Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/FF0454F633C311EFA8168F6FC4F9AE02.roa
File: FF0454F633C311EFA8168F6FC4F9AE02.roa (raw, json)
Hash identifier: zE1x5zNh8a5R2q4FR9Upk026lfGl/wzKDrOoVffTSEI=
Subject key identifier: 18:74:46:38:F4:EB:CD:3E:7B:33:B9:84:C8:23:CF:6D:B2:86:98:00
Certificate issuer: /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Certificate serial: 56
Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/FF0454F633C311EFA8168F6FC4F9AE02.roa
Signing time: Sat 07 Sep 2024 13:28:09 +0000
ROA not before: Sat 07 Sep 2024 13:28:09 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 152878
IP address blocks: 160.20.142.0/24 maxlen: 24
160.22.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 11:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86 (0x56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Validity
Not Before: Sep 7 13:28:09 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66dc54e9-d26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:42:91:e9:d5:72:8d:ee:32:11:8e:85:06:fe:
27:09:4f:a1:6a:fb:40:05:73:04:f1:c3:4f:22:15:
40:1f:94:37:e7:47:a1:cb:44:e9:78:90:8a:5c:2b:
6c:2e:61:07:2b:27:55:d4:61:a9:e8:68:c2:67:24:
f8:80:a7:df:e8:9b:27:f1:1d:01:eb:46:88:62:95:
8d:9a:7a:6a:34:aa:96:12:5f:c4:d6:12:f0:0b:22:
02:c3:e8:6a:d0:b1:0f:b8:d1:aa:43:57:1f:4f:66:
32:ed:4a:8b:32:17:de:ef:ec:8d:05:ca:46:2d:6b:
f4:47:aa:02:c1:4a:0b:a4:01:e7:09:da:ad:3a:af:
67:be:de:35:3a:81:d3:fe:a4:77:ea:54:f2:cf:e5:
8e:cd:fb:88:b4:c3:ff:31:c3:ab:b2:87:66:d1:7c:
f7:f4:1d:d6:35:6a:75:2c:10:00:f3:a3:81:8f:c7:
44:05:1c:98:62:c9:52:cd:09:00:e0:fc:8f:ea:4b:
c3:cb:de:a3:f2:7a:bd:f1:bb:2c:ef:4d:fd:1c:ff:
02:4b:0b:7b:1f:c4:ee:90:d9:62:ea:cf:d2:c8:59:
70:28:8f:76:ac:a4:c7:f2:2f:9c:f8:da:9a:21:95:
a9:c2:e5:af:57:75:9f:69:23:83:1d:83:5a:d4:56:
42:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:74:46:38:F4:EB:CD:3E:7B:33:B9:84:C8:23:CF:6D:B2:86:98:00
X509v3 Authority Key Identifier:
keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/FF0454F633C311EFA8168F6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.142.0/24
160.22.155.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:6e:c5:d6:2a:cc:f9:a2:9a:23:fd:46:63:39:f4:9b:cd:a6:
51:e4:7b:95:0f:21:ff:8c:6f:53:95:da:5c:13:09:92:38:e0:
3a:9b:46:9c:39:92:67:c8:42:bb:17:1f:63:20:2a:71:c4:07:
f5:c9:0f:ba:87:d0:e1:cc:9d:f8:58:53:c2:be:a8:f8:86:ad:
e8:ab:93:9f:71:b6:61:f5:61:a8:ea:2e:53:47:28:07:de:ee:
f5:62:39:4b:37:6c:dd:71:e3:fd:84:a8:8e:90:0b:9f:98:13:
a6:7c:92:2b:11:da:89:a1:e8:e9:35:c2:ef:d6:0b:66:a6:3f:
c9:da:35:5b:c3:a9:e8:86:bd:e4:21:e4:83:7c:63:bc:18:bf:
d5:bb:28:86:a7:d5:16:0c:24:4d:1e:3e:4e:30:75:10:be:ac:
f1:f8:b9:57:e0:84:42:6b:64:76:52:be:7b:90:c8:c3:7f:93:
09:65:9e:74:47:7d:04:b3:74:53:fa:3b:8b:55:4d:84:0b:b2:
89:51:d0:75:ac:fc:49:e2:b2:ba:ff:3f:4f:ad:15:ea:a7:f3:
fe:75:22:87:61:ae:d7:4f:ec:c6:4e:a8:5e:cb:18:e3:00:c4:
4e:99:ae:70:7b:c0:9b:56:aa:b8:1c:e6:6e:a9:31:f1:bd:d8:
80:07:a5:c4
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBVjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUFFMDExMC8GA1UEBRMoOURGNEZFREZGOTJBOUU3RjZFMDJCRkMwNTRBRDMzOTg1
M0Q5REQzMjAeFw0yNDA5MDcxMzI4MDlaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZGM1NGU5LWQyNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1QpHp1XKN7jIRjoUG/icJT6Fq+0AFcwTxw08iFUAflDfnR6HLROl4kIpcK2wu
YQcrJ1XUYanoaMJnJPiAp9/omyfxHQHrRohilY2aemo0qpYSX8TWEvALIgLD6GrQ
sQ+40apDVx9PZjLtSosyF97v7I0FykYta/RHqgLBSgukAecJ2q06r2e+3jU6gdP+
pHfqVPLP5Y7N+4i0w/8xw6uyh2bRfPf0HdY1anUsEADzo4GPx0QFHJhiyVLNCQDg
/I/qS8PL3qPyer3xuyzvTf0c/wJLC3sfxO6Q2WLqz9LIWXAoj3aspMfyL5z42poh
lanC5a9XdZ9pI4Mdg1rUVkJDAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUGHRGOPTr
zT57M7mEyCPPbbKGmAAwHwYDVR0jBBgwFoAUnfT+3/kqnn9uAr/AVK0zmFPZ3TIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQUUwL0FFRjYzNzYwMTk2
ODExRUY4RkY3QkU2RkM0RjlBRTAyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbmZULTNfa3Fubjl1QXJfQVZLMHptRlBaM1RJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi9GRjA0NTRGNjMz
QzMxMUVGQTgxNjhGNkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAKAUjgMEAKAWmzANBgkqhkiG9w0BAQsFAAOCAQEAjG7F1irM
+aKaI/1GYzn0m82mUeR7lQ8h/4xvU5XaXBMJkjjgOptGnDmSZ8hCuxcfYyAqccQH
9ckPuofQ4cyd+FhTwr6o+Iat6KuTn3G2YfVhqOouU0coB97u9WI5Szds3XHj/YSo
jpALn5gTpnySKxHaiaHo6TXC79YLZqY/ydo1W8Op6Ia95CHkg3xjvBi/1bsohqfV
FgwkTR4+TjB1EL6s8fi5V+CEQmtkdlK+e5DIw3+TCWWedEd9BLN0U/o7i1VNhAuy
iVHQdaz8SeKyuv8/T60V6qfz/nUih2Gu10/sxk6oXssY4wDETpmucHvAm1aquBzm
bqkx8b3YgAelxA==
-----END CERTIFICATE-----
Generated at Thu Oct 24 16:00:44 2024 by rpki-client on console-ams.rpki-client.org