Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/9FAA2EC4860A11EF84819819C4F9AE02.roa
File: 9FAA2EC4860A11EF84819819C4F9AE02.roa (raw, json)
Hash identifier: QVAWMgeTG42aWrNjM2GLGGp+Qs2n2ThqDC1OmnR+sp0=
Subject key identifier: 36:B8:F2:A8:2A:8F:AD:1D:7F:93:73:2B:F2:13:29:4C:3B:5C:97:82
Certificate issuer: /CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961
Certificate serial: 05
Authority key identifier: 35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/9FAA2EC4860A11EF84819819C4F9AE02.roa
Signing time: Wed 09 Oct 2024 06:49:26 +0000
ROA not before: Wed 09 Oct 2024 06:49:26 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 45766
IP address blocks: 160.187.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 07:09:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961
Validity
Not Before: Oct 9 06:49:26 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67062776-3874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:17:16:32:ad:db:0e:7c:cf:2b:60:24:fd:65:
9c:3b:d9:e0:33:0c:83:90:6f:87:76:e0:ba:f0:c4:
c4:12:97:ea:84:fb:f3:e6:34:95:b3:5e:b2:bf:6c:
97:5b:0d:63:d9:32:0f:f6:1e:67:2a:b9:72:b1:98:
4c:f0:d1:dc:21:3b:a7:dd:21:0c:72:d1:69:50:3a:
a5:c0:4d:c7:cb:64:6f:84:5f:4c:11:1e:75:55:05:
88:ad:b8:26:e4:fa:6f:cc:10:60:11:d3:f5:40:19:
68:31:75:96:de:2e:2b:a9:e3:74:98:a4:2c:8b:65:
ca:34:f4:e0:95:72:9f:af:c5:94:d9:0f:01:15:64:
a8:e8:71:bb:18:9e:e5:01:ce:c8:77:ac:0b:cb:f7:
c8:37:4e:c6:66:a4:92:ba:9b:15:0a:6f:5a:9d:a3:
c0:fd:78:6b:a6:2c:3d:1c:d2:01:15:66:6f:68:94:
b4:af:c1:8c:95:ff:0c:4d:94:89:6f:b7:24:ac:4b:
a8:95:10:40:62:b5:5c:a9:7b:ee:74:b6:a6:b0:ff:
ad:ec:d4:ca:41:fb:ea:eb:b3:28:2e:5a:74:d8:bf:
61:48:a7:e7:ee:61:80:53:46:ed:85:df:1f:89:d5:
c3:c5:ab:2c:5d:a6:2c:77:50:c0:38:66:cc:28:6e:
82:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B8:F2:A8:2A:8F:AD:1D:7F:93:73:2B:F2:13:29:4C:3B:5C:97:82
X509v3 Authority Key Identifier:
keyid:35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/9FAA2EC4860A11EF84819819C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.175.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:34:21:f4:79:94:8c:42:94:44:a7:00:c2:c4:98:6d:10:58:
5d:d6:6d:0d:e2:0c:aa:9a:9a:62:ff:2b:60:2f:aa:4a:87:ec:
72:ac:d4:5e:13:f1:93:a9:9b:fb:a4:07:54:93:95:1a:9d:d8:
d9:a0:0f:cd:46:5f:1c:07:b4:71:cc:cf:21:b7:38:b6:3d:2c:
3a:d0:42:b0:19:4a:0a:3e:75:74:b9:c7:0b:d9:47:ea:c7:04:
ac:64:56:23:b1:6f:e5:93:71:e2:12:ad:65:2a:4f:bb:07:2e:
81:bc:c4:b0:48:58:45:13:03:5a:54:cd:63:52:ba:57:3a:1b:
ed:4b:2c:a1:46:ab:7f:e9:ea:40:61:6d:b8:88:b8:1f:bd:70:
9e:4b:53:de:f0:db:a4:82:5b:f0:0f:d0:d1:a3:0f:ae:6f:40:
c1:83:40:0c:c9:7f:d3:d3:b6:b1:10:b7:26:e0:ff:a9:d7:f1:
de:ea:40:ba:2f:8e:79:7f:b3:2c:05:c3:a3:08:e5:84:10:50:
9a:7b:7f:f1:46:f0:d6:66:29:ba:db:20:a0:bb:21:ff:2e:50:
bc:92:72:f3:1a:b0:61:38:87:1e:0e:2c:45:fc:90:33:3e:36:
c9:f4:5d:15:53:41:88:a5:53:23:be:93:58:8f:b8:53:64:a0:
f9:ca:f6:c0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RDQwQjExMC8GA1UEBRMoMzU3NDc5MEQ4REY4MkIzQjU1MUUzQjcwMjU3MUJBRjU1
QTlFOTk2MTAeFw0yNDEwMDkwNjQ5MjZaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MDYyNzc2LTM4NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMFxYyrdsOfM8rYCT9ZZw72eAzDIOQb4d24LrwxMQSl+qE+/PmNJWzXrK/bJdb
DWPZMg/2HmcquXKxmEzw0dwhO6fdIQxy0WlQOqXATcfLZG+EX0wRHnVVBYituCbk
+m/MEGAR0/VAGWgxdZbeLiup43SYpCyLZco09OCVcp+vxZTZDwEVZKjocbsYnuUB
zsh3rAvL98g3TsZmpJK6mxUKb1qdo8D9eGumLD0c0gEVZm9olLSvwYyV/wxNlIlv
tySsS6iVEEBitVype+50tqaw/63s1MpB++rrsyguWnTYv2FIp+fuYYBTRu2F3x+J
1cPFqyxdpix3UMA4ZswoboLFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNrjyqCqP
rR1/k3Mr8hMpTDtcl4IwHwYDVR0jBBgwFoAUNXR5DY34KztVHjtwJXG69VqemWEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNENDBCLzZCNUQyQTdDODU1
QjExRUZCMDU3NkQ0MEM0RjlBRTAyL05YUjVEWTM0S3p0VkhqdHdKWEc2OVZxZW1X
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvTlhSNURZMzRLenRWSGp0d0pYRzY5VnFlbVdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RDQwQi82QjVEMkE3Qzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi85RkFBMkVDNDg2
MEExMUVGODQ4MTk4MTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKC7rzANBgkqhkiG9w0BAQsFAAOCAQEACzQh9HmUjEKURKcA
wsSYbRBYXdZtDeIMqpqaYv8rYC+qSofscqzUXhPxk6mb+6QHVJOVGp3Y2aAPzUZf
HAe0cczPIbc4tj0sOtBCsBlKCj51dLnHC9lH6scErGRWI7Fv5ZNx4hKtZSpPuwcu
gbzEsEhYRRMDWlTNY1K6Vzob7UssoUarf+nqQGFtuIi4H71wnktT3vDbpIJb8A/Q
0aMPrm9AwYNADMl/09O2sRC3JuD/qdfx3upAui+OeX+zLAXDowjlhBBQmnt/8Ubw
1mYputsgoLsh/y5QvJJy8xqwYTiHHg4sRfyQMz42yfRdFVNBiKVTI76TWI+4U2Sg
+cr2wA==
-----END CERTIFICATE-----
Generated at Wed Oct 9 10:56:23 2024 by rpki-client on console-ams.rpki-client.org