Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/3B3753E0F82411EFB9CCC76BC4F9AE02.roa
File: 3B3753E0F82411EFB9CCC76BC4F9AE02.roa (raw, json)
Hash identifier: Hg2bNMn29zyVeCTAdrJTrGVhQKQUPGYxFERmTcmocA4=
Subject key identifier: B0:FD:B2:99:A7:FB:9C:57:91:65:1D:3D:5F:63:23:B3:5E:FF:3B:42
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 249C
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/3B3753E0F82411EFB9CCC76BC4F9AE02.roa
Signing time: Tue 11 Mar 2025 08:42:12 +0000
ROA not before: Tue 11 Mar 2025 08:42:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 103.151.26.0/24 maxlen: 24
115.167.6.0/24 maxlen: 24
115.167.15.0/24 maxlen: 24
115.167.28.0/24 maxlen: 24
115.167.50.0/24 maxlen: 24
115.167.101.0/24 maxlen: 24
115.167.117.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 08:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9372 (0x249c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Mar 11 08:42:12 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67cff764-76c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2c:a5:68:b4:9b:49:50:c8:4c:4c:71:27:d8:
85:85:a6:04:f2:f5:be:3b:39:6e:a9:40:0b:0e:b2:
7c:b6:99:5c:ca:b3:17:34:39:25:ca:3f:c3:28:93:
ee:21:68:dc:01:2e:a6:23:a1:0b:a7:2b:42:ef:66:
e8:d1:e0:0c:23:4d:a8:09:cb:0d:3b:4e:c7:40:ca:
79:5e:61:a4:38:f4:97:96:91:b3:2a:86:1d:af:07:
2a:00:3e:40:97:81:bb:f3:9e:2b:01:c9:d6:36:6d:
6e:37:f5:c0:1c:b4:d9:93:f4:6d:f7:44:e0:6a:98:
ac:31:d4:b6:dc:87:3a:25:e4:a5:6a:d9:5e:65:54:
9c:16:4e:84:0a:16:f9:d0:24:64:8f:22:f2:90:ca:
e0:04:70:6c:90:b1:5f:d7:6e:63:51:ff:a9:48:d1:
3e:df:8c:ae:ce:50:0d:c0:14:f0:ee:cc:45:2e:5f:
c9:68:10:e1:62:5c:26:e0:46:e5:a8:55:08:35:1e:
38:ab:e4:e3:af:cd:7c:00:66:ec:53:97:95:f5:7b:
ea:b5:b1:71:b1:d5:e0:b1:8e:98:45:8e:67:4f:2a:
3d:a3:af:a2:60:d1:9c:4e:9a:b4:8e:d1:40:cf:a8:
70:01:10:14:59:f0:57:26:7f:14:59:99:14:e7:c4:
95:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:FD:B2:99:A7:FB:9C:57:91:65:1D:3D:5F:63:23:B3:5E:FF:3B:42
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/3B3753E0F82411EFB9CCC76BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.26.0/24
115.167.6.0/24
115.167.15.0/24
115.167.28.0/24
115.167.50.0/24
115.167.101.0/24
115.167.117.0/24
223.29.237.0/24
Signature Algorithm: sha256WithRSAEncryption
01:8f:29:77:15:16:0a:86:8a:8c:d1:d0:49:6e:6f:5a:7b:ea:
f9:59:75:1f:01:f3:99:62:e5:84:9b:6b:1c:7c:6c:43:8a:6a:
94:10:79:3a:a1:a6:3c:99:41:40:6f:dc:b2:c9:6d:c8:55:84:
de:fd:c5:c2:c7:96:7b:3f:b4:f2:47:e1:ae:05:21:16:e9:c3:
1c:1c:9e:8e:4c:60:e7:d9:20:a7:2e:1f:0b:21:1e:5d:9d:d1:
c8:cf:df:69:4a:59:20:54:6e:23:61:90:c2:3d:c3:ed:a7:16:
3d:74:85:4d:1f:91:a5:f5:ae:dd:1c:ed:b4:79:c2:ce:b8:8d:
64:40:99:ca:4a:fd:02:e5:67:15:0f:b8:e4:78:16:49:99:eb:
4b:81:de:a9:e4:c9:1d:03:6b:4b:25:b2:1c:e1:ae:db:39:d4:
d0:04:54:03:6c:ec:62:7d:8b:d1:18:07:50:e5:31:5d:c7:07:
fa:ef:ed:82:fe:99:4b:ed:e1:02:51:8a:6d:fb:96:2c:ef:67:
92:d7:a9:31:95:8e:5a:a3:cf:81:99:45:9f:a4:dd:98:b1:25:
d1:bd:b6:6d:6b:70:20:a9:0e:88:6b:e3:bd:3a:70:94:62:12:
32:12:5c:a5:82:9d:fa:47:00:d5:b9:ac:c8:f6:f7:30:c3:0c:
70:ef:74:55
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICJJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMzExMDg0MjEyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmZjc2NC03NmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0iylaLSbSVDITExxJ9iFhaYE8vW+OzluqUALDrJ8tplcyrMXNDklyj/DKJPu
IWjcAS6mI6ELpytC72bo0eAMI02oCcsNO07HQMp5XmGkOPSXlpGzKoYdrwcqAD5A
l4G7854rAcnWNm1uN/XAHLTZk/Rt90TgapisMdS23Ic6JeSlatleZVScFk6EChb5
0CRkjyLykMrgBHBskLFf125jUf+pSNE+34yuzlANwBTw7sxFLl/JaBDhYlwm4Ebl
qFUINR44q+Tjr818AGbsU5eV9XvqtbFxsdXgsY6YRY5nTyo9o6+iYNGcTpq0jtFA
z6hwARAUWfBXJn8UWZkU58SVBwIDAQABo4ICvzCCArswHQYDVR0OBBYEFLD9spmn
+5xXkWUdPV9jI7Ne/ztCMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvM0IzNzUzRTBG
ODI0MTFFRkI5Q0NDNzZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBABnlxoDBABzpwYDBABzpw8DBABzpxwDBABzpzIDBABzp2UD
BABzp3UDBADfHe0wDQYJKoZIhvcNAQELBQADggEBAAGPKXcVFgqGiozR0Elub1p7
6vlZdR8B85li5YSbaxx8bEOKapQQeTqhpjyZQUBv3LLJbchVhN79xcLHlns/tPJH
4a4FIRbpwxwcno5MYOfZIKcuHwshHl2d0cjP32lKWSBUbiNhkMI9w+2nFj10hU0f
kaX1rt0c7bR5ws64jWRAmcpK/QLlZxUPuOR4FkmZ60uB3qnkyR0Da0slshzhrts5
1NAEVANs7GJ9i9EYB1DlMV3HB/rv7YL+mUvt4QJRim37lizvZ5LXqTGVjlqjz4GZ
RZ+k3ZixJdG9tm1rcCCpDohr4706cJRiEjISXKWCnfpHANW5rMj29zDDDHDvdFU=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:21:49 2025 by rpki-client