Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/65C20A98B87C11EF9207CE2BC4F9AE02.roa
File: 65C20A98B87C11EF9207CE2BC4F9AE02.roa (raw, json)
Hash identifier: +Uew97mnpYoQeG9HVow4Ld619SrA14KYjshnL32TmZc=
Subject key identifier: D4:DA:8F:D3:FE:5E:DC:A8:65:BD:60:1A:89:0E:02:5F:31:E4:9F:AC
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1F8C
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/65C20A98B87C11EF9207CE2BC4F9AE02.roa
Signing time: Fri 13 Dec 2024 04:59:54 +0000
ROA not before: Fri 13 Dec 2024 04:59:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 103.11.63.0/24 maxlen: 24
103.151.26.0/24 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.230.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.253.0/24 maxlen: 24
113.203.255.0/24 maxlen: 24
115.167.6.0/24 maxlen: 24
115.167.16.0/22 maxlen: 24
115.167.31.0/24 maxlen: 24
115.167.48.0/24 maxlen: 24
115.167.64.0/24 maxlen: 24
115.167.66.0/24 maxlen: 24
115.167.73.0/24 maxlen: 24
115.167.76.0/24 maxlen: 24
115.167.77.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
115.167.124.0/24 maxlen: 24
115.167.125.0/24 maxlen: 24
175.110.81.0/24 maxlen: 24
175.110.82.0/24 maxlen: 24
175.110.83.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.146.0/24 maxlen: 24
180.178.148.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.165.0/24 maxlen: 24
180.178.167.0/24 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.183.0/24 maxlen: 24
180.178.187.0/24 maxlen: 24
180.178.191.0/24 maxlen: 24
202.92.26.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Dec 2024 07:26:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8076 (0x1f8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Dec 13 04:59:54 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=675bbf4a-ab94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:67:a3:9d:5a:ea:24:5a:b0:a7:71:35:62:08:
82:08:4a:73:ff:d3:9f:10:0f:24:44:a8:bb:f4:1b:
d8:1e:44:77:52:a4:00:f9:da:f7:5b:cd:c1:28:ab:
4e:6a:82:31:9f:10:f7:6f:1f:70:3a:53:fd:87:4c:
c1:60:7c:d0:8b:e7:94:69:c1:bf:18:b6:38:dd:66:
03:e0:53:3e:34:80:9e:c1:7d:08:57:fd:57:d9:63:
08:dc:0d:79:0e:ec:7f:82:ee:89:bd:2a:2e:72:30:
8f:52:65:c6:d3:94:46:8d:10:08:f3:34:a3:e6:55:
80:f5:46:60:71:04:86:6b:94:8e:6a:7f:95:21:0d:
fe:d7:8b:0f:c6:5f:5d:f6:14:6b:9e:62:9c:68:a1:
f2:32:22:a3:37:fa:a7:b7:c0:7d:2e:cb:63:15:7d:
2f:1c:4a:e1:46:91:b2:f3:96:71:07:88:09:9b:f1:
a3:91:5e:82:bb:fc:6d:19:63:7c:f3:d2:7e:ad:e9:
35:2f:25:1f:5e:9e:24:74:5a:e3:55:21:c9:f6:6f:
d9:34:df:c0:1b:b4:2a:82:ab:f3:54:1c:74:1e:30:
42:3d:0a:b8:cd:af:2d:64:8f:cf:82:b3:3c:33:42:
6a:d1:37:8d:14:c9:fc:0d:88:3f:5e:e0:5d:bc:41:
d7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DA:8F:D3:FE:5E:DC:A8:65:BD:60:1A:89:0E:02:5F:31:E4:9F:AC
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/65C20A98B87C11EF9207CE2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.63.0/24
103.151.26.0/24
113.203.216.0/24
113.203.223.0/24
113.203.229.0-113.203.231.255
113.203.242.0/24
