Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF17A/74BB24D23F5D11EF8BF7860EC4F9AE02/FD6E40624D8A11EF9F3B264CC4F9AE02.roa
File: FD6E40624D8A11EF9F3B264CC4F9AE02.roa (raw, json)
Hash identifier: JAg+vZNNntvu5tT798MkR9vf3RQgnYoIyaUcsazPEII=
Subject key identifier: AB:78:84:BA:85:EA:CE:E5:A7:AB:E8:0B:18:AF:1A:D5:20:91:3A:33
Certificate issuer: /CN=A91EF17A/serialNumber=B3EFA7D6AE199D14582DD4ECB9163A3C9D841759
Certificate serial: 1C
Authority key identifier: B3:EF:A7:D6:AE:19:9D:14:58:2D:D4:EC:B9:16:3A:3C:9D:84:17:59
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s--n1q4ZnRRYLdTsuRY6PJ2EF1k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF17A/74BB24D23F5D11EF8BF7860EC4F9AE02/FD6E40624D8A11EF9F3B264CC4F9AE02.roa
Signing time: Mon 29 Jul 2024 09:14:42 +0000
ROA not before: Mon 29 Jul 2024 09:14:42 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 152889
IP address blocks: 160.22.20.0/23 maxlen: 23
160.22.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jul 2024 09:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF17A/serialNumber=B3EFA7D6AE199D14582DD4ECB9163A3C9D841759
Validity
Not Before: Jul 29 09:14:42 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66a75d82-aba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9c:7a:17:7e:3f:6d:f1:42:34:9b:0f:af:d2:
5a:69:e6:51:50:b7:17:16:7d:b2:e8:a7:c3:d7:4e:
12:40:19:ff:0b:30:76:0f:89:89:46:ea:99:4d:fe:
06:de:69:ef:34:1f:69:35:77:af:d3:be:92:a2:e5:
dd:f3:fe:5e:b1:c2:71:b3:4a:e5:b6:bd:2f:9c:10:
13:94:a6:9f:e0:a2:30:99:9d:c3:7c:42:b4:d7:1d:
86:14:51:2f:4f:37:4e:4f:76:6a:dc:99:72:a3:14:
35:99:bf:d3:c2:66:40:be:40:ee:39:01:a8:2e:58:
e1:36:1f:6b:33:bc:24:16:dd:dc:c1:37:84:a8:0f:
6b:32:e5:be:fb:45:44:13:7c:eb:d9:31:f8:e1:06:
6c:01:a2:06:74:d4:de:ed:f8:a7:2f:9d:d3:53:37:
1d:a4:c5:32:ad:40:d5:c9:e1:c5:bf:91:32:cf:08:
d8:fb:98:a6:14:a3:80:c7:49:ac:77:de:f4:0e:1c:
e3:7a:05:9b:77:b8:20:bb:0d:47:d1:f9:ee:6c:6f:
6e:25:28:68:64:ba:56:39:11:05:6e:47:bf:9d:1d:
06:30:65:c3:54:e7:de:54:99:15:43:b6:8b:c7:8f:
c7:6a:6d:1c:6a:47:06:07:ab:b6:5c:aa:59:89:8c:
a1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:78:84:BA:85:EA:CE:E5:A7:AB:E8:0B:18:AF:1A:D5:20:91:3A:33
X509v3 Authority Key Identifier:
keyid:B3:EF:A7:D6:AE:19:9D:14:58:2D:D4:EC:B9:16:3A:3C:9D:84:17:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF17A/74BB24D23F5D11EF8BF7860EC4F9AE02/s--n1q4ZnRRYLdTsuRY6PJ2EF1k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s--n1q4ZnRRYLdTsuRY6PJ2EF1k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF17A/74BB24D23F5D11EF8BF7860EC4F9AE02/FD6E40624D8A11EF9F3B264CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.20.0/23
