4191AC3A1A9396E78D612F374DBACC8F2D91B5
Certificate serial: 23CF
Authority key identifier: AC:41:91:AC:3A:1A:93:96:E7:8D:61:2F:37:4D:BA:CC:8F:2D:91:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rEGRrDoak5bnjWEvN026zI8tkbU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9169CD3/812286D2471111E5A4496335C4F9AE02/0AEF32C6FC3611EC95130A10C4F9AE02.roa
Signing time: Thu 16 May 2024 16:23:16 +0000
ROA not before: Thu 16 May 2024 16:23:16 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 131178
IP address blocks: 150.107.4.0/22 maxlen: 22
150.107.4.0/24 maxlen: 24
150.107.5.0/24 maxlen: 24
150.107.6.0/24 maxlen: 24
150.107.7.0/24 maxlen: 24
160.202.32.0/22 maxlen: 22
160.202.32.0/23 maxlen: 23
160.202.34.0/24 maxlen: 24
160.202.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 06:23:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9167 (0x23cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9169CD3/serialNumber=AC4191AC3A1A9396E78D612F374DBACC8F2D91B5
Validity
Not Before: May 16 16:23:16 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=664632f4-fbce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:12:21:45:cf:dc:79:0f:6b:e5:b2:46:c4:5f:
f8:ae:87:0d:a5:1f:4c:59:15:9f:2b:3b:19:c6:49:
cb:24:fc:6f:53:95:c3:a9:5d:22:12:bc:ca:a2:45:
32:6f:7e:e2:98:37:09:97:f0:67:54:ae:e3:6e:93:
50:8d:88:44:7a:7a:c3:af:a1:b6:54:7c:a8:a1:0f:
71:46:5f:0c:95:bc:86:39:ba:f7:a1:4c:3c:0c:94:
a3:ff:d3:6a:3b:96:37:df:aa:55:31:62:66:11:86:
1f:65:1f:75:bd:1d:88:91:c3:82:e4:11:28:6e:ac:
79:82:96:6c:86:15:1f:1e:25:b0:af:b1:52:ce:d9:
7a:77:ce:c1:7e:ae:d7:df:52:8d:e3:5d:df:2e:41:
a4:b9:81:d2:04:bb:c2:ac:eb:87:2c:cb:dd:03:6d:
35:7c:a1:fe:d7:7d:80:d3:bc:23:73:79:bf:69:9e:
b9:01:ae:02:ba:b5:f9:f6:72:64:42:d6:04:94:56:
bc:5c:3d:a9:4c:11:28:0f:b4:a0:57:14:91:99:fb:
45:ef:ea:d1:22:75:50:f0:43:05:21:90:5c:44:1d:
44:9d:26:71:35:90:cf:38:6a:f7:f9:50:2a:34:fe:
4b:d3:0b:10:b9:a7:d1:f0:0f:84:50:41:a4:bb:18:
12:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:58:BB:6D:E9:6B:1F:6B:48:9E:70:0F:FE:CD:48:E1:E2:7B:AF:C9
X509v3 Authority Key Identifier:
keyid:AC:41:91:AC:3A:1A:93:96:E7:8D:61:2F:37:4D:BA:CC:8F:2D:91:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9169CD3/812286D2471111E5A4496335C4F9AE02/rEGRrDoak5bnjWEvN026zI8tkbU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rEGRrDoak5bnjWEvN026zI8tkbU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169CD3/812286D2471111E5A4496335C4F9AE02/0AEF32C6FC3611EC95130A10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
150.107.4.0/22
160.202.32.0/22
