Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/52E60A0CB3C511EF945B7D4AC4F9AE02.roa
File: 52E60A0CB3C511EF945B7D4AC4F9AE02.roa (raw, json)
Hash identifier: /j9iDUJhayN1maLh9dCdbMpzaJUieql0/hnghggiOMY=
Subject key identifier: C7:3E:90:DA:31:E9:4B:45:79:74:98:07:11:B2:12:58:6A:FB:78:65
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1F37
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/52E60A0CB3C511EF945B7D4AC4F9AE02.roa
Signing time: Mon 09 Dec 2024 10:03:05 +0000
ROA not before: Mon 09 Dec 2024 10:03:05 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 43.226.224.0/24 maxlen: 24
43.226.225.0/24 maxlen: 24
43.226.226.0/24 maxlen: 24
43.226.227.0/24 maxlen: 24
103.151.27.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.215.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.248.0/24 maxlen: 24
115.167.3.0/24 maxlen: 24
115.167.5.0/24 maxlen: 24
115.167.9.0/24 maxlen: 24
115.167.12.0/22 maxlen: 24
115.167.28.0/24 maxlen: 24
115.167.50.0/24 maxlen: 24
115.167.52.0/24 maxlen: 24
115.167.53.0/24 maxlen: 24
115.167.54.0/24 maxlen: 24
115.167.55.0/24 maxlen: 24
115.167.101.0/24 maxlen: 24
115.167.102.0/24 maxlen: 24
115.167.103.0/24 maxlen: 24
175.110.80.0/22 maxlen: 24
175.110.89.0/24 maxlen: 24
175.110.91.0/24 maxlen: 24
175.110.97.0/24 maxlen: 24
175.110.104.0/24 maxlen: 24
175.110.106.0/24 maxlen: 24
180.178.147.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.166.0/24 maxlen: 24
180.178.169.0/24 maxlen: 24
180.178.170.0/24 maxlen: 24
180.178.171.0/24 maxlen: 24
180.178.176.0/24 maxlen: 24
180.178.177.0/24 maxlen: 24
180.178.178.0/24 maxlen: 24
180.178.179.0/24 maxlen: 24
180.178.189.0/24 maxlen: 24
223.29.228.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.231.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Dec 2024 04:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7991 (0x1f37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Dec 9 10:03:05 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6756c058-6172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c9:22:99:f2:ed:b8:e2:fe:02:8c:d9:83:5d:
e5:32:85:85:26:24:b1:27:cd:56:f3:f0:66:2d:75:
60:9f:51:a8:2b:1b:0b:e2:e6:49:a3:a7:96:ca:16:
1c:a0:86:29:e3:73:7c:f8:3f:d5:39:92:bd:d4:c5:
97:2b:fa:94:00:d0:b0:3f:60:1f:44:fa:a3:6a:b5:
3d:f4:1b:4e:9b:e7:04:d3:ae:41:68:c1:21:e2:d7:
c5:bf:ad:db:a8:c7:19:05:60:72:1c:d6:ea:98:e6:
bd:d7:70:de:ca:fb:36:45:89:41:79:dd:2f:2d:3a:
48:51:9e:2e:65:ae:d9:c6:72:7b:21:28:6d:42:32:
2f:ce:84:d0:d5:18:54:f6:c0:f1:1a:63:64:b4:8b:
b8:2c:f0:71:d2:de:6e:bc:79:51:a7:68:59:b9:0e:
81:41:7a:19:a7:d5:ed:3d:55:f0:25:c6:2b:f7:71:
2b:cf:03:ad:4f:79:f5:64:26:44:29:f6:65:8e:74:
56:23:13:9c:b5:8e:c0:38:52:6c:f3:28:85:fd:bc:
98:d9:7e:11:fd:ec:94:fa:23:cd:c9:80:5a:e0:6e:
ec:c2:9d:6f:bd:08:3b:03:d4:65:3b:58:fd:e4:fb:
1e:2d:a2:f2:47:67:3d:f1:f2:8b:c4:ad:d4:d8:43:
54:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3E:90:DA:31:E9:4B:45:79:74:98:07:11:B2:12:58:6A:FB:78:65
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/52E60A0CB3C511EF945B7D4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.224.0/22
