Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/4339B16C821F11EF994ABD75C4F9AE02.roa
File: 4339B16C821F11EF994ABD75C4F9AE02.roa (raw, json)
Hash identifier: Io0KpWuKIrhMp6NJlctgCZr+wB0v+4cBW7KVPst3nWo=
Subject key identifier: 84:F6:1F:47:68:D7:6C:8C:29:08:CD:BD:82:26:DC:3F:2E:67:37:BB
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1B80
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/4339B16C821F11EF994ABD75C4F9AE02.roa
Signing time: Fri 04 Oct 2024 11:03:43 +0000
ROA not before: Fri 04 Oct 2024 11:03:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151157
IP address blocks: 160.30.60.0/24 maxlen: 24
160.30.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 09:11:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7040 (0x1b80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Validity
Not Before: Oct 4 11:03:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ffcb8f-f7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:68:b5:8e:0e:22:61:0a:59:49:dd:39:2b:ca:
64:21:47:c7:ea:cf:80:e9:5a:ca:0c:36:c2:28:97:
79:69:57:7f:d6:e2:c0:f5:3e:9a:36:2e:4c:c1:d8:
09:ac:84:7d:03:38:77:c5:44:0a:85:fb:2f:31:2a:
d9:3c:ed:ff:1a:f2:e7:28:b9:b3:ed:75:3b:89:49:
47:79:0f:0a:4f:04:96:08:37:f3:db:19:55:61:36:
16:27:14:38:e6:24:51:a0:f9:a7:2a:2e:1b:3d:71:
5b:96:26:ef:3c:f4:09:2c:e9:a2:3b:04:03:75:93:
3c:54:76:a7:62:ab:b7:33:c1:88:56:e2:48:7e:99:
07:2b:33:c2:2f:cd:68:0b:e9:3b:96:58:c3:41:33:
97:4b:c8:9c:76:5b:be:92:bf:d7:66:a9:e3:bc:6a:
c3:a4:96:78:08:5b:25:5b:b6:36:ea:c1:5a:12:a6:
27:be:1e:1a:2a:d0:b4:7f:b0:7d:23:ca:88:85:31:
01:eb:6c:1f:34:54:af:94:e7:12:35:d2:d0:de:21:
e8:a7:ba:9d:ea:0c:07:33:87:38:8d:67:8d:3e:4a:
30:ae:5c:35:5a:4e:7c:e7:58:8e:56:15:ec:06:4d:
df:0b:b2:67:c4:d0:5d:d1:63:11:4d:41:0e:6b:a7:
30:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F6:1F:47:68:D7:6C:8C:29:08:CD:BD:82:26:DC:3F:2E:67:37:BB
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/4339B16C821F11EF994ABD75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.30.60.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:ac:2a:98:92:e2:37:eb:8e:4e:6b:a2:94:86:74:46:1d:43:
84:05:96:24:4c:f9:4e:99:aa:2d:03:02:25:97:69:c9:f0:bd:
fd:27:9f:95:bb:3e:d1:89:80:f2:f3:b6:28:bd:a6:94:6e:dd:
26:5f:d1:42:d8:b7:15:8c:d0:e1:f1:dd:76:9d:15:9f:c1:a9:
26:1c:a8:80:df:14:f4:b7:0f:c5:1f:10:86:0c:eb:3b:55:33:
7e:86:e8:2f:45:b6:97:ce:00:5f:e8:22:7d:fd:b6:ad:06:6b:
85:1e:da:b8:dc:d6:e4:a2:ed:e7:3d:f9:62:b8:80:16:21:bc:
0d:42:40:4d:7e:52:7a:d6:2a:a3:bb:b9:dd:2b:05:27:f7:3c:
82:16:98:e2:06:f4:22:bf:d4:9b:cc:4d:30:69:01:3c:25:1a:
d7:35:06:47:1c:bd:e4:a7:b7:31:4c:15:87:2b:f8:1b:08:9f:
aa:77:6c:fa:94:5e:ae:f9:c1:5b:0b:c6:b2:3d:5e:7a:2b:91:
af:b4:d2:5b:91:07:49:47:42:fe:d0:68:43:e2:9f:f1:a3:ed:
21:44:89:62:81:fc:73:af:f7:33:87:e6:3c:94:f9:ea:e4:a8:
af:44:92:3c:32:d0:e1:70:e7:89:db:bc:45:94:c1:08:a8:05:
fa:41:e6:17
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICG4AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQxMDA0MTEwMzQzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZmY2I4Zi1mN2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvWi1jg4iYQpZSd05K8pkIUfH6s+A6VrKDDbCKJd5aVd/1uLA9T6aNi5MwdgJ
rIR9Azh3xUQKhfsvMSrZPO3/GvLnKLmz7XU7iUlHeQ8KTwSWCDfz2xlVYTYWJxQ4
5iRRoPmnKi4bPXFblibvPPQJLOmiOwQDdZM8VHanYqu3M8GIVuJIfpkHKzPCL81o
C+k7lljDQTOXS8icdlu+kr/XZqnjvGrDpJZ4CFslW7Y26sFaEqYnvh4aKtC0f7B9
I8qIhTEB62wfNFSvlOcSNdLQ3iHop7qd6gwHM4c4jWeNPkowrlw1Wk5851iOVhXs
Bk3fC7JnxNBd0WMRTUEOa6cwPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIT2H0do
12yMKQjNvYIm3D8uZze7MB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDMzOUIxNkM4
MjFGMTFFRjk5NEFCRDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGgHjwwDQYJKoZIhvcNAQELBQADggEBAKasKpiS4jfrjk5r
opSGdEYdQ4QFliRM+U6Zqi0DAiWXacnwvf0nn5W7PtGJgPLztii9ppRu3SZf0ULY
txWM0OHx3XadFZ/BqSYcqIDfFPS3D8UfEIYM6ztVM36G6C9FtpfOAF/oIn39tq0G
a4Ue2rjc1uSi7ec9+WK4gBYhvA1CQE1+UnrWKqO7ud0rBSf3PIIWmOIG9CK/1JvM
TTBpATwlGtc1BkccveSntzFMFYcr+BsIn6p3bPqUXq75wVsLxrI9Xnorka+00luR
B0lHQv7QaEPin/Gj7SFEiWKB/HOv9zOH5jyU+erkqK9Ekjwy0OFw54nbvEWUwQio
BfpB5hc=
-----END CERTIFICATE-----
Generated at Tue Oct 29 10:56:53 2024 by rpki-client on console-fra.rpki-client.org