Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/512570149A7E11EFAB62E337C4F9AE02.roa
File: 512570149A7E11EFAB62E337C4F9AE02.roa (raw, json)
Hash identifier: dfIEcRO0HueGBuBGN2MOPiBdPfl6NFzmD2ElHWSUp+c=
Subject key identifier: 61:BA:9E:F3:5C:33:3A:55:47:8C:51:FB:DC:D3:1A:91:34:EC:CD:8D
Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF
Certificate serial: 02
Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/512570149A7E11EFAB62E337C4F9AE02.roa
Signing time: Mon 04 Nov 2024 07:27:59 +0000
ROA not before: Mon 04 Nov 2024 07:27:59 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 56264
IP address blocks: 160.191.148.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 07:59:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF
Validity
Not Before: Nov 4 07:27:59 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6728777f-7e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9f:31:ab:cc:9b:f6:47:b0:ce:0f:9c:96:d5:
0c:93:c0:14:6f:e6:83:8a:90:95:43:50:e1:1c:2f:
8a:9d:9d:88:c6:d7:90:c2:27:05:70:cc:4b:26:04:
1a:02:61:6f:24:25:3b:c3:7d:53:ca:41:8e:73:45:
39:e9:e4:0b:09:30:1d:ac:c6:c7:1b:1a:cd:de:b9:
74:90:1b:32:d6:37:24:3e:58:e9:fa:24:8c:31:fe:
f7:e6:a5:02:36:69:d0:da:0d:ff:de:ee:13:09:c4:
ed:b9:aa:b9:53:ec:3d:e7:e9:db:10:95:49:22:f4:
64:a4:91:19:8c:3c:92:9f:80:df:f1:cc:4d:a1:7c:
10:17:82:2d:8a:1e:e1:dd:93:94:1b:06:b3:1e:3c:
c9:74:aa:65:70:43:d7:3f:96:ba:4e:70:a6:11:c9:
1e:10:da:26:4a:a3:e7:1d:1a:96:c8:c2:ea:04:f0:
02:85:6e:f1:ac:e7:e8:7e:a2:a9:90:54:dd:e8:fa:
71:be:e2:e7:d0:5e:41:81:0e:15:3b:c2:d7:fd:40:
a5:cb:b1:df:8f:e9:ac:fa:53:f4:fd:15:e2:d9:33:
25:37:85:e0:12:8d:f2:ac:f8:49:d4:f4:75:c8:bb:
ce:e4:14:20:61:03:1b:87:03:60:0a:66:df:53:65:
88:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BA:9E:F3:5C:33:3A:55:47:8C:51:FB:DC:D3:1A:91:34:EC:CD:8D
X509v3 Authority Key Identifier:
keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/512570149A7E11EFAB62E337C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.148.0/23
Signature Algorithm: sha256WithRSAEncryption
23:c0:69:1e:53:81:02:1a:5e:7d:aa:6d:5d:71:7e:f8:3b:47:
ae:3a:06:4f:ee:0c:5d:4e:fa:25:14:fd:90:c6:b3:14:15:d1:
fe:b9:ff:3f:43:83:3d:af:8c:18:bc:19:0b:7a:78:83:b1:eb:
bb:7c:a1:cb:1b:76:b4:73:3f:21:04:cd:04:8d:bc:51:3f:e3:
4a:21:3a:8b:e5:6b:b0:87:06:59:23:10:b8:7e:b7:0c:bf:3d:
c6:d2:dd:39:75:87:1a:d4:09:f6:1e:a6:5d:e1:a0:38:3e:0a:
ac:64:b5:84:c1:d4:01:64:76:bd:d5:4a:17:4a:72:6e:cc:1b:
3b:59:04:b6:d4:1b:7a:c2:14:00:3b:7c:c8:1e:fe:12:38:a6:
28:09:a6:b8:97:a3:fe:db:36:43:41:57:1b:09:bb:cd:d3:45:
6c:28:53:d3:f7:66:06:24:4a:a4:40:0a:95:12:8d:7a:3d:b1:
83:08:25:a5:f6:aa:3c:13:cd:ce:20:ed:f3:cc:1a:b7:7e:7f:
76:3e:4a:d9:af:63:73:5c:6b:d2:d2:a6:d2:2c:32:57:7c:2a:
e4:38:9d:a1:c7:6d:f4:84:66:37:75:c8:1c:6e:a6:bc:10:1f:
b1:a8:88:21:64:c7:08:e4:8e:3e:15:8f:2d:53:07:f5:32:2e:
d4:61:51:49
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MEYxMTExMC8GA1UEBRMoMjExQTAyMUU4QUJERjREQkYyMDcwODIyNkNDODMyOEZE
MjQxMzFERjAeFw0yNDExMDQwNzI3NTlaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Mjg3NzdmLTdlNGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDjnzGrzJv2R7DOD5yW1QyTwBRv5oOKkJVDUOEcL4qdnYjG15DCJwVwzEsmBBoC
YW8kJTvDfVPKQY5zRTnp5AsJMB2sxscbGs3euXSQGzLWNyQ+WOn6JIwx/vfmpQI2
adDaDf/e7hMJxO25qrlT7D3n6dsQlUki9GSkkRmMPJKfgN/xzE2hfBAXgi2KHuHd
k5QbBrMePMl0qmVwQ9c/lrpOcKYRyR4Q2iZKo+cdGpbIwuoE8AKFbvGs5+h+oqmQ
VN3o+nG+4ufQXkGBDhU7wtf9QKXLsd+P6az6U/T9FeLZMyU3heASjfKs+EnU9HXI
u87kFCBhAxuHA2AKZt9TZYiVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUYbqe81wz
OlVHjFH73NMakTTszY0wHwYDVR0jBBgwFoAUIRoCHoq99NvyBwgibMgyj9JBMd8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRjExL0UxNjM4OTEwOUE3
QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1k
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvSVJvQ0hvcTk5TnZ5QndnaWJNZ3lqOUpCTWQ4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEYxMS9FMTYzODkxMDlBN0MxMUVGODQ5NTBEMzNDNEY5QUUwMi81MTI1NzAxNDlB
N0UxMUVGQUI2MkUzMzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC/lDANBgkqhkiG9w0BAQsFAAOCAQEAI8BpHlOBAhpefapt
XXF++DtHrjoGT+4MXU76JRT9kMazFBXR/rn/P0ODPa+MGLwZC3p4g7Hru3yhyxt2
tHM/IQTNBI28UT/jSiE6i+VrsIcGWSMQuH63DL89xtLdOXWHGtQJ9h6mXeGgOD4K
rGS1hMHUAWR2vdVKF0pybswbO1kEttQbesIUADt8yB7+EjimKAmmuJej/ts2Q0FX
Gwm7zdNFbChT0/dmBiRKpEAKlRKNej2xgwglpfaqPBPNziDt88wat35/dj5K2a9j
c1xr0tKm0iwyV3wq5Didocdt9IRmN3XIHG6mvBAfsaiIIWTHCOSOPhWPLVMH9TIu
1GFRSQ==
-----END CERTIFICATE-----
Generated at Tue Nov 5 10:21:31 2024 by rpki-client on console-fra.rpki-client.org