Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5BF7D156BCFE11EF8375DE54C4F9AE02.roa
File: 5BF7D156BCFE11EF8375DE54C4F9AE02.roa (raw, json)
Hash identifier: G7itffAorSXr7V8Yod6zVa7QEcbXAYJNzu+eQ+OoNg0=
Subject key identifier: E3:93:73:FD:98:D1:E1:10:8C:91:3A:8B:73:8D:5C:68:16:DD:71:B1
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 2004
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5BF7D156BCFE11EF8375DE54C4F9AE02.roa
Signing time: Wed 18 Dec 2024 05:10:13 +0000
ROA not before: Wed 18 Dec 2024 05:10:13 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 43.226.224.0/24 maxlen: 24
43.226.225.0/24 maxlen: 24
43.226.226.0/24 maxlen: 24
43.226.227.0/24 maxlen: 24
103.151.27.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
115.167.3.0/24 maxlen: 24
115.167.5.0/24 maxlen: 24
115.167.9.0/24 maxlen: 24
115.167.12.0/22 maxlen: 24
115.167.28.0/24 maxlen: 24
115.167.50.0/24 maxlen: 24
115.167.52.0/24 maxlen: 24
115.167.53.0/24 maxlen: 24
115.167.54.0/24 maxlen: 24
115.167.55.0/24 maxlen: 24
115.167.73.0/24 maxlen: 24
115.167.76.0/24 maxlen: 24
115.167.77.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
115.167.101.0/24 maxlen: 24
115.167.102.0/24 maxlen: 24
115.167.103.0/24 maxlen: 24
175.110.80.0/22 maxlen: 24
175.110.89.0/24 maxlen: 24
175.110.91.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
180.178.165.0/24 maxlen: 24
180.178.167.0/24 maxlen: 24
180.178.168.0/24 maxlen: 24
223.29.228.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.231.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Dec 2024 07:44:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8196 (0x2004)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Dec 18 05:10:13 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67625934-794e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:54:bf:32:f6:61:ef:95:e0:8e:79:3b:03:88:
6a:f5:0a:52:70:d6:52:7f:89:f3:ec:f7:a7:15:e5:
4d:25:2e:70:71:1b:06:a1:ca:8d:e7:9d:9f:39:9b:
79:61:66:20:cb:0f:f6:10:23:ac:27:33:bc:24:dd:
64:aa:7f:27:1a:43:30:bf:d6:15:14:98:0f:3e:ae:
79:cc:98:5a:cc:a0:1c:a2:f3:49:3a:a5:4b:65:e9:
49:fe:3e:62:66:16:67:8c:00:58:d4:a9:d4:ce:9c:
7d:9b:75:86:44:dd:54:dc:f5:8b:19:25:f6:fe:df:
d3:9f:57:06:d7:9e:a5:fc:66:00:ce:04:00:08:cf:
08:02:dd:dd:d0:ea:cf:af:8a:f5:59:96:68:11:5b:
7a:e1:d5:56:86:4c:60:68:55:b5:cd:8c:64:32:89:
f2:3a:1d:33:cf:ff:52:f8:99:05:e2:9e:1b:16:80:
50:e8:f1:a7:1d:f4:ef:fa:55:45:71:4c:16:d8:95:
c8:96:6a:a3:03:27:1f:fc:75:2e:b0:1f:51:df:7f:
6f:ac:2e:97:06:d6:88:3b:22:a2:f8:a2:d6:0b:05:
1a:1e:1b:e2:62:14:01:ed:a3:8a:c1:ca:e2:95:9f:
22:f1:18:51:53:cf:7b:e3:12:c8:8e:fa:e7:58:f3:
aa:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:93:73:FD:98:D1:E1:10:8C:91:3A:8B:73:8D:5C:68:16:DD:71:B1
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5BF7D156BCFE11EF8375DE54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.224.0/22
