Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/688D86D4CB4211EFA0808646C4F9AE02.roa
File: 688D86D4CB4211EFA0808646C4F9AE02.roa (raw, json)
Hash identifier: 6h9kW0IivRF3G7wWT5v+/A00FRyg+hNoWJfGgFhX2/4=
Subject key identifier: 47:C7:5C:00:61:1D:49:DF:F2:D3:DF:29:40:F2:4F:3B:DA:C8:86:E6
Certificate issuer: /CN=A91476E2/serialNumber=6AAF3D9BC3DFA3A125082965D8FF33B8128F291F
Certificate serial: 04
Authority key identifier: 6A:AF:3D:9B:C3:DF:A3:A1:25:08:29:65:D8:FF:33:B8:12:8F:29:1F
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aq89m8Pfo6ElCCll2P8zuBKPKR8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/688D86D4CB4211EFA0808646C4F9AE02.roa
Signing time: Sun 05 Jan 2025 08:52:36 +0000
ROA not before: Sun 05 Jan 2025 08:52:36 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 140937
IP address blocks: 160.187.212.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 05 Jan 2025 10:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91476E2
Validity
Not Before: Jan 5 08:52:36 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=677a4853-b9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bc:32:53:f4:1f:ca:3c:66:de:37:9e:9f:ad:
0d:2d:a1:97:e0:1e:b3:90:ff:4f:e1:9b:37:c5:9e:
90:ac:23:3b:8d:63:89:2a:c5:b9:21:1d:90:16:06:
07:2d:66:16:5a:84:9b:ef:4b:af:e1:fb:98:10:ef:
b7:dd:99:c4:76:97:f5:e5:d1:52:0c:f2:c6:be:05:
48:75:84:37:c4:ab:4e:02:f0:df:10:5a:00:de:80:
4d:87:88:db:58:d2:e1:9c:7b:bc:6f:85:69:12:94:
b8:28:a2:a2:73:f3:f5:f4:40:81:2e:e1:25:6e:0e:
d1:58:23:07:fa:ac:42:88:85:e0:d2:9c:7f:16:f3:
40:81:65:0f:05:2f:64:59:60:d2:5f:98:c1:5d:59:
8b:63:a1:10:40:e2:f4:02:6a:60:a8:a9:41:d9:6f:
11:3e:06:c4:aa:56:0a:5b:70:83:28:f0:e3:82:4b:
80:64:88:fa:21:96:48:2d:20:9f:96:2e:15:08:43:
ec:70:3d:1e:11:8d:5c:55:d1:bd:dc:48:82:8e:0c:
52:da:49:98:eb:75:27:af:3b:39:65:9d:6e:7c:88:
6a:f3:8e:55:50:0f:bb:8c:d2:5a:27:f2:40:ba:c4:
c0:27:4d:4f:c6:e2:4b:f3:26:de:86:b8:9f:64:bb:
58:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C7:5C:00:61:1D:49:DF:F2:D3:DF:29:40:F2:4F:3B:DA:C8:86:E6
X509v3 Authority Key Identifier:
keyid:6A:AF:3D:9B:C3:DF:A3:A1:25:08:29:65:D8:FF:33:B8:12:8F:29:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aq89m8Pfo6ElCCll2P8zuBKPKR8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/688D86D4CB4211EFA0808646C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.212.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:e9:6a:98:08:7d:c8:b4:b4:c1:22:5b:18:50:60:21:ab:6b:
