Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF17A/74BB24D23F5D11EF8BF7860EC4F9AE02/B783273C3F5E11EFAA058849C4F9AE02.roa
File: B783273C3F5E11EFAA058849C4F9AE02.roa (raw, json)
Hash identifier: OX9g45w6U5+MXvouiqXDsj6i1cYjg0LQrMkxudcLkMI=
Subject key identifier: 47:63:5C:33:C9:D9:43:EA:83:49:F9:34:EC:E8:C3:DE:FF:27:84:C8
Certificate issuer: /CN=A91EF17A/serialNumber=B3EFA7D6AE199D14582DD4ECB9163A3C9D841759
Certificate serial: 09
Authority key identifier: B3:EF:A7:D6:AE:19:9D:14:58:2D:D4:EC:B9:16:3A:3C:9D:84:17:59
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s--n1q4ZnRRYLdTsuRY6PJ2EF1k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF17A/74BB24D23F5D11EF8BF7860EC4F9AE02/B783273C3F5E11EFAA058849C4F9AE02.roa
Signing time: Thu 11 Jul 2024 08:24:01 +0000
ROA not before: Thu 11 Jul 2024 08:24:01 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 38138
IP address blocks: 160.22.20.0/23 maxlen: 23
160.22.20.0/24 maxlen: 24
160.22.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 09:45:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF17A/serialNumber=B3EFA7D6AE199D14582DD4ECB9163A3C9D841759
Validity
Not Before: Jul 11 08:24:01 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=668f96a1-4d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b9:a5:05:b8:3d:6f:97:25:ae:f7:d8:2e:b2:
0c:03:e1:ca:98:0a:24:69:35:24:f4:d9:67:1e:f1:
65:d8:9a:43:8b:69:90:1d:8d:33:f1:48:a7:d4:96:
1a:9b:cf:25:65:bb:43:f2:b5:21:08:e4:d5:5f:0b:
85:22:aa:09:ef:5a:e0:8a:9b:09:57:2f:7a:9e:0f:
9c:a9:2c:09:87:bd:11:30:12:ff:c9:91:be:12:b6:
19:b7:69:c5:cc:ea:15:22:d5:a6:cd:3b:21:14:93:
f7:51:3a:71:69:32:77:5a:39:b2:9f:6e:45:ee:2e:
42:70:40:5a:a9:48:99:25:1d:56:46:f2:85:dd:93:
48:e5:76:7c:d1:be:79:28:9b:4a:aa:e3:8e:a4:36:
df:31:95:08:83:84:d9:58:62:5d:0a:eb:85:f1:64:
59:a1:e0:6e:20:0a:86:b0:60:52:d9:c7:50:35:f9:
ea:14:ec:65:93:a5:73:c2:1b:b8:94:cd:3a:4e:16:
5e:71:9c:d9:02:58:f2:f9:63:f5:0e:dc:b6:fe:93:
d6:80:a0:f3:06:ce:93:8a:6b:cf:8c:02:c5:51:88:
06:19:55:12:94:33:08:93:84:66:5b:3d:48:b5:c0:
c6:6e:77:f6:9c:2c:65:e2:d5:67:a5:5b:05:fa:ba:
d0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:63:5C:33:C9:D9:43:EA:83:49:F9:34:EC:E8:C3:DE:FF:27:84:C8
X509v3 Authority Key Identifier:
keyid:B3:EF:A7:D6:AE:19:9D:14:58:2D:D4:EC:B9:16:3A:3C:9D:84:17:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF17A/74BB24D23F5D11EF8BF7860EC4F9AE02/s--n1q4ZnRRYLdTsuRY6PJ2EF1k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s--n1q4ZnRRYLdTsuRY6PJ2EF1k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF17A/74BB24D23F5D11EF8BF7860EC4F9AE02/B783273C3F5E11EFAA058849C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.20.0/23
