Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/6B8E408291FC11EF8BD1A94EC4F9AE02.roa
File: 6B8E408291FC11EF8BD1A94EC4F9AE02.roa (raw, json)
Hash identifier: LwnJUsAdkGwA/TIdtCVvWBkfyqgX2CeSdIBNcCvhIXs=
Subject key identifier: 93:ED:2B:6D:D6:C3:70:40:4E:9B:1E:D5:B7:E0:66:5E:98:89:F0:24
Certificate issuer: /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Certificate serial: 7C
Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/6B8E408291FC11EF8BD1A94EC4F9AE02.roa
Signing time: Mon 04 Nov 2024 10:02:16 +0000
ROA not before: Mon 04 Nov 2024 10:02:16 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 213977
IP address blocks: 160.20.142.0/24 maxlen: 24
160.22.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 06:43:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124 (0x7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Validity
Not Before: Nov 4 10:02:16 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67289ba8-ca85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:be:3a:a6:01:24:b2:39:dd:c0:58:52:6c:b3:
d7:71:da:c8:37:66:28:a8:1d:30:d6:fb:5b:b4:30:
85:9d:4b:23:43:95:9a:29:0c:90:33:ed:41:61:b8:
6d:51:0b:6f:d1:fb:41:4b:9d:11:1c:a0:21:29:0f:
55:2c:a1:7d:4b:ee:3c:c6:25:20:ad:f1:a2:98:dc:
b8:0d:4c:e5:2b:9d:d4:57:8f:e1:b3:42:ea:8f:ee:
99:51:ae:6e:bc:ae:cb:29:4a:08:01:b4:53:b9:a7:
8c:b1:c3:8d:8f:86:d5:af:18:67:b2:26:74:0c:51:
8b:6e:78:35:a2:0b:6d:ce:a5:18:0c:46:cc:45:79:
74:95:fb:20:dc:7c:02:e5:9c:31:3b:13:a7:2f:5b:
6f:7e:b4:91:58:63:47:56:08:f1:47:d2:28:75:3f:
6d:03:5f:b8:31:47:da:fa:3c:63:bc:79:44:57:1e:
6e:17:3d:93:5e:e6:2e:fe:d9:24:1b:0e:c7:3f:e6:
97:8d:32:15:5d:9d:e1:0d:08:1c:32:b0:72:a3:37:
64:63:66:f7:17:7b:6a:78:28:15:91:8b:4e:5f:ba:
b2:ce:05:82:cf:a5:b8:c9:5e:bc:1d:66:a7:90:7b:
1a:46:2d:42:43:dc:24:e1:ad:11:84:82:8c:f6:ee:
91:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:ED:2B:6D:D6:C3:70:40:4E:9B:1E:D5:B7:E0:66:5E:98:89:F0:24
X509v3 Authority Key Identifier:
keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/6B8E408291FC11EF8BD1A94EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.142.0/24
160.22.155.0/24
Signature Algorithm: sha256WithRSAEncryption
51:78:9a:44:5b:01:61:db:0a:b6:35:06:59:2e:90:c8:fd:8f:
55:eb:74:c8:c3:56:d1:1a:25:7f:7f:5a:13:dc:a8:51:f9:50:
27:cc:ab:b4:97:54:4d:c0:77:3e:c3:07:9f:fd:9e:43:75:83:
7f:78:07:7e:8b:21:9d:88:15:cb:eb:28:f9:b5:75:44:97:13:
43:e3:c0:f8:d3:af:e0:1e:fb:f7:cc:a9:13:0b:85:6a:46:34:
b9:42:d2:e5:40:7f:22:01:e8:aa:09:1f:9d:58:d3:c5:48:b4:
37:90:5e:75:d9:dd:aa:3e:4d:74:06:50:77:4a:07:82:ee:c1:
11:fb:3a:10:16:cb:df:19:90:0a:6e:4b:02:f3:b1:39:1d:9c:
12:d0:20:0f:cd:4c:68:4e:cd:a5:bd:4a:dc:b6:4c:cc:f1:09:
1f:d2:72:7f:ca:0f:dc:39:3b:6d:ee:87:f4:0e:1f:42:00:2c:
aa:a3:47:b7:ac:1e:ae:aa:f7:73:0d:aa:eb:ca:cf:0a:80:b8:
a9:82:bf:38:ff:54:9c:f6:37:bd:a4:2a:80:0c:f4:15:e0:c0:
2b:c6:1e:05:a2:28:9f:3b:d0:4c:fd:4d:c4:e9:0a:c4:26:75:
c4:2e:a4:01:e9:0a:81:c5:d0:bf:b0:aa:ce:ef:b0:bf:fa:83:
b7:88:65:e3
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBfDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUFFMDExMC8GA1UEBRMoOURGNEZFREZGOTJBOUU3RjZFMDJCRkMwNTRBRDMzOTg1
M0Q5REQzMjAeFw0yNDExMDQxMDAyMTZaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Mjg5YmE4LWNhODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFvjqmASSyOd3AWFJss9dx2sg3ZiioHTDW+1u0MIWdSyNDlZopDJAz7UFhuG1R
C2/R+0FLnREcoCEpD1UsoX1L7jzGJSCt8aKY3LgNTOUrndRXj+GzQuqP7plRrm68
rsspSggBtFO5p4yxw42PhtWvGGeyJnQMUYtueDWiC23OpRgMRsxFeXSV+yDcfALl
nDE7E6cvW29+tJFYY0dWCPFH0ih1P20DX7gxR9r6PGO8eURXHm4XPZNe5i7+2SQb
Dsc/5peNMhVdneENCBwysHKjN2RjZvcXe2p4KBWRi05furLOBYLPpbjJXrwdZqeQ
expGLUJD3CThrRGEgoz27pF1AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUk+0rbdbD
cEBOmx7Vt+BmXpiJ8CQwHwYDVR0jBBgwFoAUnfT+3/kqnn9uAr/AVK0zmFPZ3TIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQUUwL0FFRjYzNzYwMTk2
ODExRUY4RkY3QkU2RkM0RjlBRTAyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbmZULTNfa3Fubjl1QXJfQVZLMHptRlBaM1RJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi82QjhFNDA4Mjkx
RkMxMUVGOEJEMUE5NEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAKAUjgMEAKAWmzANBgkqhkiG9w0BAQsFAAOCAQEAUXiaRFsB
YdsKtjUGWS6QyP2PVet0yMNW0Rolf39aE9yoUflQJ8yrtJdUTcB3PsMHn/2eQ3WD
f3gHfoshnYgVy+so+bV1RJcTQ+PA+NOv4B7798ypEwuFakY0uULS5UB/IgHoqgkf
nVjTxUi0N5Beddndqj5NdAZQd0oHgu7BEfs6EBbL3xmQCm5LAvOxOR2cEtAgD81M
aE7Npb1K3LZMzPEJH9Jyf8oP3Dk7be6H9A4fQgAsqqNHt6werqr3cw2q68rPCoC4
qYK/OP9UnPY3vaQqgAz0FeDAK8YeBaIonzvQTP1NxOkKxCZ1xC6kAekKgcXQv7Cq
zu+wv/qDt4hl4w==
-----END CERTIFICATE-----
Generated at Tue Nov 19 08:10:02 2024 by rpki-client on console-fra.rpki-client.org