Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/1E792ABE35F911EF9E12FD70C4F9AE02.roa
File: 1E792ABE35F911EF9E12FD70C4F9AE02.roa (raw, json)
Hash identifier: SSrsMT+MsifXEZigg/3tEfQ8xvez6W91bst1f8XBmqU=
Subject key identifier: C7:08:D9:F0:5D:BE:08:81:70:6C:67:B6:AE:0E:49:E7:69:12:27:DA
Certificate issuer: /CN=A91705D7/serialNumber=AA4405B1BFA96C9C69B029033EF481D8F58A77E5
Certificate serial: 25
Authority key identifier: AA:44:05:B1:BF:A9:6C:9C:69:B0:29:03:3E:F4:81:D8:F5:8A:77:E5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qkQFsb-pbJxpsCkDPvSB2PWKd-U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/1E792ABE35F911EF9E12FD70C4F9AE02.roa
Signing time: Sat 29 Jun 2024 09:22:35 +0000
ROA not before: Sat 29 Jun 2024 09:22:35 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 135663
IP address blocks: 160.20.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 09:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37 (0x25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91705D7, serialNumber=AA4405B1BFA96C9C69B029033EF481D8F58A77E5
Validity
Not Before: Jun 29 09:22:35 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=667fd25a-3a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:95:69:f6:82:ab:59:b9:0a:d8:1f:cc:ed:76:
f8:04:9e:c1:72:db:16:4c:a4:84:b9:57:df:44:d8:
21:24:4f:cb:c0:47:ed:05:55:69:42:90:8d:46:fb:
f1:1f:e5:fd:09:a3:b0:67:2f:79:3a:0b:45:94:e8:
b2:87:98:ee:aa:ca:03:c3:5f:b6:b9:38:ac:21:2d:
51:b9:dc:2c:f6:b6:a7:08:38:b7:0b:3b:e3:ba:45:
e1:c5:1b:67:6e:be:4d:5a:ee:9a:4b:79:7d:6a:1a:
0b:a7:d3:df:e8:bf:a1:b7:17:5f:fa:89:ab:1e:59:
72:bb:58:e7:76:af:62:79:a9:f7:f9:e3:75:40:72:
1a:db:73:45:31:a0:91:df:8a:13:cc:93:e9:c6:43:
96:ec:66:76:03:60:ba:42:af:4c:6a:9e:93:3b:90:
db:52:28:b3:a0:36:e7:39:57:95:b7:04:f0:4d:e7:
f7:97:99:d0:ab:a0:1e:9a:91:11:d1:8c:45:c8:82:
d0:69:2f:9b:e8:77:2d:7e:72:27:dd:7d:ec:b4:b1:
0c:42:7d:4b:46:ee:15:30:ed:ba:d5:ba:00:ae:12:
79:2e:2d:24:aa:d4:b6:cd:83:ec:1c:65:aa:3d:f7:
16:c2:f4:73:7b:40:ec:a8:a4:2b:04:2f:78:f5:56:
a6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:08:D9:F0:5D:BE:08:81:70:6C:67:B6:AE:0E:49:E7:69:12:27:DA
X509v3 Authority Key Identifier:
keyid:AA:44:05:B1:BF:A9:6C:9C:69:B0:29:03:3E:F4:81:D8:F5:8A:77:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/qkQFsb-pbJxpsCkDPvSB2PWKd-U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qkQFsb-pbJxpsCkDPvSB2PWKd-U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/1E792ABE35F911EF9E12FD70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.116.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:b4:30:34:85:60:24:60:b0:ff:f2:5c:03:77:12:b0:37:5b:
