Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/4CC869827A4D11EF9B6B8513C4F9AE02.roa
File: 4CC869827A4D11EF9B6B8513C4F9AE02.roa (raw, json)
Hash identifier: J2BlYftTBM0yMZF5IjIbO3XrDSRmwQwLkRIeSQFH11I=
Subject key identifier: 30:7D:04:80:6A:A6:63:E8:AC:DB:CB:F9:62:D9:BE:5E:37:23:B9:02
Certificate issuer: /CN=A9155806/serialNumber=887E1107A83F1174FF7E3E780888DB5723B7925B
Certificate serial: 14
Authority key identifier: 88:7E:11:07:A8:3F:11:74:FF:7E:3E:78:08:88:DB:57:23:B7:92:5B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iH4RB6g_EXT_fj54CIjbVyO3kls.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/4CC869827A4D11EF9B6B8513C4F9AE02.roa
Signing time: Tue 24 Sep 2024 08:32:28 +0000
ROA not before: Tue 24 Sep 2024 08:32:28 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 55330
IP address blocks: 160.187.20.0/24 maxlen: 24
160.187.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 09:41:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155806/serialNumber=887E1107A83F1174FF7E3E780888DB5723B7925B
Validity
Not Before: Sep 24 08:32:28 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=66f2791b-f1d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:75:c3:68:60:27:93:96:5e:c9:da:0c:20:13:
7f:be:b7:f1:f3:ee:17:2b:10:86:42:bb:92:93:fb:
83:f4:50:1d:52:e2:27:49:67:16:83:6b:55:e3:99:
8e:2d:20:21:68:a4:12:70:39:03:ab:b9:0e:cb:cc:
56:00:45:28:d3:ec:aa:29:a0:95:2c:70:0d:95:4a:
ad:be:3b:36:be:c1:60:01:01:be:7a:52:04:42:b1:
41:75:70:2b:60:7f:54:66:d5:ce:dc:d2:53:b5:87:
cc:e7:b5:04:ed:4a:c3:33:ab:82:ac:9a:87:85:bb:
a3:ae:98:5b:30:19:de:c2:b6:9b:c8:3e:14:6f:67:
7d:ec:a0:8b:17:4d:cb:16:df:06:fe:d1:cd:c7:2b:
b7:de:09:ed:a0:b8:95:73:63:4f:5d:7d:5a:8e:64:
6c:4a:27:cb:45:90:05:af:f8:27:36:9a:3c:12:7a:
71:81:bf:86:a7:86:d7:33:42:8e:a4:0a:00:f6:87:
b4:b2:9a:ef:c1:8d:0e:68:0f:66:09:6e:ab:7f:e0:
45:1f:12:08:a0:60:46:6c:32:eb:8f:4a:47:d3:4f:
73:e7:5b:a3:18:00:ed:ad:c0:b1:d7:ee:6f:13:11:
d6:13:c0:04:d7:31:62:ed:b3:fb:cb:1a:63:63:33:
dc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7D:04:80:6A:A6:63:E8:AC:DB:CB:F9:62:D9:BE:5E:37:23:B9:02
X509v3 Authority Key Identifier:
keyid:88:7E:11:07:A8:3F:11:74:FF:7E:3E:78:08:88:DB:57:23:B7:92:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/iH4RB6g_EXT_fj54CIjbVyO3kls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iH4RB6g_EXT_fj54CIjbVyO3kls.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/4CC869827A4D11EF9B6B8513C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.20.0/23
