Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFC94/A8CD016494DA11EF89086D21C4F9AE02/81A61D3294F811EFA0BD2515C4F9AE02.roa
File: 81A61D3294F811EFA0BD2515C4F9AE02.roa (raw, json)
Hash identifier: y/t2YV2D/o9VNgMfjvhCuOA6BodFEK+3QE3KTBBgNrg=
Subject key identifier: 68:49:9E:B2:15:F9:5F:AF:13:8E:FF:DC:E6:85:59:ED:5D:83:AD:47
Certificate issuer: /CN=A91EFC94/serialNumber=653CB8A7510DB9B6C1A27D877D2121E6DF421982
Certificate serial: 03
Authority key identifier: 65:3C:B8:A7:51:0D:B9:B6:C1:A2:7D:87:7D:21:21:E6:DF:42:19:82
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZTy4p1ENubbBon2HfSEh5t9CGYI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EFC94/A8CD016494DA11EF89086D21C4F9AE02/81A61D3294F811EFA0BD2515C4F9AE02.roa
Signing time: Mon 28 Oct 2024 06:47:32 +0000
ROA not before: Mon 28 Oct 2024 06:47:32 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 153379
IP address blocks: 160.191.114.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 06 Nov 2024 13:56:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EFC94/serialNumber=653CB8A7510DB9B6C1A27D877D2121E6DF421982
Validity
Not Before: Oct 28 06:47:32 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=671f3384-eaf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f5:16:c7:c2:d5:d8:f1:8d:48:32:de:47:6c:
5a:af:f7:8f:a4:3d:1d:02:11:ee:e9:98:37:76:a4:
25:af:06:dc:bd:30:80:77:68:8d:08:fb:78:80:5f:
6c:21:66:25:a5:bc:1a:e6:9c:5e:ca:cf:bf:7b:80:
80:23:25:e2:a3:67:1a:9b:d5:84:f4:05:c5:05:77:
e0:1c:39:77:e8:75:68:4c:2a:e6:66:a2:59:3a:7b:
2e:06:68:54:7e:d6:17:63:ae:46:4e:f4:4f:41:44:
8a:a4:c7:38:83:b5:3c:5e:c4:d3:e9:88:68:dc:f7:
c9:c9:b9:26:34:a5:1a:16:d0:01:ed:e1:e8:7a:bc:
ec:bb:62:cf:de:b6:40:af:d3:b6:76:18:7f:d0:b5:
1f:c9:bb:32:f6:aa:70:ee:79:d5:78:bb:60:34:20:
f3:ff:0e:16:0d:24:7f:f7:3d:04:22:2e:f2:12:b6:
fd:ba:d6:bd:7c:c3:53:36:d2:b9:1b:93:df:ae:e8:
28:de:bb:5c:29:90:bf:4f:43:8f:5d:46:78:27:23:
d5:0f:9c:e0:0a:1c:99:6d:4b:77:c6:db:8d:be:ad:
36:d8:79:21:c2:fe:ef:6b:2c:6a:df:96:e5:01:04:
1e:68:71:1a:75:2f:04:ec:d2:1b:b6:9c:51:f1:c6:
90:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:49:9E:B2:15:F9:5F:AF:13:8E:FF:DC:E6:85:59:ED:5D:83:AD:47
X509v3 Authority Key Identifier:
keyid:65:3C:B8:A7:51:0D:B9:B6:C1:A2:7D:87:7D:21:21:E6:DF:42:19:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EFC94/A8CD016494DA11EF89086D21C4F9AE02/ZTy4p1ENubbBon2HfSEh5t9CGYI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZTy4p1ENubbBon2HfSEh5t9CGYI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFC94/A8CD016494DA11EF89086D21C4F9AE02/81A61D3294F811EFA0BD2515C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.114.0/23