Signature Algorithm: sha256WithRSAEncryption
37:a9:66:86:a7:03:2f:88:14:23:7e:cb:b7:c0:b9:31:ae:3a:
19:ad:85:dc:c3:54:a9:69:d2:a8:7f:6a:d4:f3:a5:de:cf:e0:
9d:6a:03:d8:33:68:09:1c:05:f9:f0:25:54:00:8d:c2:d6:a1:
78:05:bc:aa:58:23:23:c2:fc:b3:5e:84:b7:6b:97:cb:82:3d:
94:b0:e8:f8:6e:2a:c2:df:02:8c:95:49:5b:5b:54:13:fa:84:
76:2b:73:e0:2d:4d:06:03:05:11:78:72:4b:47:43:17:ad:f6:
2b:ba:15:c9:f6:7e:27:63:20:27:f0:33:87:07:aa:f0:e3:d3:
e2:a6:f7:56:57:77:0c:a6:8f:06:c4:86:3a:9c:a0:72:93:fb:
6a:f2:2a:b3:5d:b0:89:d0:1f:d8:3e:f5:2b:ef:37:3b:24:3d:
80:5e:94:bc:98:7d:2b:94:1d:b6:ed:c8:36:fc:09:02:95:29:
56:82:9c:54:34:4b:92:e6:7f:30:ee:8f:4d:a2:50:65:e1:ed:
d4:58:67:f7:65:55:88:9c:cc:f9:bb:31:3c:ab:ba:c4:90:42:
23:98:c8:3a:6d:4f:cd:04:c3:14:13:97:37:96:85:75:29:bf:
98:e4:1e:ac:ef:0a:f2:2c:8d:33:f6:1a:81:4d:da:4c:9b:35:
5c:a9:17:15
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RjE3QTExMC8GA1UEBRMoQjNFRkE3RDZBRTE5OUQxNDU4MkRENEVDQjkxNjNBM0M5
RDg0MTc1OTAeFw0yNDA3MTEwODI0MDFaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OGY5NmExLTRkMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3uaUFuD1vlyWu99gusgwD4cqYCiRpNST02Wce8WXYmkOLaZAdjTPxSKfUlhqb
zyVlu0PytSEI5NVfC4UiqgnvWuCKmwlXL3qeD5ypLAmHvREwEv/Jkb4Sthm3acXM
6hUi1abNOyEUk/dROnFpMndaObKfbkXuLkJwQFqpSJklHVZG8oXdk0jldnzRvnko
m0qq446kNt8xlQiDhNlYYl0K64XxZFmh4G4gCoawYFLZx1A1+eoU7GWTpXPCG7iU
zTpOFl5xnNkCWPL5Y/UO3Lb+k9aAoPMGzpOKa8+MAsVRiAYZVRKUMwiThGZbPUi1
wMZud/acLGXi1WelWwX6utDtAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUR2NcM8nZ
Q+qDSfk07OjD3v8nhMgwHwYDVR0jBBgwFoAUs++n1q4ZnRRYLdTsuRY6PJ2EF1kw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGMTdBLzc0QkIyNEQyM0Y1
RDExRUY4QkY3ODYwRUM0RjlBRTAyL3MtLW4xcTRablJSWUxkVHN1Ulk2UEoyRUYx
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvcy0tbjFxNFpuUlJZTGRUc3VSWTZQSjJFRjFrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RjE3QS83NEJCMjREMjNGNUQxMUVGOEJGNzg2MEVDNEY5QUUwMi9CNzgzMjczQzNG
NUUxMUVGQUEwNTg4NDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaAWFDANBgkqhkiG9w0BAQsFAAOCAQEAN6lmhqcDL4gUI37L
t8C5Ma46Ga2F3MNUqWnSqH9q1POl3s/gnWoD2DNoCRwF+fAlVACNwtaheAW8qlgj
I8L8s16Et2uXy4I9lLDo+G4qwt8CjJVJW1tUE/qEditz4C1NBgMFEXhyS0dDF632
K7oVyfZ+J2MgJ/Azhweq8OPT4qb3Vld3DKaPBsSGOpygcpP7avIqs12widAf2D71
K+83OyQ9gF6UvJh9K5Qdtu3INvwJApUpVoKcVDRLkuZ/MO6PTaJQZeHt1Fhn92VV
iJzM+bsxPKu6xJBCI5jIOm1PzQTDFBOXN5aFdSm/mOQerO8K8iyNM/YagU3aTJs1
XKkXFQ==
-----END CERTIFICATE-----
Generated at Thu Jul 11 11:45:41 2024 by rpki-client on console-fra.rpki-client.org