Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9179EAE/A49CDDB88D0E11EFA8FE9371C4F9AE02/3E4B299C8D0F11EF8F639372C4F9AE02.roa
File: 3E4B299C8D0F11EF8F639372C4F9AE02.roa (raw, json)
Hash identifier: AVx/iyCGk2KIXaJoPOBeu0OxLH0XFejGW4gjRHxRbdI=
Subject key identifier: 12:9A:F7:47:F1:24:21:7C:A0:9A:A7:5E:DB:3D:73:5E:C8:FA:5E:5B
Certificate issuer: /CN=A9179EAE/serialNumber=94539F82A35EB2158ED7C362D5BA15433E7ED2E1
Certificate serial: 02
Authority key identifier: 94:53:9F:82:A3:5E:B2:15:8E:D7:C3:62:D5:BA:15:43:3E:7E:D2:E1
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lFOfgqNeshWO18Ni1boVQz5-0uE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9179EAE/A49CDDB88D0E11EFA8FE9371C4F9AE02/3E4B299C8D0F11EF8F639372C4F9AE02.roa
Signing time: Fri 18 Oct 2024 05:10:08 +0000
ROA not before: Fri 18 Oct 2024 05:10:08 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 135697
IP address blocks: 160.191.10.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Nov 2024 06:38:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9179EAE/serialNumber=94539F82A35EB2158ED7C362D5BA15433E7ED2E1
Validity
Not Before: Oct 18 05:10:08 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6711edb0-721c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:57:99:8e:57:9e:59:82:90:36:6e:b2:bf:24:
93:41:b8:27:4a:e3:78:71:87:ac:ac:0b:9d:7d:28:
1d:1b:08:a0:0e:b6:20:13:5b:dd:db:7f:fa:c2:6d:
6a:72:81:bd:df:35:d5:71:f9:cc:66:00:5b:65:72:
db:bd:70:1c:ca:6d:5a:ea:e5:c7:07:0d:4a:8c:c2:
42:cd:a1:e9:e5:8a:fc:ba:a8:5b:fd:dc:d3:78:c0:
4d:7c:26:07:e6:fa:94:97:ba:93:a8:22:d9:23:33:
23:bf:09:60:9a:6e:bc:04:b4:0f:f3:0a:34:cb:f9:
e0:4a:cd:75:b6:ae:14:60:a3:52:7e:6c:d9:4a:e0:
f7:81:b1:51:a0:98:f7:ea:d4:41:bb:dd:6a:6c:81:
ac:d0:38:73:6e:88:dd:52:93:35:b0:f5:b4:6f:43:
b7:b3:d1:86:51:ad:2c:c7:4b:0c:33:4e:c4:cf:3e:
bc:fb:f4:18:c1:ef:0a:cf:10:e7:19:8b:b8:5e:31:
ce:4e:16:ac:57:2e:f2:a1:99:4f:87:c8:b1:2e:4a:
13:3d:88:20:b0:76:02:22:82:7f:6b:a6:68:86:d6:
30:f3:87:c9:bb:8c:55:28:47:dd:e4:50:cd:51:a6:
7e:b1:36:04:63:30:c5:b6:07:8e:d8:c7:d0:67:e7:
30:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:9A:F7:47:F1:24:21:7C:A0:9A:A7:5E:DB:3D:73:5E:C8:FA:5E:5B
X509v3 Authority Key Identifier:
keyid:94:53:9F:82:A3:5E:B2:15:8E:D7:C3:62:D5:BA:15:43:3E:7E:D2:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9179EAE/A49CDDB88D0E11EFA8FE9371C4F9AE02/lFOfgqNeshWO18Ni1boVQz5-0uE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lFOfgqNeshWO18Ni1boVQz5-0uE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179EAE/A49CDDB88D0E11EFA8FE9371C4F9AE02/3E4B299C8D0F11EF8F639372C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.10.0/23
