Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/B910D282172E11EFA3DDB411C4F9AE02.roa
File: B910D282172E11EFA3DDB411C4F9AE02.roa (raw, json)
Hash identifier: Ssm6I0i4E13ezlsO9/8KBY9hNQ+YPBZ66jbHY0JE/YY=
Subject key identifier: 28:D6:28:AB:93:DD:CB:B6:2E:2B:A2:E6:02:C2:6E:46:7B:42:17:56
Certificate issuer: /CN=A91B80C2/serialNumber=2ABA2AA3CB3F94581C5D3D91BA36B8A9D8E8DEAD
Certificate serial: 03
Authority key identifier: 2A:BA:2A:A3:CB:3F:94:58:1C:5D:3D:91:BA:36:B8:A9:D8:E8:DE:AD
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Kroqo8s_lFgcXT2Ruja4qdjo3q0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/B910D282172E11EFA3DDB411C4F9AE02.roa
Signing time: Tue 21 May 2024 04:58:11 +0000
ROA not before: Tue 21 May 2024 04:58:11 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 215177
IP address blocks: 160.20.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 07:44:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B80C2/serialNumber=2ABA2AA3CB3F94581C5D3D91BA36B8A9D8E8DEAD
Validity
Not Before: May 21 04:58:11 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=664c29e3-4fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:94:15:8d:09:3f:55:a2:7c:07:1b:61:fd:15:
74:5b:15:e4:54:d3:cf:d7:9b:c6:ff:33:40:4b:b1:
ef:7c:12:db:1f:92:7a:87:fb:aa:24:45:61:18:6e:
da:85:09:36:ae:5e:6f:3b:20:14:46:9b:ac:a0:29:
c4:3c:0f:d6:f7:8f:f5:8e:40:65:c6:cd:bf:36:ea:
3a:28:5d:c5:5c:cb:ad:ed:ce:d6:27:5e:5e:5c:d8:
3c:00:cf:22:a8:48:73:9d:6a:19:c6:2b:16:40:00:
d9:5a:ce:a5:d0:90:e4:a9:7a:66:e2:05:77:5e:23:
e9:7f:31:a0:81:c2:73:39:7a:6c:ac:b5:8c:db:3c:
a5:ec:e8:dd:e3:be:a6:38:7f:b4:68:c0:11:09:58:
ab:81:22:84:a8:67:3d:81:c3:ae:d1:75:69:b3:41:
97:1d:f0:b3:a1:f5:c7:62:13:5a:84:3e:c2:de:24:
c4:a8:7f:18:a8:26:a2:ff:05:d0:6f:46:ac:9f:96:
ab:aa:59:36:e0:2f:07:59:27:d9:f1:ea:61:fc:84:
09:98:08:68:82:19:21:b8:ce:a0:1f:bb:df:98:2d:
a3:f5:5e:be:60:08:b1:4f:a6:af:e5:b1:cd:71:d5:
c4:57:a2:3b:bd:15:df:98:2a:9f:18:5f:20:dd:45:
44:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D6:28:AB:93:DD:CB:B6:2E:2B:A2:E6:02:C2:6E:46:7B:42:17:56
X509v3 Authority Key Identifier:
keyid:2A:BA:2A:A3:CB:3F:94:58:1C:5D:3D:91:BA:36:B8:A9:D8:E8:DE:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/Kroqo8s_lFgcXT2Ruja4qdjo3q0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Kroqo8s_lFgcXT2Ruja4qdjo3q0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80C2/983E6150171A11EF8657754FC4F9AE02/B910D282172E11EFA3DDB411C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.121.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:48:e1:a1:cf:f9:b8:5f:39:5d:ab:5a:d4:10:b9:58:c4:73:
c2:80:1a:34:40:d9:24:0c:f6:fe:a7:c0:c3:9c:a8:cb:98:93:
12:fe:b5:70:19:d0:97:35:e4:a1:bd:87:9f:e1:00:59:12:ce:
99:e3:83:e7:25:76:a5:29:c2:23:64:6f:b8:10:50:64:8c:a7:
b3:7e:74:da:57:c6:8e:38:31:45:1f:91:d0:6f:d0:df:de:79:
34:cc:96:bf:2d:f3:f7:1c:9d:8e:f8:84:6f:6f:86:66:fe:cb:
f1:a3:97:8d:be:4f:d2:61:2d:11:4f:33:67:f3:e8:49:5c:d0:
c0:32:2c:83:c1:2c:3f:69:ea:46:af:88:85:4a:bd:7c:94:c1:
3b:96:5f:08:43:5a:f2:b1:a9:51:50:03:8d:d7:8b:3e:3c:70:
35:53:f2:17:29:e7:1b:ad:23:fd:f0:db:78:05:4a:7e:2e:b1:
85:a7:35:57:ea:dc:80:e3:da:c8:68:eb:8c:e6:6f:19:86:5a:
78:f7:97:11:1f:e0:97:c4:c8:97:6b:f6:33:5e:1c:a2:8b:82:
95:80:79:02:3c:98:da:26:ef:b2:7b:98:83:ec:f9:9e:2d:27:
60:0d:ba:82:be:7a:c2:9c:7d:27:fb:e1:08:44:dc:84:90:f1:
b1:26:77:17
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODBDMjExMC8GA1UEBRMoMkFCQTJBQTNDQjNGOTQ1ODFDNUQzRDkxQkEzNkI4QTlE
OEU4REVBRDAeFw0yNDA1MjEwNDU4MTFaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NGMyOWUzLTRmYWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAlBWNCT9VonwHG2H9FXRbFeRU08/Xm8b/M0BLse98EtsfknqH+6okRWEYbtqF
CTauXm87IBRGm6ygKcQ8D9b3j/WOQGXGzb826jooXcVcy63tztYnXl5c2DwAzyKo
SHOdahnGKxZAANlazqXQkOSpembiBXdeI+l/MaCBwnM5emystYzbPKXs6N3jvqY4
f7RowBEJWKuBIoSoZz2Bw67RdWmzQZcd8LOh9cdiE1qEPsLeJMSofxioJqL/BdBv
RqyflquqWTbgLwdZJ9nx6mH8hAmYCGiCGSG4zqAfu9+YLaP1Xr5gCLFPpq/lsc1x
1cRXoju9Fd+YKp8YXyDdRUR1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUKNYoq5Pd
y7YuK6LmAsJuRntCF1YwHwYDVR0jBBgwFoAUKroqo8s/lFgcXT2Ruja4qdjo3q0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4MEMyLzk4M0U2MTUwMTcx
QTExRUY4NjU3NzU0RkM0RjlBRTAyL0tyb3FvOHNfbEZnY1hUMlJ1amE0cWRqbzNx
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvS3JvcW84c19sRmdjWFQyUnVqYTRxZGpvM3EwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODBDMi85ODNFNjE1MDE3MUExMUVGODY1Nzc1NEZDNEY5QUUwMi9COTEwRDI4MjE3
MkUxMUVGQTNEREI0MTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAUeTANBgkqhkiG9w0BAQsFAAOCAQEAO0jhoc/5uF85Xata
1BC5WMRzwoAaNEDZJAz2/qfAw5yoy5iTEv61cBnQlzXkob2Hn+EAWRLOmeOD5yV2
pSnCI2RvuBBQZIyns3502lfGjjgxRR+R0G/Q3955NMyWvy3z9xydjviEb2+GZv7L
8aOXjb5P0mEtEU8zZ/PoSVzQwDIsg8EsP2nqRq+IhUq9fJTBO5ZfCENa8rGpUVAD
jdeLPjxwNVPyFynnG60j/fDbeAVKfi6xhac1V+rcgOPayGjrjOZvGYZaePeXER/g
l8TIl2v2M14coouClYB5AjyY2ibvsnuYg+z5ni0nYA26gr56wpx9J/vhCETchJDx
sSZ3Fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org