Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/1E7C2A16735711EF9CC23E0CC4F9AE02.roa
File: 1E7C2A16735711EF9CC23E0CC4F9AE02.roa (raw, json)
Hash identifier: p83bxt2C/kKK5hT/bh9e42a19+OI/6Q7j7bC7ZliPQ8=
Subject key identifier: C5:AC:9F:5B:03:32:8A:29:B1:AA:9B:58:36:5C:50:97:64:2C:67:B3
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1629
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/1E7C2A16735711EF9CC23E0CC4F9AE02.roa
Signing time: Sun 15 Sep 2024 11:39:08 +0000
ROA not before: Sun 15 Sep 2024 11:39:08 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 113.203.223.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.228.0/22 maxlen: 22
113.203.248.0/22 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.146.0/24 maxlen: 24
180.178.152.0/21 maxlen: 24
180.178.165.0/24 maxlen: 24
180.178.166.0/24 maxlen: 24
180.178.167.0/24 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.176.0/22 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 10:57:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5673 (0x1629)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Sep 15 11:39:08 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66e6c75c-4426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:24:55:c9:96:56:5a:e4:fe:4d:c8:32:9a:50:
d4:ca:5f:e7:82:a1:41:a0:b5:9e:de:a9:1b:2d:c9:
ef:27:8c:39:98:d5:84:0f:11:df:b7:d6:d8:7b:49:
97:7e:29:ed:46:84:a2:8d:35:07:19:78:62:9b:2c:
32:cd:1d:1c:cd:b8:c8:c3:d2:42:6e:58:36:62:bd:
ce:ad:3b:94:1b:7d:45:5c:bd:69:87:33:73:d6:70:
3d:44:28:c7:c1:cf:85:3f:35:82:b4:1b:cf:d5:2a:
bf:19:53:92:9e:7b:11:ed:94:0f:09:35:14:27:a6:
7b:78:67:ff:8e:79:d1:22:8c:a4:bf:53:d3:67:77:
1e:eb:08:dc:04:99:43:8b:1c:4c:ac:55:90:56:f6:
70:43:96:46:92:17:72:cf:35:aa:f6:c9:3c:ca:44:
52:7d:4b:47:04:05:6e:ba:33:fc:ad:c4:a0:5a:b0:
0e:25:c6:c1:fa:ed:58:fb:ea:c8:ff:cb:6a:cc:89:
6a:50:11:bf:92:63:7d:31:e3:1f:66:57:16:3d:88:
d1:7e:eb:78:f0:bb:18:33:de:68:5a:ab:3a:01:96:
67:31:f8:08:62:9f:b8:8d:47:f6:44:55:2e:a9:a2:
2b:60:a4:bd:76:05:59:d6:99:a2:33:aa:8f:0a:ee:
8b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:AC:9F:5B:03:32:8A:29:B1:AA:9B:58:36:5C:50:97:64:2C:67:B3
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/1E7C2A16735711EF9CC23E0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.223.0-113.203.226.255
113.203.228.0/22
113.203.248.0/22
180.178.144.0/24
180.178.146.0/24
180.178.152.0/21
180.178.165.0-180.178.168.255
180.178.176.0/22
223.29.235.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
2b:71:82:79:89:75:58:5a:84:87:7d:0b:fc:33:f0:f2:5a:5f:
bf:2d:14:ee:ea:b9:2c:4f:54:89:fb:90:3b:9f:b1:c9:47:e2:
4f:e1:f1:ab:e6:99:43:5f:2d:15:11:bd:6c:0f:21:45:e7:7d:
54:2d:3f:72:cc:b0:02:4c:f9:0b:55:fe:21:91:40:50:f3:30:
ff:16:ea:57:0f:1b:9f:b9:dc:31:99:fe:64:43:50:7c:31:e9:
a5:65:ef:cd:96:72:08:5c:0e:41:e9:95:f7:0b:1b:d1:da:d3:
1a:b7:e8:13:f3:73:4f:e6:d8:fc:70:52:8b:18:d1:03:dd:eb:
c4:ff:93:86:9a:e7:9b:53:a6:40:05:0c:66:2e:fb:30:c2:87:
29:85:b7:45:4e:b3:17:4f:73:3e:eb:7b:bb:72:9d:1e:00:d7:
3a:68:b0:d7:4f:78:cb:5e:88:f0:8d:7f:05:f2:48:af:d5:7d:
17:68:a0:e9:93:62:bb:3b:b2:25:12:42:05:d2:6b:34:0b:1c:
5f:2d:d1:ee:1d:d7:17:3e:8b:56:d0:77:5a:d2:12:22:7d:ed:
80:f7:b3:b6:d3:8d:61:91:d4:75:dc:26:01:67:4e:20:5f:c5:
cd:b3:67:5f:b2:2b:18:7e:df:cd:51:43:a1:78:80:c8:e4:5a:
35:a1:35:f9
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICFikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwOTE1MTEzOTA4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmU2Yzc1Yy00NDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0SRVyZZWWuT+TcgymlDUyl/ngqFBoLWe3qkbLcnvJ4w5mNWEDxHft9bYe0mX
fintRoSijTUHGXhimywyzR0czbjIw9JCblg2Yr3OrTuUG31FXL1phzNz1nA9RCjH
wc+FPzWCtBvP1Sq/GVOSnnsR7ZQPCTUUJ6Z7eGf/jnnRIoykv1PTZ3ce6wjcBJlD
ixxMrFWQVvZwQ5ZGkhdyzzWq9sk8ykRSfUtHBAVuujP8rcSgWrAOJcbB+u1Y++rI
/8tqzIlqUBG/kmN9MeMfZlcWPYjRfut48LsYM95oWqs6AZZnMfgIYp+4jUf2RFUu
qaIrYKS9dgVZ1pmiM6qPCu6LlwIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFMWsn1sD
MoopsaqbWDZcUJdkLGezMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMUU3QzJBMTY3
MzU3MTFFRjlDQzIzRTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMFQEAgABME4wDAMEAHHL3wMEAHHL4gMEAnHL5AMEAnHL+AMEALSykAMEALSy
kgMEA7SymDAMAwQAtLKlAwQAtLKoAwQCtLKwMAwDBADfHesDBADfHe4wDQYJKoZI
hvcNAQELBQADggEBACtxgnmJdVhahId9C/wz8PJaX78tFO7quSxPVIn7kDufsclH
4k/h8avmmUNfLRURvWwPIUXnfVQtP3LMsAJM+QtV/iGRQFDzMP8W6lcPG5+53DGZ
/mRDUHwx6aVl782WcghcDkHplfcLG9Ha0xq36BPzc0/m2PxwUosY0QPd68T/k4aa
55tTpkAFDGYu+zDChymFt0VOsxdPcz7re7tynR4A1zposNdPeMteiPCNfwXySK/V
fRdooOmTYrs7siUSQgXSazQLHF8t0e4d1xc+i1bQd1rSEiJ97YD3s7bTjWGR1HXc
JgFnTiBfxc2zZ1+yKxh+381RQ6F4gMjkWjWhNfk=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:21:47 2025 by rpki-client