Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/271DC978CFF411EF8F6C7C23C4F9AE02.roa
File: 271DC978CFF411EF8F6C7C23C4F9AE02.roa (raw, json)
Hash identifier: PlwF7bRq0EETc3ehfacI8pDGWNHjtd18vAdaQ1hKhco=
Subject key identifier: 33:FE:C9:08:15:D7:ED:CE:59:5B:A8:07:77:40:AF:A3:CD:BD:06:27
Certificate issuer: /CN=A917BB9A/serialNumber=838FBD0B395EA90706C6C289AC26B0D738A04241
Certificate serial: 06
Authority key identifier: 83:8F:BD:0B:39:5E:A9:07:06:C6:C2:89:AC:26:B0:D7:38:A0:42:41
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4-9CzleqQcGxsKJrCaw1zigQkE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/271DC978CFF411EF8F6C7C23C4F9AE02.roa
Signing time: Sat 11 Jan 2025 08:16:15 +0000
ROA not before: Sat 11 Jan 2025 08:16:15 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 152897
IP address blocks: 160.22.46.0/23 maxlen: 23
160.22.46.0/24 maxlen: 24
160.22.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 11:32:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917BB9A
Validity
Not Before: Jan 11 08:16:15 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=678228cf-ddb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:83:dc:81:9b:7c:23:5c:08:d7:7d:e2:b3:23:
73:24:eb:0e:5c:77:25:9e:8d:ca:6d:0a:6a:33:3a:
11:c6:d5:a6:cc:41:ed:0c:a1:d5:e8:54:c3:85:c7:
33:ed:2e:ce:ff:8d:ff:c8:c4:d4:67:c6:b8:70:f2:
45:0c:44:a4:3e:b9:7b:5c:0e:f4:1d:ad:d5:bc:a3:
a9:e2:00:1c:72:68:8e:5f:4c:ee:e9:ca:5b:27:d3:
29:ad:2a:a5:c6:8a:de:82:83:4b:46:d3:c9:7b:69:
09:5e:b7:53:59:3a:66:95:25:fc:61:06:f0:36:83:
16:3c:f5:bd:1d:7d:a9:6d:7a:a6:24:80:df:cd:d7:
ae:88:8c:a4:22:1b:ea:d4:04:96:a3:39:f3:99:fe:
cd:f3:aa:6a:61:85:42:ed:b0:76:f8:6c:be:1e:f6:
82:6d:3f:fb:0d:09:d4:1c:42:8f:55:ba:6b:70:bf:
2c:ec:a6:b7:ea:e1:85:59:c3:43:8c:81:37:e2:42:
8f:62:7b:af:26:d9:7e:d0:01:de:02:c3:25:68:5a:
2e:1e:e5:dd:31:f7:84:5d:05:e2:99:0c:01:55:a7:
23:33:63:f0:1b:da:43:61:f0:2b:83:b8:5c:9c:81:
82:6b:c2:14:c5:35:a9:a8:0a:18:e0:4a:64:90:90:
7e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:FE:C9:08:15:D7:ED:CE:59:5B:A8:07:77:40:AF:A3:CD:BD:06:27
X509v3 Authority Key Identifier:
keyid:83:8F:BD:0B:39:5E:A9:07:06:C6:C2:89:AC:26:B0:D7:38:A0:42:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/g4-9CzleqQcGxsKJrCaw1zigQkE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4-9CzleqQcGxsKJrCaw1zigQkE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BB9A/41390BCACFF311EF9062E521C4F9AE02/271DC978CFF411EF8F6C7C23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.46.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:7d:7c:98:41:48:54:33:2a:99:5a:00:98:74:40:77:c5:be:
