Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170EED/37402ADE853B11EFA3072349C4F9AE02/A4CDB24C853B11EFB513D149C4F9AE02.roa
File: A4CDB24C853B11EFB513D149C4F9AE02.roa (raw, json)
Hash identifier: 6pd4B5Wm/+ylf91gMgLtbkEJn/eNccQDS3DmRyTx9DE=
Subject key identifier: 82:E5:5D:98:7F:FB:43:DA:C2:DE:A0:2A:A8:18:18:3C:0F:0D:71:10
Certificate issuer: /CN=A9170EED/serialNumber=6918AA71F36B046353A65CC08978B18EFFB9F5C6
Certificate serial: 02
Authority key identifier: 69:18:AA:71:F3:6B:04:63:53:A6:5C:C0:89:78:B1:8E:FF:B9:F5:C6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aRiqcfNrBGNTplzAiXixjv-59cY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170EED/37402ADE853B11EFA3072349C4F9AE02/A4CDB24C853B11EFB513D149C4F9AE02.roa
Signing time: Tue 08 Oct 2024 06:07:49 +0000
ROA not before: Tue 08 Oct 2024 06:07:49 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 134192
IP address blocks: 160.187.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 07:34:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170EED/serialNumber=6918AA71F36B046353A65CC08978B18EFFB9F5C6
Validity
Not Before: Oct 8 06:07:49 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6704cc34-a040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c4:65:99:89:4d:15:08:5b:76:db:cc:e3:73:
74:18:5c:2f:6d:06:a5:b8:84:35:6e:03:47:ed:88:
70:a4:b4:37:0c:b4:78:e7:0f:86:d9:27:a7:c4:78:
34:e0:b6:16:15:94:78:cb:45:40:f3:b1:5d:19:bd:
72:3a:b3:38:dd:30:3b:34:00:55:91:67:31:26:be:
9d:1a:05:db:65:de:45:36:27:09:30:5d:f2:90:68:
2f:65:a2:d0:01:6f:a7:39:eb:ab:c6:65:f7:57:8d:
3c:f4:1c:24:d9:dc:97:43:aa:9d:7a:cf:ea:4f:45:
47:8c:02:6d:64:50:c0:3e:a0:0f:71:b3:77:e5:91:
2b:23:d8:41:e7:35:90:97:3d:c9:27:d1:1a:62:6e:
70:09:26:7a:cc:b1:f1:bc:02:ca:3c:ee:85:4c:37:
d9:49:f9:42:25:34:1f:96:9a:59:2b:ff:c6:8e:f3:
7a:32:f8:e5:f6:1b:70:89:27:7a:60:be:13:ad:7f:
bc:54:b2:da:2c:0e:85:cc:ab:a2:64:9b:b2:08:03:
7e:2d:a8:d6:8c:ba:45:32:56:06:38:8d:a3:ed:aa:
82:88:56:3c:cb:a1:b0:6b:b6:72:31:a5:8b:8e:ba:
41:57:46:4a:77:8c:04:3a:de:3e:bb:b7:3b:bb:42:
77:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E5:5D:98:7F:FB:43:DA:C2:DE:A0:2A:A8:18:18:3C:0F:0D:71:10
X509v3 Authority Key Identifier:
keyid:69:18:AA:71:F3:6B:04:63:53:A6:5C:C0:89:78:B1:8E:FF:B9:F5:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170EED/37402ADE853B11EFA3072349C4F9AE02/aRiqcfNrBGNTplzAiXixjv-59cY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aRiqcfNrBGNTplzAiXixjv-59cY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170EED/37402ADE853B11EFA3072349C4F9AE02/A4CDB24C853B11EFB513D149C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.185.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:f4:fb:68:75:ed:fe:d1:ae:78:92:ce:60:44:ed:e7:6d:3a:
