Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/50ADC8781D8F11EF91A5AD1CC4F9AE02.roa
File: 50ADC8781D8F11EF91A5AD1CC4F9AE02.roa (raw, json)
Hash identifier: DhU/Xyn7K8vs/ago4ilfcYhEqE41aEKrqvjlK0JjAXg=
Subject key identifier: 3F:81:40:AD:C3:70:21:04:40:68:70:98:24:59:A1:61:11:BA:B3:25
Certificate issuer: /CN=A91B80C2/serialNumber=2ABA2AA3CB3F94581C5D3D91BA36B8A9D8E8DEAD
Certificate serial: 09
Authority key identifier: 2A:BA:2A:A3:CB:3F:94:58:1C:5D:3D:91:BA:36:B8:A9:D8:E8:DE:AD
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Kroqo8s_lFgcXT2Ruja4qdjo3q0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/50ADC8781D8F11EF91A5AD1CC4F9AE02.roa
Signing time: Wed 29 May 2024 07:44:44 +0000
ROA not before: Wed 29 May 2024 07:44:44 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152726
IP address blocks: 160.20.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 20:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B80C2/serialNumber=2ABA2AA3CB3F94581C5D3D91BA36B8A9D8E8DEAD
Validity
Not Before: May 29 07:44:44 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6656dcec-93d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e0:d6:35:0c:4d:25:99:e5:27:65:e7:14:3a:
02:74:13:3c:94:2c:d0:19:f5:47:d1:09:43:3b:26:
0e:1c:25:8e:ab:ff:d3:12:ca:00:e3:6d:c5:d7:d5:
b9:95:3c:8a:f7:b3:b5:56:ab:88:d1:3c:da:29:31:
c3:96:e2:e1:36:bc:9a:f7:49:d0:bb:ce:85:64:95:
eb:0d:1f:38:27:8b:63:ee:b0:2e:8a:05:73:5f:fc:
08:8c:b3:64:d6:e7:41:bb:bd:84:66:5b:fe:9e:3f:
16:6f:9b:16:f7:9f:55:af:67:54:da:14:f9:fc:4e:
3b:08:4a:8c:7e:29:71:ce:cf:02:bc:2a:11:38:6c:
94:61:90:81:d1:9b:5b:f6:f9:cb:7f:27:5c:e9:fe:
80:78:43:ef:8a:da:12:40:1f:58:6a:0a:d4:fe:c0:
f8:17:cc:6c:86:20:4f:44:bc:ae:c4:f3:66:be:49:
78:75:d4:30:a0:ab:ea:ac:b1:0f:0c:4e:b6:7e:49:
70:78:aa:2a:ab:43:ce:46:37:7c:c5:ea:ae:28:64:
cd:77:56:b0:45:45:d3:e2:56:f1:0b:db:8f:1c:bb:
19:30:7b:11:2b:59:db:0f:d1:d6:41:40:f0:13:d1:
0c:90:f9:07:0e:9d:af:59:4e:cb:28:2d:dd:eb:c4:
9e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:81:40:AD:C3:70:21:04:40:68:70:98:24:59:A1:61:11:BA:B3:25
X509v3 Authority Key Identifier:
keyid:2A:BA:2A:A3:CB:3F:94:58:1C:5D:3D:91:BA:36:B8:A9:D8:E8:DE:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/Kroqo8s_lFgcXT2Ruja4qdjo3q0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Kroqo8s_lFgcXT2Ruja4qdjo3q0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/50ADC8781D8F11EF91A5AD1CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.121.0/24
