Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/C898179A920011EF9C0F4C6CC4F9AE02.roa
File: C898179A920011EF9C0F4C6CC4F9AE02.roa (raw, json)
Hash identifier: 0L/fKi65FJEecFj8YXAMHtm1oW+knyejiNfCyMB0DPA=
Subject key identifier: 2E:74:10:41:9B:D3:7B:F6:8D:AE:AB:56:95:C5:4C:56:D4:3F:D9:47
Certificate issuer: /CN=A91A1E1C/serialNumber=E421E59784AB6FD7000CD1597101EC360DD94066
Certificate serial: 02
Authority key identifier: E4:21:E5:97:84:AB:6F:D7:00:0C:D1:59:71:01:EC:36:0D:D9:40:66
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CHll4Srb9cADNFZcQHsNg3ZQGY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/C898179A920011EF9C0F4C6CC4F9AE02.roa
Signing time: Thu 24 Oct 2024 12:09:13 +0000
ROA not before: Thu 24 Oct 2024 12:09:13 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 133367
IP address blocks: 160.187.188.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 05:18:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1E1C
Validity
Not Before: Oct 24 12:09:13 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=671a38e9-a427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8a:d3:04:0f:e9:01:e4:47:d2:7f:b7:8d:e5:
89:33:e4:73:2a:33:d9:17:0c:c1:25:fa:3e:e6:a1:
5c:c1:73:e2:6c:29:b5:bc:1f:a9:ff:f4:ed:55:98:
e2:0e:bb:33:d1:17:9e:e6:b6:65:7b:05:96:0d:69:
54:61:5b:83:5f:fe:1e:dc:3b:72:ee:0a:8c:f4:b2:
5f:54:9a:96:ac:6c:9d:91:38:bd:04:b3:f4:81:d5:
f7:83:c9:16:2b:9b:13:be:53:dc:21:10:0f:7c:f8:
28:9c:46:5b:7b:d6:dd:4d:2d:74:08:bb:0c:24:d7:
f5:32:33:2b:aa:af:07:ba:8f:80:bc:83:bc:03:21:
7f:30:f4:c4:eb:bd:07:db:23:c2:cc:1a:1c:c7:84:
e5:e9:97:f6:8a:7a:b1:92:eb:2f:e6:43:e2:35:28:
50:ca:ed:ce:4e:dc:96:25:33:9e:4a:f7:31:99:16:
97:cc:b1:03:ee:43:ba:50:ce:1f:0e:85:a0:ad:8b:
06:4e:30:2e:f8:8e:b1:f4:2a:cb:2a:1d:d5:4b:5d:
2d:50:54:c8:c0:13:5c:a7:58:3b:e2:f8:1a:76:e9:
5a:77:d4:5a:09:29:62:bb:29:7c:05:9c:67:2b:da:
37:69:c9:f5:90:19:c5:0e:c0:af:41:0a:39:43:e1:
a9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:74:10:41:9B:D3:7B:F6:8D:AE:AB:56:95:C5:4C:56:D4:3F:D9:47
X509v3 Authority Key Identifier:
keyid:E4:21:E5:97:84:AB:6F:D7:00:0C:D1:59:71:01:EC:36:0D:D9:40:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CHll4Srb9cADNFZcQHsNg3ZQGY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/C898179A920011EF9C0F4C6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.188.0/23
Signature Algorithm: sha256WithRSAEncryption
