Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/6D14827821AD11EF92B9E564C4F9AE02.roa
File: 6D14827821AD11EF92B9E564C4F9AE02.roa (raw, json)
Hash identifier: 7yoMNaYVkmae+iqYoPLgp2ituIwaluuX3w+t0Bw+m04=
Subject key identifier: 78:82:B4:80:53:7C:54:9A:E1:46:AF:E0:5A:5F:7E:46:17:34:F0:10
Certificate issuer: /CN=A91B80C2/serialNumber=2ABA2AA3CB3F94581C5D3D91BA36B8A9D8E8DEAD
Certificate serial: 19
Authority key identifier: 2A:BA:2A:A3:CB:3F:94:58:1C:5D:3D:91:BA:36:B8:A9:D8:E8:DE:AD
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Kroqo8s_lFgcXT2Ruja4qdjo3q0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/6D14827821AD11EF92B9E564C4F9AE02.roa
Signing time: Mon 03 Jun 2024 13:30:22 +0000
ROA not before: Mon 03 Jun 2024 13:30:22 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 215177
IP address blocks: 160.20.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 06:44:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25 (0x19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B80C2/serialNumber=2ABA2AA3CB3F94581C5D3D91BA36B8A9D8E8DEAD
Validity
Not Before: Jun 3 13:30:22 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=665dc56d-76ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0a:f5:91:0e:66:f7:31:f7:78:f0:d7:cb:f9:
26:dd:d5:74:62:a0:33:41:1c:6d:f5:aa:18:de:aa:
eb:d7:00:8a:a8:55:c6:e1:ed:b1:00:f0:db:cf:74:
bc:b6:8b:c4:b2:c1:0d:e1:22:f1:6e:37:95:cf:f8:
8c:c3:08:6c:0d:4e:25:e1:51:a6:c6:4c:4b:dd:75:
76:88:c8:1b:06:9f:97:28:7f:c3:a7:48:06:84:92:
6c:cf:35:63:41:0d:e0:7d:bc:9a:63:7c:7b:91:6e:
14:9d:e1:7f:d9:9f:f8:c9:48:2d:aa:3e:ba:08:d5:
eb:a4:3a:ef:8f:e2:80:c1:66:2f:18:7a:59:2c:f2:
2b:7d:0e:7b:b3:3f:96:0f:b4:3d:f2:61:84:e8:ef:
0c:61:cd:a2:9b:92:52:c8:32:30:bf:1a:57:80:e3:
c6:54:48:04:4b:ae:29:a8:81:8e:76:25:e3:e0:9e:
f9:00:b3:03:07:a5:7c:b0:45:0e:3d:b9:28:b0:70:
cf:e9:fe:58:15:84:81:c4:24:67:ac:2b:43:40:8c:
89:52:7c:cd:09:82:02:30:64:4c:f9:06:30:cb:57:
c4:1d:ff:1a:16:04:86:fc:72:a2:e9:da:c5:7a:ae:
7a:01:a5:99:4b:8a:ca:18:32:73:37:33:da:1f:4e:
96:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:82:B4:80:53:7C:54:9A:E1:46:AF:E0:5A:5F:7E:46:17:34:F0:10
X509v3 Authority Key Identifier:
keyid:2A:BA:2A:A3:CB:3F:94:58:1C:5D:3D:91:BA:36:B8:A9:D8:E8:DE:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/Kroqo8s_lFgcXT2Ruja4qdjo3q0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Kroqo8s_lFgcXT2Ruja4qdjo3q0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/6D14827821AD11EF92B9E564C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.121.0/24
