Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBAF1/86DB2CCC248E11EBABEF2B2FC4F9AE02/A1258398391F11EBAD1E3A2CC4F9AE02.roa
File: A1258398391F11EBAD1E3A2CC4F9AE02.roa (raw, json)
Hash identifier: o28OVHvjHED0heXH/TkDz/Ik26iac/SnywTs5j7HJsA=
Subject key identifier: CA:69:96:E7:CC:47:40:BC:73:6C:9B:67:44:5D:E5:63:DB:91:F7:60
Certificate issuer: /CN=A91DBAF1/serialNumber=25F3D21688AB9381AA8B952BCE2641293542A7F2
Certificate serial: 06C2
Authority key identifier: 25:F3:D2:16:88:AB:93:81:AA:8B:95:2B:CE:26:41:29:35:42:A7:F2
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JfPSFoirk4Gqi5UrziZBKTVCp_I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DBAF1/86DB2CCC248E11EBABEF2B2FC4F9AE02/A1258398391F11EBAD1E3A2CC4F9AE02.roa
Signing time: Thu 06 Jun 2024 23:52:49 +0000
ROA not before: Thu 06 Jun 2024 23:52:49 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 17819
IP address blocks: 51.162.16.0/20 maxlen: 20
51.162.80.0/21 maxlen: 21
51.162.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 08:34:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1730 (0x6c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DBAF1/serialNumber=25F3D21688AB9381AA8B952BCE2641293542A7F2
Validity
Not Before: Jun 6 23:52:49 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66624bd0-5459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2e:ed:d7:86:45:31:f8:9f:db:7e:f3:de:7f:
2c:a1:e5:4c:63:89:c2:c1:43:5b:88:57:3d:3c:c9:
71:e6:4b:e5:46:d0:0d:16:ed:45:ea:80:16:c6:e6:
87:82:6e:7f:65:63:11:eb:22:2c:3a:8a:a0:52:1e:
22:79:b9:b4:67:c3:d7:34:6a:76:52:62:91:be:2a:
f9:95:4b:2d:46:34:b3:c4:47:34:23:d4:68:84:34:
c9:3f:a7:82:ed:94:89:9b:0d:e0:5b:ac:76:68:23:
96:41:68:77:ec:76:4a:01:98:e3:2c:f6:1c:ad:e1:
e0:63:32:0e:a1:1c:19:02:a0:9e:fc:71:05:9f:bd:
df:d8:fa:f4:90:10:86:02:4c:89:f0:df:c7:be:39:
30:51:32:c0:57:5b:7b:7c:b5:31:69:c0:c3:cf:f9:
9e:73:2e:44:fa:a0:0f:28:b7:a7:08:ab:84:5e:6e:
dd:a8:5e:42:ed:d4:db:44:0e:48:52:e2:2e:bb:93:
93:75:65:37:87:ea:e2:9b:35:02:b7:bc:5f:dc:0e:
ec:57:7d:ae:59:2c:78:84:ac:e3:99:04:1d:d6:48:
52:c5:4f:df:d6:bb:a3:d1:12:b9:da:6c:77:25:88:
7e:ab:5e:50:6f:86:ab:a1:7f:3c:68:d1:61:67:87:
53:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:69:96:E7:CC:47:40:BC:73:6C:9B:67:44:5D:E5:63:DB:91:F7:60
X509v3 Authority Key Identifier:
keyid:25:F3:D2:16:88:AB:93:81:AA:8B:95:2B:CE:26:41:29:35:42:A7:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DBAF1/86DB2CCC248E11EBABEF2B2FC4F9AE02/JfPSFoirk4Gqi5UrziZBKTVCp_I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JfPSFoirk4Gqi5UrziZBKTVCp_I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBAF1/86DB2CCC248E11EBABEF2B2FC4F9AE02/A1258398391F11EBAD1E3A2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
