Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/23C019C6D3C711EF9C434B72C4F9AE02.roa
File: 23C019C6D3C711EF9C434B72C4F9AE02.roa (raw, json)
Hash identifier: KSfSMBsjN3ZhR7F+3zZApBvUJpVHFatu0fIBUrgOLgs=
Subject key identifier: 2E:9F:94:E2:65:88:FF:52:D6:E4:69:11:79:66:85:39:71:F9:20:40
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 21D8
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/23C019C6D3C711EF9C434B72C4F9AE02.roa
Signing time: Thu 16 Jan 2025 05:02:52 +0000
ROA not before: Thu 16 Jan 2025 05:02:52 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 43.226.225.0/24 maxlen: 24
43.226.226.0/24 maxlen: 24
43.226.227.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.230.0/24 maxlen: 24
113.203.241.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.248.0/24 maxlen: 24
113.203.252.0/24 maxlen: 24
113.203.253.0/24 maxlen: 24
113.203.254.0/24 maxlen: 24
115.167.6.0/24 maxlen: 24
115.167.15.0/24 maxlen: 24
115.167.16.0/22 maxlen: 24
115.167.29.0/24 maxlen: 24
115.167.30.0/24 maxlen: 24
115.167.31.0/24 maxlen: 24
115.167.64.0/24 maxlen: 24
115.167.66.0/24 maxlen: 24
115.167.73.0/24 maxlen: 24
115.167.76.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
115.167.102.0/24 maxlen: 24
115.167.118.0/24 maxlen: 24
115.167.119.0/24 maxlen: 24
115.167.122.0/24 maxlen: 24
115.167.123.0/24 maxlen: 24
115.167.124.0/24 maxlen: 24
175.110.64.0/22 maxlen: 24
175.110.89.0/24 maxlen: 24
175.110.97.0/24 maxlen: 24
175.110.98.0/24 maxlen: 24
175.110.104.0/24 maxlen: 24
175.110.105.0/24 maxlen: 24
175.110.106.0/24 maxlen: 24
175.110.107.0/24 maxlen: 24
175.110.109.0/24 maxlen: 24
175.110.110.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
202.92.18.0/24 maxlen: 24
202.92.20.0/24 maxlen: 24
223.29.228.0/24 maxlen: 24
223.29.229.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.231.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 09:43:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8664 (0x21d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Jan 16 05:02:52 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=678892fc-c5f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:95:84:b1:c6:e4:fc:e1:09:0d:97:b7:b5:93:
42:7a:e0:72:53:bf:df:98:da:ff:07:cf:44:f8:13:
68:d6:d4:65:46:94:b1:76:25:3b:03:68:f1:20:cb:
e3:aa:79:72:01:e9:11:9a:ad:3f:75:c4:8c:03:53:
bf:17:35:3c:ca:c1:d4:6b:8b:52:7c:0b:7f:af:1b:
7e:f1:bc:65:7b:b1:66:86:eb:69:0b:71:45:eb:d6:
0d:4c:17:38:23:46:12:51:80:0f:33:0f:d4:1b:c2:
65:8b:2e:f0:3b:99:a0:14:0e:f0:48:4d:1f:42:62:
e0:2b:55:a5:c5:0d:03:5e:00:4e:8f:e6:3e:c0:58:
58:02:4f:70:75:81:6a:a0:c9:c4:80:04:ff:29:18:
6e:19:91:0a:a0:dc:ba:2c:7d:84:b7:8b:72:4e:cf:
20:96:c5:31:86:a6:a2:a3:d0:21:e9:ce:c0:fe:14:
cb:3e:d0:cf:5b:f9:02:40:ad:44:5b:1b:e8:e7:48:
03:eb:93:77:dd:f1:79:10:6f:eb:09:42:83:67:bf:
81:05:bf:2c:b2:cc:53:d4:f1:8d:40:f5:c6:9f:46:
02:b9:be:cd:fa:14:98:88:a6:67:78:9e:c4:ef:a2:
20:e9:ce:64:04:ab:8f:fd:da:84:87:68:1a:79:03:
f3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:9F:94:E2:65:88:FF:52:D6:E4:69:11:79:66:85:39:71:F9:20:40