Signature Algorithm: sha256WithRSAEncryption
84:81:64:cf:e0:75:f5:1e:d3:21:c2:6d:cd:54:14:e1:3a:b0:
60:fb:5e:96:84:eb:6a:a5:31:4a:c4:38:67:25:a2:06:65:4b:
c3:fc:9d:fd:d3:e8:5f:40:ac:12:56:c8:41:68:2a:4b:5e:08:
c9:04:af:86:cb:6d:5b:25:b2:73:96:64:a5:38:56:62:87:3d:
58:d9:1a:e1:91:3d:34:ee:e2:6f:fc:5e:da:2d:e4:ba:b7:fe:
e2:9f:b7:ab:28:14:a6:8d:3f:9b:a5:b4:02:63:13:a6:a6:9e:
b6:02:4a:f5:e0:3b:b9:3f:0e:58:85:47:89:c8:6f:61:96:58:
46:d4:62:de:23:68:56:7a:8c:16:db:2b:60:df:cf:42:04:7d:
af:71:6d:f8:1b:9b:29:5f:04:19:98:3b:b5:d0:1f:4b:f4:fb:
77:b9:72:d0:a4:10:a6:59:5f:ac:db:94:3e:ac:1c:9f:4c:30:
eb:ee:72:09:66:ae:9f:5b:c3:fa:4f:40:43:b9:59:71:51:ff:
9c:27:07:82:78:01:4c:76:25:36:a2:b0:0c:af:ab:25:ff:9f:
8b:62:8b:d7:5e:7f:0c:e0:7c:75:23:12:23:f5:a5:19:c2:e0:
1e:37:d1:9f:56:00:4a:41:53:bf:87:d4:ce:37:40:17:db:ce:
e6:40:4c:d2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBGTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODBDMjExMC8GA1UEBRMoMkFCQTJBQTNDQjNGOTQ1ODFDNUQzRDkxQkEzNkI4QTlE
OEU4REVBRDAeFw0yNDA2MDMxMzMwMjJaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NWRjNTZkLTc2YWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDsCvWRDmb3Mfd48NfL+Sbd1XRioDNBHG31qhjequvXAIqoVcbh7bEA8NvPdLy2
i8SywQ3hIvFuN5XP+IzDCGwNTiXhUabGTEvddXaIyBsGn5cof8OnSAaEkmzPNWNB
DeB9vJpjfHuRbhSd4X/Zn/jJSC2qProI1eukOu+P4oDBZi8Yelks8it9DnuzP5YP
tD3yYYTo7wxhzaKbklLIMjC/GleA48ZUSARLrimogY52JePgnvkAswMHpXywRQ49
uSiwcM/p/lgVhIHEJGesK0NAjIlSfM0JggIwZEz5BjDLV8Qd/xoWBIb8cqLp2sV6
rnoBpZlLisoYMnM3M9ofTpbNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUeIK0gFN8
VJrhRq/gWl9+Rhc08BAwHwYDVR0jBBgwFoAUKroqo8s/lFgcXT2Ruja4qdjo3q0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4MEMyLzk4M0U2MTUwMTcx
QTExRUY4NjU3NzU0RkM0RjlBRTAyL0tyb3FvOHNfbEZnY1hUMlJ1amE0cWRqbzNx
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvS3JvcW84c19sRmdjWFQyUnVqYTRxZGpvM3EwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODBDMi85ODNFNjE1MDE3MUExMUVGODY1Nzc1NEZDNEY5QUUwMi82RDE0ODI3ODIx
QUQxMUVGOTJCOUU1NjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAUeTANBgkqhkiG9w0BAQsFAAOCAQEAhIFkz+B19R7TIcJt
zVQU4TqwYPteloTraqUxSsQ4ZyWiBmVLw/yd/dPoX0CsElbIQWgqS14IyQSvhstt
WyWyc5ZkpThWYoc9WNka4ZE9NO7ib/xe2i3kurf+4p+3qygUpo0/m6W0AmMTpqae
tgJK9eA7uT8OWIVHichvYZZYRtRi3iNoVnqMFtsrYN/PQgR9r3Ft+BubKV8EGZg7
tdAfS/T7d7ly0KQQpllfrNuUPqwcn0ww6+5yCWaun1vD+k9AQ7lZcVH/nCcHgngB
THYlNqKwDK+rJf+fi2KL115/DOB8dSMSI/WlGcLgHjfRn1YASkFTv4fUzjdAF9vO
5kBM0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org