Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/3AA2CDDAC67711EF9919A671C4F9AE02.roa
File: 3AA2CDDAC67711EF9919A671C4F9AE02.roa (raw, json)
Hash identifier: GhlReizcC7RY0wCBsU+80pJuulN67B+M5NiRoPYcyLw=
Subject key identifier: 86:EB:B2:7D:A7:04:B8:0E:F8:FE:F3:E1:10:1B:9D:97:7F:64:A1:29
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 2043
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/3AA2CDDAC67711EF9919A671C4F9AE02.roa
Signing time: Mon 30 Dec 2024 06:28:06 +0000
ROA not before: Mon 30 Dec 2024 06:28:06 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 43.226.224.0/24 maxlen: 24
43.226.225.0/24 maxlen: 24
43.226.226.0/24 maxlen: 24
43.226.227.0/24 maxlen: 24
103.151.27.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
115.167.3.0/24 maxlen: 24
115.167.5.0/24 maxlen: 24
115.167.9.0/24 maxlen: 24
115.167.12.0/22 maxlen: 24
115.167.28.0/24 maxlen: 24
115.167.52.0/24 maxlen: 24
115.167.53.0/24 maxlen: 24
115.167.54.0/24 maxlen: 24
115.167.55.0/24 maxlen: 24
115.167.101.0/24 maxlen: 24
115.167.103.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
180.178.165.0/24 maxlen: 24
180.178.167.0/24 maxlen: 24
180.178.168.0/24 maxlen: 24
223.29.231.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 10:34:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8259 (0x2043)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Dec 30 06:28:06 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67723d76-340d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:81:11:44:29:ef:2b:4a:dd:82:89:c1:95:41:
8d:e5:99:30:32:2b:ee:2e:7f:fb:e9:19:06:32:14:
bc:c9:d6:76:53:40:b9:2b:1d:9f:a7:fe:a5:84:a4:
de:62:7a:f5:87:ad:a3:30:48:5f:b8:86:3d:1b:5a:
d9:42:eb:85:e0:32:c8:28:b1:d4:0b:3e:ca:87:34:
dc:7b:55:6e:9b:74:42:67:2c:aa:c6:f2:c7:15:98:
82:5a:02:97:a3:10:94:79:ec:dc:90:da:fb:9f:b6:
20:84:27:a4:2e:ab:be:88:33:32:a9:e4:25:04:13:
9f:ef:46:3b:41:51:46:65:bd:40:c8:6e:da:a7:bd:
8d:15:9e:92:a7:ec:8c:77:7e:fe:be:48:8d:7b:f0:
bb:06:83:21:07:37:1f:66:8c:eb:3a:0f:13:12:a2:
78:39:cd:0b:63:21:27:33:4f:05:b2:42:f1:19:de:
60:cf:0c:5d:0f:73:a1:fa:e7:f4:fc:0d:8d:99:d0:
0f:1e:5b:c6:50:3e:87:fe:83:1c:94:a5:8f:7f:96:
39:3a:f9:c7:1a:4b:8f:fc:f1:02:ca:3d:f1:d4:3b:
5a:2d:20:51:92:74:b1:05:7a:19:48:90:c6:87:10:
04:5c:43:45:fe:60:26:9b:50:60:0b:d9:cb:87:75:
ef:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:EB:B2:7D:A7:04:B8:0E:F8:FE:F3:E1:10:1B:9D:97:7F:64:A1:29
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/3AA2CDDAC67711EF9919A671C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.224.0/22
103.151.27.0/24
113.203.224.0/23
