Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/A428BD44863211EFB5312E6FC4F9AE02.roa
File: A428BD44863211EFB5312E6FC4F9AE02.roa (raw, json)
Hash identifier: SZy1pym7jQQi5jkeN6Stxi6OfZgt5zwGgBmT5nx5GUI=
Subject key identifier: BF:B4:CF:57:B8:B2:58:0E:1C:F6:70:34:45:12:C3:3A:B6:5A:83:39
Certificate issuer: /CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961
Certificate serial: 0C
Authority key identifier: 35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/A428BD44863211EFB5312E6FC4F9AE02.roa
Signing time: Wed 09 Oct 2024 11:35:53 +0000
ROA not before: Wed 09 Oct 2024 11:35:53 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 153358
IP address blocks: 160.187.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 10:35:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961
Validity
Not Before: Oct 9 11:35:53 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67066a99-84ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ee:c0:6c:43:87:05:41:de:ab:25:b7:3d:53:
ed:7e:6a:0c:ba:6c:cc:d4:5c:86:18:0d:68:38:f2:
dd:b1:72:67:9f:ab:15:ca:e4:61:a2:b8:59:88:0f:
a2:6d:75:80:cb:eb:ca:a1:d2:12:6d:63:44:74:09:
1b:1a:40:94:b7:2b:a4:f0:f5:71:73:2f:2d:34:08:
9d:6a:fe:9b:42:27:ee:4b:59:43:29:74:2d:51:bf:
79:ae:5f:4f:aa:b7:61:d0:b0:86:05:0d:55:d3:c5:
e4:c6:31:30:10:13:2a:f6:6d:a8:f8:dc:a1:95:d9:
66:a5:df:91:17:2c:0f:67:17:f9:f1:8f:a2:8e:4a:
23:01:ef:be:e5:7e:2d:57:af:03:d4:1f:7d:be:e3:
5d:5f:d5:e9:e9:22:4d:b5:50:5e:ca:d1:58:34:58:
5a:4d:c0:b0:ba:41:fc:03:02:8c:8f:2c:98:a8:5f:
1f:29:fa:d3:00:40:32:dd:a3:07:e6:51:ce:a7:93:
6a:2b:c1:fc:89:d3:ef:01:c2:a7:0f:ba:38:2d:aa:
7c:28:67:8e:bb:e7:99:2e:97:ed:87:9d:26:97:30:
3c:45:19:ca:9e:f5:14:43:3c:88:d1:84:28:0c:87:
30:91:54:f2:d0:e3:3a:d4:14:68:c0:75:75:62:fc:
db:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B4:CF:57:B8:B2:58:0E:1C:F6:70:34:45:12:C3:3A:B6:5A:83:39
X509v3 Authority Key Identifier:
keyid:35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/A428BD44863211EFB5312E6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.175.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:3d:db:2e:63:01:da:f0:c6:fa:d8:0b:a7:48:2d:a6:e4:dc:
c5:bf:f5:bb:1a:a6:73:d0:77:01:58:a5:db:dc:eb:45:6d:00:
5b:f5:8a:3d:a9:74:88:01:75:8f:84:01:31:59:27:96:39:a5:
02:14:eb:11:48:b2:f1:37:bb:17:f5:9c:ef:2f:15:de:dc:aa:
f1:b1:3c:36:f7:e5:bf:a7:ce:98:25:1d:49:8a:a6:ac:79:7c:
12:f3:63:05:ec:08:18:ce:6f:c3:c8:84:38:fa:36:90:82:6b:
8c:ad:20:08:dd:69:a5:81:43:6e:54:d9:3e:c4:38:10:0b:b9:
a5:db:bc:ea:52:4f:cb:f3:ad:18:d1:f1:a4:ba:77:16:86:8d:
64:32:b6:49:b9:2c:02:77:22:78:2e:1c:88:3f:de:e9:6d:d0:
ea:d7:77:70:3a:a1:8f:31:54:70:37:d5:67:06:ba:34:a5:36:
79:31:86:df:ac:f2:f5:39:24:aa:40:ef:f8:77:0c:3f:da:c3:
3b:23:29:3e:88:65:29:e9:01:bc:4f:e4:87:78:08:be:87:17:
c2:f5:fe:9f:d0:c8:0c:d1:37:1c:82:fe:b7:0f:f0:9f:eb:08:
02:36:b8:37:06:25:4f:c1:73:26:74:1b:d1:22:9f:8a:3c:f3:
07:8f:b4:b1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RDQwQjExMC8GA1UEBRMoMzU3NDc5MEQ4REY4MkIzQjU1MUUzQjcwMjU3MUJBRjU1
QTlFOTk2MTAeFw0yNDEwMDkxMTM1NTNaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MDY2YTk5LTg0ZmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDW7sBsQ4cFQd6rJbc9U+1+agy6bMzUXIYYDWg48t2xcmefqxXK5GGiuFmID6Jt
dYDL68qh0hJtY0R0CRsaQJS3K6Tw9XFzLy00CJ1q/ptCJ+5LWUMpdC1Rv3muX0+q
t2HQsIYFDVXTxeTGMTAQEyr2baj43KGV2Wal35EXLA9nF/nxj6KOSiMB777lfi1X
rwPUH32+411f1enpIk21UF7K0Vg0WFpNwLC6QfwDAoyPLJioXx8p+tMAQDLdowfm
Uc6nk2orwfyJ0+8BwqcPujgtqnwoZ46755kul+2HnSaXMDxFGcqe9RRDPIjRhCgM
hzCRVPLQ4zrUFGjAdXVi/NuzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUv7TPV7iy
WA4c9nA0RRLDOrZagzkwHwYDVR0jBBgwFoAUNXR5DY34KztVHjtwJXG69VqemWEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNENDBCLzZCNUQyQTdDODU1
QjExRUZCMDU3NkQ0MEM0RjlBRTAyL05YUjVEWTM0S3p0VkhqdHdKWEc2OVZxZW1X
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvTlhSNURZMzRLenRWSGp0d0pYRzY5VnFlbVdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RDQwQi82QjVEMkE3Qzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9BNDI4QkQ0NDg2
MzIxMUVGQjUzMTJFNkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKC7rzANBgkqhkiG9w0BAQsFAAOCAQEACz3bLmMB2vDG+tgL
p0gtpuTcxb/1uxqmc9B3AVil29zrRW0AW/WKPal0iAF1j4QBMVknljmlAhTrEUiy
8Te7F/Wc7y8V3tyq8bE8Nvflv6fOmCUdSYqmrHl8EvNjBewIGM5vw8iEOPo2kIJr
jK0gCN1ppYFDblTZPsQ4EAu5pdu86lJPy/OtGNHxpLp3FoaNZDK2SbksAncieC4c
iD/e6W3Q6td3cDqhjzFUcDfVZwa6NKU2eTGG36zy9TkkqkDv+HcMP9rDOyMpPohl
KekBvE/kh3gIvocXwvX+n9DIDNE3HIL+tw/wn+sIAja4NwYlT8FzJnQb0SKfijzz
B4+0sQ==
-----END CERTIFICATE-----
Generated at Thu Oct 10 16:08:16 2024 by rpki-client on console-fra.rpki-client.org