Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/6C58238E91FC11EF8BD1A94EC4F9AE02.roa
File: 6C58238E91FC11EF8BD1A94EC4F9AE02.roa (raw, json)
Hash identifier: 0q4h5qNYCUqagzEngb1iGMrzhicWW23iyZ20NtC0ERk=
Subject key identifier: 56:7A:5A:87:6F:DF:A6:55:87:80:7E:59:91:2A:F2:FC:7B:17:46:62
Certificate issuer: /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Certificate serial: 78
Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/6C58238E91FC11EF8BD1A94EC4F9AE02.roa
Signing time: Sat 02 Nov 2024 12:58:10 +0000
ROA not before: Sat 02 Nov 2024 12:58:10 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 152878
IP address blocks: 160.20.142.0/24 maxlen: 24
160.22.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 06:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120 (0x78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Validity
Not Before: Nov 2 12:58:10 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=672621e2-e12c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:43:88:41:4a:a3:9c:86:44:57:52:4b:2f:af:
36:c6:e8:18:07:83:75:90:b5:97:ee:c9:64:01:8c:
05:45:d2:ea:f5:56:b6:b6:ab:80:c5:0f:db:13:e0:
50:4c:d1:ca:b5:4f:ae:90:e6:47:d3:b6:c8:68:80:
5c:3e:13:b2:08:2f:65:f0:c3:ac:c6:f8:0d:89:2d:
64:f2:b5:62:33:66:11:75:90:55:cd:f4:b4:28:4c:
0b:74:2c:8a:96:81:51:ca:85:77:73:16:eb:16:75:
7c:17:60:83:4c:2d:13:4f:20:2f:27:8b:51:9c:4e:
57:c4:fa:db:89:12:cf:a0:36:7d:1d:34:f9:73:41:
92:0d:8a:36:2e:4e:7c:5f:04:95:32:76:d1:87:1f:
fb:98:a3:89:11:50:fd:60:92:e5:07:3e:fd:ce:0e:
a6:62:f4:cb:c7:de:a9:91:53:65:1d:04:0e:30:19:
5c:38:cc:08:52:61:bd:ce:78:4e:db:a9:28:bf:dc:
27:00:ad:95:20:36:74:65:28:29:bd:a8:f5:00:0f:
66:95:a7:a2:c5:67:96:e7:a0:c0:40:cd:5d:22:57:
14:db:4a:95:2f:57:99:95:3d:e1:08:4c:7d:a5:82:
93:91:fa:92:a9:fb:8a:c8:e8:f3:b6:67:d9:e6:1a:
02:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:7A:5A:87:6F:DF:A6:55:87:80:7E:59:91:2A:F2:FC:7B:17:46:62
X509v3 Authority Key Identifier:
keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/6C58238E91FC11EF8BD1A94EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.142.0/24
160.22.155.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:db:8d:4e:a6:86:2e:76:be:d3:a7:22:d1:fc:ab:70:de:55:
07:6c:2d:d0:c5:8a:a8:b7:fd:26:ec:6d:31:01:71:79:8d:4a:
77:52:23:30:a6:3d:8f:dd:36:90:44:3f:5f:cf:fb:40:a9:02:
f5:32:35:1f:1a:bd:49:38:a5:c1:39:6d:74:2c:42:eb:0a:62:
7a:36:fd:90:09:54:c8:4e:b8:db:a9:0b:1d:74:40:08:8b:72:
6b:aa:2b:62:bf:06:0a:8f:32:3a:69:d7:ca:5b:32:e9:17:13:
3b:bd:a3:67:64:bc:44:a2:8d:5b:16:25:ce:60:93:f6:16:8b:
02:20:6c:c9:78:3a:24:0c:be:f7:83:34:92:63:9d:ce:f4:37:
03:a3:89:55:56:cf:8e:9f:3f:20:c7:90:30:16:27:c4:65:fe:
d3:44:af:27:93:40:f7:9e:6c:2d:01:04:2f:1e:8a:54:98:db:
89:43:df:7e:ed:ca:45:81:00:96:b6:c6:5f:d5:f3:62:85:3b:
06:f0:3d:57:9a:fb:9b:0e:dd:6e:14:30:77:b0:01:c3:49:8f:
43:e6:65:20:56:8d:f0:fa:4f:8e:0d:fc:a0:72:0a:80:2a:9a:
9a:a7:f8:d0:5c:29:65:9d:9d:3b:0f:8b:0e:19:52:41:9a:5e:
c7:df:68:d8
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBeDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUFFMDExMC8GA1UEBRMoOURGNEZFREZGOTJBOUU3RjZFMDJCRkMwNTRBRDMzOTg1
M0Q5REQzMjAeFw0yNDExMDIxMjU4MTBaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjYyMWUyLWUxMmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0Q4hBSqOchkRXUksvrzbG6BgHg3WQtZfuyWQBjAVF0ur1Vra2q4DFD9sT4FBM
0cq1T66Q5kfTtshogFw+E7IIL2Xww6zG+A2JLWTytWIzZhF1kFXN9LQoTAt0LIqW
gVHKhXdzFusWdXwXYINMLRNPIC8ni1GcTlfE+tuJEs+gNn0dNPlzQZINijYuTnxf
BJUydtGHH/uYo4kRUP1gkuUHPv3ODqZi9MvH3qmRU2UdBA4wGVw4zAhSYb3OeE7b
qSi/3CcArZUgNnRlKCm9qPUAD2aVp6LFZ5bnoMBAzV0iVxTbSpUvV5mVPeEITH2l
gpOR+pKp+4rI6PO2Z9nmGgJFAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUVnpah2/f
plWHgH5ZkSry/HsXRmIwHwYDVR0jBBgwFoAUnfT+3/kqnn9uAr/AVK0zmFPZ3TIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQUUwL0FFRjYzNzYwMTk2
ODExRUY4RkY3QkU2RkM0RjlBRTAyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbmZULTNfa3Fubjl1QXJfQVZLMHptRlBaM1RJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi82QzU4MjM4RTkx
RkMxMUVGOEJEMUE5NEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAKAUjgMEAKAWmzANBgkqhkiG9w0BAQsFAAOCAQEAXNuNTqaG
Lna+06ci0fyrcN5VB2wt0MWKqLf9JuxtMQFxeY1Kd1IjMKY9j902kEQ/X8/7QKkC
9TI1Hxq9STilwTltdCxC6wpiejb9kAlUyE6426kLHXRACItya6orYr8GCo8yOmnX
ylsy6RcTO72jZ2S8RKKNWxYlzmCT9haLAiBsyXg6JAy+94M0kmOdzvQ3A6OJVVbP
jp8/IMeQMBYnxGX+00SvJ5NA955sLQEELx6KVJjbiUPffu3KRYEAlrbGX9XzYoU7
BvA9V5r7mw7dbhQwd7ABw0mPQ+ZlIFaN8PpPjg38oHIKgCqamqf40FwpZZ2dOw+L
DhlSQZpex99o2A==
-----END CERTIFICATE-----
Generated at Tue Nov 19 08:13:06 2024 by rpki-client on console-ams.rpki-client.org