Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/6B6025EEA0CA11EFAA122A3DC4F9AE02.roa
File: 6B6025EEA0CA11EFAA122A3DC4F9AE02.roa (raw, json)
Hash identifier: CDMvDvaYRgeQpie9Zje+SYe+mgTR6guUHE6rXbzshtE=
Subject key identifier: 54:1A:5B:3D:99:73:D0:14:AF:91:44:9F:CA:8A:33:12:2F:CC:05:B5
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1C44
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/6B6025EEA0CA11EFAA122A3DC4F9AE02.roa
Signing time: Wed 13 Nov 2024 07:12:45 +0000
ROA not before: Wed 13 Nov 2024 07:12:45 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 43.226.224.0/22 maxlen: 24
103.11.63.0/24 maxlen: 24
113.203.208.0/24 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.215.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.233.0/24 maxlen: 24
113.203.241.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
115.167.6.0/24 maxlen: 24
115.167.16.0/22 maxlen: 22
115.167.29.0/24 maxlen: 24
115.167.30.0/24 maxlen: 24
115.167.31.0/24 maxlen: 24
115.167.48.0/24 maxlen: 24
115.167.50.0/24 maxlen: 24
115.167.64.0/24 maxlen: 24
115.167.65.0/24 maxlen: 24
115.167.66.0/24 maxlen: 24
115.167.67.0/24 maxlen: 24
115.167.73.0/24 maxlen: 24
115.167.102.0/24 maxlen: 24
115.167.124.0/24 maxlen: 24
115.167.125.0/24 maxlen: 24
175.110.64.0/22 maxlen: 22
175.110.89.0/24 maxlen: 24
175.110.91.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
180.178.146.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.151.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.188.0/24 maxlen: 24
202.92.26.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
223.29.228.0/24 maxlen: 24
223.29.229.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 10:17:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7236 (0x1c44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Nov 13 07:12:45 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6734516d-3192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cf:07:37:52:27:9b:41:71:f0:40:70:f2:c2:
f7:f2:82:cb:81:5f:41:40:51:8c:81:f4:ba:01:34:
d8:2e:5a:a3:4f:2d:2c:b2:82:60:1d:d5:45:7c:30:
04:cd:92:72:60:4f:3a:5f:51:b8:1a:d3:87:1d:fd:
13:da:fa:d4:3b:50:3d:11:93:11:99:13:2a:bf:3c:
88:e3:cd:8c:be:b5:5f:8b:75:e5:47:e6:01:cf:ce:
26:74:80:1d:08:f5:a9:e8:d9:88:e0:67:c8:fb:d7:
16:0d:84:18:61:87:94:e0:1b:27:a3:7a:e0:29:2e:
3a:5c:c6:4e:5c:ff:9f:b5:84:83:26:32:e5:73:c7:
7c:c4:cd:d9:86:8a:e1:ca:dd:e4:f7:8c:44:b0:73:
91:ad:fa:d8:2e:e0:64:d9:e0:92:f2:d2:16:ad:12:
60:e2:7f:ea:41:2c:b0:86:32:9a:bc:7f:e3:0a:c8:
7f:53:dc:f9:bc:13:f5:de:a5:2a:9e:6a:85:a9:fd:
31:7b:8d:25:7c:53:9f:e3:ba:4c:9d:75:62:9a:50:
ea:4a:ef:85:15:27:d8:c1:17:e8:07:3c:73:20:16:
bd:76:40:f7:a2:16:c4:90:f2:ea:1a:b1:75:84:b7:
00:20:7a:df:78:90:20:26:9c:70:4d:a3:9a:04:ad:
9a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:1A:5B:3D:99:73:D0:14:AF:91:44:9F:CA:8A:33:12:2F:CC:05:B5
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/6B6025EEA0CA11EFAA122A3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.224.0/22
103.11.63.0/24