1d:82:df:de:f8:ef:36:c9:ce:84:85:7a:06:c6:1a:ee:aa:83:
6f:0f:4a:b1:b0:e1:ac:53:16:af:eb:4e:3b:e7:ae:c4:d6:5b:
7f:87:d1:fa:05:74:61:5f:df:be:04:56:f0:84:24:31:d8:b2:
1d:fc:bf:bc:a3:c1:1d:e7:9e:b1:00:3f:3a:b2:cc:e5:a0:18:
dc:02:e3:f2:a6:67:a1:15:50:e1:59:70:2f:19:64:e7:25:50:
63:3d:78:0e:32:10:5e:eb:fb:0e:64:a4:c5:41:f3:ef:45:a2:
02:5d:b6:59:75:42:1e:5f:27:f7:d8:4c:3b:a0:0a:2e:c9:2e:
a6:37:90:b5:4c:3d:a7:9f:fa:28:75:70:4a:d8:fb:16:8d:0b:
15:d9:ab:a3:4c:90:b9:af:09:7e:1a:df:34:0d:34:e4:82:6c:
78:1a:f0:f3:b1:dd:91:33:ed:88:14:98:82:20:7f:00:cd:e2:
89:cc:8c:11:f6:5e:de:b2:c3:0f:bc:76:d5:6a:64:28:56:61:
29:70:d3:a8:de:29:41:af:cb:0d:ed:04:b8:14:53:5d:87:f5:
a6:ac:5b:03:5d:b3:80:65:0d:25:6f:97:38:06:ec:78:96:62:
fd:9f:dd:2d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MDVENzExMC8GA1UEBRMoQUE0NDA1QjFCRkE5NkM5QzY5QjAyOTAzM0VGNDgxRDhG
NThBNzdFNTAeFw0yNDA2MjkwOTIyMzVaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2N2ZkMjVhLTNhNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCslWn2gqtZuQrYH8ztdvgEnsFy2xZMpIS5V99E2CEkT8vAR+0FVWlCkI1G+/Ef
5f0Jo7BnL3k6C0WU6LKHmO6qygPDX7a5OKwhLVG53Cz2tqcIOLcLO+O6ReHFG2du
vk1a7ppLeX1qGgun09/ov6G3F1/6iaseWXK7WOd2r2J5qff543VAchrbc0UxoJHf
ihPMk+nGQ5bsZnYDYLpCr0xqnpM7kNtSKLOgNuc5V5W3BPBN5/eXmdCroB6akRHR
jEXIgtBpL5vody1+cifdfey0sQxCfUtG7hUw7brVugCuEnkuLSSq1LbNg+wcZao9
9xbC9HN7QOyopCsEL3j1VqZZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUxwjZ8F2+
CIFwbGe2rg5J52kSJ9owHwYDVR0jBBgwFoAUqkQFsb+pbJxpsCkDPvSB2PWKd+Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwNUQ3Lzk2QTM2QUE4MTZE
ODExRUZCRjkwMUU1RkM0RjlBRTAyL3FrUUZzYi1wYkp4cHNDa0RQdlNCMlBXS2Qt
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvcWtRRnNiLXBiSnhwc0NrRFB2U0IyUFdLZC1VLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MDVENy85NkEzNkFBODE2RDgxMUVGQkY5MDFFNUZDNEY5QUUwMi8xRTc5MkFCRTM1
RjkxMUVGOUUxMkZENzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAUdDANBgkqhkiG9w0BAQsFAAOCAQEAa7QwNIVgJGCw//Jc
A3cSsDdbHYLf3vjvNsnOhIV6BsYa7qqDbw9KsbDhrFMWr+tOO+euxNZbf4fR+gV0
YV/fvgRW8IQkMdiyHfy/vKPBHeeesQA/OrLM5aAY3ALj8qZnoRVQ4VlwLxlk5yVQ
Yz14DjIQXuv7DmSkxUHz70WiAl22WXVCHl8n99hMO6AKLskupjeQtUw9p5/6KHVw
Stj7Fo0LFdmro0yQua8JfhrfNA005IJseBrw87HdkTPtiBSYgiB/AM3iicyMEfZe
3rLDD7x21WpkKFZhKXDTqN4pQa/LDe0EuBRTXYf1pqxbA12zgGUNJW+XOAbseJZi
/Z/dLQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:19:58 2025 by rpki-client