Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4C1B/CF3735D0641B11EF9891547FC4F9AE02/529C1F7665B111EFB1CE2346C4F9AE02.roa
File: 529C1F7665B111EFB1CE2346C4F9AE02.roa (raw, json)
Hash identifier: FF4qnAQc/0o7YUSUY29lJ3yDC5fG7l1rNPbwMfa4X6M=
Subject key identifier: 12:84:25:05:7A:5A:EF:11:2D:5F:39:5A:6B:D2:56:6C:B2:32:8E:2D
Certificate issuer: /CN=A91B4C1B/serialNumber=CEE73A95D5CCEE062E7D5EBA1B5A127052E12538
Certificate serial: 04
Authority key identifier: CE:E7:3A:95:D5:CC:EE:06:2E:7D:5E:BA:1B:5A:12:70:52:E1:25:38
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zuc6ldXM7gYufV66G1oScFLhJTg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B4C1B/CF3735D0641B11EF9891547FC4F9AE02/529C1F7665B111EFB1CE2346C4F9AE02.roa
Signing time: Thu 29 Aug 2024 02:49:34 +0000
ROA not before: Thu 29 Aug 2024 02:49:34 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 135562
IP address blocks: 160.30.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 07:12:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B4C1B/serialNumber=CEE73A95D5CCEE062E7D5EBA1B5A127052E12538
Validity
Not Before: Aug 29 02:49:34 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66cfe1be-3ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fe:02:15:2f:2b:ae:b5:88:96:86:bd:8a:cb:
54:b4:d6:13:34:84:7a:ab:16:c1:b9:46:f0:cd:89:
e2:c9:2b:da:f0:43:e2:02:a2:59:0d:56:4a:50:62:
a4:76:b7:9b:1b:20:91:96:b6:db:ea:92:0e:bd:59:
fd:9b:d4:75:59:5f:75:d8:b4:fc:c5:6d:91:aa:da:
b6:5e:ba:b1:44:db:6c:5f:22:58:22:bc:31:f9:4c:
2f:fd:be:76:a4:4e:79:64:10:d1:74:d9:2e:13:d6:
4e:e5:90:e4:09:9a:f5:ff:16:31:68:97:e0:c6:89:
48:b8:65:9e:70:1c:da:79:eb:6e:d7:e2:cc:b4:c7:
e2:ca:fc:da:fe:9f:c0:31:5b:e4:f2:74:f7:6d:7b:
a6:2d:1b:ec:cc:ca:f7:4a:59:68:1a:25:64:1a:77:
36:c5:90:e4:e4:01:8a:d9:26:8a:9d:53:d6:c0:2f:
7e:30:99:a9:c4:ef:9d:2f:c7:1e:9c:a5:72:25:f4:
64:7b:83:7f:5a:19:e3:ec:23:bc:18:76:b5:3e:83:
83:95:c6:1a:29:bd:78:c3:9e:33:7d:d9:c7:f2:3f:
00:be:a0:9a:ac:71:4b:77:38:e0:b5:34:40:86:04:
b5:64:d0:e2:a9:42:66:a7:38:25:ad:2a:d3:f6:c6:
11:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:84:25:05:7A:5A:EF:11:2D:5F:39:5A:6B:D2:56:6C:B2:32:8E:2D
X509v3 Authority Key Identifier:
keyid:CE:E7:3A:95:D5:CC:EE:06:2E:7D:5E:BA:1B:5A:12:70:52:E1:25:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B4C1B/CF3735D0641B11EF9891547FC4F9AE02/zuc6ldXM7gYufV66G1oScFLhJTg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zuc6ldXM7gYufV66G1oScFLhJTg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4C1B/CF3735D0641B11EF9891547FC4F9AE02/529C1F7665B111EFB1CE2346C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.30.77.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:24:b0:54:8d:23:a0:b5:66:88:03:fb:7d:6d:3e:16:4d:37:
ca:b8:39:20:39:93:bd:85:72:5a:0f:f8:08:b7:01:d8:a4:0e:
cd:0a:73:98:68:84:9b:3e:94:8f:d7:fc:cf:00:42:c2:5f:31:
d2:76:89:14:8d:fe:15:0e:d4:69:d7:76:c7:21:ef:aa:2a:c1:
60:40:2d:aa:84:56:af:4b:fe:9c:60:0a:89:64:e3:5c:a9:b6:
27:1f:e9:fc:38:3f:1e:ce:b5:a2:f2:9b:72:1b:7c:55:60:d2:
bd:08:91:22:ca:90:a0:d4:b2:cd:4b:49:29:19:de:11:33:48:
fe:61:38:60:bd:65:35:23:44:ef:06:54:1d:69:7a:c3:76:a2:
0a:19:eb:12:e4:66:e0:f3:1d:d0:d3:56:5c:77:8e:ef:69:60:
f9:7b:b3:c1:fe:f7:c0:24:c2:31:39:51:61:ec:34:6f:e6:fb:
f7:6a:65:7f:4c:b5:ce:52:ce:16:f2:1b:f4:52:2f:84:51:01:
16:a8:2d:d0:e2:15:73:1c:1f:69:0c:b0:da:63:c2:38:3f:19:
bd:e5:7b:18:64:82:d1:74:0a:77:5b:49:f2:cc:53:ef:95:a9:
ab:a0:14:e8:88:00:90:45:86:9f:1c:a4:26:fc:1a:c7:0a:3a:
78:ce:54:9a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NEMxQjExMC8GA1UEBRMoQ0VFNzNBOTVENUNDRUUwNjJFN0Q1RUJBMUI1QTEyNzA1
MkUxMjUzODAeFw0yNDA4MjkwMjQ5MzRaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2Y2ZlMWJlLTNlY2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCb/gIVLyuutYiWhr2Ky1S01hM0hHqrFsG5RvDNieLJK9rwQ+IColkNVkpQYqR2
t5sbIJGWttvqkg69Wf2b1HVZX3XYtPzFbZGq2rZeurFE22xfIlgivDH5TC/9vnak
TnlkENF02S4T1k7lkOQJmvX/FjFol+DGiUi4ZZ5wHNp5627X4sy0x+LK/Nr+n8Ax
W+TydPdte6YtG+zMyvdKWWgaJWQadzbFkOTkAYrZJoqdU9bAL34wmanE750vxx6c
pXIl9GR7g39aGePsI7wYdrU+g4OVxhopvXjDnjN92cfyPwC+oJqscUt3OOC1NECG
BLVk0OKpQmanOCWtKtP2xhEDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUEoQlBXpa
7xEtXzlaa9JWbLIyji0wHwYDVR0jBBgwFoAUzuc6ldXM7gYufV66G1oScFLhJTgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0QzFCL0NGMzczNUQwNjQx
QjExRUY5ODkxNTQ3RkM0RjlBRTAyL3p1YzZsZFhNN2dZdWZWNjZHMW9TY0ZMaEpU
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvenVjNmxkWE03Z1l1ZlY2Nkcxb1NjRkxoSlRnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NEMxQi9DRjM3MzVEMDY0MUIxMUVGOTg5MTU0N0ZDNEY5QUUwMi81MjlDMUY3NjY1
QjExMUVGQjFDRTIzNDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAeTTANBgkqhkiG9w0BAQsFAAOCAQEAPSSwVI0joLVmiAP7
fW0+Fk03yrg5IDmTvYVyWg/4CLcB2KQOzQpzmGiEmz6Uj9f8zwBCwl8x0naJFI3+
FQ7Uadd2xyHvqirBYEAtqoRWr0v+nGAKiWTjXKm2Jx/p/Dg/Hs61ovKbcht8VWDS
vQiRIsqQoNSyzUtJKRneETNI/mE4YL1lNSNE7wZUHWl6w3aiChnrEuRm4PMd0NNW
XHeO72lg+Xuzwf73wCTCMTlRYew0b+b792plf0y1zlLOFvIb9FIvhFEBFqgt0OIV
cxwfaQyw2mPCOD8ZveV7GGSC0XQKd1tJ8sxT75Wpq6AU6IgAkEWGnxykJvwaxwo6
eM5Umg==
-----END CERTIFICATE-----
Generated at Fri Aug 30 09:04:40 2024 by rpki-client on console-fra.rpki-client.org