Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9140436/1561BEDE765711EF8BFC7A11C4F9AE02/CDC2DBC0773811EFBBA3ED41C4F9AE02.roa
File: CDC2DBC0773811EFBBA3ED41C4F9AE02.roa (raw, json)
Hash identifier: F8HnK9Rw8E/YWAMrlYYMrfdvpikOicjg8lSSnp9jGTI=
Subject key identifier: 9D:65:8F:4D:E8:DD:B9:08:7B:63:6F:83:4D:BE:11:54:DF:74:8C:88
Certificate issuer: /CN=A9140436/serialNumber=42C2CBA47FAD389FD18B61CAE22472D61E0EA896
Certificate serial: 05
Authority key identifier: 42:C2:CB:A4:7F:AD:38:9F:D1:8B:61:CA:E2:24:72:D6:1E:0E:A8:96
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QsLLpH-tOJ_Ri2HK4iRy1h4OqJY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9140436/1561BEDE765711EF8BFC7A11C4F9AE02/CDC2DBC0773811EFBBA3ED41C4F9AE02.roa
Signing time: Sat 21 Sep 2024 06:11:35 +0000
ROA not before: Sat 21 Sep 2024 06:11:35 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 137097
IP address blocks: 160.187.66.0/23 maxlen: 23
160.187.66.0/24 maxlen: 24
160.187.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 14:07:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9140436/serialNumber=42C2CBA47FAD389FD18B61CAE22472D61E0EA896
Validity
Not Before: Sep 21 06:11:35 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=66ee6397-4e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2d:9a:f5:5c:eb:95:94:90:b9:59:09:e2:e5:
47:da:cd:bf:ca:6c:9c:2a:b1:2f:88:91:d7:20:6b:
2b:db:17:e2:14:f8:69:1a:bc:97:86:d1:8e:e3:2e:
f6:bc:0b:8f:04:78:a1:b5:77:03:c6:c2:00:24:f9:
f3:d4:61:d1:1f:4d:df:67:8d:69:27:b8:45:85:a5:
85:0a:d9:9e:95:63:d7:59:22:ef:33:ef:33:be:b2:
40:92:0c:a3:38:aa:95:d6:63:0f:88:91:91:cc:a8:
8b:9e:a1:e7:06:b9:4f:e0:69:9c:90:31:98:0f:46:
b8:52:ec:7a:78:44:6d:6b:e2:28:07:bd:1f:a9:f2:
ad:9b:59:6d:35:17:95:e5:a4:d3:6d:f1:ce:10:c0:
28:d9:c7:9a:97:87:7a:08:28:2c:ee:e5:50:bb:af:
b1:dd:4d:15:c7:e8:59:48:28:64:44:83:3b:ac:d0:
79:64:f9:1f:f1:3b:4a:2a:0d:b9:bf:4c:98:12:ee:
12:d9:0e:25:6c:82:c6:98:05:ec:31:8b:d0:e7:39:
a2:58:d3:92:89:2a:86:10:39:82:a3:e1:2c:45:36:
71:9b:8b:03:aa:9d:db:68:44:37:e0:4d:eb:56:f2:
39:be:ee:75:f5:d4:16:c0:3f:b5:81:56:5d:8a:fa:
8b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:65:8F:4D:E8:DD:B9:08:7B:63:6F:83:4D:BE:11:54:DF:74:8C:88
X509v3 Authority Key Identifier:
keyid:42:C2:CB:A4:7F:AD:38:9F:D1:8B:61:CA:E2:24:72:D6:1E:0E:A8:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9140436/1561BEDE765711EF8BFC7A11C4F9AE02/QsLLpH-tOJ_Ri2HK4iRy1h4OqJY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QsLLpH-tOJ_Ri2HK4iRy1h4OqJY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140436/1561BEDE765711EF8BFC7A11C4F9AE02/CDC2DBC0773811EFBBA3ED41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.66.0/23
