Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/59EB41966E9211EF894D3B4FC4F9AE02.roa
File: 59EB41966E9211EF894D3B4FC4F9AE02.roa (raw, json)
Hash identifier: 3NR6YA5mjapr8kpjdpFf1JWqBLbpCfh5vVbVvVlKZZE=
Subject key identifier: 95:EA:AF:8D:0B:46:6E:A0:E0:48:6B:B5:C6:D6:8E:DE:7C:C2:AD:1A
Certificate issuer: /CN=A9155806/serialNumber=887E1107A83F1174FF7E3E780888DB5723B7925B
Certificate serial: 02
Authority key identifier: 88:7E:11:07:A8:3F:11:74:FF:7E:3E:78:08:88:DB:57:23:B7:92:5B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iH4RB6g_EXT_fj54CIjbVyO3kls.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/59EB41966E9211EF894D3B4FC4F9AE02.roa
Signing time: Mon 09 Sep 2024 10:00:33 +0000
ROA not before: Mon 09 Sep 2024 10:00:33 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 153323
IP address blocks: 160.187.20.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 16 Sep 2024 08:24:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155806/serialNumber=887E1107A83F1174FF7E3E780888DB5723B7925B
Validity
Not Before: Sep 9 10:00:33 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=66dec740-0c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:13:b7:b9:00:f3:55:27:7c:e4:67:25:e1:ea:
01:9e:c7:70:17:c0:58:0e:9b:eb:bc:1f:b1:6e:49:
bf:85:2d:46:ed:d8:e2:88:a2:4b:9b:0e:e0:c3:d7:
4f:4c:57:be:68:7f:ba:7b:a5:c0:00:0e:09:a7:73:
ca:6c:37:b9:3f:cc:75:70:c2:64:86:ea:45:c7:b6:
63:6c:c8:aa:a1:79:12:1f:86:d6:bb:2e:b8:6d:b7:
da:b6:30:07:e3:4b:92:90:57:aa:fa:e8:83:f9:36:
95:6b:28:58:64:d7:4d:df:41:99:a0:f6:93:f6:87:
2d:4c:c4:5a:9e:49:25:72:53:d0:7b:24:44:33:92:
14:ef:05:5e:1e:63:8d:5d:57:10:0e:88:a6:a5:f7:
4c:ac:5b:44:f1:80:d5:a1:91:47:5f:db:1d:1f:15:
83:5b:85:c8:bc:05:b5:f5:c0:c4:31:66:29:ea:31:
6e:57:11:83:29:f6:d1:85:59:e0:9a:75:c0:5b:d4:
c8:09:fc:0c:64:cb:94:26:ea:f3:7b:03:7d:34:65:
94:48:51:cb:6c:10:4a:34:39:98:ad:84:79:58:e9:
32:91:a8:83:f0:6e:50:8a:c1:11:66:01:b2:0b:57:
cc:f3:8d:44:6b:d6:e0:78:8d:df:5b:f4:a4:03:4b:
5a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EA:AF:8D:0B:46:6E:A0:E0:48:6B:B5:C6:D6:8E:DE:7C:C2:AD:1A
X509v3 Authority Key Identifier:
keyid:88:7E:11:07:A8:3F:11:74:FF:7E:3E:78:08:88:DB:57:23:B7:92:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/iH4RB6g_EXT_fj54CIjbVyO3kls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iH4RB6g_EXT_fj54CIjbVyO3kls.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/59EB41966E9211EF894D3B4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.20.0/23