113.203.253.0/24
113.203.255.0/24
115.167.6.0/24
115.167.16.0/22
115.167.31.0/24
115.167.48.0/24
115.167.64.0/24
115.167.66.0/24
115.167.73.0/24
115.167.76.0-115.167.78.255
115.167.124.0/23
175.110.81.0-175.110.83.255
175.110.111.0/24
180.178.142.0/24
180.178.144.0/24
180.178.146.0/24
180.178.148.0/24
180.178.150.0/24
180.178.160.0/24
180.178.162.0/24
180.178.165.0/24
180.178.167.0-180.178.168.255
180.178.183.0/24
180.178.187.0/24
180.178.191.0/24
202.92.26.0/24
223.29.225.0/24
223.29.236.0/24
223.29.239.0/24
Signature Algorithm: sha256WithRSAEncryption
01:35:18:58:16:75:d2:71:4e:ee:a3:58:4a:87:a0:40:2e:36:
0c:8b:c0:a8:90:c7:1a:b0:21:59:c9:7d:2a:d4:ae:8f:93:21:
98:87:59:71:4b:79:0f:79:d1:22:e3:70:bd:64:1b:23:81:2c:
c6:11:e4:63:0a:7b:de:0b:16:6a:9c:8d:c6:2a:6c:04:1d:13:
0b:dc:32:41:bf:ca:2e:4f:d6:3f:1d:2a:16:46:56:95:bd:6b:
56:c5:ef:ce:8b:24:3e:5e:b8:36:0b:e6:15:6b:b0:03:33:c8:
8c:9a:27:e3:b7:8b:ab:32:50:2d:7d:1e:e1:0b:f8:3a:7a:32:
5c:0c:de:49:34:fd:c3:ff:fe:f9:af:92:68:95:58:b5:2e:c7:
cc:21:a7:6d:96:0c:2b:5b:b7:86:6e:0d:7c:cb:c2:1c:9d:e4:
3d:bc:8b:c8:26:6c:5b:ba:86:78:de:c3:62:ad:67:d7:29:e6:
c0:0f:d7:f7:28:4c:7c:44:61:65:39:c1:00:54:08:93:e8:7c:
40:40:ce:53:eb:c1:56:80:c0:1c:cb:af:c5:af:8f:a0:68:f8:
d1:13:3c:c0:4c:ea:4a:73:ce:5e:68:ee:32:08:29:92:eb:f3:
45:a9:71:d1:95:e2:63:c5:52:0d:24:87:c3:9d:28:0b:d8:09:
42:23:26:c2
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgICH4wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMjEzMDQ1OTU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzViYmY0YS1hYjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx2ejnVrqJFqwp3E1YgiCCEpz/9OfEA8kRKi79BvYHkR3UqQA+dr3W83BKKtO
aoIxnxD3bx9wOlP9h0zBYHzQi+eUacG/GLY43WYD4FM+NICewX0IV/1X2WMI3A15
Dux/gu6JvSoucjCPUmXG05RGjRAI8zSj5lWA9UZgcQSGa5SOan+VIQ3+14sPxl9d
9hRrnmKcaKHyMiKjN/qnt8B9LstjFX0vHErhRpGy85ZxB4gJm/GjkV6Cu/xtGWN8
89J+rek1LyUfXp4kdFrjVSHJ9m/ZNN/AG7QqgqvzVBx0HjBCPQq4za8tZI/PgrM8
M0Jq0TeNFMn8DYg/XuBdvEHXFwIDAQABo4IDhzCCA4MwHQYDVR0OBBYEFNTaj9P+
XtyoZb1gGokOAl8x5J+sMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNjVDMjBBOThC
ODdDMTFFRjkyMDdDRTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEPBggrBgEFBQcBBwEB
/wSB/zCB/DCB+QQCAAEwgfIDBABnCz8DBABnlxoDBABxy9gDBABxy98wDAMEAHHL
5QMEA3HL4AMEAHHL8gMEAHHL/QMEAHHL/wMEAHOnBgMEAnOnEAMEAHOnHwMEAHOn
MAMEAHOnQAMEAHOnQgMEAHOnSTAMAwQCc6dMAwQAc6dOAwQBc6d8MAwDBACvblED
BAKvblADBACvbm8DBAC0so4DBAC0spADBAC0spIDBAC0spQDBAC0spYDBAC0sqAD
BAC0sqIDBAC0sqUwDAMEALSypwMEALSyqAMEALSytwMEALSyuwMEALSyvwMEAMpc
GgMEAN8d4QMEAN8d7AMEAN8d7zANBgkqhkiG9w0BAQsFAAOCAQEAATUYWBZ10nFO
7qNYSoegQC42DIvAqJDHGrAhWcl9KtSuj5MhmIdZcUt5D3nRIuNwvWQbI4EsxhHk
Ywp73gsWapyNxipsBB0TC9wyQb/KLk/WPx0qFkZWlb1rVsXvzoskPl64NgvmFWuw
AzPIjJon47eLqzJQLX0e4Qv4OnoyXAzeSTT9w//++a+SaJVYtS7HzCGnbZYMK1u3
hm4NfMvCHJ3kPbyLyCZsW7qGeN7DYq1n1ynmwA/X9yhMfERhZTnBAFQIk+h8QEDO
U+vBVoDAHMuvxa+PoGj40RM8wEzqSnPOXmjuMggpkuvzRalx0ZXiY8VSDSSHw50o
C9gJQiMmwg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:07:29 2025 by rpki-client