103.151.27.0/24
113.203.211.0/24
113.203.213.0/24
113.203.215.0/24
113.203.219.0/24
113.203.224.0/23
113.203.227.0/24
113.203.243.0/24
113.203.248.0/24
115.167.3.0/24
115.167.5.0/24
115.167.9.0/24
115.167.12.0/22
115.167.28.0/24
115.167.50.0/24
115.167.52.0/22
115.167.101.0-115.167.103.255
175.110.80.0/22
175.110.89.0/24
175.110.91.0/24
175.110.97.0/24
175.110.104.0/24
175.110.106.0/24
180.178.147.0/24
180.178.149.0/24
180.178.166.0/24
180.178.169.0-180.178.171.255
180.178.176.0/22
180.178.189.0/24
223.29.228.0/24
223.29.230.0/23
223.29.235.0/24
223.29.237.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
27:f5:b2:d3:f2:e7:21:7d:e2:3b:c9:7f:ba:6a:c3:ca:3c:54:
b6:65:54:c4:ab:f0:82:82:f3:9a:ac:80:22:5b:a9:87:21:de:
9b:67:ac:b8:24:3a:d2:3d:9a:2d:7b:c3:1b:a5:53:21:5d:60:
68:d4:0f:f3:79:8d:65:e8:ba:9a:ea:07:96:a6:f0:8e:47:27:
2d:e1:c8:4d:49:d6:1e:ab:33:42:96:48:0b:88:3d:7e:0a:6d:
70:ff:4f:89:33:b8:6d:24:1a:f9:c7:a0:95:ea:80:ea:9b:7e:
b6:c4:07:0e:28:1d:09:90:97:6b:95:39:7c:8e:1d:bd:8f:19:
1a:33:15:65:a2:4d:80:f6:24:af:3a:17:c3:40:51:93:a4:a7:
59:65:fa:42:3a:fe:6e:43:13:0c:b9:28:15:47:f0:3b:dc:c5:
42:7d:0e:5b:7f:0a:55:c9:99:d7:2d:95:2b:1e:13:a1:9f:9c:
04:0b:4a:63:49:ea:ec:db:52:a4:da:10:fd:58:18:66:7b:67:
45:57:88:13:7c:85:69:02:d0:b9:ea:ba:07:bc:6e:ed:87:ce:
09:90:0c:c7:e5:13:8b:30:0e:98:b4:c1:92:f6:03:b4:98:bb:
87:56:2a:56:66:24:c8:db:b6:2c:8f:c6:2a:bc:97:3b:b0:85:
f3:5b:83:38
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgICHzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMjA5MTAwMzA1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU2YzA1OC02MTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvMkimfLtuOL+AozZg13lMoWFJiSxJ81W8/BmLXVgn1GoKxsL4uZJo6eWyhYc
oIYp43N8+D/VOZK91MWXK/qUANCwP2AfRPqjarU99BtOm+cE065BaMEh4tfFv63b
qMcZBWByHNbqmOa913Deyvs2RYlBed0vLTpIUZ4uZa7ZxnJ7IShtQjIvzoTQ1RhU
9sDxGmNktIu4LPBx0t5uvHlRp2hZuQ6BQXoZp9XtPVXwJcYr93ErzwOtT3n1ZCZE
KfZljnRWIxOctY7AOFJs8yiF/byY2X4R/eyU+iPNyYBa4G7swp1vvQg7A9RlO1j9
5PseLaLyR2c98fKLxK3U2ENUYQIDAQABo4IDeTCCA3UwHQYDVR0OBBYEFMc+kNox
6UtFeXSYBxGyElhq+3hlMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNTJFNjBBMENC
M0M1MTFFRjk0NUI3RDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEBBggrBgEFBQcBBwEB
/wSB8TCB7jCB6wQCAAEwgeQDBAIr4uADBABnlxsDBABxy9MDBABxy9UDBABxy9cD
BABxy9sDBAFxy+ADBABxy+MDBABxy/MDBABxy/gDBABzpwMDBABzpwUDBABzpwkD
BAJzpwwDBABzpxwDBABzpzIDBAJzpzQwDAMEAHOnZQMEA3OnYAMEAq9uUAMEAK9u
WQMEAK9uWwMEAK9uYQMEAK9uaAMEAK9uagMEALSykwMEALSylQMEALSypjAMAwQA
tLKpAwQCtLKoAwQCtLKwAwQAtLK9AwQA3x3kAwQB3x3mAwQA3x3rMAwDBADfHe0D
BADfHe4wDQYJKoZIhvcNAQELBQADggEBACf1stPy5yF94jvJf7pqw8o8VLZlVMSr
8IKC85qsgCJbqYch3ptnrLgkOtI9mi17wxulUyFdYGjUD/N5jWXouprqB5am8I5H
Jy3hyE1J1h6rM0KWSAuIPX4KbXD/T4kzuG0kGvnHoJXqgOqbfrbEBw4oHQmQl2uV
OXyOHb2PGRozFWWiTYD2JK86F8NAUZOkp1ll+kI6/m5DEwy5KBVH8DvcxUJ9Dlt/
ClXJmdctlSseE6GfnAQLSmNJ6uzbUqTaEP1YGGZ7Z0VXiBN8hWkC0Lnquge8bu2H
zgmQDMflE4swDpi0wZL2A7SYu4dWKlZmJMjbtiyPxiq8lzuwhfNbgzg=
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:33:56 2025 by rpki-client