Signature Algorithm: sha256WithRSAEncryption
be:91:08:cc:cd:c9:82:56:63:83:4e:06:9d:28:b8:7e:ff:d2:
96:83:cc:81:c6:38:bb:24:b1:7f:2f:4b:13:69:a0:1d:18:67:
10:4c:b3:a3:c4:17:12:02:74:7e:7a:6b:97:07:6b:34:8e:69:
d3:5f:95:e8:a0:5c:60:41:0b:db:d5:24:4b:fa:db:fd:c9:8a:
6b:64:19:d6:ce:91:2a:6a:48:5e:d7:79:81:1d:f8:5c:73:45:
30:43:72:7e:99:9b:9f:00:83:ac:73:57:2d:48:56:ca:0d:38:
74:b9:97:33:ef:dd:d4:36:dc:68:d4:7d:5a:2d:6b:6a:9f:d5:
fd:27:c2:7f:2c:cb:4d:69:5b:04:f7:d7:51:4f:27:e0:71:34:
6f:fb:5e:ee:34:b3:ae:57:d5:ca:28:9b:e9:80:95:6e:6c:6b:
75:4c:5c:5f:c5:8b:07:93:58:47:8b:cd:ce:14:55:f4:9a:1a:
21:8e:58:29:96:c8:99:c2:6d:9a:2b:23:4b:4a:f1:3e:11:4a:
dd:c5:7d:c2:bd:f6:60:f7:25:c2:3d:cb:73:a1:b7:d1:6f:66:
d3:cd:b8:37:59:b1:cf:86:48:65:04:82:00:1d:99:72:da:62:
d7:47:63:26:22:ba:eb:3f:ba:f3:64:59:ba:bf:6d:eb:d7:46:
86:18:33:a5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RjE3QTExMC8GA1UEBRMoQjNFRkE3RDZBRTE5OUQxNDU4MkRENEVDQjkxNjNBM0M5
RDg0MTc1OTAeFw0yNDA3MjkwOTE0NDJaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YTc1ZDgyLWFiYTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6nHoXfj9t8UI0mw+v0lpp5lFQtxcWfbLop8PXThJAGf8LMHYPiYlG6plN/gbe
ae80H2k1d6/TvpKi5d3z/l6xwnGzSuW2vS+cEBOUpp/gojCZncN8QrTXHYYUUS9P
N05PdmrcmXKjFDWZv9PCZkC+QO45AaguWOE2H2szvCQW3dzBN4SoD2sy5b77RUQT
fOvZMfjhBmwBogZ01N7t+KcvndNTNx2kxTKtQNXJ4cW/kTLPCNj7mKYUo4DHSax3
3vQOHON6BZt3uCC7DUfR+e5sb24lKGhkulY5EQVuR7+dHQYwZcNU595UmRVDtovH
j8dqbRxqRwYHq7ZcqlmJjKGlAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUq3iEuoXq
zuWnq+gLGK8a1SCROjMwHwYDVR0jBBgwFoAUs++n1q4ZnRRYLdTsuRY6PJ2EF1kw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGMTdBLzc0QkIyNEQyM0Y1
RDExRUY4QkY3ODYwRUM0RjlBRTAyL3MtLW4xcTRablJSWUxkVHN1Ulk2UEoyRUYx
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvcy0tbjFxNFpuUlJZTGRUc3VSWTZQSjJFRjFrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RjE3QS83NEJCMjREMjNGNUQxMUVGOEJGNzg2MEVDNEY5QUUwMi9GRDZFNDA2MjRE
OEExMUVGOUYzQjI2NENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaAWFDANBgkqhkiG9w0BAQsFAAOCAQEAvpEIzM3JglZjg04G
nSi4fv/SloPMgcY4uySxfy9LE2mgHRhnEEyzo8QXEgJ0fnprlwdrNI5p01+V6KBc
YEEL29UkS/rb/cmKa2QZ1s6RKmpIXtd5gR34XHNFMENyfpmbnwCDrHNXLUhWyg04
dLmXM+/d1DbcaNR9Wi1rap/V/SfCfyzLTWlbBPfXUU8n4HE0b/te7jSzrlfVyiib
6YCVbmxrdUxcX8WLB5NYR4vNzhRV9JoaIY5YKZbImcJtmisjS0rxPhFK3cV9wr32
YPclwj3Lc6G30W9m0824N1mxz4ZIZQSCAB2Zctpi10djJiK66z+682RZur9t69dG
hhgzpQ==
-----END CERTIFICATE-----
Generated at Wed Jul 31 12:12:33 2024 by rpki-client on console-ams.rpki-client.org