103.151.27.0/24
113.203.224.0/23
113.203.227.0/24
113.203.243.0/24
115.167.3.0/24
115.167.5.0/24
115.167.9.0/24
115.167.12.0/22
115.167.28.0/24
115.167.50.0/24
115.167.52.0/22
115.167.73.0/24
115.167.76.0-115.167.78.255
115.167.101.0-115.167.103.255
175.110.80.0/22
175.110.89.0/24
175.110.91.0/24
175.110.111.0/24
180.178.165.0/24
180.178.167.0-180.178.168.255
223.29.228.0/24
223.29.230.0/23
223.29.235.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
a7:6f:ec:30:5f:47:7b:23:94:6d:5a:9f:35:10:b9:cc:1a:5f:
d0:4a:59:65:07:ac:ba:ea:bf:b8:a3:33:4c:49:9a:ea:22:54:
d9:5f:e5:3e:be:3f:53:95:38:48:c2:5d:6a:14:04:94:e2:93:
32:0e:ac:cb:5d:ed:ac:4a:fd:49:06:f1:7b:44:ed:9c:38:a0:
ad:54:e3:b3:81:d8:cc:32:ad:22:47:37:76:6d:52:eb:a9:bd:
75:77:f7:20:ec:29:c1:8b:0d:9b:cd:73:e4:2c:8f:ad:4d:70:
c5:dc:1f:92:34:e7:4c:77:54:c5:0e:17:12:5e:e4:66:49:bc:
e7:67:d6:f6:12:3f:34:80:d4:fb:73:52:32:3a:93:74:cf:4d:
86:34:73:f6:dd:5f:83:ce:49:8e:35:c7:15:f8:5c:1a:f8:73:
e0:83:92:19:76:c6:62:fa:84:fc:05:34:e2:a5:72:7d:e5:33:
fc:7e:0b:67:06:5e:dd:c5:48:73:39:67:80:3d:98:88:7c:8f:
c1:78:69:0c:90:ca:b5:52:d8:39:4e:17:bf:74:d8:19:07:f5:
85:5f:21:33:79:e0:1e:fd:11:4b:08:e3:f4:2d:15:dd:40:71:
84:26:24:2d:f9:59:be:5f:53:5d:56:e2:b7:b0:75:87:9f:43:
0a:63:12:92
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgICIAQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMjE4MDUxMDEzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyNTkzNC03OTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7lS/MvZh75Xgjnk7A4hq9QpScNZSf4nz7PenFeVNJS5wcRsGocqN552fOZt5
YWYgyw/2ECOsJzO8JN1kqn8nGkMwv9YVFJgPPq55zJhazKAcovNJOqVLZelJ/j5i
ZhZnjABY1KnUzpx9m3WGRN1U3PWLGSX2/t/Tn1cG156l/GYAzgQACM8IAt3d0OrP
r4r1WZZoEVt64dVWhkxgaFW1zYxkMonyOh0zz/9S+JkF4p4bFoBQ6PGnHfTv+lVF
cUwW2JXIlmqjAycf/HUusB9R339vrC6XBtaIOyKi+KLWCwUaHhviYhQB7aOKwcri
lZ8i8RhRU8974xLIjvrnWPOq+QIDAQABo4IDRDCCA0AwHQYDVR0OBBYEFOOTc/2Y
0eEQjJE6i3ONXGgW3XGxMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNUJGN0QxNTZC
Q0ZFMTFFRjgzNzVERTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgc0GCCsGAQUFBwEHAQH/
BIG9MIG6MIG3BAIAATCBsAMEAivi4AMEAGeXGwMEAXHL4AMEAHHL4wMEAHHL8wME
AHOnAwMEAHOnBQMEAHOnCQMEAnOnDAMEAHOnHAMEAHOnMgMEAnOnNAMEAHOnSTAM
AwQCc6dMAwQAc6dOMAwDBABzp2UDBANzp2ADBAKvblADBACvblkDBACvblsDBACv
bm8DBAC0sqUwDAMEALSypwMEALSyqAMEAN8d5AMEAd8d5jAMAwQA3x3rAwQA3x3u
MA0GCSqGSIb3DQEBCwUAA4IBAQCnb+wwX0d7I5RtWp81ELnMGl/QSlllB6y66r+4
ozNMSZrqIlTZX+U+vj9TlThIwl1qFASU4pMyDqzLXe2sSv1JBvF7RO2cOKCtVOOz
gdjMMq0iRzd2bVLrqb11d/cg7CnBiw2bzXPkLI+tTXDF3B+SNOdMd1TFDhcSXuRm
SbznZ9b2Ej80gNT7c1IyOpN0z02GNHP23V+DzkmONccV+Fwa+HPgg5IZdsZi+oT8
BTTipXJ95TP8fgtnBl7dxUhzOWeAPZiIfI/BeGkMkMq1Utg5The/dNgZB/WFXyEz
eeAe/RFLCOP0LRXdQHGEJiQt+Vm+X1NdVuK3sHWHn0MKYxKS
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:16:51 2025 by rpki-client