Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F0E2/2B4BB42EA25E11EFA38D9375C4F9AE02/C8B11F00A25F11EF9F9B3A11C4F9AE02.roa
File: C8B11F00A25F11EF9F9B3A11C4F9AE02.roa (raw, json)
Hash identifier: +Q0W047xUBVie0fTA98LKEDErT4Gq5dnM7JJItIVFtQ=
Subject key identifier: D4:46:E8:15:12:7F:BE:13:B6:33:A4:DD:4A:5E:03:5D:85:D8:E5:C5
Certificate issuer: /CN=A918F0E2/serialNumber=807E688AA50BD3E38BE31B5D4C4E060804EB15DC
Certificate serial: 02
Authority key identifier: 80:7E:68:8A:A5:0B:D3:E3:8B:E3:1B:5D:4C:4E:06:08:04:EB:15:DC
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gH5oiqUL0-OL4xtdTE4GCATrFdw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F0E2/2B4BB42EA25E11EFA38D9375C4F9AE02/C8B11F00A25F11EF9F9B3A11C4F9AE02.roa
Signing time: Thu 14 Nov 2024 08:09:34 +0000
ROA not before: Thu 14 Nov 2024 08:09:34 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 15830
IP address blocks: 160.187.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 09:32:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F0E2/serialNumber=807E688AA50BD3E38BE31B5D4C4E060804EB15DC
Validity
Not Before: Nov 14 08:09:34 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6735b03e-37e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7e:e6:3d:d9:ab:c6:7d:0d:42:17:d5:14:23:
33:86:c6:cf:3a:58:44:d6:63:f2:cc:50:4c:69:d2:
9f:20:bc:13:2b:f0:1e:3a:90:01:aa:21:60:52:82:
fc:fe:c7:d3:b7:f8:41:ce:93:0d:a2:a4:85:f8:06:
3f:2d:d0:ea:2b:5b:11:89:e9:9c:56:d0:f3:44:33:
e6:6c:38:2b:6c:b2:6b:96:92:ae:8c:6a:ab:10:53:
5c:6f:a4:3e:3a:d4:9f:41:ca:15:f7:a1:f1:ea:5b:
08:5d:34:79:f7:73:5c:20:f5:c2:dc:41:76:57:ed:
17:9f:46:ca:6f:a1:98:0c:8b:8d:de:f1:8d:3b:6c:
68:10:f3:bb:4a:de:7d:73:c3:5f:98:9b:af:01:77:
9e:56:6a:49:f7:b2:b8:c4:be:2a:0b:74:d7:83:1d:
77:01:79:cc:17:b5:20:3d:86:eb:32:7f:10:92:a2:
29:0b:8d:10:ad:7f:4b:32:ca:39:be:30:70:a1:66:
d4:05:a7:13:88:9a:59:03:1d:39:5f:46:79:0a:a7:
6f:3e:ee:78:bb:c4:52:3c:bc:b0:6b:12:db:7e:36:
cd:a6:b8:ab:89:e4:95:53:73:1c:d3:79:8f:66:0b:
93:e8:ac:50:60:97:16:fa:85:c2:e3:c8:a0:4e:18:
4f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:46:E8:15:12:7F:BE:13:B6:33:A4:DD:4A:5E:03:5D:85:D8:E5:C5
X509v3 Authority Key Identifier:
keyid:80:7E:68:8A:A5:0B:D3:E3:8B:E3:1B:5D:4C:4E:06:08:04:EB:15:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F0E2/2B4BB42EA25E11EFA38D9375C4F9AE02/gH5oiqUL0-OL4xtdTE4GCATrFdw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gH5oiqUL0-OL4xtdTE4GCATrFdw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F0E2/2B4BB42EA25E11EFA38D9375C4F9AE02/C8B11F00A25F11EF9F9B3A11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.95.0/24
