Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911A9F2/28AE033A0AD511E7AA611B1AC4F9AE02/3C2EF672460C11EC886FB14BC4F9AE02.roa
File: 3C2EF672460C11EC886FB14BC4F9AE02.roa (raw, json)
Hash identifier: O7R/Ku9Veu97ICGS/T4QeqXlVQ0EBK4f4CS+wTd+63g=
Subject key identifier: 64:95:A0:14:F8:72:00:B3:E4:7F:1A:CB:57:51:0B:30:E9:38:E0:52
Certificate issuer: /CN=A911A9F2/serialNumber=87F178600C764C4DFF555097638BEE02D10812A8
Certificate serial: 19DB
Authority key identifier: 87:F1:78:60:0C:76:4C:4D:FF:55:50:97:63:8B:EE:02:D1:08:12:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_F4YAx2TE3_VVCXY4vuAtEIEqg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911A9F2/28AE033A0AD511E7AA611B1AC4F9AE02/3C2EF672460C11EC886FB14BC4F9AE02.roa
Signing time: Sat 31 Dec 2022 17:13:33 +0000
ROA not before: Sat 31 Dec 2022 17:13:33 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 134711
IP address blocks: 160.202.140.0/22 maxlen: 22
160.202.140.0/24 maxlen: 24
160.202.141.0/24 maxlen: 24
160.202.142.0/24 maxlen: 24
160.202.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 00:56:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6619 (0x19db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911A9F2/serialNumber=87F178600C764C4DFF555097638BEE02D10812A8
Validity
Not Before: Dec 31 17:13:33 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63b06dbd-721f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b9:1d:49:ff:00:73:43:fd:1b:66:ab:07:c8:
a4:9b:e4:d2:5a:34:49:86:a9:e6:4d:44:51:50:72:
29:ff:21:34:ed:3a:88:9b:25:f6:65:91:41:2c:60:
8c:5c:71:46:77:df:af:1c:e5:0e:39:3a:74:51:4e:
aa:ed:e4:db:46:2d:c8:d5:ef:60:de:02:32:6f:fd:
d9:5f:d3:f0:d4:21:3e:6e:84:cb:7a:46:14:c9:57:
d4:5e:f7:03:11:e1:6b:01:c4:6f:7d:85:5a:15:6c:
2b:f1:c4:22:44:8a:47:df:30:33:b4:e1:82:98:98:
d4:37:89:96:29:66:b0:64:69:b4:c2:dd:03:c2:f8:
9b:2d:ae:e4:92:99:78:49:42:bc:70:59:04:42:57:
c1:42:2b:d9:86:02:6a:a7:e5:d0:4e:4b:54:15:ae:
d3:f4:85:eb:8f:d8:2a:fc:c4:b2:e2:08:96:5a:f9:
f5:0f:20:9d:1a:fe:86:df:b1:c5:21:84:ee:f2:ec:
1c:38:5b:83:cc:e3:6a:ad:e0:fd:b6:a2:61:ab:96:
e3:85:f7:87:e8:1a:ed:90:b4:97:82:1b:27:9d:cb:
a4:38:50:2a:34:fc:1f:a4:67:d5:16:1b:9d:98:18:
8b:9f:dc:fb:c3:1d:04:cc:e7:0e:25:9e:74:bb:82:
96:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:95:A0:14:F8:72:00:B3:E4:7F:1A:CB:57:51:0B:30:E9:38:E0:52
X509v3 Authority Key Identifier:
keyid:87:F1:78:60:0C:76:4C:4D:FF:55:50:97:63:8B:EE:02:D1:08:12:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911A9F2/28AE033A0AD511E7AA611B1AC4F9AE02/h_F4YAx2TE3_VVCXY4vuAtEIEqg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_F4YAx2TE3_VVCXY4vuAtEIEqg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911A9F2/28AE033A0AD511E7AA611B1AC4F9AE02/3C2EF672460C11EC886FB14BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.202.140.0/22
