Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/C93F1C7419C011EF95152959C4F9AE02.roa
File: C93F1C7419C011EF95152959C4F9AE02.roa (raw, json)
Hash identifier: RSm/uImAx7iPXXCM/JfgsU0fiA2lv4Pe+eLJpwK0UYY=
Subject key identifier: 64:3B:24:A6:2D:C2:07:6F:C6:9D:31:F0:A4:3D:FF:B9:D5:A9:CC:5E
Certificate issuer: /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Certificate serial: 07
Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/C93F1C7419C011EF95152959C4F9AE02.roa
Signing time: Fri 24 May 2024 11:28:48 +0000
ROA not before: Fri 24 May 2024 11:28:48 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 152878
IP address blocks: 160.20.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 May 2024 02:40:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Validity
Not Before: May 24 11:28:48 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=665079ef-3c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6a:8e:b4:f2:e6:07:c1:1a:9f:f0:2f:4f:67:
a0:75:22:36:92:b3:44:65:e5:6f:91:b2:ad:43:3d:
22:95:d7:fd:fd:82:bd:79:fd:19:2a:6a:1b:0b:2d:
d6:54:99:84:2b:08:ed:0a:98:c0:c1:61:f5:c8:ea:
51:52:30:a4:86:4e:b8:ba:fb:18:c8:b2:d4:7b:33:
06:81:f4:c9:77:07:87:ee:17:8e:b4:2f:35:07:f7:
d9:e5:ed:9c:5f:a1:86:02:02:19:9c:70:0f:9c:cf:
fa:76:4e:4a:a7:5d:b3:b6:4d:b2:8b:49:68:ab:cc:
86:bd:0d:9f:bd:84:4b:6a:bc:73:01:72:fa:78:36:
55:83:4d:16:6a:c0:e7:94:e3:cc:dd:0f:fd:b7:7a:
51:25:f5:59:d1:d8:60:3e:ed:41:29:68:df:76:6d:
22:e2:48:bd:e6:b0:38:b2:53:64:64:fa:af:b3:a9:
b3:ce:21:98:61:dc:c5:05:6a:69:9d:56:bd:7d:98:
88:bf:ca:11:27:aa:c7:15:07:ff:fe:84:c3:e0:8f:
1a:b9:92:c1:50:b6:06:ff:47:3f:a7:cd:f3:ab:56:
5e:19:63:66:16:d6:f1:25:58:50:84:e7:3e:85:4c:
86:6d:a0:c6:5f:be:fe:7c:23:43:49:a8:10:aa:3d:
84:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3B:24:A6:2D:C2:07:6F:C6:9D:31:F0:A4:3D:FF:B9:D5:A9:CC:5E
X509v3 Authority Key Identifier:
keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/C93F1C7419C011EF95152959C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.142.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:c9:fb:31:29:e4:fa:db:7f:b3:a4:a6:21:df:9d:cd:3d:ba:
84:e8:72:34:1c:99:7c:49:06:ba:1c:cd:d4:02:4e:07:47:01:
0f:32:68:29:0f:3b:5c:23:66:fa:c0:66:34:41:3f:ac:0e:5f:
e4:6e:39:87:bb:05:d2:85:30:e9:c2:97:3b:13:c8:32:e3:c0:
29:e0:37:f5:cd:80:24:4a:82:01:b9:15:fe:fb:7c:af:e1:2f:
c4:93:70:34:17:b1:c8:05:e4:52:19:63:96:33:35:b8:65:85:
b8:ae:40:31:e1:b1:bd:20:74:e7:3a:95:e9:ed:1d:53:99:ec:
f6:9e:fa:fc:51:ef:03:c1:db:48:b5:73:ce:af:c3:29:58:aa:
37:16:f1:08:09:7f:c8:ba:07:1b:97:09:38:d3:8c:a3:71:1e:
75:37:5d:c7:4e:f1:29:5c:bf:b6:60:08:ef:7b:34:dc:40:47:
30:15:76:c2:c6:ff:a7:e2:00:f5:82:6a:23:e5:05:35:72:4a:
74:2a:fe:50:2e:21:c2:c4:f4:b6:87:55:16:99:92:b7:a1:1e:
4b:b7:99:78:51:e9:92:72:23:de:b7:91:2c:3b:52:81:f1:a4:
4a:ce:63:59:08:91:a0:d0:0d:79:a0:20:f5:25:22:e6:f0:92:
9c:3c:0f:6b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUFFMDExMC8GA1UEBRMoOURGNEZFREZGOTJBOUU3RjZFMDJCRkMwNTRBRDMzOTg1
M0Q5REQzMjAeFw0yNDA1MjQxMTI4NDhaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTA3OWVmLTNjOWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXao608uYHwRqf8C9PZ6B1IjaSs0Rl5W+Rsq1DPSKV1/39gr15/RkqahsLLdZU
mYQrCO0KmMDBYfXI6lFSMKSGTri6+xjIstR7MwaB9Ml3B4fuF460LzUH99nl7Zxf
oYYCAhmccA+cz/p2TkqnXbO2TbKLSWirzIa9DZ+9hEtqvHMBcvp4NlWDTRZqwOeU
48zdD/23elEl9VnR2GA+7UEpaN92bSLiSL3msDiyU2Rk+q+zqbPOIZhh3MUFammd
Vr19mIi/yhEnqscVB//+hMPgjxq5ksFQtgb/Rz+nzfOrVl4ZY2YW1vElWFCE5z6F
TIZtoMZfvv58I0NJqBCqPYQRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZDskpi3C
B2/GnTHwpD3/udWpzF4wHwYDVR0jBBgwFoAUnfT+3/kqnn9uAr/AVK0zmFPZ3TIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQUUwL0FFRjYzNzYwMTk2
ODExRUY4RkY3QkU2RkM0RjlBRTAyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbmZULTNfa3Fubjl1QXJfQVZLMHptRlBaM1RJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi9DOTNGMUM3NDE5
QzAxMUVGOTUxNTI5NTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAUjjANBgkqhkiG9w0BAQsFAAOCAQEALsn7MSnk+tt/s6Sm
Id+dzT26hOhyNByZfEkGuhzN1AJOB0cBDzJoKQ87XCNm+sBmNEE/rA5f5G45h7sF
0oUw6cKXOxPIMuPAKeA39c2AJEqCAbkV/vt8r+EvxJNwNBexyAXkUhljljM1uGWF
uK5AMeGxvSB05zqV6e0dU5ns9p76/FHvA8HbSLVzzq/DKViqNxbxCAl/yLoHG5cJ
ONOMo3EedTddx07xKVy/tmAI73s03EBHMBV2wsb/p+IA9YJqI+UFNXJKdCr+UC4h
wsT0todVFpmSt6EeS7eZeFHpknIj3reRLDtSgfGkSs5jWQiRoNANeaAg9SUi5vCS
nDwPaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org