Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/0E7974569C2A11EFBECD4A2AC4F9AE02.roa
File: 0E7974569C2A11EFBECD4A2AC4F9AE02.roa (raw, json)
Hash identifier: iIK36xbU2Jk5KW2axW1m1v9VUXRMhwfHPTkHrLjIWrk=
Subject key identifier: DD:FA:7F:DF:21:CE:36:46:D2:88:75:DD:25:5E:97:F4:B1:84:2F:80
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1B8F
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/0E7974569C2A11EFBECD4A2AC4F9AE02.roa
Signing time: Wed 06 Nov 2024 10:33:08 +0000
ROA not before: Wed 06 Nov 2024 10:33:08 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 62425
IP address blocks: 113.203.215.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
115.167.50.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 07:06:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7055 (0x1b8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Nov 6 10:33:08 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=672b45e4-cd47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8f:e4:ea:82:14:ec:8b:99:07:a5:89:ad:15:
7f:1a:59:20:0b:ac:bb:b9:e4:7c:af:69:09:15:db:
a2:09:02:fa:d9:b5:54:58:8a:27:6a:b9:d4:44:0a:
a6:04:10:30:13:09:fb:26:e3:25:f1:55:ad:a6:30:
b0:43:81:d5:60:d3:5e:ad:71:fa:c3:0d:0a:91:85:
66:da:ab:c5:7f:8b:45:4f:8b:57:8d:1f:3f:af:a3:
9c:ac:26:f7:39:a3:fa:7e:52:d6:dc:eb:90:a6:00:
f9:8d:ed:98:67:21:94:96:75:b0:9b:5a:53:2c:68:
d4:06:75:a4:ee:f6:28:b1:51:3f:f1:d1:8a:6f:dc:
ba:d4:d6:2f:8f:d5:c3:c7:47:02:5c:26:9c:fd:31:
7c:6b:2e:65:7b:1d:b8:cb:1c:28:0a:02:f8:b2:25:
11:10:cc:03:6c:a8:75:a6:7a:e6:8c:94:c1:ea:ef:
3c:f2:60:d4:73:28:7e:19:8d:93:c8:6b:15:1a:66:
2c:dd:3f:1f:33:80:29:53:59:2b:9e:ac:b4:fe:df:
bd:f2:c1:9f:a1:b6:9f:84:d0:24:5d:7a:7d:c2:db:
fe:c6:75:82:8c:4d:d4:2b:ce:ba:30:de:2c:1c:01:
20:5e:e6:3b:71:ca:7f:47:b3:84:e3:31:50:ce:22:
91:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FA:7F:DF:21:CE:36:46:D2:88:75:DD:25:5E:97:F4:B1:84:2F:80
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/0E7974569C2A11EFBECD4A2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.215.0/24
113.203.219.0/24
113.203.222.0/24
115.167.50.0/24
180.178.150.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:04:2c:45:c5:81:47:3d:12:cb:44:e8:b8:05:13:5c:6d:d5:
9f:8b:d6:cb:eb:15:91:3f:5c:d0:e9:98:42:ce:47:2c:21:e7:
f0:18:41:6f:cf:7d:e4:0b:46:3f:70:f7:50:52:85:b3:84:a8:
19:3e:10:51:5e:98:74:d0:61:00:d0:7a:6b:2a:fc:53:d0:a1:
a7:d9:6b:5c:70:fa:b5:77:e5:0a:d8:4a:7d:5b:1a:71:c2:d1:
36:a4:db:73:ce:4e:9a:e0:7a:88:9c:d8:e0:19:dd:2a:2e:f5:
c9:b0:b3:d5:56:ab:8c:24:ca:89:57:39:70:cc:16:77:c8:43:
f4:43:98:9b:dc:f2:d8:40:e2:7b:53:e3:bc:ab:95:90:77:c6:
54:74:c0:ef:4e:ce:94:24:4a:41:66:cd:dd:97:3b:5c:5c:19:
a5:f8:03:38:28:ca:52:b8:ac:72:b4:ea:67:02:4e:fe:5e:aa:
53:32:26:43:80:8b:43:8c:c0:59:78:2f:ec:6b:ef:c3:6c:e2:
7d:72:ed:c6:89:2d:69:4d:76:33:d3:eb:8c:50:4b:ea:c4:8e:
fa:3c:69:15:68:21:67:c5:05:f9:23:76:de:61:2b:50:d6:e6:
df:3d:eb:6a:36:22:0a:06:3f:06:87:01:9c:4d:25:50:35:5a:
f9:e3:2a:60
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICG48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMTA2MTAzMzA4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiNDVlNC1jZDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsI/k6oIU7IuZB6WJrRV/GlkgC6y7ueR8r2kJFduiCQL62bVUWIonarnURAqm
BBAwEwn7JuMl8VWtpjCwQ4HVYNNerXH6ww0KkYVm2qvFf4tFT4tXjR8/r6OcrCb3
OaP6flLW3OuQpgD5je2YZyGUlnWwm1pTLGjUBnWk7vYosVE/8dGKb9y61NYvj9XD
x0cCXCac/TF8ay5lex24yxwoCgL4siUREMwDbKh1pnrmjJTB6u888mDUcyh+GY2T
yGsVGmYs3T8fM4ApU1krnqy0/t+98sGfobafhNAkXXp9wtv+xnWCjE3UK866MN4s
HAEgXuY7ccp/R7OE4zFQziKRXQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFN36f98h
zjZG0oh13SVel/SxhC+AMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMEU3OTc0NTY5
QzJBMTFFRkJFQ0Q0QTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBABxy9cDBABxy9sDBABxy94DBABzpzIDBAC0spYwDQYJKoZI
hvcNAQELBQADggEBAG8ELEXFgUc9EstE6LgFE1xt1Z+L1svrFZE/XNDpmELORywh
5/AYQW/PfeQLRj9w91BShbOEqBk+EFFemHTQYQDQemsq/FPQoafZa1xw+rV35QrY
Sn1bGnHC0Tak23POTprgeoic2OAZ3Sou9cmws9VWq4wkyolXOXDMFnfIQ/RDmJvc
8thA4ntT47yrlZB3xlR0wO9OzpQkSkFmzd2XO1xcGaX4AzgoylK4rHK06mcCTv5e
qlMyJkOAi0OMwFl4L+xr78Ns4n1y7caJLWlNdjPT64xQS+rEjvo8aRVoIWfFBfkj
dt5hK1DW5t8962o2IgoGPwaHAZxNJVA1WvnjKmA=
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:53:23 2025 by rpki-client