Signature Algorithm: sha256WithRSAEncryption
98:b8:91:08:c9:de:b2:3e:1d:73:16:15:7e:c6:26:48:7a:51:
03:08:42:fa:3a:98:a0:a4:fe:fc:e9:71:6a:cf:26:b8:b3:19:
58:4f:0b:26:83:3c:4f:29:60:b0:ec:d2:ca:bf:f9:83:91:3c:
21:3f:50:31:fc:85:86:7f:b3:56:91:b4:9e:d1:83:dd:6f:ba:
f5:1d:d5:86:4b:21:a3:d5:82:9a:d6:18:b5:b6:40:a7:bd:43:
96:60:77:20:83:a4:a3:52:98:ed:3b:83:f3:26:b6:cb:eb:bc:
b4:7f:d6:21:9c:f2:64:29:e1:3b:16:ea:03:6b:e5:5b:d6:c7:
7a:cb:60:e2:36:29:e0:63:cc:c1:a7:f9:e1:8a:fb:2f:72:91:
0c:4d:b3:e9:49:08:dd:24:5b:df:3b:e0:1f:cb:d9:c5:4a:e2:
f5:9d:b4:67:4c:92:be:9f:06:56:7d:c9:76:85:ad:5f:49:75:
27:e8:5b:05:00:87:0e:4a:0a:d7:37:17:f3:90:8b:d7:7c:2f:
c7:50:58:5e:6a:7e:df:46:55:af:59:4d:e1:97:a7:bc:bc:88:
4f:a4:0d:4e:37:72:12:a9:25:61:96:3d:a7:58:4f:9e:7b:49:
5d:33:aa:ff:2e:ab:0d:db:28:31:bd:46:c2:46:6a:4c:5f:2f:
f7:57:f3:30
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RkM5NDExMC8GA1UEBRMoNjUzQ0I4QTc1MTBEQjlCNkMxQTI3RDg3N0QyMTIxRTZE
RjQyMTk4MjAeFw0yNDEwMjgwNjQ3MzJaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MWYzMzg0LWVhZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDd9RbHwtXY8Y1IMt5HbFqv94+kPR0CEe7pmDd2pCWvBty9MIB3aI0I+3iAX2wh
ZiWlvBrmnF7Kz797gIAjJeKjZxqb1YT0BcUFd+AcOXfodWhMKuZmolk6ey4GaFR+
1hdjrkZO9E9BRIqkxziDtTxexNPpiGjc98nJuSY0pRoW0AHt4eh6vOy7Ys/etkCv
07Z2GH/QtR/JuzL2qnDuedV4u2A0IPP/DhYNJH/3PQQiLvIStv261r18w1M20rkb
k9+u6Cjeu1wpkL9PQ49dRngnI9UPnOAKHJltS3fG242+rTbYeSHC/u9rLGrfluUB
BB5ocRp1LwTs0hu2nFHxxpDDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUaEmeshX5
X68Tjv/c5oVZ7V2DrUcwHwYDVR0jBBgwFoAUZTy4p1ENubbBon2HfSEh5t9CGYIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGQzk0L0E4Q0QwMTY0OTRE
QTExRUY4OTA4NkQyMUM0RjlBRTAyL1pUeTRwMUVOdWJiQm9uMkhmU0VoNXQ5Q0dZ
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvWlR5NHAxRU51YmJCb24ySGZTRWg1dDlDR1lJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RkM5NC9BOENEMDE2NDk0REExMUVGODkwODZEMjFDNEY5QUUwMi84MUE2MUQzMjk0
RjgxMUVGQTBCRDI1MTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC/cjANBgkqhkiG9w0BAQsFAAOCAQEAmLiRCMnesj4dcxYV
fsYmSHpRAwhC+jqYoKT+/Olxas8muLMZWE8LJoM8TylgsOzSyr/5g5E8IT9QMfyF
hn+zVpG0ntGD3W+69R3Vhksho9WCmtYYtbZAp71DlmB3IIOko1KY7TuD8ya2y+u8
tH/WIZzyZCnhOxbqA2vlW9bHestg4jYp4GPMwaf54Yr7L3KRDE2z6UkI3SRb3zvg
H8vZxUri9Z20Z0ySvp8GVn3JdoWtX0l1J+hbBQCHDkoK1zcX85CL13wvx1BYXmp+
30ZVr1lN4ZenvLyIT6QNTjdyEqklYZY9p1hPnntJXTOq/y6rDdsoMb1GwkZqTF8v
91fzMA==
-----END CERTIFICATE-----
Generated at Wed Nov 6 17:42:03 2024 by rpki-client on console-ams.rpki-client.org