Signature Algorithm: sha256WithRSAEncryption
af:ed:e7:a9:9c:e0:d2:19:47:67:c3:c3:ac:47:51:17:e9:8f:
61:93:31:0c:10:38:ce:6e:d4:1b:a9:9a:77:0c:6f:80:78:7f:
ef:f9:c3:42:05:da:bd:5a:d4:cf:13:47:d5:b8:14:09:6d:dc:
20:ab:55:68:32:bf:ed:c4:f0:26:7e:19:05:e1:f8:46:14:d6:
bd:71:97:c9:0f:32:e7:68:c9:79:ac:71:6d:e5:86:ba:3e:6d:
b6:16:9f:a1:33:13:ee:6d:8c:27:75:ae:f9:fb:21:79:60:e1:
5f:09:09:fd:09:31:07:a4:d0:19:dc:04:ca:d8:ca:8a:62:66:
39:ac:18:ee:b0:4e:fa:0f:e7:e6:86:fb:9f:75:9c:30:b1:cd:
0f:79:93:10:86:21:22:7e:50:4e:03:32:f7:37:ae:eb:e4:33:
f2:b0:50:99:ab:aa:1f:c8:52:39:b7:51:2b:a7:61:a9:53:e0:
79:65:88:1b:15:d8:bd:a9:23:db:b4:72:c6:a3:c3:fa:86:c1:
54:07:77:66:27:92:8a:12:ff:ff:b6:b8:0f:0a:bd:83:b3:13:
f7:03:1e:72:e4:a5:a1:fa:9f:34:7b:82:a2:b9:a7:e1:5b:7e:
a8:4a:ff:29:fa:aa:ba:42:79:e9:1c:77:ea:23:f6:dc:b4:2d:
13:0c:5e:16
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTgwNjExMC8GA1UEBRMoODg3RTExMDdBODNGMTE3NEZGN0UzRTc4MDg4OERCNTcy
M0I3OTI1QjAeFw0yNDA5MjQwODMyMjhaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZjI3OTFiLWYxZDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+dcNoYCeTll7J2gwgE3++t/Hz7hcrEIZCu5KT+4P0UB1S4idJZxaDa1XjmY4t
ICFopBJwOQOruQ7LzFYARSjT7KopoJUscA2VSq2+Oza+wWABAb56UgRCsUF1cCtg
f1Rm1c7c0lO1h8zntQTtSsMzq4KsmoeFu6OumFswGd7CtpvIPhRvZ33soIsXTcsW
3wb+0c3HK7feCe2guJVzY09dfVqOZGxKJ8tFkAWv+Cc2mjwSenGBv4anhtczQo6k
CgD2h7Symu/BjQ5oD2YJbqt/4EUfEgigYEZsMuuPSkfTT3PnW6MYAO2twLHX7m8T
EdYTwATXMWLts/vLGmNjM9zhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUMH0EgGqm
Y+is28v5Ytm+XjcjuQIwHwYDVR0jBBgwFoAUiH4RB6g/EXT/fj54CIjbVyO3klsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1ODA2L0M3MzlCQUVFNkU5
MTExRUZBNjJCNEMzRkM0RjlBRTAyL2lINFJCNmdfRVhUX2ZqNTRDSWpiVnlPM2ts
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvaUg0UkI2Z19FWFRfZmo1NENJamJWeU8za2xzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTgwNi9DNzM5QkFFRTZFOTExMUVGQTYyQjRDM0ZDNEY5QUUwMi80Q0M4Njk4MjdB
NEQxMUVGOUI2Qjg1MTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC7FDANBgkqhkiG9w0BAQsFAAOCAQEAr+3nqZzg0hlHZ8PD
rEdRF+mPYZMxDBA4zm7UG6madwxvgHh/7/nDQgXavVrUzxNH1bgUCW3cIKtVaDK/
7cTwJn4ZBeH4RhTWvXGXyQ8y52jJeaxxbeWGuj5tthafoTMT7m2MJ3Wu+fsheWDh
XwkJ/QkxB6TQGdwEytjKimJmOawY7rBO+g/n5ob7n3WcMLHND3mTEIYhIn5QTgMy
9zeu6+Qz8rBQmauqH8hSObdRK6dhqVPgeWWIGxXYvakj27RyxqPD+obBVAd3ZieS
ihL//7a4Dwq9g7MT9wMecuSlofqfNHuCormn4Vt+qEr/KfqqukJ56Rx36iP23LQt
EwxeFg==
-----END CERTIFICATE-----
Generated at Tue Sep 24 12:40:08 2024 by rpki-client on console-fra.rpki-client.org