Signature Algorithm: sha256WithRSAEncryption
54:dd:1e:b5:4f:6c:f3:b0:7d:9c:29:33:48:d0:7c:ef:96:85:
b3:2d:8e:e7:27:4d:e5:ae:a2:d5:de:0b:d1:33:69:72:b6:66:
43:c8:3e:5d:5f:a5:7a:59:f1:74:c1:c2:f6:bf:d5:43:30:b4:
77:f6:1b:ce:d9:63:16:89:07:62:f2:e9:ce:7c:f2:6a:82:56:
93:fb:7c:de:9d:15:85:7b:ff:e7:3f:e0:76:a4:41:d1:eb:4b:
ae:10:e5:83:7b:a1:4e:9e:7b:fd:7a:67:44:e7:73:5b:c1:bb:
bc:a2:ca:ec:f9:17:ae:6d:d5:4b:e8:2d:fd:93:3a:ca:85:50:
b5:a3:c0:c3:6f:35:d6:60:67:de:21:e1:fa:52:c4:33:b1:49:
75:58:4f:29:7e:67:88:df:50:03:6f:1d:9c:7f:4a:f2:47:5c:
53:d3:88:2b:d9:e5:8f:0f:6f:75:63:4d:82:38:0f:c8:b0:aa:
04:7c:80:47:4f:df:22:6e:5f:02:11:4d:b7:70:a4:96:61:ef:
ed:c2:2b:9a:2e:79:d0:48:3d:f4:93:3c:2f:27:20:5c:b8:4e:
a4:51:b7:e1:bc:84:b3:c9:d8:6e:84:79:40:11:1b:36:71:d9:
ac:77:1e:17:af:c9:8e:67:f2:da:fe:3a:f5:7f:05:51:5b:ce:
c2:4a:e5:60
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTgwNjExMC8GA1UEBRMoODg3RTExMDdBODNGMTE3NEZGN0UzRTc4MDg4OERCNTcy
M0I3OTI1QjAeFw0yNDA5MDkxMDAwMzNaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZGVjNzQwLTBjNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8E7e5APNVJ3zkZyXh6gGex3AXwFgOm+u8H7FuSb+FLUbt2OKIokubDuDD109M
V75of7p7pcAADgmnc8psN7k/zHVwwmSG6kXHtmNsyKqheRIfhta7Lrhtt9q2MAfj
S5KQV6r66IP5NpVrKFhk103fQZmg9pP2hy1MxFqeSSVyU9B7JEQzkhTvBV4eY41d
VxAOiKal90ysW0TxgNWhkUdf2x0fFYNbhci8BbX1wMQxZinqMW5XEYMp9tGFWeCa
dcBb1MgJ/Axky5Qm6vN7A300ZZRIUctsEEo0OZithHlY6TKRqIPwblCKwRFmAbIL
V8zzjURr1uB4jd9b9KQDS1r1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUleqvjQtG
bqDgSGu1xtaO3nzCrRowHwYDVR0jBBgwFoAUiH4RB6g/EXT/fj54CIjbVyO3klsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1ODA2L0M3MzlCQUVFNkU5
MTExRUZBNjJCNEMzRkM0RjlBRTAyL2lINFJCNmdfRVhUX2ZqNTRDSWpiVnlPM2ts
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvaUg0UkI2Z19FWFRfZmo1NENJamJWeU8za2xzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTgwNi9DNzM5QkFFRTZFOTExMUVGQTYyQjRDM0ZDNEY5QUUwMi81OUVCNDE5NjZF
OTIxMUVGODk0RDNCNEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC7FDANBgkqhkiG9w0BAQsFAAOCAQEAVN0etU9s87B9nCkz
SNB875aFsy2O5ydN5a6i1d4L0TNpcrZmQ8g+XV+lelnxdMHC9r/VQzC0d/Ybztlj
FokHYvLpznzyaoJWk/t83p0VhXv/5z/gdqRB0etLrhDlg3uhTp57/XpnROdzW8G7
vKLK7PkXrm3VS+gt/ZM6yoVQtaPAw2811mBn3iHh+lLEM7FJdVhPKX5niN9QA28d
nH9K8kdcU9OIK9nljw9vdWNNgjgPyLCqBHyAR0/fIm5fAhFNt3CklmHv7cIrmi55
0Eg99JM8LycgXLhOpFG34byEs8nYboR5QBEbNnHZrHceF6/Jjmfy2v469X8FUVvO
wkrlYA==
-----END CERTIFICATE-----
Generated at Mon Sep 16 10:47:32 2024 by rpki-client on console-fra.rpki-client.org