b9:68:93:4e:b5:23:44:60:11:50:26:af:f9:ab:dd:d8:31:32:
ba:c8:09:1c:93:b6:a8:c2:74:01:27:9a:c7:66:01:1b:9a:43:
65:4b:60:fd:60:c8:38:6d:94:d9:9a:27:e1:10:07:88:f4:76:
87:7a:80:e1:20:f8:a0:e4:d8:c6:98:e6:7d:53:91:be:61:4f:
08:52:71:b7:74:07:7c:9f:7d:15:0f:c6:d7:e0:88:4d:8f:76:
f1:5c:07:bc:1f:eb:a7:9f:30:bf:19:b6:f8:f2:c7:8d:fc:f3:
2f:9c:54:9b:51:ca:23:27:96:18:07:79:03:84:95:cf:86:b5:
b4:8d:0c:9a:4d:ee:3a:73:ae:78:8a:a4:c3:11:cf:54:3d:d8:
11:63:77:7e:fa:b0:f1:58:fa:0b:4a:a1:1a:46:a0:25:52:1f:
b8:7f:42:a5:e7:8d:dd:54:4b:c9:99:ed:7e:94:22:ef:ad:24:
9f:10:4e:07:b4:2e:27:87:f5:45:c0:80:63:1d:53:95:62:0f:
2e:a3:41:4b:20:50:e0:28:6e:ea:75:97:6c:85:96:3c:4e:c6:
0f:8e:5e:34:93:c1:fd:15:4a:2f:1a:d4:53:c8:c6:e3:a0:b7:
d5:2b:c5:de:0b:a4:e9:25:52:6d:d8:e1:69:05:19:56:c8:c6:
e6:29:25:06
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MUUxQzExMC8GA1UEBRMoRTQyMUU1OTc4NEFCNkZENzAwMENEMTU5NzEwMUVDMzYw
REQ5NDA2NjAeFw0yNDEwMjQxMjA5MTNaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MWEzOGU5LWE0MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9itMED+kB5EfSf7eN5Ykz5HMqM9kXDMEl+j7moVzBc+JsKbW8H6n/9O1VmOIO
uzPRF57mtmV7BZYNaVRhW4Nf/h7cO3LuCoz0sl9UmpasbJ2ROL0Es/SB1feDyRYr
mxO+U9whEA98+CicRlt71t1NLXQIuwwk1/UyMyuqrwe6j4C8g7wDIX8w9MTrvQfb
I8LMGhzHhOXpl/aKerGS6y/mQ+I1KFDK7c5O3JYlM55K9zGZFpfMsQPuQ7pQzh8O
haCtiwZOMC74jrH0KssqHdVLXS1QVMjAE1ynWDvi+Bp26Vp31FoJKWK7KXwFnGcr
2jdpyfWQGcUOwK9BCjlD4aljAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQULnQQQZvT
e/aNrqtWlcVMVtQ/2UcwHwYDVR0jBBgwFoAU5CHll4Srb9cADNFZcQHsNg3ZQGYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUExRTFDLzI1MjIyRDgwOTIw
MDExRUY5RTBDM0Q2QkM0RjlBRTAyLzVDSGxsNFNyYjljQURORlpjUUhzTmczWlFH
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvNUNIbGw0U3JiOWNBRE5GWmNRSHNOZzNaUUdZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MUUxQy8yNTIyMkQ4MDkyMDAxMUVGOUUwQzNENkJDNEY5QUUwMi9DODk4MTc5QTky
MDAxMUVGOUMwRjRDNkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC7vDANBgkqhkiG9w0BAQsFAAOCAQEAuWiTTrUjRGARUCav
+avd2DEyusgJHJO2qMJ0ASeax2YBG5pDZUtg/WDIOG2U2Zon4RAHiPR2h3qA4SD4
oOTYxpjmfVORvmFPCFJxt3QHfJ99FQ/G1+CITY928VwHvB/rp58wvxm2+PLHjfzz
L5xUm1HKIyeWGAd5A4SVz4a1tI0Mmk3uOnOueIqkwxHPVD3YEWN3fvqw8Vj6C0qh
GkagJVIfuH9CpeeN3VRLyZntfpQi760knxBOB7QuJ4f1RcCAYx1TlWIPLqNBSyBQ
4Chu6nWXbIWWPE7GD45eNJPB/RVKLxrUU8jG46C31SvF3guk6SVSbdjhaQUZVsjG
5iklBg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:39:11 2025 by rpki-client