Signature Algorithm: sha256WithRSAEncryption
97:ef:fe:91:17:d1:af:2a:48:cb:18:7d:2a:4e:e6:ab:68:e6:
39:88:4e:f2:0c:e6:4b:3d:f6:6e:76:f8:6f:50:32:4a:70:83:
0a:58:a3:bf:4c:ad:17:14:0c:08:7c:78:81:91:1e:2e:5c:c3:
90:10:d3:8a:95:9b:99:78:bb:8b:86:f1:fe:c7:d6:cc:48:af:
d0:06:e1:07:01:c4:35:07:83:26:a2:22:6c:d9:e2:35:eb:e3:
ff:15:65:99:50:13:ee:94:5e:1e:23:4f:c2:3f:14:88:d8:f5:
1b:0b:f2:ef:0d:a1:96:ac:20:7c:37:a3:99:14:3d:06:55:f3:
c5:e1:97:cd:e5:68:a4:1c:83:62:58:d0:a3:38:31:40:76:40:
77:be:e2:59:c0:d1:ed:08:e9:aa:b4:19:a0:3f:f5:47:f9:ff:
69:f6:cd:23:f7:93:6a:90:15:89:e3:77:84:7a:b0:03:2f:8c:
0b:5f:09:97:f3:c9:0f:df:3d:64:bd:fb:84:b3:f7:5d:8e:4e:
1d:52:45:e0:25:9d:34:ff:1c:8a:bc:5f:3c:11:a9:d0:b0:8f:
9f:97:9e:05:c0:28:fb:15:08:1f:ad:a2:18:db:5b:f7:fa:23:
66:61:9f:df:ad:33:ad:08:11:a7:60:bc:93:31:7f:54:fd:7b:
a8:58:a1:b3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICI88wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjlDRDMxMTAvBgNVBAUTKEFDNDE5MUFDM0ExQTkzOTZFNzhENjEyRjM3NERCQUND
OEYyRDkxQjUwHhcNMjQwNTE2MTYyMzE2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ2MzJmNC1mYmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuRIhRc/ceQ9r5bJGxF/4rocNpR9MWRWfKzsZxknLJPxvU5XDqV0iErzKokUy
b37imDcJl/BnVK7jbpNQjYhEenrDr6G2VHyooQ9xRl8MlbyGObr3oUw8DJSj/9Nq
O5Y336pVMWJmEYYfZR91vR2IkcOC5BEobqx5gpZshhUfHiWwr7FSztl6d87Bfq7X
31KN413fLkGkuYHSBLvCrOuHLMvdA201fKH+132A07wjc3m/aZ65Aa4CurX59nJk
QtYElFa8XD2pTBEoD7SgVxSRmftF7+rRInVQ8EMFIZBcRB1EnSZxNZDPOGr3+VAq
NP5L0wsQuafR8A+EUEGkuxgS5wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFExYu23p
ax9rSJ5wD/7NSOHie6/JMB8GA1UdIwQYMBaAFKxBkaw6GpOW541hLzdNusyPLZG1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OUNEMy84MTIyODZEMjQ3
MTExMUU1QTQ0OTYzMzVDNEY5QUUwMi9yRUdSckRvYWs1Ym5qV0V2TjAyNnpJOHRr
YlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JFR1JyRG9hazVibmpXRXZOMDI2ekk4dGtiVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjlDRDMvODEyMjg2RDI0NzExMTFFNUE0NDk2MzM1QzRGOUFFMDIvMEFFRjMyQzZG
QzM2MTFFQzk1MTMwQTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAKWawQDBAKgyiAwDQYJKoZIhvcNAQELBQADggEBAJfv/pEX
0a8qSMsYfSpO5qto5jmITvIM5ks99m52+G9QMkpwgwpYo79MrRcUDAh8eIGRHi5c
w5AQ04qVm5l4u4uG8f7H1sxIr9AG4QcBxDUHgyaiImzZ4jXr4/8VZZlQE+6UXh4j
T8I/FIjY9RsL8u8NoZasIHw3o5kUPQZV88Xhl83laKQcg2JY0KM4MUB2QHe+4lnA
0e0I6aq0GaA/9Uf5/2n2zSP3k2qQFYnjd4R6sAMvjAtfCZfzyQ/fPWS9+4Sz912O
Th1SReAlnTT/HIq8XzwRqdCwj5+XngXAKPsVCB+tohjbW/f6I2Zhn9+tM60IEadg
vJMxf1T9e6hYobM=
-----END CERTIFICATE-----
Generated at Tue Aug 27 08:25:30 2024 by rpki-client on console-ams.rpki-client.org