Signature Algorithm: sha256WithRSAEncryption
32:e2:cc:5d:61:ab:82:9d:e8:74:3a:ff:39:d5:c6:74:1e:74:
95:8b:be:9a:9a:d3:0d:3f:0e:c0:7c:fb:31:a1:cb:13:eb:ba:
9c:af:67:7b:55:5b:d1:f7:00:17:f6:e4:08:a6:a5:0d:9b:09:
f1:57:ee:bc:86:0c:65:66:04:97:4b:74:5e:c2:1d:f3:2c:e3:
ec:0b:f1:51:10:3f:ab:b6:d7:d0:1d:66:f6:91:d9:50:db:22:
7c:8c:fe:cb:af:9f:66:a4:5e:f1:77:da:59:d7:44:09:16:24:
a7:c4:84:ae:b9:2a:1d:7f:c8:7f:49:91:9c:c2:83:87:83:c7:
76:07:e7:e4:73:3b:e6:e5:7e:46:95:a1:d3:e9:f6:d8:74:41:
0a:58:02:3a:38:9f:eb:4d:97:b8:69:af:ba:9c:fc:00:96:98:
8c:bf:fb:17:f2:78:8e:34:d0:1d:ed:fa:60:46:3d:95:19:b1:
84:ee:d5:63:e1:c6:12:e8:0c:1d:b3:03:84:5e:44:02:77:5f:
75:17:72:bd:f5:18:2c:af:49:c5:e4:16:f5:14:fa:ce:da:5b:
75:e5:85:5c:fc:e0:17:42:9a:ec:62:b6:90:aa:fe:8f:12:51:
cb:6b:60:12:c4:55:c4:da:93:8c:bb:0c:e2:27:ce:e3:fb:04:
b0:91:f7:9a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MDQzNjExMC8GA1UEBRMoNDJDMkNCQTQ3RkFEMzg5RkQxOEI2MUNBRTIyNDcyRDYx
RTBFQTg5NjAeFw0yNDA5MjEwNjExMzVaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZWU2Mzk3LTRlM2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDaLZr1XOuVlJC5WQni5Ufazb/KbJwqsS+IkdcgayvbF+IU+GkavJeG0Y7jLva8
C48EeKG1dwPGwgAk+fPUYdEfTd9njWknuEWFpYUK2Z6VY9dZIu8z7zO+skCSDKM4
qpXWYw+IkZHMqIueoecGuU/gaZyQMZgPRrhS7Hp4RG1r4igHvR+p8q2bWW01F5Xl
pNNt8c4QwCjZx5qXh3oIKCzu5VC7r7HdTRXH6FlIKGREgzus0Hlk+R/xO0oqDbm/
TJgS7hLZDiVsgsaYBewxi9DnOaJY05KJKoYQOYKj4SxFNnGbiwOqndtoRDfgTetW
8jm+7nX11BbAP7WBVl2K+otbAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUnWWPTejd
uQh7Y2+DTb4RVN90jIgwHwYDVR0jBBgwFoAUQsLLpH+tOJ/Ri2HK4iRy1h4OqJYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQwNDM2LzE1NjFCRURFNzY1
NzExRUY4QkZDN0ExMUM0RjlBRTAyL1FzTExwSC10T0pfUmkySEs0aVJ5MWg0T3FK
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvUXNMTHBILXRPSl9SaTJISzRpUnkxaDRPcUpZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MDQzNi8xNTYxQkVERTc2NTcxMUVGOEJGQzdBMTFDNEY5QUUwMi9DREMyREJDMDc3
MzgxMUVGQkJBM0VENDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC7QjANBgkqhkiG9w0BAQsFAAOCAQEAMuLMXWGrgp3odDr/
OdXGdB50lYu+mprTDT8OwHz7MaHLE+u6nK9ne1Vb0fcAF/bkCKalDZsJ8VfuvIYM
ZWYEl0t0XsId8yzj7AvxURA/q7bX0B1m9pHZUNsifIz+y6+fZqRe8XfaWddECRYk
p8SErrkqHX/If0mRnMKDh4PHdgfn5HM75uV+RpWh0+n22HRBClgCOjif602XuGmv
upz8AJaYjL/7F/J4jjTQHe36YEY9lRmxhO7VY+HGEugMHbMDhF5EAndfdRdyvfUY
LK9JxeQW9RT6ztpbdeWFXPzgF0Ka7GK2kKr+jxJRy2tgEsRVxNqTjLsM4ifO4/sE
sJH3mg==
-----END CERTIFICATE-----
Generated at Tue Sep 24 17:14:22 2024 by rpki-client on console-ams.rpki-client.org