Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/1AA8B002094911F082267252C4F9AE02.roa
File: 1AA8B002094911F082267252C4F9AE02.roa (raw, json)
Hash identifier: DPIKg9y3Ca7aVg1zpw3rEOv0pIPl+kpe5RiP10dIylg=
Subject key identifier: 0E:AA:E5:A1:24:45:C9:28:F5:81:11:8A:0D:07:04:E1:13:E5:F0:F1
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 2506
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/1AA8B002094911F082267252C4F9AE02.roa
Signing time: Tue 25 Mar 2025 07:17:25 +0000
ROA not before: Tue 25 Mar 2025 07:17:25 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 180.178.152.0/22 maxlen: 24
202.92.19.0/24 maxlen: 24
202.92.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 07:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9478 (0x2506)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Mar 25 07:17:25 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67e25885-973a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f9:76:ed:f0:7f:af:9c:a1:9e:b3:7c:58:21:
60:03:aa:b2:c7:48:f7:51:75:b7:7e:62:f3:b3:d0:
3a:8a:03:4e:a1:76:f0:a7:4f:a1:5d:7f:c9:09:5c:
ec:c6:58:3c:d3:d1:0f:39:e5:85:a9:ec:54:1a:22:
1d:16:eb:00:d4:9d:15:ab:d7:ca:b5:50:e5:ec:be:
62:42:4e:83:32:b7:58:b9:1f:a5:f8:1d:5a:cf:74:
4b:52:12:c0:18:ea:22:18:f4:43:ca:b0:e3:e1:30:
c2:64:1a:ad:70:7e:26:52:fe:9c:33:be:20:79:71:
6b:c3:f2:c6:44:25:ff:aa:b0:8b:13:d6:2f:d0:97:
d7:e5:9a:e8:bd:a8:37:a9:64:36:e9:f5:a5:b9:b0:
26:ad:5f:51:97:4a:e2:fb:a5:fe:e8:bd:32:36:8a:
16:19:20:b1:cb:72:a9:a8:35:df:34:d5:26:49:1c:
0c:8a:eb:e2:26:3f:f4:14:39:e9:88:70:77:9a:ff:
a3:1c:e6:2d:8e:77:2e:b8:1b:d3:6e:96:e7:fb:3b:
d7:66:02:95:c8:09:0b:e0:b6:c1:6c:e1:cc:07:3e:
8a:71:04:d7:7f:19:95:ff:60:af:f6:c8:05:ba:1d:
6d:1a:35:36:68:5e:85:86:96:2c:37:a3:8f:bf:9a:
f3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AA:E5:A1:24:45:C9:28:F5:81:11:8A:0D:07:04:E1:13:E5:F0:F1
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/1AA8B002094911F082267252C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.178.152.0/22
202.92.19.0/24
202.92.21.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:35:10:b5:03:97:f8:cb:23:4e:97:a1:c4:26:d5:ba:fb:7e:
5a:fe:1d:e4:2b:ed:4c:6b:a9:93:3d:89:48:97:8f:4e:36:0e:
2f:b0:fc:5d:c3:95:49:a6:a6:ab:96:78:75:84:8c:77:37:4e:
04:08:49:23:69:38:83:a0:fb:0d:7d:36:d8:69:de:d9:9c:b2:
14:3d:b5:8a:41:eb:65:06:4f:73:5f:30:87:10:4f:75:09:16:
97:60:24:e0:f9:d2:8b:14:b0:3f:76:77:ae:a0:d7:be:e3:48:
27:bf:3c:72:d7:db:f1:e2:64:13:59:8a:11:13:aa:66:1a:ab:
b7:b4:6e:55:7f:ab:26:8d:95:26:43:8e:f5:ca:ed:35:bf:ab:
ec:0d:b3:3c:17:33:a1:49:0f:a9:79:c9:d4:5a:a1:c6:b6:ad:
b6:fc:11:12:fb:1f:ca:fd:77:57:f4:f0:2b:c6:e9:42:f2:fe:
bd:2c:11:83:6b:d4:90:10:36:a2:2e:17:45:2f:cc:d3:65:13:
74:d1:c6:1a:66:1b:aa:e4:ba:8e:c7:0b:86:d9:9f:cd:51:ca:
f5:3c:c3:22:56:92:fe:3b:c2:47:d2:52:46:48:09:2a:56:87:
37:70:17:41:a2:a7:a9:54:9a:5e:ff:4a:1d:c9:a3:d7:33:6e:
5d:3e:39:1f
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICJQYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMzI1MDcxNzI1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UyNTg4NS05NzNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsfl27fB/r5yhnrN8WCFgA6qyx0j3UXW3fmLzs9A6igNOoXbwp0+hXX/JCVzs
xlg809EPOeWFqexUGiIdFusA1J0Vq9fKtVDl7L5iQk6DMrdYuR+l+B1az3RLUhLA
GOoiGPRDyrDj4TDCZBqtcH4mUv6cM74geXFrw/LGRCX/qrCLE9Yv0JfX5Zrovag3
qWQ26fWlubAmrV9Rl0ri+6X+6L0yNooWGSCxy3KpqDXfNNUmSRwMiuviJj/0FDnp
iHB3mv+jHOYtjncuuBvTbpbn+zvXZgKVyAkL4LbBbOHMBz6KcQTXfxmV/2Cv9sgF
uh1tGjU2aF6FhpYsN6OPv5rz9wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFA6q5aEk
Rcko9YERig0HBOET5fDxMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMUFBOEIwMDIw
OTQ5MTFGMDgyMjY3MjUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAK0spgDBADKXBMDBADKXBUwDQYJKoZIhvcNAQELBQADggEB
ALs1ELUDl/jLI06XocQm1br7flr+HeQr7UxrqZM9iUiXj042Di+w/F3DlUmmpquW
eHWEjHc3TgQISSNpOIOg+w19Nthp3tmcshQ9tYpB62UGT3NfMIcQT3UJFpdgJOD5
0osUsD92d66g177jSCe/PHLX2/HiZBNZihETqmYaq7e0blV/qyaNlSZDjvXK7TW/
q+wNszwXM6FJD6l5ydRaoca2rbb8ERL7H8r9d1f08CvG6ULy/r0sEYNr1JAQNqIu
F0UvzNNlE3TRxhpmG6rkuo7HC4bZn81RyvU8wyJWkv47wkfSUkZICSpWhzdwF0Gi
p6lUml7/Sh3Jo9czbl0+OR8=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:16:54 2025 by rpki-client