113.203.227.0/24
113.203.243.0/24
115.167.3.0/24
115.167.5.0/24
115.167.9.0/24
115.167.12.0/22
115.167.28.0/24
115.167.52.0/22
115.167.101.0/24
115.167.103.0/24
175.110.111.0/24
180.178.165.0/24
180.178.167.0-180.178.168.255
223.29.231.0/24
223.29.235.0/24
223.29.237.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
11:2e:34:db:9c:60:0c:7c:a9:12:57:99:cf:01:e9:ab:37:b5:
e0:ad:6e:7e:d0:07:10:84:f8:e1:11:10:bd:b4:34:e2:4a:4c:
55:40:42:3d:18:c6:39:0a:af:57:4e:32:f5:9b:e0:67:eb:06:
54:27:1d:3b:e7:7d:b7:27:4e:06:f7:08:05:1a:d5:d7:cb:ea:
36:67:6e:d3:63:bb:1f:ee:fb:c7:4f:aa:80:ae:46:29:3a:76:
d1:20:f9:54:48:3b:5c:6e:80:37:84:eb:95:4b:90:91:98:d9:
51:54:12:91:8a:2b:af:cd:61:c8:8a:43:6b:66:e2:1d:ee:af:
f6:a6:36:84:b0:2a:f8:7d:f5:82:51:71:62:67:47:dd:fe:a8:
3b:4c:3f:53:32:06:b8:22:20:c9:85:30:c4:7f:72:df:a2:7e:
c3:b2:8b:8b:00:fb:f4:3e:4e:d5:32:9d:50:7f:19:72:b6:19:
6c:7b:ff:b2:be:d1:c5:ae:ad:3b:38:c4:f7:b6:ef:9c:4a:6c:
a2:9e:18:9e:94:5f:5a:21:59:6a:74:91:78:a6:f2:ce:22:73:
8b:a4:15:10:2f:e3:a2:c6:9f:80:18:ab:a4:8a:2e:ed:91:12:
ca:ac:9d:a7:73:c4:35:66:70:e1:fd:30:09:21:cc:58:71:e1:
da:74:b5:15
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgICIEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMjMwMDYyODA2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcyM2Q3Ni0zNDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9IERRCnvK0rdgonBlUGN5ZkwMivuLn/76RkGMhS8ydZ2U0C5Kx2fp/6lhKTe
Ynr1h62jMEhfuIY9G1rZQuuF4DLIKLHUCz7KhzTce1Vum3RCZyyqxvLHFZiCWgKX
oxCUeezckNr7n7YghCekLqu+iDMyqeQlBBOf70Y7QVFGZb1AyG7ap72NFZ6Sp+yM
d37+vkiNe/C7BoMhBzcfZozrOg8TEqJ4Oc0LYyEnM08FskLxGd5gzwxdD3Oh+uf0
/A2NmdAPHlvGUD6H/oMclKWPf5Y5OvnHGkuP/PECyj3x1DtaLSBRknSxBXoZSJDG
hxAEXENF/mAmm1BgC9nLh3XvGwIDAQABo4IDFjCCAxIwHQYDVR0OBBYEFIbrsn2n
BLgO+P7z4RAbnZd/ZKEpMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvM0FBMkNEREFD
Njc3MTFFRjk5MTlBNjcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ8GCCsGAQUFBwEHAQH/
BIGPMIGMMIGJBAIAATCBggMEAivi4AMEAGeXGwMEAXHL4AMEAHHL4wMEAHHL8wME
AHOnAwMEAHOnBQMEAHOnCQMEAnOnDAMEAHOnHAMEAnOnNAMEAHOnZQMEAHOnZwME
AK9ubwMEALSypTAMAwQAtLKnAwQAtLKoAwQA3x3nAwQA3x3rMAwDBADfHe0DBADf
He4wDQYJKoZIhvcNAQELBQADggEBABEuNNucYAx8qRJXmc8B6as3teCtbn7QBxCE
+OEREL20NOJKTFVAQj0YxjkKr1dOMvWb4GfrBlQnHTvnfbcnTgb3CAUa1dfL6jZn
btNjux/u+8dPqoCuRik6dtEg+VRIO1xugDeE65VLkJGY2VFUEpGKK6/NYciKQ2tm
4h3ur/amNoSwKvh99YJRcWJnR93+qDtMP1MyBrgiIMmFMMR/ct+ifsOyi4sA+/Q+
TtUynVB/GXK2GWx7/7K+0cWurTs4xPe275xKbKKeGJ6UX1ohWWp0kXim8s4ic4uk
FRAv46LGn4AYq6SKLu2REsqsnadzxDVmcOH9MAkhzFhx4dp0tRU=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:07:29 2025 by rpki-client