Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/D05E05DE920011EFAF135D6CC4F9AE02.roa
File: D05E05DE920011EFAF135D6CC4F9AE02.roa (raw, json)
Hash identifier: 8Fu3gw5hVdh113SjZ48+5XslcmRc5Z2kWmKTRdXz1hQ=
Subject key identifier: 2E:EB:65:0B:F4:61:51:0F:22:F4:68:AB:3D:06:63:D6:14:61:AB:84
Certificate issuer: /CN=A91E554A/serialNumber=121AF144D903E3F8897DF0FED2071A164775ED4F
Certificate serial: 02
Authority key identifier: 12:1A:F1:44:D9:03:E3:F8:89:7D:F0:FE:D2:07:1A:16:47:75:ED:4F
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/D05E05DE920011EFAF135D6CC4F9AE02.roa
Signing time: Thu 24 Oct 2024 12:09:27 +0000
ROA not before: Thu 24 Oct 2024 12:09:26 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 153377
IP address blocks: 160.191.80.0/24 maxlen: 24
160.191.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 10:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E554A
Validity
Not Before: Oct 24 12:09:26 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=671a38f6-4d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:41:a8:16:39:12:7c:a5:c6:fd:8d:09:01:0f:
81:20:83:ea:38:96:2b:22:27:87:17:2e:37:08:c2:
87:05:9e:63:50:fe:00:19:2a:4a:e8:01:01:cb:ab:
34:f3:3d:80:a1:a3:85:af:47:dc:36:5d:aa:05:cc:
88:70:c1:f7:d9:aa:c7:31:6e:74:b0:32:d5:4e:26:
c6:37:2f:2e:b0:33:93:e8:88:63:d0:fe:5b:16:90:
61:d9:4b:26:b5:6f:2a:89:6d:53:11:d8:7e:5d:24:
fe:da:96:a8:66:71:5e:8a:8b:09:35:d7:16:b8:3e:
8f:46:6f:85:fb:6f:1a:2c:f6:70:3d:a2:74:da:5f:
85:35:63:d6:64:79:99:ea:83:5a:f1:2f:e5:3f:d4:
b3:9a:51:33:2d:46:89:92:ee:b5:d7:e0:cd:24:7b:
ec:0a:be:85:2a:bd:b7:4c:d1:72:1d:16:d9:47:63:
27:f5:1c:02:53:b0:d3:65:20:01:c6:7b:8d:f1:62:
6e:0f:a5:05:f6:bb:57:98:b8:f1:37:2a:4d:c0:a9:
02:80:d9:0e:fe:5d:6a:ee:73:a6:33:32:c7:2a:b5:
dd:da:10:b7:b9:a2:6f:8d:64:a8:77:21:2c:d6:cb:
2f:8a:bd:ab:f5:7e:4e:2a:d6:51:26:71:31:8f:30:
0e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:EB:65:0B:F4:61:51:0F:22:F4:68:AB:3D:06:63:D6:14:61:AB:84
X509v3 Authority Key Identifier:
keyid:12:1A:F1:44:D9:03:E3:F8:89:7D:F0:FE:D2:07:1A:16:47:75:ED:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/D05E05DE920011EFAF135D6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.80.0/23
Signature Algorithm: sha256WithRSAEncryption
92:20:d1:3f:1a:f5:bb:dd:9e:64:4e:25:f5:95:3d:93:95:48:
cf:4d:b2:89:e7:96:d7:dd:df:9a:59:04:4d:75:51:6a:cf:66:
8e:7b:f1:b7:65:9f:38:e5:f0:6c:82:2f:b0:b4:69:26:59:3b:
b6:5c:79:6f:bb:7d:6f:b5:ae:ea:9c:78:2d:78:26:f1:6c:95:
24:87:81:9f:54:71:bc:c9:47:33:45:0a:4f:ae:29:d9:1a:36:
b1:85:d4:5e:c2:fe:70:16:81:af:31:71:a3:30:0c:d9:e6:a5:
db:9c:7c:1a:e6:16:ac:b4:2f:cb:10:dc:78:60:b9:08:71:d5:
2c:6e:e3:09:94:f3:41:e2:3a:c1:2d:f7:cd:3d:ff:48:28:23:
66:db:97:20:81:7c:62:88:3e:ef:6f:bb:9a:c0:95:88:cd:b3:
b7:7a:2c:ce:42:1a:10:1e:b2:35:df:72:cc:fa:6f:d2:15:36:
93:c9:2c:80:e3:6c:9c:03:7d:6a:d3:7d:74:e7:63:bd:80:83:
a4:f5:d2:56:4d:f1:6b:c6:95:b4:84:5b:49:82:f3:8e:d3:2c:
79:b9:bf:68:aa:ec:6a:91:f7:3d:68:24:f0:2b:61:7b:7f:71:
e6:97:a4:31:c8:db:18:43:13:e7:70:4d:c4:6a:cd:4a:1f:24:
c4:6f:99:0a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
NTU0QTExMC8GA1UEBRMoMTIxQUYxNDREOTAzRTNGODg5N0RGMEZFRDIwNzFBMTY0
Nzc1RUQ0RjAeFw0yNDEwMjQxMjA5MjZaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MWEzOGY2LTRkM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMQagWORJ8pcb9jQkBD4Egg+o4lisiJ4cXLjcIwocFnmNQ/gAZKkroAQHLqzTz
PYCho4WvR9w2XaoFzIhwwffZqscxbnSwMtVOJsY3Ly6wM5PoiGPQ/lsWkGHZSya1
byqJbVMR2H5dJP7alqhmcV6Kiwk11xa4Po9Gb4X7bxos9nA9onTaX4U1Y9ZkeZnq
g1rxL+U/1LOaUTMtRomS7rXX4M0ke+wKvoUqvbdM0XIdFtlHYyf1HAJTsNNlIAHG
e43xYm4PpQX2u1eYuPE3Kk3AqQKA2Q7+XWruc6YzMscqtd3aELe5om+NZKh3ISzW
yy+Kvav1fk4q1lEmcTGPMA5DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQULutlC/Rh
UQ8i9GirPQZj1hRhq4QwHwYDVR0jBBgwFoAUEhrxRNkD4/iJffD+0gcaFkd17U8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU1NTRBLzc5NUU3M0QwOTFG
NzExRUZBREUxMTI2NkM0RjlBRTAyL0VocnhSTmtENF9pSmZmRC0wZ2NhRmtkMTdV
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvRWhyeFJOa0Q0X2lKZmZELTBnY2FGa2QxN1U4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NTU0QS83OTVFNzNEMDkxRjcxMUVGQURFMTEyNjZDNEY5QUUwMi9EMDVFMDVERTky
MDAxMUVGQUYxMzVENkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC/UDANBgkqhkiG9w0BAQsFAAOCAQEAkiDRPxr1u92eZE4l
9ZU9k5VIz02yieeW193fmlkETXVRas9mjnvxt2WfOOXwbIIvsLRpJlk7tlx5b7t9
b7Wu6px4LXgm8WyVJIeBn1RxvMlHM0UKT64p2Ro2sYXUXsL+cBaBrzFxozAM2eal
25x8GuYWrLQvyxDceGC5CHHVLG7jCZTzQeI6wS33zT3/SCgjZtuXIIF8Yog+72+7
msCViM2zt3oszkIaEB6yNd9yzPpv0hU2k8ksgONsnAN9atN9dOdjvYCDpPXSVk3x
a8aVtIRbSYLzjtMsebm/aKrsapH3PWgk8Cthe39x5pekMcjbGEMT53BNxGrNSh8k
xG+ZCg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:46 2025 by rpki-client