Signature Algorithm: sha256WithRSAEncryption
e6:ca:74:2d:a3:2b:8e:01:75:ff:d5:dd:67:fd:7f:aa:77:da:
83:ec:83:87:37:dd:a7:ee:b5:dc:63:47:66:b1:f4:a2:a8:84:
a7:85:36:02:ec:d1:1e:45:b5:e3:fe:9c:00:32:fc:65:c3:d4:
15:7c:47:60:16:95:7a:15:ac:30:70:2f:b2:f4:5b:fd:c2:01:
2e:76:92:89:a6:37:37:f8:98:12:51:fd:c0:21:58:ad:6f:5e:
d8:e2:86:60:ce:47:d9:d2:4e:af:5f:fd:4d:cf:57:81:0f:cc:
71:b1:89:bc:3d:7c:23:b4:d3:a5:b3:56:03:78:ed:e5:72:69:
53:46:51:dc:c6:99:8b:3c:4a:ed:9b:e2:d4:d0:63:64:e9:01:
04:ea:90:f9:65:e4:3c:3d:4b:69:9b:f8:3a:41:e7:3e:88:e8:
a0:c6:d5:88:77:32:15:db:77:da:63:cb:b5:0e:7f:2a:cc:3f:
be:45:79:b2:e6:bb:63:87:92:75:6a:11:61:e7:44:98:68:c5:
df:54:43:ae:fd:83:15:2e:e9:f2:d2:b1:f5:c9:26:e0:ad:dd:
e3:9e:d9:7e:4a:13:01:94:e7:7f:38:07:6e:00:21:9e:09:71:
92:bb:24:ed:00:20:bd:42:e0:58:94:ed:62:13:bb:67:0a:54:
1d:d2:cc:38
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
RjBFMjExMC8GA1UEBRMoODA3RTY4OEFBNTBCRDNFMzhCRTMxQjVENEM0RTA2MDgw
NEVCMTVEQzAeFw0yNDExMTQwODA5MzRaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MzViMDNlLTM3ZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDhfuY92avGfQ1CF9UUIzOGxs86WETWY/LMUExp0p8gvBMr8B46kAGqIWBSgvz+
x9O3+EHOkw2ipIX4Bj8t0OorWxGJ6ZxW0PNEM+ZsOCtssmuWkq6MaqsQU1xvpD46
1J9ByhX3ofHqWwhdNHn3c1wg9cLcQXZX7RefRspvoZgMi43e8Y07bGgQ87tK3n1z
w1+Ym68Bd55Wakn3srjEvioLdNeDHXcBecwXtSA9husyfxCSoikLjRCtf0syyjm+
MHChZtQFpxOImlkDHTlfRnkKp28+7ni7xFI8vLBrEtt+Ns2muKuJ5JVTcxzTeY9m
C5PorFBglxb6hcLjyKBOGE9rAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU1EboFRJ/
vhO2M6TdSl4DXYXY5cUwHwYDVR0jBBgwFoAUgH5oiqUL0+OL4xtdTE4GCATrFdww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThGMEUyLzJCNEJCNDJFQTI1
RTExRUZBMzhEOTM3NUM0RjlBRTAyL2dINW9pcVVMMC1PTDR4dGRURTRHQ0FUckZk
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZ0g1b2lxVUwwLU9MNHh0ZFRFNEdDQVRyRmR3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RjBFMi8yQjRCQjQyRUEyNUUxMUVGQTM4RDkzNzVDNEY5QUUwMi9DOEIxMUYwMEEy
NUYxMUVGOUY5QjNBMTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKC7XzANBgkqhkiG9w0BAQsFAAOCAQEA5sp0LaMrjgF1/9Xd
Z/1/qnfag+yDhzfdp+613GNHZrH0oqiEp4U2AuzRHkW14/6cADL8ZcPUFXxHYBaV
ehWsMHAvsvRb/cIBLnaSiaY3N/iYElH9wCFYrW9e2OKGYM5H2dJOr1/9Tc9XgQ/M
cbGJvD18I7TTpbNWA3jt5XJpU0ZR3MaZizxK7Zvi1NBjZOkBBOqQ+WXkPD1LaZv4
OkHnPojooMbViHcyFdt32mPLtQ5/Ksw/vkV5sua7Y4eSdWoRYedEmGjF31RDrv2D
FS7p8tKx9ckm4K3d457ZfkoTAZTnfzgHbgAhnglxkrsk7QAgvULgWJTtYhO7ZwpU
HdLMOA==
-----END CERTIFICATE-----
Generated at Thu Nov 14 12:27:54 2024 by rpki-client on console-fra.rpki-client.org