Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/389BD49096AD11EF8DD3B535C4F9AE02.roa
File: 389BD49096AD11EF8DD3B535C4F9AE02.roa (raw, json)
Hash identifier: Jc/fsVN10yu+xD7a8W3ty729PyLhHiGB+2lkia2cqgk=
Subject key identifier: A7:08:31:02:26:04:10:6B:F3:8C:3F:96:B9:46:3F:FD:D2:26:BE:32
Certificate issuer: /CN=A91E554A/serialNumber=121AF144D903E3F8897DF0FED2071A164775ED4F
Certificate serial: 35
Authority key identifier: 12:1A:F1:44:D9:03:E3:F8:89:7D:F0:FE:D2:07:1A:16:47:75:ED:4F
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/389BD49096AD11EF8DD3B535C4F9AE02.roa
Signing time: Sat 18 Jan 2025 00:50:32 +0000
ROA not before: Sat 18 Jan 2025 00:50:32 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 153377
IP address blocks: 160.191.80.0/23 maxlen: 23
160.191.80.0/24 maxlen: 24
160.191.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 22:52:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53 (0x35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E554A, serialNumber=121AF144D903E3F8897DF0FED2071A164775ED4F
Validity
Not Before: Jan 18 00:50:32 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=678afad7-ad58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f1:4a:1d:9a:e2:b1:97:c5:db:10:7b:34:7d:
27:3f:36:d0:9b:6e:73:68:d5:cc:f5:c2:7c:f3:c2:
1f:be:d5:c1:bf:1b:a4:39:6e:1b:86:4f:b4:87:ac:
1f:46:4b:41:c7:c8:73:c8:5c:b5:59:42:0d:3c:e5:
54:8b:b2:06:b7:c1:b5:23:dc:67:e5:2f:a8:e6:38:
d8:46:8d:c9:bf:d6:df:a7:58:cd:ff:66:30:f5:3f:
a5:61:7b:c8:7b:03:c2:e2:81:6b:cb:f2:7a:c2:89:
ae:cb:fa:90:1f:69:a6:fe:b8:f8:76:80:2f:f0:e9:
78:71:86:7d:5b:e3:17:1d:1f:dc:ef:f5:aa:62:d8:
bd:60:91:a3:4a:c1:22:e7:f7:d2:ba:18:28:fd:9c:
40:d6:ac:a3:a9:90:35:a5:4d:a4:00:9c:16:d9:ef:
29:23:54:9d:9a:35:3d:7c:17:ab:33:7a:d9:b0:f5:
3b:28:26:82:62:46:73:0b:48:3b:99:6f:e3:3e:51:
cb:a4:36:64:67:46:27:8e:3d:70:26:0c:00:79:25:
5e:d3:69:90:e3:f9:a0:0b:92:43:b1:ae:d9:02:60:
c8:a3:40:8e:8b:e7:ff:1e:4d:35:72:c7:ce:e0:c1:
83:22:a1:d1:85:da:05:4b:69:c2:ab:8b:88:da:49:
fa:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:08:31:02:26:04:10:6B:F3:8C:3F:96:B9:46:3F:FD:D2:26:BE:32
X509v3 Authority Key Identifier:
keyid:12:1A:F1:44:D9:03:E3:F8:89:7D:F0:FE:D2:07:1A:16:47:75:ED:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/389BD49096AD11EF8DD3B535C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.80.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:37:f2:29:1c:52:13:9d:4e:42:9d:4c:ae:e5:66:29:5b:f2:
6c:c7:c2:30:25:4e:ff:f8:f6:05:c7:b7:bf:33:12:6a:cf:4e:
8e:d1:09:d5:7d:37:d7:0b:9b:23:fb:42:dc:e8:f1:6a:bb:06:
c3:e8:16:1a:d1:78:86:bb:20:6a:21:f7:5e:86:b7:0c:5a:52:
34:e4:df:6f:98:58:6a:b4:93:fa:2d:c3:42:6e:53:d6:36:b8:
7e:8c:ae:cc:8f:fe:43:7d:4c:31:41:7a:21:3d:aa:90:27:b6:
ba:34:f3:d8:f7:f7:4e:d6:12:0c:1e:b8:3a:85:ba:ba:08:ba:
01:1b:ed:2c:95:63:60:fd:40:33:d3:a8:f9:ac:1d:fd:93:3c:
74:36:5b:ad:8d:78:5c:40:41:96:d1:51:21:ea:45:7b:bd:e6:
00:42:d9:58:fd:9c:e6:8a:d7:f0:95:71:d9:39:66:4d:cd:82:
52:01:9d:82:c7:e1:30:0e:28:fe:a3:6c:78:ab:d6:e3:14:ad:
3c:0c:07:f9:c1:6d:62:2e:3f:8d:a7:bc:0d:c4:21:ed:48:bb:
3f:1b:ff:00:2b:87:e2:34:03:23:71:93:c2:f6:a4:2e:bf:2c:
9a:58:76:41:83:67:a7:00:96:52:59:9f:27:e0:bf:e4:62:19:
6c:81:93:17
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
NTU0QTExMC8GA1UEBRMoMTIxQUYxNDREOTAzRTNGODg5N0RGMEZFRDIwNzFBMTY0
Nzc1RUQ0RjAeFw0yNTAxMTgwMDUwMzJaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OGFmYWQ3LWFkNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJ8UodmuKxl8XbEHs0fSc/NtCbbnNo1cz1wnzzwh++1cG/G6Q5bhuGT7SHrB9G
S0HHyHPIXLVZQg085VSLsga3wbUj3GflL6jmONhGjcm/1t+nWM3/ZjD1P6Vhe8h7
A8LigWvL8nrCia7L+pAfaab+uPh2gC/w6Xhxhn1b4xcdH9zv9api2L1gkaNKwSLn
99K6GCj9nEDWrKOpkDWlTaQAnBbZ7ykjVJ2aNT18F6szetmw9TsoJoJiRnMLSDuZ
b+M+UcukNmRnRieOPXAmDAB5JV7TaZDj+aALkkOxrtkCYMijQI6L5/8eTTVyx87g
wYMiodGF2gVLacKri4jaSfpVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUpwgxAiYE
EGvzjD+WuUY//dImvjIwHwYDVR0jBBgwFoAUEhrxRNkD4/iJffD+0gcaFkd17U8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU1NTRBLzc5NUU3M0QwOTFG
NzExRUZBREUxMTI2NkM0RjlBRTAyL0VocnhSTmtENF9pSmZmRC0wZ2NhRmtkMTdV
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvRWhyeFJOa0Q0X2lKZmZELTBnY2FGa2QxN1U4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NTU0QS83OTVFNzNEMDkxRjcxMUVGQURFMTEyNjZDNEY5QUUwMi8zODlCRDQ5MDk2
QUQxMUVGOEREM0I1MzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaC/UDANBgkqhkiG9w0BAQsFAAOCAQEASzfyKRxSE51OQp1M
ruVmKVvybMfCMCVO//j2Bce3vzMSas9OjtEJ1X031wubI/tC3OjxarsGw+gWGtF4
hrsgaiH3Xoa3DFpSNOTfb5hYarST+i3DQm5T1ja4foyuzI/+Q31MMUF6IT2qkCe2
ujTz2Pf3TtYSDB64OoW6ugi6ARvtLJVjYP1AM9Oo+awd/ZM8dDZbrY14XEBBltFR
IepFe73mAELZWP2c5orX8JVx2TlmTc2CUgGdgsfhMA4o/qNseKvW4xStPAwH+cFt
Yi4/jae8DcQh7Ui7Pxv/ACuH4jQDI3GTwvakLr8smlh2QYNnpwCWUlmfJ+C/5GIZ
bIGTFw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:13:21 2025 by rpki-client