9c:a5:4c:4f:48:69:50:1a:a3:59:fd:f6:cd:43:d7:d0:2c:4d:
60:23:ae:0e:5f:0a:39:67:e4:0b:53:b0:87:88:f6:2e:a9:51:
bd:df:1a:8c:cb:6c:d7:13:a8:06:ac:11:2f:0d:4f:80:fe:0d:
a4:38:99:bc:ab:ef:63:61:59:2a:ed:25:20:b3:11:75:61:dd:
68:90:18:10:2d:a6:0d:92:47:9a:f9:29:b9:d6:79:f2:95:ac:
f8:5c:46:43:69:47:af:5a:42:e5:81:1e:9f:82:e5:df:28:22:
fc:97:82:e5:10:7c:07:ad:d7:4a:ed:74:da:89:f6:d9:0a:ac:
da:98:30:a3:49:9e:df:66:8d:f1:7e:a4:ff:27:5d:07:8a:6d:
22:73:55:96:9d:74:33:2c:c0:05:59:01:d5:cf:4c:99:16:29:
5a:fe:3e:bd:50:65:49:dc:61:4e:2b:92:8c:2f:4e:de:6f:f2:
3d:71:1e:ce:ac:9d:0c:af:e2:f9:4b:9c:bb:55:36:fe:7f:27:
a3:b5:a9:25:d7:30:9b:bc:f3:f0:01:1d:56:50:e3:9b:86:7e:
30:cc:12:4f:e5:8e:aa:cb:c0:ea:80:85:5e:45:49:83:58:8e:
cd:8c:dd:44
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MEVFRDExMC8GA1UEBRMoNjkxOEFBNzFGMzZCMDQ2MzUzQTY1Q0MwODk3OEIxOEVG
RkI5RjVDNjAeFw0yNDEwMDgwNjA3NDlaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MDRjYzM0LWEwNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBxGWZiU0VCFt228zjc3QYXC9tBqW4hDVuA0ftiHCktDcMtHjnD4bZJ6fEeDTg
thYVlHjLRUDzsV0ZvXI6szjdMDs0AFWRZzEmvp0aBdtl3kU2JwkwXfKQaC9lotAB
b6c566vGZfdXjTz0HCTZ3JdDqp16z+pPRUeMAm1kUMA+oA9xs3flkSsj2EHnNZCX
Pckn0RpibnAJJnrMsfG8Aso87oVMN9lJ+UIlNB+Wmlkr/8aO83oy+OX2G3CJJ3pg
vhOtf7xUstosDoXMq6Jkm7IIA34tqNaMukUyVgY4jaPtqoKIVjzLobBrtnIxpYuO
ukFXRkp3jAQ63j67tzu7Qnd1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUguVdmH/7
Q9rC3qAqqBgYPA8NcRAwHwYDVR0jBBgwFoAUaRiqcfNrBGNTplzAiXixjv+59cYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRUVELzM3NDAyQURFODUz
QjExRUZBMzA3MjM0OUM0RjlBRTAyL2FSaXFjZk5yQkdOVHBsekFpWGl4anYtNTlj
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvYVJpcWNmTnJCR05UcGx6QWlYaXhqdi01OWNZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEVFRC8zNzQwMkFERTg1M0IxMUVGQTMwNzIzNDlDNEY5QUUwMi9BNENEQjI0Qzg1
M0IxMUVGQjUxM0QxNDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKC7uTANBgkqhkiG9w0BAQsFAAOCAQEAoPT7aHXt/tGueJLO
YETt5206nKVMT0hpUBqjWf32zUPX0CxNYCOuDl8KOWfkC1Owh4j2LqlRvd8ajMts
1xOoBqwRLw1PgP4NpDiZvKvvY2FZKu0lILMRdWHdaJAYEC2mDZJHmvkpudZ58pWs
+FxGQ2lHr1pC5YEen4Ll3ygi/JeC5RB8B63XSu102on22Qqs2pgwo0me32aN8X6k
/yddB4ptInNVlp10MyzABVkB1c9MmRYpWv4+vVBlSdxhTiuSjC9O3m/yPXEezqyd
DK/i+Uucu1U2/n8no7WpJdcwm7zz8AEdVlDjm4Z+MMwST+WOqsvA6oCFXkVJg1iO
zYzdRA==
-----END CERTIFICATE-----
Generated at Wed Oct 9 09:56:45 2024 by rpki-client on console-fra.rpki-client.org