51.162.16.0/20
51.162.80.0/21
Signature Algorithm: sha256WithRSAEncryption
33:72:f2:57:c6:82:be:97:b1:c2:5b:07:2a:91:6b:f9:44:42:
3c:b0:87:f9:87:d5:23:37:2d:17:86:91:78:9f:29:8d:f1:be:
85:fa:b4:8b:dc:b6:e4:bc:29:4e:45:eb:75:38:83:b2:31:3c:
fd:f0:eb:50:5e:a0:4f:f6:38:83:17:af:13:32:16:bf:4f:70:
4d:fe:58:dd:2e:05:2d:b3:11:02:f9:a5:ed:09:23:c8:cf:66:
44:a1:fa:b6:12:50:cb:a9:fc:37:f8:28:e2:34:c7:ed:d2:94:
87:a4:65:a5:66:37:f9:66:a3:18:5a:71:72:95:bb:96:f8:51:
be:ca:d5:31:3b:bb:1e:84:7c:87:29:5b:d2:47:6f:2c:13:20:
91:56:ab:2c:ce:d0:fe:58:a5:f2:0b:3f:17:7a:83:85:5c:ff:
51:df:77:c0:8c:ef:50:65:b2:32:bd:81:b4:97:f5:d0:3a:40:
5d:80:35:f2:1c:79:43:38:90:84:06:df:ff:55:68:7c:54:ea:
76:c4:ca:73:39:52:c1:a1:5b:04:8a:34:f8:21:06:f5:bc:de:
d7:b4:09:4c:74:57:ad:b9:44:47:b7:8b:61:43:cd:d4:95:78:
7e:92:19:f5:45:b9:27:1a:d8:c0:3b:7a:02:0d:16:62:6d:c9:
ec:93:a1:60
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBsIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REJBRjExMTAvBgNVBAUTKDI1RjNEMjE2ODhBQjkzODFBQThCOTUyQkNFMjY0MTI5
MzU0MkE3RjIwHhcNMjQwNjA2MjM1MjQ5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYyNGJkMC01NDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxy7t14ZFMfif237z3n8soeVMY4nCwUNbiFc9PMlx5kvlRtANFu1F6oAWxuaH
gm5/ZWMR6yIsOoqgUh4iebm0Z8PXNGp2UmKRvir5lUstRjSzxEc0I9RohDTJP6eC
7ZSJmw3gW6x2aCOWQWh37HZKAZjjLPYcreHgYzIOoRwZAqCe/HEFn73f2Pr0kBCG
AkyJ8N/HvjkwUTLAV1t7fLUxacDDz/mecy5E+qAPKLenCKuEXm7dqF5C7dTbRA5I
UuIuu5OTdWU3h+rimzUCt7xf3A7sV32uWSx4hKzjmQQd1khSxU/f1ruj0RK52mx3
JYh+q15Qb4aroX88aNFhZ4dTsQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMpplufM
R0C8c2ybZ0Rd5WPbkfdgMB8GA1UdIwQYMBaAFCXz0haIq5OBqouVK84mQSk1Qqfy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkFGMS84NkRCMkNDQzI0
OEUxMUVCQUJFRjJCMkZDNEY5QUUwMi9KZlBTRm9pcms0R3FpNVVyemlaQktUVkNw
X0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL0pmUFNGb2lyazRHcWk1VXJ6aVpCS1RWQ3BfSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REJBRjEvODZEQjJDQ0MyNDhFMTFFQkFCRUYyQjJGQzRGOUFFMDIvQTEyNTgzOTgz
OTFGMTFFQkFEMUUzQTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAQzohADBAMzolAwDQYJKoZIhvcNAQELBQADggEBADNy8lfG
gr6XscJbByqRa/lEQjywh/mH1SM3LReGkXifKY3xvoX6tIvctuS8KU5F63U4g7Ix
PP3w61BeoE/2OIMXrxMyFr9PcE3+WN0uBS2zEQL5pe0JI8jPZkSh+rYSUMup/Df4
KOI0x+3SlIekZaVmN/lmoxhacXKVu5b4Ub7K1TE7ux6EfIcpW9JHbywTIJFWqyzO
0P5YpfILPxd6g4Vc/1Hfd8CM71BlsjK9gbSX9dA6QF2ANfIceUM4kIQG3/9VaHxU
6nbEynM5UsGhWwSKNPghBvW83te0CUx0V625REe3i2FDzdSVeH6SGfVFuSca2MA7
egINFmJtyeyToWA=
-----END CERTIFICATE-----
Generated at Mon Oct 7 10:00:43 2024 by rpki-client on console-fra.rpki-client.org