Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/0A219016287E11EFB064C714C4F9AE02.roa
File: 0A219016287E11EFB064C714C4F9AE02.roa (raw, json)
Hash identifier: BUVjrjCjvqpIbJnR6sq7T6ZEPxxaG5u8WwMfZ8AcBOo=
Subject key identifier: 92:B5:EB:03:61:A6:F9:70:9F:83:FD:D7:8F:85:50:7F:E7:71:8F:90
Certificate issuer: /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Certificate serial: 1F
Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/0A219016287E11EFB064C714C4F9AE02.roa
Signing time: Fri 14 Jun 2024 10:11:01 +0000
ROA not before: Fri 14 Jun 2024 10:11:01 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 152878
IP address blocks: 160.20.142.0/24 maxlen: 24
160.22.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 13:57:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31 (0x1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Validity
Not Before: Jun 14 10:11:01 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666c1734-c46d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:69:5b:a7:da:bb:89:33:ef:74:21:77:b3:b0:
12:23:4c:6e:bd:04:db:9e:84:00:0d:d0:37:16:66:
41:c3:46:a1:18:ba:12:16:36:61:a8:7c:e5:da:d4:
98:87:c7:22:32:14:a8:84:bd:96:09:fb:89:80:b3:
46:a9:37:e9:0c:d4:85:cb:3d:88:ef:27:f7:0f:71:
36:5a:38:24:1b:72:9e:76:67:b3:df:67:f9:f7:40:
8d:65:25:70:df:b1:6a:1f:28:b6:97:68:da:bd:24:
69:9a:1c:d1:49:d7:81:24:7b:79:72:aa:c3:e3:23:
1d:16:4a:44:6b:c3:6c:79:7b:69:48:b7:26:49:0d:
66:c7:f3:a4:cc:ef:08:33:93:c1:2d:b3:25:52:ee:
7d:67:12:b0:be:11:3c:36:3e:82:10:39:71:38:93:
57:08:b1:43:b1:db:44:66:c6:f0:22:76:f6:8b:b6:
23:f4:37:bd:17:99:11:5a:34:c0:3a:83:a2:df:54:
61:6d:b9:3c:4c:5b:ef:57:e3:4e:fa:e8:62:16:06:
1f:66:af:a9:05:97:b7:ca:bf:5c:c4:0a:bd:27:f0:
8e:90:aa:6a:1f:72:7f:10:a0:2b:b0:2b:b6:34:da:
c3:52:59:1d:00:eb:f9:d8:7e:8c:57:2a:b9:93:c9:
97:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B5:EB:03:61:A6:F9:70:9F:83:FD:D7:8F:85:50:7F:E7:71:8F:90
X509v3 Authority Key Identifier:
keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/0A219016287E11EFB064C714C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.142.0/24
160.22.155.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:33:e8:66:4c:bf:72:f0:52:40:53:c7:f2:3a:46:80:ce:9a:
c0:a6:80:07:a1:59:6b:b5:4c:bc:fd:42:22:6e:99:db:ac:18:
4a:6a:ca:10:c0:ff:b7:96:c5:2b:0d:58:86:e3:d5:36:de:ac:
08:d9:6e:38:90:0a:b4:18:a7:3f:a8:ba:7f:0b:d1:de:30:4a:
94:5d:dc:66:ca:68:a7:95:9e:77:03:e3:e2:c3:f9:d1:b3:07:
78:c8:dd:7a:99:24:5c:b3:e4:bc:66:f8:a6:96:bd:36:7b:4d:
9c:90:a0:1b:c8:66:33:ea:61:79:77:75:b2:a7:c7:f9:0e:94:
0c:97:4b:be:2d:7e:9c:51:ea:cd:e1:9e:20:48:fb:4a:69:e4:
c7:88:d2:f4:a6:de:62:1a:ca:86:7b:33:1a:e3:5a:71:36:60:
67:58:81:46:1a:06:14:b1:b2:22:39:a1:d9:96:13:97:27:a2:
90:63:be:22:a2:bf:ad:03:a8:5e:44:90:46:a2:b3:c5:c9:ac:
bf:da:1c:a2:53:b6:9a:18:4f:ea:72:32:98:e5:7b:f9:d9:47:
dd:31:3e:33:8b:b5:e3:1f:8b:a7:8e:76:ef:7e:3c:d4:07:29:
1d:b4:0a:27:5e:92:5d:9d:04:71:9f:66:3a:22:cd:b2:92:42:
fd:08:f4:20
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBHzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUFFMDExMC8GA1UEBRMoOURGNEZFREZGOTJBOUU3RjZFMDJCRkMwNTRBRDMzOTg1
M0Q5REQzMjAeFw0yNDA2MTQxMDExMDFaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NmMxNzM0LWM0NmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDkaVun2ruJM+90IXezsBIjTG69BNuehAAN0DcWZkHDRqEYuhIWNmGofOXa1JiH
xyIyFKiEvZYJ+4mAs0apN+kM1IXLPYjvJ/cPcTZaOCQbcp52Z7PfZ/n3QI1lJXDf
sWofKLaXaNq9JGmaHNFJ14Eke3lyqsPjIx0WSkRrw2x5e2lItyZJDWbH86TM7wgz
k8EtsyVS7n1nErC+ETw2PoIQOXE4k1cIsUOx20RmxvAidvaLtiP0N70XmRFaNMA6
g6LfVGFtuTxMW+9X40766GIWBh9mr6kFl7fKv1zECr0n8I6Qqmofcn8QoCuwK7Y0
2sNSWR0A6/nYfoxXKrmTyZfjAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUkrXrA2Gm
+XCfg/3Xj4VQf+dxj5AwHwYDVR0jBBgwFoAUnfT+3/kqnn9uAr/AVK0zmFPZ3TIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQUUwL0FFRjYzNzYwMTk2
ODExRUY4RkY3QkU2RkM0RjlBRTAyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbmZULTNfa3Fubjl1QXJfQVZLMHptRlBaM1RJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi8wQTIxOTAxNjI4
N0UxMUVGQjA2NEM3MTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAKAUjgMEAKAWmzANBgkqhkiG9w0BAQsFAAOCAQEAHTPoZky/
cvBSQFPH8jpGgM6awKaAB6FZa7VMvP1CIm6Z26wYSmrKEMD/t5bFKw1YhuPVNt6s
CNluOJAKtBinP6i6fwvR3jBKlF3cZspop5WedwPj4sP50bMHeMjdepkkXLPkvGb4
ppa9NntNnJCgG8hmM+pheXd1sqfH+Q6UDJdLvi1+nFHqzeGeIEj7Smnkx4jS9Kbe
YhrKhnszGuNacTZgZ1iBRhoGFLGyIjmh2ZYTlyeikGO+IqK/rQOoXkSQRqKzxcms
v9ocolO2mhhP6nIymOV7+dlH3TE+M4u14x+Lp45273481AcpHbQKJ16SXZ0EcZ9m
OiLNspJC/Qj0IA==
-----END CERTIFICATE-----
Generated at Wed Jun 26 19:05:27 2024 by rpki-client on console-fra.rpki-client.org