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/23C019C6D3C711EF9C434B72C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.225.0-43.226.227.255
113.203.224.0-113.203.230.255
113.203.241.0-113.203.244.255
113.203.248.0/24
113.203.252.0-113.203.254.255
115.167.6.0/24
115.167.15.0-115.167.19.255
115.167.29.0-115.167.31.255
115.167.64.0/24
115.167.66.0/24
115.167.73.0/24
115.167.76.0/24
115.167.78.0/24
115.167.102.0/24
115.167.118.0/23
115.167.122.0-115.167.124.255
175.110.64.0/22
175.110.89.0/24
175.110.97.0-175.110.98.255
175.110.104.0/22
175.110.109.0-175.110.111.255
202.92.18.0/24
202.92.20.0/24
223.29.228.0/22
223.29.235.0/24
223.29.237.0-223.29.239.255
Signature Algorithm: sha256WithRSAEncryption
5f:ba:1e:7d:8f:2f:c3:c5:bb:5f:47:fb:fe:85:4e:b8:9e:e3:
c2:f3:37:9f:81:98:4f:31:07:e2:58:27:f5:f4:6c:58:bf:a0:
0b:e8:5d:1c:8a:47:2f:2c:d0:06:f4:94:63:91:95:e4:8b:a1:
bf:05:1f:72:06:52:5e:ab:8e:a5:d1:06:1d:e8:37:bd:7f:41:
19:b0:6e:42:f0:88:c4:65:c4:49:91:89:4b:24:4f:12:44:4c:
52:29:2b:8c:df:dd:e6:9e:e9:15:01:d8:1f:5a:aa:97:da:26:
b4:c2:a9:6b:fb:7d:ab:d4:f5:84:ad:45:0b:15:68:f6:05:8e:
69:0d:d0:7c:62:c8:24:70:ed:14:97:87:24:d3:e1:d9:fe:32:
d8:e8:53:81:ba:97:40:2b:42:cc:fa:04:b4:6d:c6:c0:85:ca:
cb:dc:d7:76:8a:55:25:3f:13:17:34:41:10:4b:1b:2c:e4:b3:
62:5e:0d:a0:b4:98:09:53:3f:1b:12:01:b8:29:61:a5:43:b9:
89:72:fc:42:7b:5a:9b:f5:bc:12:35:54:ba:31:80:1e:6d:f6:
b2:d4:7e:c6:06:f0:3b:64:0f:f7:8c:d1:3a:58:63:93:46:c0:
63:36:d8:75:28:be:c9:be:7c:8f:82:cf:34:d2:b6:5a:2a:c4:
c6:82:86:8b
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgICIdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMTE2MDUwMjUyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg4OTJmYy1jNWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtpWEscbk/OEJDZe3tZNCeuByU7/fmNr/B89E+BNo1tRlRpSxdiU7A2jxIMvj
qnlyAekRmq0/dcSMA1O/FzU8ysHUa4tSfAt/rxt+8bxle7FmhutpC3FF69YNTBc4
I0YSUYAPMw/UG8Jliy7wO5mgFA7wSE0fQmLgK1WlxQ0DXgBOj+Y+wFhYAk9wdYFq
oMnEgAT/KRhuGZEKoNy6LH2Et4tyTs8glsUxhqaio9Ah6c7A/hTLPtDPW/kCQK1E
Wxvo50gD65N33fF5EG/rCUKDZ7+BBb8sssxT1PGNQPXGn0YCub7N+hSYiKZneJ7E
76Ig6c5kBKuP/dqEh2gaeQPzPwIDAQABo4IDgTCCA30wHQYDVR0OBBYEFC6flOJl
iP9S1uRpEXlmhTlx+SBAMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMjNDMDE5QzZE
M0M3MTFFRjlDNDM0QjcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEJBggrBgEFBQcBBwEB
/wSB+TCB9jCB8wQCAAEwgewwDAMEACvi4QMEAivi4DAMAwQFccvgAwQAccvmMAwD
BABxy/EDBABxy/QDBABxy/gwDAMEAnHL/AMEAHHL/gMEAHOnBjAMAwQAc6cPAwQC
c6cQMAwDBABzpx0DBAVzpwADBABzp0ADBABzp0IDBABzp0kDBABzp0wDBABzp04D
BABzp2YDBAFzp3YwDAMEAXOnegMEAHOnfAMEAq9uQAMEAK9uWTAMAwQAr25hAwQA
r25iAwQCr25oMAwDBACvbm0DBASvbmADBADKXBIDBADKXBQDBALfHeQDBADfHesw
DAMEAN8d7QMEBN8d4DANBgkqhkiG9w0BAQsFAAOCAQEAX7oefY8vw8W7X0f7/oVO
uJ7jwvM3n4GYTzEH4lgn9fRsWL+gC+hdHIpHLyzQBvSUY5GV5IuhvwUfcgZSXquO
pdEGHeg3vX9BGbBuQvCIxGXESZGJSyRPEkRMUikrjN/d5p7pFQHYH1qql9omtMKp
a/t9q9T1hK1FCxVo9gWOaQ3QfGLIJHDtFJeHJNPh2f4y2OhTgbqXQCtCzPoEtG3G
wIXKy9zXdopVJT8TFzRBEEsbLOSzYl4NoLSYCVM/GxIBuClhpUO5iXL8Qntam/W8
EjVUujGAHm32stR+xgbwO2QP94zROlhjk0bAYzbYdSi+yb58j4LPNNK2WirExoKG
iw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:48:25 2025 by rpki-client