Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/E642D2A43F5211EFA44D9735C4F9AE02.roa
File: E642D2A43F5211EFA44D9735C4F9AE02.roa (raw, json)
Hash identifier: J8jei6pj0fNhfFOnTAmf2n+N/e947/jmzy7NhZkFxAE=
Subject key identifier: BE:C1:74:53:F2:EA:2B:12:94:CC:5D:7C:CD:5C:E0:92:9D:77:B2:AC
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1AA0
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/E642D2A43F5211EFA44D9735C4F9AE02.roa
Signing time: Thu 11 Jul 2024 06:57:56 +0000
ROA not before: Thu 11 Jul 2024 06:57:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149240
IP address blocks: 160.25.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Aug 2024 12:15:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6816 (0x1aa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Validity
Not Before: Jul 11 06:57:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=668f8273-bf81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:46:b8:27:67:e8:b7:d7:74:a7:5e:d6:fc:31:
af:ec:8d:7f:e1:9d:47:48:4a:c6:7c:1a:c9:76:99:
8e:a5:ce:c0:74:44:17:77:cf:88:ca:da:c0:d6:a4:
90:97:56:14:dd:87:95:60:29:55:bd:a7:98:b0:ad:
2c:87:52:72:ba:6a:4c:52:39:1e:8c:e9:90:8b:35:
1e:6d:e0:c4:64:96:6d:57:42:29:1d:51:21:9b:3e:
a6:79:c0:11:21:df:cd:25:fc:9b:ea:98:7a:de:75:
c3:d0:36:dd:2d:9a:d1:25:e1:2b:1f:75:3f:54:02:
6d:bc:e8:cf:bc:ca:a9:a2:50:24:25:e4:57:3c:d2:
4d:cc:42:66:4c:de:3e:c6:e8:5a:fe:98:d8:c1:ae:
08:a0:8c:7a:a8:37:0c:df:54:1c:56:28:81:58:3d:
30:e8:09:fd:4e:37:56:1f:e4:ca:5b:b6:eb:f1:0b:
6a:56:13:f6:76:55:45:06:6e:76:a0:25:57:84:ea:
f8:b5:7f:d5:2e:2a:16:69:86:fc:d3:9a:3d:d2:90:
82:fe:37:43:8d:1f:e4:ec:53:93:96:f2:ee:2c:bd:
da:42:68:ca:d0:ee:63:95:e2:05:5a:3e:ab:7e:06:
7e:4a:04:75:11:05:ba:be:78:e0:d2:66:85:cb:f1:
4d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:C1:74:53:F2:EA:2B:12:94:CC:5D:7C:CD:5C:E0:92:9D:77:B2:AC
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/E642D2A43F5211EFA44D9735C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.25.136.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:d9:94:da:21:8d:e2:54:08:79:32:fd:76:6e:43:c2:b1:51:
18:8c:ae:3a:94:1a:67:9c:45:36:76:cd:c0:e8:0b:84:82:da:
5e:07:83:38:e3:c5:38:09:74:f9:d6:ce:88:5b:ff:08:a4:2e:
a5:d4:9f:2a:cf:19:6f:c9:54:91:7e:83:a2:be:8c:7d:9f:f0:
e0:f9:55:2a:a7:77:7e:ce:39:22:a3:02:17:a8:ce:74:b2:0a:
94:4f:bc:af:f2:b5:e1:07:89:87:73:de:6f:35:7c:96:4d:56:
73:fe:24:8d:10:b4:37:52:23:bb:bf:b8:3b:86:f2:d6:b7:b0:
ab:fe:8b:be:93:78:ed:de:e8:70:77:85:18:60:ca:7e:26:56:
96:11:6b:2b:04:37:5d:96:ab:e0:3b:fb:da:0c:dd:ac:82:44:
84:f5:8d:79:0f:52:86:af:8a:5b:90:24:80:f8:9e:70:89:2a:
30:12:20:59:f7:bf:be:a3:7d:dd:da:a3:a1:40:f1:8e:b4:cc:
2a:f5:58:07:74:1d:ee:f3:ab:7d:17:f5:e3:e1:29:5b:99:40:
7b:c1:0a:58:b0:42:d2:7d:d2:79:69:4f:f2:68:ef:dd:5a:5d:
5e:af:c5:e4:83:fd:e1:39:4a:44:46:ab:15:80:13:7f:45:50:
c3:d7:d3:95
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGqAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQwNzExMDY1NzU2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhmODI3My1iZjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5Ua4J2fot9d0p17W/DGv7I1/4Z1HSErGfBrJdpmOpc7AdEQXd8+IytrA1qSQ
l1YU3YeVYClVvaeYsK0sh1JyumpMUjkejOmQizUebeDEZJZtV0IpHVEhmz6mecAR
Id/NJfyb6ph63nXD0DbdLZrRJeErH3U/VAJtvOjPvMqpolAkJeRXPNJNzEJmTN4+
xuha/pjYwa4IoIx6qDcM31QcViiBWD0w6An9TjdWH+TKW7br8QtqVhP2dlVFBm52
oCVXhOr4tX/VLioWaYb805o90pCC/jdDjR/k7FOTlvLuLL3aQmjK0O5jleIFWj6r
fgZ+SgR1EQW6vnjg0maFy/FN5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFL7BdFPy
6isSlMxdfM1c4JKdd7KsMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTY0MkQyQTQz
RjUyMTFFRkE0NEQ5NzM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACgGYgwDQYJKoZIhvcNAQELBQADggEBAHrZlNohjeJUCHky
/XZuQ8KxURiMrjqUGmecRTZ2zcDoC4SC2l4HgzjjxTgJdPnWzohb/wikLqXUnyrP
GW/JVJF+g6K+jH2f8OD5VSqnd37OOSKjAheoznSyCpRPvK/yteEHiYdz3m81fJZN
VnP+JI0QtDdSI7u/uDuG8ta3sKv+i76TeO3e6HB3hRhgyn4mVpYRaysEN12Wq+A7
+9oM3ayCRIT1jXkPUoaviluQJID4nnCJKjASIFn3v76jfd3ao6FA8Y60zCr1WAd0
He7zq30X9ePhKVuZQHvBCliwQtJ90nlpT/Jo791aXV6vxeSD/eE5SkRGqxWAE39F
UMPX05U=
-----END CERTIFICATE-----
Generated at Tue Aug 6 15:08:08 2024 by rpki-client on console-ams.rpki-client.org