Signature Algorithm: sha256WithRSAEncryption
43:07:eb:cc:98:76:87:a7:aa:ec:09:c4:64:c0:fb:9b:66:12:
7a:32:7a:3d:06:b2:f6:6c:23:12:88:cc:0e:d0:3d:6d:91:0b:
1b:2b:da:77:f1:a7:a3:d1:30:a8:eb:5c:8b:c8:38:83:ee:f4:
b6:45:a9:b8:3b:b4:c9:ab:af:49:c4:19:19:d2:60:ea:cb:0c:
8e:91:25:34:da:2a:0a:a2:dc:37:33:a9:26:b8:f9:22:7e:5e:
57:a3:1d:33:f1:3a:6b:ae:2a:2d:69:37:ed:38:8d:62:e7:e0:
ba:7a:3d:1b:15:09:09:9f:86:0a:30:9a:2f:92:e9:33:2e:55:
c0:40:b6:37:69:0b:ba:00:d7:dc:6f:0c:9f:8c:65:40:3c:5b:
05:f6:4b:d3:82:2a:76:77:87:c0:2a:9b:bf:a1:d6:26:d9:5e:
e2:a2:47:0e:14:87:5e:93:ed:d0:a2:8b:9f:38:0f:73:35:df:
cd:ff:d2:9d:a2:41:32:9c:2c:7d:5a:66:1e:38:98:c7:63:15:
7f:77:ca:fa:00:85:9e:91:26:40:2c:6d:b9:98:b0:c1:11:45:
32:fc:19:85:8a:f9:97:ba:7f:ff:fd:49:43:08:7d:16:d6:5a:
4e:ea:db:a7:4d:8c:d8:21:be:31:a8:52:75:f4:55:3d:67:da:
2f:21:2e:58
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODBDMjExMC8GA1UEBRMoMkFCQTJBQTNDQjNGOTQ1ODFDNUQzRDkxQkEzNkI4QTlE
OEU4REVBRDAeFw0yNDA1MjkwNzQ0NDRaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTZkY2VjLTkzZDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCs4NY1DE0lmeUnZecUOgJ0EzyULNAZ9UfRCUM7Jg4cJY6r/9MSygDjbcXX1bmV
PIr3s7VWq4jRPNopMcOW4uE2vJr3SdC7zoVklesNHzgni2PusC6KBXNf/AiMs2TW
50G7vYRmW/6ePxZvmxb3n1WvZ1TaFPn8TjsISox+KXHOzwK8KhE4bJRhkIHRm1v2
+ct/J1zp/oB4Q++K2hJAH1hqCtT+wPgXzGyGIE9EvK7E82a+SXh11DCgq+qssQ8M
TrZ+SXB4qiqrQ85GN3zF6q4oZM13VrBFRdPiVvEL248cuxkwexErWdsP0dZBQPAT
0QyQ+QcOna9ZTssoLd3rxJ7ZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUP4FArcNw
IQRAaHCYJFmhYRG6syUwHwYDVR0jBBgwFoAUKroqo8s/lFgcXT2Ruja4qdjo3q0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4MEMyLzk4M0U2MTUwMTcx
QTExRUY4NjU3NzU0RkM0RjlBRTAyL0tyb3FvOHNfbEZnY1hUMlJ1amE0cWRqbzNx
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvS3JvcW84c19sRmdjWFQyUnVqYTRxZGpvM3EwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODBDMi85ODNFNjE1MDE3MUExMUVGODY1Nzc1NEZDNEY5QUUwMi81MEFEQzg3ODFE
OEYxMUVGOTFBNUFEMUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAUeTANBgkqhkiG9w0BAQsFAAOCAQEAQwfrzJh2h6eq7AnE
ZMD7m2YSejJ6PQay9mwjEojMDtA9bZELGyvad/Gno9EwqOtci8g4g+70tkWpuDu0
yauvScQZGdJg6ssMjpElNNoqCqLcNzOpJrj5In5eV6MdM/E6a64qLWk37TiNYufg
uno9GxUJCZ+GCjCaL5LpMy5VwEC2N2kLugDX3G8Mn4xlQDxbBfZL04IqdneHwCqb
v6HWJtle4qJHDhSHXpPt0KKLnzgPczXfzf/SnaJBMpwsfVpmHjiYx2MVf3fK+gCF
npEmQCxtuZiwwRFFMvwZhYr5l7p///1JQwh9FtZaTurbp02M2CG+MahSdfRVPWfa
LyEuWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org