Signature Algorithm: sha256WithRSAEncryption
34:6f:f1:6c:f2:d2:01:a3:2e:ea:1c:03:da:f0:4a:bf:43:44:
d7:39:01:c5:e9:41:77:72:4a:c7:8e:44:9e:e2:b0:7b:86:16:
ea:12:21:79:d8:69:4d:0c:47:0a:41:5d:91:a7:fe:fb:66:cf:
81:a6:ca:25:7a:34:a8:ee:a4:ce:3a:69:0e:9b:96:63:90:9a:
20:66:21:2e:c0:4d:12:d7:1f:d5:24:c2:3f:98:3a:53:53:bd:
93:2d:29:c3:4c:ba:9d:8e:84:c4:94:f9:9a:59:b6:7d:da:c4:
09:96:f8:76:39:db:a7:f3:a5:6f:f7:ec:29:9f:49:93:41:f4:
57:bc:90:15:48:ed:c0:b9:48:93:15:09:d8:01:7c:db:0d:14:
0a:f7:a4:d3:8b:2d:81:78:a5:03:c1:e5:19:4f:af:d3:64:14:
26:82:2b:26:ed:8d:fb:6d:dd:4b:eb:ba:f7:28:02:7f:81:8e:
bc:b9:2b:75:7d:32:4c:0c:44:e0:f3:09:7d:18:a4:97:95:b6:
37:d9:dd:70:14:fe:23:f8:dc:21:5c:5f:45:d9:a2:cf:1f:e2:
ad:de:40:cc:7c:f8:d1:30:a1:3e:51:0f:b3:ba:f9:20:4f:74:
02:6e:47:f4:d4:71:2a:58:e6:10:a1:aa:d0:ee:a5:a8:4a:73:
5d:5b:b5:8c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OUVBRTExMC8GA1UEBRMoOTQ1MzlGODJBMzVFQjIxNThFRDdDMzYyRDVCQTE1NDMz
RTdFRDJFMTAeFw0yNDEwMTgwNTEwMDhaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MTFlZGIwLTcyMWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDV5mOV55ZgpA2brK/JJNBuCdK43hxh6ysC519KB0bCKAOtiATW93bf/rCbWpy
gb3fNdVx+cxmAFtlctu9cBzKbVrq5ccHDUqMwkLNoenlivy6qFv93NN4wE18Jgfm
+pSXupOoItkjMyO/CWCabrwEtA/zCjTL+eBKzXW2rhRgo1J+bNlK4PeBsVGgmPfq
1EG73WpsgazQOHNuiN1SkzWw9bRvQ7ez0YZRrSzHSwwzTsTPPrz79BjB7wrPEOcZ
i7heMc5OFqxXLvKhmU+HyLEuShM9iCCwdgIign9rpmiG1jDzh8m7jFUoR93kUM1R
pn6xNgRjMMW2B47Yx9Bn5zAvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUEpr3R/Ek
IXygmqde2z1zXsj6XlswHwYDVR0jBBgwFoAUlFOfgqNeshWO18Ni1boVQz5+0uEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc5RUFFL0E0OUNEREI4OEQw
RTExRUZBOEZFOTM3MUM0RjlBRTAyL2xGT2ZncU5lc2hXTzE4TmkxYm9WUXo1LTB1
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbEZPZmdxTmVzaFdPMThOaTFib1ZRejUtMHVFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OUVBRS9BNDlDRERCODhEMEUxMUVGQThGRTkzNzFDNEY5QUUwMi8zRTRCMjk5QzhE
MEYxMUVGOEY2MzkzNzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC/CjANBgkqhkiG9w0BAQsFAAOCAQEANG/xbPLSAaMu6hwD
2vBKv0NE1zkBxelBd3JKx45EnuKwe4YW6hIhedhpTQxHCkFdkaf++2bPgabKJXo0
qO6kzjppDpuWY5CaIGYhLsBNEtcf1STCP5g6U1O9ky0pw0y6nY6ExJT5mlm2fdrE
CZb4djnbp/Olb/fsKZ9Jk0H0V7yQFUjtwLlIkxUJ2AF82w0UCvek04stgXilA8Hl
GU+v02QUJoIrJu2N+23dS+u69ygCf4GOvLkrdX0yTAxE4PMJfRikl5W2N9ndcBT+
I/jcIVxfRdmizx/ird5AzHz40TChPlEPs7r5IE90Am5H9NRxKljmEKGq0O6lqEpz
XVu1jA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:37:04 2024 by rpki-client on console-fra.rpki-client.org