bc:50:f4:59:75:ba:5f:06:b4:95:e2:ff:50:ef:8e:bb:8e:78:
69:4a:81:0c:de:ea:62:1b:b7:d8:f3:b3:89:5b:0a:a0:e2:e2:
fe:51:11:1f:b5:51:af:54:92:2c:17:03:16:9b:00:ae:6d:a2:
e9:96:41:dc:a5:54:6c:75:37:00:33:10:67:34:e1:40:5c:ad:
af:47:b3:96:c2:bf:48:70:cc:db:a2:39:d7:38:4d:ca:e8:4e:
b7:3e:ad:4d:80:a6:f1:23:c3:df:88:72:7d:3b:e5:bb:f6:84:
44:af:96:9f:dc:5e:72:26:94:00:d0:90:c3:d7:0a:13:09:13:
d1:0b:fb:88:39:e8:7a:de:f7:7a:18:7c:72:ae:1a:46:b4:a9:
f1:6f:58:5e:7f:75:b6:a6:94:8b:b9:71:58:a4:b2:f9:a2:f0:
3f:bd:75:03:81:f6:fb:56:9f:fc:62:0b:ea:5d:14:ff:e2:cd:
ee:e4:09:1a:4c:9f:77:9f:dd:a6:ff:de:7f:6a:f9:04:f8:1b:
24:7f:69:79:a5:3c:0c:f5:13:03:ee:e7:05:6d:a5:e4:63:0f:
03:18:aa:f2:3c:32:31:e8:1e:b6:e7:45:16:4c:e7:c8:b1:4a:
a6:e5:82:35
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QkI5QTExMC8GA1UEBRMoODM4RkJEMEIzOTVFQTkwNzA2QzZDMjg5QUMyNkIwRDcz
OEEwNDI0MTAeFw0yNTAxMTEwODE2MTVaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODIyOGNmLWRkYjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7g9yBm3wjXAjXfeKzI3Mk6w5cdyWejcptCmozOhHG1abMQe0ModXoVMOFxzPt
Ls7/jf/IxNRnxrhw8kUMRKQ+uXtcDvQdrdW8o6niABxyaI5fTO7pylsn0ymtKqXG
it6Cg0tG08l7aQlet1NZOmaVJfxhBvA2gxY89b0dfalteqYkgN/N166IjKQiG+rU
BJajOfOZ/s3zqmphhULtsHb4bL4e9oJtP/sNCdQcQo9Vumtwvyzsprfq4YVZw0OM
gTfiQo9ie68m2X7QAd4CwyVoWi4e5d0x94RdBeKZDAFVpyMzY/Ab2kNh8CuDuFyc
gYJrwhTFNamoChjgSmSQkH4ZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUM/7JCBXX
7c5ZW6gHd0Cvo829BicwHwYDVR0jBBgwFoAUg4+9CzleqQcGxsKJrCaw1zigQkEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCQjlBLzQxMzkwQkNBQ0ZG
MzExRUY5MDYyRTUyMUM0RjlBRTAyL2c0LTlDemxlcVFjR3hzS0pyQ2F3MXppZ1Fr
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZzQtOUN6bGVxUWNHeHNLSnJDYXcxemlnUWtFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QkI5QS80MTM5MEJDQUNGRjMxMUVGOTA2MkU1MjFDNEY5QUUwMi8yNzFEQzk3OENG
RjQxMUVGOEY2QzdDMjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaAWLjANBgkqhkiG9w0BAQsFAAOCAQEAyX18mEFIVDMqmVoA
mHRAd8W+vFD0WXW6Xwa0leL/UO+Ou454aUqBDN7qYhu32POziVsKoOLi/lERH7VR
r1SSLBcDFpsArm2i6ZZB3KVUbHU3ADMQZzThQFytr0ezlsK/SHDM26I51zhNyuhO
tz6tTYCm8SPD34hyfTvlu/aERK+Wn9xeciaUANCQw9cKEwkT0Qv7iDnoet73ehh8
cq4aRrSp8W9YXn91tqaUi7lxWKSy+aLwP711A4H2+1af/GIL6l0U/+LN7uQJGkyf
d5/dpv/ef2r5BPgbJH9peaU8DPUTA+7nBW2l5GMPAxiq8jwyMegetudFFkznyLFK
puWCNQ==
-----END CERTIFICATE-----
Generated at Wed Feb 5 22:48:19 2025 by rpki-client