Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/A73F49F219C311EFA4199F7BC4F9AE02.roa
File: A73F49F219C311EFA4199F7BC4F9AE02.roa (raw, json)
Hash identifier: cHoPTjr5BpWwStUY4tfgDpXudX1AsVOQtxp2rI8qszE=
Subject key identifier: 75:E8:21:24:B6:57:D0:D3:2B:C3:E4:3C:FE:F1:62:50:24:42:42:60
Certificate issuer: /CN=A91705D7/serialNumber=AA4405B1BFA96C9C69B029033EF481D8F58A77E5
Certificate serial: 04
Authority key identifier: AA:44:05:B1:BF:A9:6C:9C:69:B0:29:03:3E:F4:81:D8:F5:8A:77:E5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qkQFsb-pbJxpsCkDPvSB2PWKd-U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/A73F49F219C311EFA4199F7BC4F9AE02.roa
Signing time: Fri 24 May 2024 11:49:19 +0000
ROA not before: Fri 24 May 2024 11:49:19 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 135663
IP address blocks: 160.20.116.0/24 maxlen: 24
160.20.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 10:28:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91705D7/serialNumber=AA4405B1BFA96C9C69B029033EF481D8F58A77E5
Validity
Not Before: May 24 11:49:19 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66507ebe-06a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:5a:27:89:17:26:2b:38:31:a9:61:71:66:bf:
46:f8:84:dc:a5:54:b9:d3:83:cd:61:13:78:d9:d7:
b2:87:e5:2a:f0:5e:87:0b:76:0c:99:ed:df:41:f4:
ec:3d:93:56:0c:41:fc:08:a8:b9:fe:22:1d:d9:2c:
09:f2:cf:46:fb:40:2c:b0:3c:5d:f1:c4:ea:5a:9d:
4f:17:c0:05:6e:56:73:bf:d9:00:ae:a9:9f:9b:00:
ac:6a:4c:b8:84:d8:88:37:22:f1:dd:e9:08:ba:be:
37:b7:d7:02:f7:c3:81:f2:30:f9:c1:f9:37:50:87:
02:82:a4:ff:3c:67:34:ef:57:21:c0:1f:b8:50:fa:
81:ee:fa:3a:73:e2:15:7f:cc:fc:da:17:d8:59:44:
90:9a:71:cd:04:62:0c:82:f4:4f:e8:d9:2e:25:4f:
0b:5a:ff:24:71:90:66:02:38:08:7f:f9:c3:9b:25:
a7:8a:47:84:a2:c7:bd:5a:33:1e:e1:53:0c:af:aa:
7e:ed:fe:14:78:f8:d9:f9:50:b1:90:e4:ff:72:53:
8f:0f:3f:74:b2:cc:8f:14:3a:b6:a8:4c:8c:78:b3:
70:66:0a:c4:7a:0e:f9:3e:95:a7:0f:ce:6c:be:b0:
b8:f4:a8:eb:f8:e9:ff:18:f5:a4:05:56:06:12:ec:
7d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E8:21:24:B6:57:D0:D3:2B:C3:E4:3C:FE:F1:62:50:24:42:42:60
X509v3 Authority Key Identifier:
keyid:AA:44:05:B1:BF:A9:6C:9C:69:B0:29:03:3E:F4:81:D8:F5:8A:77:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/qkQFsb-pbJxpsCkDPvSB2PWKd-U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qkQFsb-pbJxpsCkDPvSB2PWKd-U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/A73F49F219C311EFA4199F7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.116.0/23