113.203.208.0/24
113.203.212.0/24
113.203.215.0/24
113.203.219.0/24
113.203.222.0/24
113.203.231.0/24
113.203.233.0/24
113.203.241.0-113.203.242.255
113.203.245.0-113.203.246.255
115.167.6.0/24
115.167.16.0/22
115.167.29.0-115.167.31.255
115.167.48.0/24
115.167.50.0/24
115.167.64.0/22
115.167.73.0/24
115.167.102.0/24
115.167.124.0/23
175.110.64.0/22
175.110.89.0/24
175.110.91.0/24
180.178.142.0/24
180.178.146.0/24
180.178.150.0/23
180.178.161.0-180.178.162.255
180.178.188.0/24
202.92.26.0/24
223.29.225.0/24
223.29.227.0-223.29.230.255
223.29.239.0/24
Signature Algorithm: sha256WithRSAEncryption
50:26:34:7c:f6:43:8f:c0:42:e2:c3:6e:fb:9f:20:7c:e8:f0:
23:f8:65:05:d1:33:8a:5f:a8:ba:d8:fb:ac:97:99:65:c9:61:
04:31:e1:44:1a:ae:1e:0a:7e:a0:fd:88:67:0b:6d:6d:ba:3d:
fa:a2:26:3e:29:0b:de:57:a2:4b:87:e7:2b:15:03:1e:50:a0:
8b:7a:87:cc:1e:b5:6a:b4:44:e7:52:3c:13:81:aa:03:1d:f8:
3e:5b:be:25:c4:3d:67:88:50:1d:fb:0c:59:6b:6a:d4:15:ca:
15:53:1d:38:44:5e:e1:e9:60:79:1c:fa:20:12:db:78:db:4f:
74:eb:7b:cc:36:36:80:2a:b9:c5:f6:cd:f8:89:4d:b0:61:c3:
ad:fb:bb:b3:da:76:4f:40:5f:a9:63:66:dc:71:10:7c:ed:d4:
f2:9f:9c:f1:a5:23:c0:79:6d:fe:24:17:c6:a1:48:5b:30:d5:
ac:7b:29:9d:8b:6f:a7:23:86:17:da:94:e4:1e:42:3a:0e:d6:
d2:ec:74:e5:90:12:aa:43:35:c7:bb:b3:67:3c:3f:0d:27:b0:
58:c1:de:5c:b1:2a:a0:5b:26:d4:5d:ff:bf:65:da:ee:29:62:
63:17:c6:d3:07:22:e0:fc:2f:3a:4b:1e:bf:d1:ee:70:e0:e1:
7b:91:ea:6e
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgICHEQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMTEzMDcxMjQ1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM0NTE2ZC0zMTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA388HN1Inm0Fx8EBw8sL38oLLgV9BQFGMgfS6ATTYLlqjTy0ssoJgHdVFfDAE
zZJyYE86X1G4GtOHHf0T2vrUO1A9EZMRmRMqvzyI482MvrVfi3XlR+YBz84mdIAd
CPWp6NmI4GfI+9cWDYQYYYeU4Bsno3rgKS46XMZOXP+ftYSDJjLlc8d8xM3Zhorh
yt3k94xEsHORrfrYLuBk2eCS8tIWrRJg4n/qQSywhjKavH/jCsh/U9z5vBP13qUq
nmqFqf0xe40lfFOf47pMnXVimlDqSu+FFSfYwRfoBzxzIBa9dkD3ohbEkPLqGrF1
hLcAIHrfeJAgJpxwTaOaBK2aRQIDAQABo4IDfTCCA3kwHQYDVR0OBBYEFFQaWz2Z
c9AUr5FEn8qKMxIvzAW1MB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNkI2MDI1RUVB
MENBMTFFRkFBMTIyQTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEFBggrBgEFBQcBBwEB
/wSB9TCB8jCB7wQCAAEwgegDBAIr4uADBABnCz8DBABxy9ADBABxy9QDBABxy9cD
BABxy9sDBABxy94DBABxy+cDBABxy+kwDAMEAHHL8QMEAHHL8jAMAwQAccv1AwQA
ccv2AwQAc6cGAwQCc6cQMAwDBABzpx0DBAVzpwADBABzpzADBABzpzIDBAJzp0AD
BABzp0kDBABzp2YDBAFzp3wDBAKvbkADBACvblkDBACvblsDBAC0so4DBAC0spID
BAG0spYwDAMEALSyoQMEALSyogMEALSyvAMEAMpcGgMEAN8d4TAMAwQA3x3jAwQA
3x3mAwQA3x3vMA0GCSqGSIb3DQEBCwUAA4IBAQBQJjR89kOPwELiw277nyB86PAj
+GUF0TOKX6i62Pusl5llyWEEMeFEGq4eCn6g/YhnC21tuj36oiY+KQveV6JLh+cr
FQMeUKCLeofMHrVqtETnUjwTgaoDHfg+W74lxD1niFAd+wxZa2rUFcoVUx04RF7h
6WB5HPogEtt4209063vMNjaAKrnF9s34iU2wYcOt+7uz2nZPQF+pY2bccRB87dTy
n5zxpSPAeW3+JBfGoUhbMNWseymdi2+nI4YX2pTkHkI6DtbS7HTlkBKqQzXHu7Nn
PD8NJ7BYwd5csSqgWybUXf+/ZdruKWJjF8bTByLg/C86Sx6/0e5w4OF7kepu
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:09:52 2025 by rpki-client