Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/29CB60F49B4711EFAD83335DC4F9AE02.roa
File: 29CB60F49B4711EFAD83335DC4F9AE02.roa (raw, json)
Hash identifier: QIDLVRe3I8inpUYVY/rOw3XFa0Eqzseziw9pFJIwgpE=
Subject key identifier: CF:C5:A8:D3:EE:1C:CA:75:71:8C:4F:0E:97:E3:20:2C:75:51:9A:EC
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 03B2
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/29CB60F49B4711EFAD83335DC4F9AE02.roa
Signing time: Tue 05 Nov 2024 07:25:42 +0000
ROA not before: Tue 05 Nov 2024 07:25:42 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 153024
IP address blocks: 160.191.88.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 16 Nov 2024 14:42:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 946 (0x3b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Nov 5 07:25:42 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6729c876-e60d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:84:d6:6e:ee:c6:08:b3:22:c1:a4:c9:2f:50:
e0:71:a4:8d:a3:ee:cf:c9:5a:10:a4:93:3f:4e:8c:
cf:c9:a5:3a:ce:9a:29:33:18:75:03:ff:e8:42:ed:
02:b3:22:ce:f4:08:ee:bf:ef:c9:96:b3:b8:16:4a:
fe:a3:54:85:22:96:59:8d:6b:c6:dd:77:f3:35:85:
4f:4b:c3:8e:b6:cd:40:68:30:5a:13:88:2b:cc:45:
34:57:5e:44:2a:96:ea:10:4e:9c:63:3f:7f:b6:58:
bc:5b:fe:3c:3d:93:3c:ce:9a:70:03:96:bc:62:8f:
75:79:30:32:7b:1f:30:25:d8:5c:81:b2:5a:9b:5d:
19:36:c7:6e:67:33:1a:90:22:80:69:4c:97:ea:93:
e5:ff:13:94:44:3b:c2:ed:b9:e1:50:4a:30:bb:6f:
2f:25:f5:1a:27:1e:21:49:91:fb:8f:77:cd:2c:c5:
48:e3:20:61:ce:96:79:27:51:17:52:d0:d0:c6:62:
12:8a:41:1c:20:ee:a7:fd:5d:1d:43:85:3e:e1:71:
b7:56:0d:6a:c9:58:3d:26:04:f3:4a:13:50:5a:b3:
90:77:39:18:47:34:b1:0d:46:17:bd:d5:09:bc:57:
66:b6:b1:38:7a:ff:df:0a:24:fb:36:28:b4:83:06:
7a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C5:A8:D3:EE:1C:CA:75:71:8C:4F:0E:97:E3:20:2C:75:51:9A:EC
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/29CB60F49B4711EFAD83335DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.88.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:32:b6:f7:be:6e:ae:d8:d1:cd:25:e2:e1:19:73:43:5c:c8:
d5:df:a2:86:73:b7:c3:d7:8c:94:a3:e1:fc:ad:60:29:b7:24:
be:86:4a:70:99:b3:ae:31:f0:b9:83:f4:74:f6:ce:a7:60:11:
e1:f6:d3:ae:0b:af:8e:bf:b3:79:54:c3:3d:21:5a:3e:98:4e:
bb:79:b3:1c:00:99:ef:20:36:4a:eb:35:2a:72:71:15:25:a3:
17:77:6c:41:7d:10:d9:e5:37:e3:31:0a:b4:89:a0:0a:f2:98:
6a:46:7a:54:8c:0d:90:7b:02:47:b8:b8:61:4e:1f:bb:2e:53:
79:46:8c:d7:e2:a9:49:eb:f1:83:f1:ab:cc:fa:48:f4:db:de:
88:f8:17:29:2e:91:70:b3:22:cb:cd:79:56:78:d1:4d:12:3a:
6d:cd:ae:c0:b9:e5:e8:81:8d:63:d4:81:25:72:d9:f1:1d:72:
44:1e:cf:92:fd:42:2a:40:57:65:00:8a:ce:10:b8:b2:8a:0a:
47:b9:54:b5:87:07:71:11:a2:6a:96:23:47:7d:7f:5e:9c:16:
4b:7e:d3:3b:af:d3:59:54:3d:15:bf:e9:79:04:cb:1a:f3:11:
a8:8e:e5:d6:a1:ff:ae:56:90:0d:81:82:6f:a6:7f:ca:0c:49:
eb:dc:e6:db
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA7IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjQxMTA1MDcyNTQyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI5Yzg3Ni1lNjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwYTWbu7GCLMiwaTJL1DgcaSNo+7PyVoQpJM/TozPyaU6zpopMxh1A//oQu0C
syLO9Ajuv+/JlrO4Fkr+o1SFIpZZjWvG3XfzNYVPS8OOts1AaDBaE4grzEU0V15E
KpbqEE6cYz9/tli8W/48PZM8zppwA5a8Yo91eTAyex8wJdhcgbJam10ZNsduZzMa
kCKAaUyX6pPl/xOURDvC7bnhUEowu28vJfUaJx4hSZH7j3fNLMVI4yBhzpZ5J1EX
UtDQxmISikEcIO6n/V0dQ4U+4XG3Vg1qyVg9JgTzShNQWrOQdzkYRzSxDUYXvdUJ
vFdmtrE4ev/fCiT7Nii0gwZ6HQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM/FqNPu
HMp1cYxPDpfjICx1UZrsMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvMjlDQjYwRjQ5
QjQ3MTFFRkFEODMzMzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGgv1gwDQYJKoZIhvcNAQELBQADggEBAFwytve+bq7Y0c0l
4uEZc0NcyNXfooZzt8PXjJSj4fytYCm3JL6GSnCZs64x8LmD9HT2zqdgEeH2064L
r46/s3lUwz0hWj6YTrt5sxwAme8gNkrrNSpycRUloxd3bEF9ENnlN+MxCrSJoAry
mGpGelSMDZB7Ake4uGFOH7suU3lGjNfiqUnr8YPxq8z6SPTb3oj4FykukXCzIsvN
eVZ40U0SOm3NrsC55eiBjWPUgSVy2fEdckQez5L9QipAV2UAis4QuLKKCke5VLWH
B3ERomqWI0d9f16cFkt+0zuv01lUPRW/6XkEyxrzEaiO5dah/65WkA2Bgm+mf8oM
Sevc5ts=
-----END CERTIFICATE-----
Generated at Sat Nov 16 17:07:31 2024 by rpki-client on console-fra.rpki-client.org