Signature Algorithm: sha256WithRSAEncryption
76:7d:e4:c0:bf:52:53:4e:ea:71:86:cd:ca:4b:cf:56:b9:90:
da:27:62:50:c9:3c:b1:57:71:ea:d7:a5:41:64:64:c7:13:06:
c8:27:2a:27:e9:58:f1:cf:74:13:fc:5e:a6:36:3c:89:3c:38:
0e:06:e9:5e:42:e5:8f:b0:10:fd:60:5f:fa:4f:8f:17:9e:9d:
03:4d:1b:7c:5b:f8:f3:0d:a0:ac:8a:f4:33:e5:e8:d6:e0:d1:
4a:39:f5:dd:e2:c7:98:28:f1:92:e6:a8:e6:ff:a0:1d:84:34:
6b:ba:16:89:c8:c7:30:94:d3:1e:49:4a:b7:e6:29:72:eb:53:
f7:7a:f3:91:96:ac:ec:c7:ed:71:43:e3:49:2a:b4:ed:0e:74:
b1:d7:64:9f:82:fb:3a:c4:18:cc:8f:ca:e1:b6:ac:41:48:20:
98:ba:2b:bd:92:da:38:b4:43:de:9d:02:f3:11:31:73:a9:a4:
34:7f:03:f6:96:d5:56:42:c8:4f:b5:68:d2:ed:4e:76:d0:e3:
cf:c2:37:66:a4:f6:45:d1:9c:f1:21:0a:3b:db:e6:9b:62:12:
f2:e5:57:fe:7c:8c:0d:f6:e9:e1:94:3c:88:56:a5:cf:9c:ea:
09:03:e0:b6:62:aa:6d:74:f9:27:f8:f1:1e:fe:c5:5d:57:b7:
c1:d7:bf:52
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MDVENzExMC8GA1UEBRMoQUE0NDA1QjFCRkE5NkM5QzY5QjAyOTAzM0VGNDgxRDhG
NThBNzdFNTAeFw0yNDA1MjQxMTQ5MTlaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTA3ZWJlLTA2YTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDvWieJFyYrODGpYXFmv0b4hNylVLnTg81hE3jZ17KH5SrwXocLdgyZ7d9B9Ow9
k1YMQfwIqLn+Ih3ZLAnyz0b7QCywPF3xxOpanU8XwAVuVnO/2QCuqZ+bAKxqTLiE
2Ig3IvHd6Qi6vje31wL3w4HyMPnB+TdQhwKCpP88ZzTvVyHAH7hQ+oHu+jpz4hV/
zPzaF9hZRJCacc0EYgyC9E/o2S4lTwta/yRxkGYCOAh/+cObJaeKR4Six71aMx7h
Uwyvqn7t/hR4+Nn5ULGQ5P9yU48PP3SyzI8UOraoTIx4s3BmCsR6Dvk+lacPzmy+
sLj0qOv46f8Y9aQFVgYS7H2NAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdeghJLZX
0NMrw+Q8/vFiUCRCQmAwHwYDVR0jBBgwFoAUqkQFsb+pbJxpsCkDPvSB2PWKd+Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwNUQ3Lzk2QTM2QUE4MTZE
ODExRUZCRjkwMUU1RkM0RjlBRTAyL3FrUUZzYi1wYkp4cHNDa0RQdlNCMlBXS2Qt
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvcWtRRnNiLXBiSnhwc0NrRFB2U0IyUFdLZC1VLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MDVENy85NkEzNkFBODE2RDgxMUVGQkY5MDFFNUZDNEY5QUUwMi9BNzNGNDlGMjE5
QzMxMUVGQTQxOTlGN0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaAUdDANBgkqhkiG9w0BAQsFAAOCAQEAdn3kwL9SU07qcYbN
ykvPVrmQ2idiUMk8sVdx6telQWRkxxMGyCcqJ+lY8c90E/xepjY8iTw4DgbpXkLl
j7AQ/WBf+k+PF56dA00bfFv48w2grIr0M+Xo1uDRSjn13eLHmCjxkuao5v+gHYQ0
a7oWicjHMJTTHklKt+YpcutT93rzkZas7MftcUPjSSq07Q50sddkn4L7OsQYzI/K
4basQUggmLorvZLaOLRD3p0C8xExc6mkNH8D9pbVVkLIT7Vo0u1OdtDjz8I3ZqT2
RdGc8SEKO9vmm2IS8uVX/nyMDfbp4ZQ8iFalz5zqCQPgtmKqbXT5J/jxHv7FXVe3
wde/Ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org