0f:bd:ab:41:37:3c:96:90:c3:5f:46:b6:91:9e:b9:65:5f:b6:
75:b1:07:83:11:0c:69:65:c0:89:e9:b8:13:57:d8:f2:f5:f1:
9d:4e:5f:54:3f:21:7c:75:f1:09:6a:01:64:a4:31:c5:14:e2:
7b:e5:f5:1c:5d:3c:de:df:9b:46:bb:65:40:08:0f:04:a8:71:
5e:a8:05:e8:8e:e5:3d:fe:ca:aa:6a:6b:dd:00:50:48:18:fc:
35:35:95:79:7a:d5:a2:8b:9b:b5:eb:8c:e4:c6:fa:f3:83:8b:
2f:29:57:5b:ea:59:08:7b:a1:f7:de:6f:0e:5e:6d:4c:94:45:
e5:37:8b:3a:6b:65:24:9e:c8:8d:eb:a8:42:55:5e:c3:49:31:
1d:95:09:9c:95:af:e4:42:d6:7b:fa:c7:f7:56:09:c2:14:d8:
d0:a2:04:16:f2:e5:65:ad:5f:55:f5:3c:3a:44:c8:94:44:00:
03:b2:c7:15:f0:00:8f:bb:d7:d4:cf:d1:34:99:de:92:81:94:
68:e6:a4:34:ec:30:17:58:df:65:30:03:36:1e:d3:83:4c:f5:
a3:d0:7b:2d:d1:d4:a3:3b:6e:4b:a0:af:6f:54:54:49:3d:60:
2a:ca:de:64
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NzZFMjExMC8GA1UEBRMoNkFBRjNEOUJDM0RGQTNBMTI1MDgyOTY1RDhGRjMzQjgx
MjhGMjkxRjAeFw0yNTAxMDUwODUyMzZaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3N2E0ODUzLWI5YzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtvDJT9B/KPGbeN56frQ0toZfgHrOQ/0/hmzfFnpCsIzuNY4kqxbkhHZAWBgct
ZhZahJvvS6/h+5gQ77fdmcR2l/Xl0VIM8sa+BUh1hDfEq04C8N8QWgDegE2HiNtY
0uGce7xvhWkSlLgooqJz8/X0QIEu4SVuDtFYIwf6rEKIheDSnH8W80CBZQ8FL2RZ
YNJfmMFdWYtjoRBA4vQCamCoqUHZbxE+BsSqVgpbcIMo8OOCS4BkiPohlkgtIJ+W
LhUIQ+xwPR4RjVxV0b3cSIKODFLaSZjrdSevOzllnW58iGrzjlVQD7uM0lon8kC6
xMAnTU/G4kvzJt6GuJ9ku1h/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUR8dcAGEd
Sd/y098pQPJPO9rIhuYwHwYDVR0jBBgwFoAUaq89m8Pfo6ElCCll2P8zuBKPKR8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3NkUyLzNCNTQxRjIwQ0Iz
RDExRUY4NzAzRjc1QUM0RjlBRTAyL2FxODltOFBmbzZFbENDbGwyUDh6dUJLUEtS
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvYXE4OW04UGZvNkVsQ0NsbDJQOHp1QktQS1I4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NzZFMi8zQjU0MUYyMENCM0QxMUVGODcwM0Y3NUFDNEY5QUUwMi82ODhEODZENENC
NDIxMUVGQTA4MDg2NDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC71DANBgkqhkiG9w0BAQsFAAOCAQEAC+lqmAh9yLS0wSJb
GFBgIatrD72rQTc8lpDDX0a2kZ65ZV+2dbEHgxEMaWXAiem4E1fY8vXxnU5fVD8h
fHXxCWoBZKQxxRTie+X1HF083t+bRrtlQAgPBKhxXqgF6I7lPf7Kqmpr3QBQSBj8
NTWVeXrVooubteuM5Mb684OLLylXW+pZCHuh995vDl5tTJRF5TeLOmtlJJ7Ijeuo
QlVew0kxHZUJnJWv5ELWe/rH91YJwhTY0KIEFvLlZa1fVfU8OkTIlEQAA7LHFfAA
j7vX1M/RNJnekoGUaOakNOwwF1jfZTADNh7Tg0z1o9B7LdHUoztuS6Cvb1RUST1g
KsreZA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 23:00:29 2025 by rpki-client