Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/9DD049E24F0711EFB653D379C4F9AE02.roa
File: 9DD049E24F0711EFB653D379C4F9AE02.roa (raw, json)
Hash identifier: BhP+AsWpZfC0N0exyGqZMRkatdIH5G3VodD87fCPutM=
Subject key identifier: DB:26:31:70:54:43:76:58:F7:F5:86:B6:A2:43:AF:46:60:DE:13:C7
Certificate issuer: /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Certificate serial: 40
Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/9DD049E24F0711EFB653D379C4F9AE02.roa
Signing time: Wed 31 Jul 2024 06:39:20 +0000
ROA not before: Wed 31 Jul 2024 06:39:20 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 216178
IP address blocks: 160.20.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Sep 2024 13:28:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64 (0x40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Validity
Not Before: Jul 31 06:39:20 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66a9dc18-be27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3f:6c:b0:12:7d:0f:ee:01:9f:8d:9a:22:1f:
2e:a8:32:d1:d1:21:3f:f5:05:cc:55:45:e1:d3:a7:
66:9d:a6:a5:e3:99:e9:b1:6e:82:39:13:47:22:08:
58:3e:22:0e:3e:da:d8:16:9a:1f:da:56:ed:1a:bc:
09:35:30:31:a7:ae:7b:1f:79:68:d4:ca:f6:d9:64:
b7:e3:51:8f:9b:79:9b:f7:95:ae:a7:9e:8b:c0:4b:
c4:e6:b6:d5:42:d7:75:7b:a9:3c:b8:d6:79:10:a1:
e6:bb:21:54:0e:c6:9c:7f:a8:cb:74:de:1f:1c:14:
0b:c6:d7:33:6f:31:8a:81:90:de:ad:bf:c5:31:21:
c1:28:20:49:35:10:f0:9a:71:a6:3c:73:ea:9e:61:
5e:89:dc:e5:d0:26:e2:05:86:21:5e:25:7b:1e:51:
f9:ed:71:42:1d:ff:15:ab:00:4b:2c:54:56:4d:ac:
3d:d0:5d:e9:60:d8:2f:a4:58:75:81:0e:e8:11:e0:
e8:05:de:e9:40:56:35:20:df:b1:29:c3:0b:25:bb:
02:da:01:66:7b:81:c2:7e:34:24:bc:f1:0c:09:6e:
6a:24:55:72:bb:e8:4d:f5:db:40:ef:c2:6a:b7:22:
4c:65:e4:f9:a3:ab:db:5b:66:05:7c:97:e0:9e:33:
5e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:26:31:70:54:43:76:58:F7:F5:86:B6:A2:43:AF:46:60:DE:13:C7
X509v3 Authority Key Identifier:
keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/9DD049E24F0711EFB653D379C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.142.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:31:9c:57:29:af:8a:0c:d0:2e:db:8f:70:c1:e7:b8:18:38:
eb:83:68:8d:65:43:ab:da:9f:0c:c0:0c:c7:71:73:16:f9:12:
24:2b:74:c0:57:e8:bd:7f:db:35:a0:f8:a2:5b:8b:e1:6c:07:
60:a1:ff:9e:8c:2a:1e:e2:c7:e8:bf:a5:a1:0e:54:92:4a:8b:
25:06:e6:0b:9e:53:1c:ab:a6:68:3b:2d:67:3d:32:c0:11:bd:
ea:2f:b6:e2:25:ac:a5:df:35:ec:5d:63:d9:fb:35:0e:93:86:
eb:20:a3:b3:d9:53:ec:ed:12:dc:4a:7d:56:70:ad:4f:c9:b0:
74:81:4d:21:e6:99:49:79:6b:5a:e1:97:01:10:f1:62:15:92:
ee:95:2e:5d:98:a3:f0:68:47:3d:9c:29:5e:22:eb:cf:63:b7:
9d:a8:91:3d:72:12:cd:2f:76:22:b3:17:50:af:9e:cb:d4:64:
22:b5:58:6e:6f:87:cf:a4:60:fc:5e:ca:e1:c8:8b:26:5e:1b:
ef:41:64:39:29:9f:4e:6f:3f:2e:0a:34:7d:ae:a9:b8:d6:af:
69:b1:28:57:e9:71:11:e1:0f:aa:42:f8:31:f0:2b:df:64:65:
00:5f:9d:f9:06:40:ba:8a:00:f5:ad:df:d6:53:3a:b5:09:a7:
9e:d8:81:f5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBQDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUFFMDExMC8GA1UEBRMoOURGNEZFREZGOTJBOUU3RjZFMDJCRkMwNTRBRDMzOTg1
M0Q5REQzMjAeFw0yNDA3MzEwNjM5MjBaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YTlkYzE4LWJlMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCdP2ywEn0P7gGfjZoiHy6oMtHRIT/1BcxVReHTp2adpqXjmemxboI5E0ciCFg+
Ig4+2tgWmh/aVu0avAk1MDGnrnsfeWjUyvbZZLfjUY+beZv3la6nnovAS8TmttVC
13V7qTy41nkQoea7IVQOxpx/qMt03h8cFAvG1zNvMYqBkN6tv8UxIcEoIEk1EPCa
caY8c+qeYV6J3OXQJuIFhiFeJXseUfntcUId/xWrAEssVFZNrD3QXelg2C+kWHWB
DugR4OgF3ulAVjUg37EpwwsluwLaAWZ7gcJ+NCS88QwJbmokVXK76E3120Dvwmq3
Ikxl5Pmjq9tbZgV8l+CeM16bAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU2yYxcFRD
dlj39Ya2okOvRmDeE8cwHwYDVR0jBBgwFoAUnfT+3/kqnn9uAr/AVK0zmFPZ3TIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQUUwL0FFRjYzNzYwMTk2
ODExRUY4RkY3QkU2RkM0RjlBRTAyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbmZULTNfa3Fubjl1QXJfQVZLMHptRlBaM1RJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi85REQwNDlFMjRG
MDcxMUVGQjY1M0QzNzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAUjjANBgkqhkiG9w0BAQsFAAOCAQEAPjGcVymvigzQLtuP
cMHnuBg464NojWVDq9qfDMAMx3FzFvkSJCt0wFfovX/bNaD4oluL4WwHYKH/nowq
HuLH6L+loQ5UkkqLJQbmC55THKumaDstZz0ywBG96i+24iWspd817F1j2fs1DpOG
6yCjs9lT7O0S3Ep9VnCtT8mwdIFNIeaZSXlrWuGXARDxYhWS7pUuXZij8GhHPZwp
XiLrz2O3naiRPXISzS92IrMXUK+ey9RkIrVYbm+Hz6Rg/F7K4ciLJl4b70FkOSmf
Tm8/Lgo0fa6puNavabEoV+lxEeEPqkL4MfAr32RlAF+d+QZAuooA9a3f1lM6tQmn
ntiB9Q==
-----END CERTIFICATE-----
Generated at Sat Sep 7 15:32:41 2024 by rpki-client on console-ams.rpki-client.org