Signature Algorithm: sha256WithRSAEncryption
86:64:c3:23:99:18:eb:03:b8:dc:18:9a:c8:47:5f:c7:eb:08:
a3:27:b9:bb:57:25:e0:ac:9e:07:63:5f:70:d4:fa:6f:5a:82:
52:bc:8b:31:04:69:b7:16:0f:cb:41:20:6e:ae:1b:ef:3e:ce:
18:ca:46:72:2d:c7:3e:39:87:f7:23:9b:3d:5a:0d:0a:97:ea:
fe:7b:b4:9e:61:2d:6a:83:a1:b5:3d:8f:3d:24:fe:b6:90:b0:
61:8b:df:78:67:49:a4:0a:9d:fd:cd:43:97:06:b2:73:bf:d2:
f4:f3:af:98:9e:a6:98:e3:da:f5:7f:95:36:68:d1:24:59:d3:
e6:61:4a:50:41:0b:03:a7:2e:47:99:49:18:d6:11:30:12:5f:
60:cb:a0:d0:ef:e9:0f:68:bd:e7:ef:03:58:01:d3:1b:2a:e7:
21:6a:f7:9e:d2:23:f6:f4:29:68:f0:6c:9b:92:66:67:f1:d6:
0f:b9:66:c8:2b:23:a1:49:bd:7b:2a:9b:5d:b5:b3:c7:e1:4a:
8a:b3:c4:bf:49:f8:17:b8:55:df:75:13:49:6c:6b:11:fb:e9:
53:a7:92:3c:a7:d7:a6:8d:e4:19:98:66:1d:7d:23:b1:2f:93:
6d:13:a0:fb:fa:ab:2a:3e:00:13:31:25:9b:0f:49:31:19:6f:
dd:31:f2:d4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGdswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUE5RjIxMTAvBgNVBAUTKDg3RjE3ODYwMEM3NjRDNERGRjU1NTA5NzYzOEJFRTAy
RDEwODEyQTgwHhcNMjIxMjMxMTcxMzMzWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2IwNmRiZC03MjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyrkdSf8Ac0P9G2arB8ikm+TSWjRJhqnmTURRUHIp/yE07TqImyX2ZZFBLGCM
XHFGd9+vHOUOOTp0UU6q7eTbRi3I1e9g3gIyb/3ZX9Pw1CE+boTLekYUyVfUXvcD
EeFrAcRvfYVaFWwr8cQiRIpH3zAztOGCmJjUN4mWKWawZGm0wt0DwvibLa7kkpl4
SUK8cFkEQlfBQivZhgJqp+XQTktUFa7T9IXrj9gq/MSy4giWWvn1DyCdGv6G37HF
IYTu8uwcOFuDzONqreD9tqJhq5bjhfeH6BrtkLSXghsnncukOFAqNPwfpGfVFhud
mBiLn9z7wx0EzOcOJZ50u4KWzQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGSVoBT4
cgCz5H8ay1dRCzDpOOBSMB8GA1UdIwQYMBaAFIfxeGAMdkxN/1VQl2OL7gLRCBKo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQTlGMi8yOEFFMDMzQTBB
RDUxMUU3QUE2MTFCMUFDNEY5QUUwMi9oX0Y0WUF4MlRFM19WVkNYWTR2dUF0RUlF
cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hfRjRZQXgyVEUzX1ZWQ1hZNHZ1QXRFSUVxZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUE5RjIvMjhBRTAzM0EwQUQ1MTFFN0FBNjExQjFBQzRGOUFFMDIvM0MyRUY2NzI0
NjBDMTFFQzg4NkZCMTRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKgyowwDQYJKoZIhvcNAQELBQADggEBAIZkwyOZGOsDuNwY
mshHX8frCKMnubtXJeCsngdjX3DU+m9aglK8izEEabcWD8tBIG6uG+8+zhjKRnIt
xz45h/cjmz1aDQqX6v57tJ5hLWqDobU9jz0k/raQsGGL33hnSaQKnf3NQ5cGsnO/
0vTzr5ieppjj2vV/lTZo0SRZ0+ZhSlBBCwOnLkeZSRjWETASX2DLoNDv6Q9ovefv
A1gB0xsq5yFq957SI/b0KWjwbJuSZmfx1g+5ZsgrI6FJvXsqm121s8fhSoqzxL9J
+Be4Vd91E0lsaxH76VOnkjyn16aN5BmYZh19I7Evk20ToPv6qyo+ABMxJZsPSTEZ
b90x8tQ=
-----END CERTIFICATE-----
Generated at Mon Jan 15 01:53:53 2024 by rpki-client on console-ams.rpki-client.org