Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/108F6464200911EF85ADA84FC4F9AE02.roa
File: 108F6464200911EF85ADA84FC4F9AE02.roa (raw, json)
Hash identifier: SNPccu9QGT65jhl2+sJiM+X4h5Izn1/Hnv/vdjktGkQ=
Subject key identifier: 23:EF:6B:DE:DA:CA:CE:13:BE:39:D8:B8:D9:1F:3D:04:7F:C0:F7:F7
Certificate issuer: /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Certificate serial: 12
Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/108F6464200911EF85ADA84FC4F9AE02.roa
Signing time: Sat 01 Jun 2024 11:21:18 +0000
ROA not before: Sat 01 Jun 2024 11:21:18 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 53667
IP address blocks: 160.20.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jul 2024 08:46:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Validity
Not Before: Jun 1 11:21:18 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=665b042d-2878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:58:86:7c:8a:d2:fb:3d:32:f7:f5:a7:83:fd:
40:f1:0e:15:11:81:a7:91:f9:b8:ca:e5:7d:e9:ef:
e1:c7:ce:bd:85:7c:3d:66:6b:f9:f2:74:e0:3d:15:
34:b6:34:a4:d0:b9:a1:82:e7:73:89:11:8f:d4:e7:
d1:73:1e:5e:f1:78:28:d0:e0:e0:05:2d:f6:cb:c1:
e3:a8:3c:a4:19:73:28:d9:cb:25:24:0d:99:ec:09:
80:f8:a7:0c:31:09:74:e2:b8:0e:2a:10:b7:80:1c:
be:92:30:49:39:91:2d:8f:bd:c7:b5:82:65:39:1d:
dc:2d:54:3e:d2:c4:13:96:e5:3d:38:96:71:b6:d4:
49:6b:f7:9f:e3:9f:00:86:50:8f:d0:76:83:8a:2a:
c5:98:49:10:42:0f:e4:31:9a:11:20:c2:bd:6f:78:
86:04:27:d3:ad:de:28:64:26:4b:e3:7d:12:1e:9b:
e7:4a:1b:ca:89:9d:11:12:56:fd:ac:7e:b2:06:2d:
c3:fc:4a:57:7f:9b:01:ca:7d:3c:52:e3:19:c5:93:
b1:17:56:be:20:7a:57:fe:31:45:8c:9b:10:08:26:
f8:c5:11:46:7d:1b:48:d8:fc:d4:ce:0e:51:18:c2:
fb:7c:e1:07:68:76:71:69:7a:79:f9:34:3e:41:9d:
4e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EF:6B:DE:DA:CA:CE:13:BE:39:D8:B8:D9:1F:3D:04:7F:C0:F7:F7
X509v3 Authority Key Identifier:
keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/108F6464200911EF85ADA84FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.142.0/24
Signature Algorithm: sha256WithRSAEncryption
37:4a:af:55:42:dd:77:cc:b5:5f:36:6e:d7:88:ea:61:58:09:
c5:22:ba:82:e7:37:d1:d9:90:b6:e9:e1:65:10:84:f4:2d:af:
cd:74:db:8d:88:38:92:a8:b9:d9:2c:e0:7c:cf:17:bc:8a:0d:
12:0d:74:fe:31:fb:53:cb:02:76:c5:0f:27:18:2b:0a:00:a9:
ea:a1:37:ec:ea:32:00:43:e5:cf:1c:f6:d3:ed:10:e2:d5:9c:
87:e5:e2:c8:6c:95:e6:a5:f5:97:b8:d3:fc:a9:4e:0f:fb:21:
15:2a:6a:41:8d:05:64:c5:0c:14:37:38:c6:1d:a9:aa:e2:b8:
d6:5e:a6:f1:38:89:f3:70:83:6b:d9:17:12:b5:87:d6:00:34:
c0:48:a9:61:72:c4:2e:95:92:ff:f9:33:32:13:1f:57:ec:34:
40:29:04:c5:9b:8a:ab:44:d7:d2:d4:65:e8:07:f6:16:8a:c1:
f0:2b:4a:a2:da:8d:7c:2c:72:b9:d6:e9:d6:b4:a3:f8:9c:a6:
cc:90:5a:5c:a3:80:5b:aa:ca:0a:51:e6:66:24:2b:19:02:31:
42:96:07:02:c0:c9:1d:5a:2f:60:c9:bb:c8:33:c6:f1:5e:0a:
fa:78:1b:49:f0:2a:40:09:ea:98:32:d9:93:9f:18:cf:e2:6d:
bd:39:4b:c2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUFFMDExMC8GA1UEBRMoOURGNEZFREZGOTJBOUU3RjZFMDJCRkMwNTRBRDMzOTg1
M0Q5REQzMjAeFw0yNDA2MDExMTIxMThaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NWIwNDJkLTI4NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6WIZ8itL7PTL39aeD/UDxDhURgaeR+bjK5X3p7+HHzr2FfD1ma/nydOA9FTS2
NKTQuaGC53OJEY/U59FzHl7xeCjQ4OAFLfbLweOoPKQZcyjZyyUkDZnsCYD4pwwx
CXTiuA4qELeAHL6SMEk5kS2Pvce1gmU5HdwtVD7SxBOW5T04lnG21Elr95/jnwCG
UI/QdoOKKsWYSRBCD+QxmhEgwr1veIYEJ9Ot3ihkJkvjfRIem+dKG8qJnRESVv2s
frIGLcP8Sld/mwHKfTxS4xnFk7EXVr4gelf+MUWMmxAIJvjFEUZ9G0jY/NTODlEY
wvt84QdodnFpenn5ND5BnU6HAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUI+9r3trK
zhO+Odi42R89BH/A9/cwHwYDVR0jBBgwFoAUnfT+3/kqnn9uAr/AVK0zmFPZ3TIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQUUwL0FFRjYzNzYwMTk2
ODExRUY4RkY3QkU2RkM0RjlBRTAyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbmZULTNfa3Fubjl1QXJfQVZLMHptRlBaM1RJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi8xMDhGNjQ2NDIw
MDkxMUVGODVBREE4NEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAUjjANBgkqhkiG9w0BAQsFAAOCAQEAN0qvVULdd8y1XzZu
14jqYVgJxSK6guc30dmQtunhZRCE9C2vzXTbjYg4kqi52SzgfM8XvIoNEg10/jH7
U8sCdsUPJxgrCgCp6qE37OoyAEPlzxz20+0Q4tWch+XiyGyV5qX1l7jT/KlOD/sh
FSpqQY0FZMUMFDc4xh2pquK41l6m8TiJ83CDa9kXErWH1gA0wEipYXLELpWS//kz
MhMfV+w0QCkExZuKq0TX0tRl6Af2ForB8CtKotqNfCxyudbp1rSj+JymzJBaXKOA
W6rKClHmZiQrGQIxQpYHAsDJHVovYMm7yDPG8V4K+ngbSfAqQAnqmDLZk58Yz+Jt
vTlLwg==
-----END CERTIFICATE-----
Generated at Mon Jul 8 10:40:48 2024 by rpki-client on console-ams.rpki-client.org