Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/73A02656AD9411EF97E96A80C4F9AE02.roa
File: 73A02656AD9411EF97E96A80C4F9AE02.roa (raw, json)
Hash identifier: cdcmAAvRk2xSkQT6Q6aLOIq0TFBfQ1viNdj9NIX6KpE=
Subject key identifier: F4:86:68:1E:C9:EB:12:7E:95:1C:A0:66:EE:F9:E0:AE:D1:BD:8E:FC
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1E17
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/73A02656AD9411EF97E96A80C4F9AE02.roa
Signing time: Thu 28 Nov 2024 14:24:18 +0000
ROA not before: Thu 28 Nov 2024 14:24:18 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 43.226.225.0/24 maxlen: 24
43.226.226.0/24 maxlen: 24
43.226.227.0/24 maxlen: 24
103.11.63.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.241.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.253.0/24 maxlen: 24
113.203.255.0/24 maxlen: 24
115.167.16.0/24 maxlen: 24
115.167.17.0/24 maxlen: 24
115.167.18.0/24 maxlen: 24
115.167.19.0/24 maxlen: 24
115.167.29.0/24 maxlen: 24
115.167.30.0/24 maxlen: 24
115.167.31.0/24 maxlen: 24
115.167.48.0/24 maxlen: 24
115.167.64.0/24 maxlen: 24
115.167.66.0/24 maxlen: 24
115.167.73.0/24 maxlen: 24
115.167.124.0/24 maxlen: 24
115.167.125.0/24 maxlen: 24
175.110.80.0/22 maxlen: 24
175.110.111.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.146.0/24 maxlen: 24
180.178.148.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.165.0/24 maxlen: 24
180.178.167.0/24 maxlen: 24
180.178.176.0/22 maxlen: 22
180.178.183.0/24 maxlen: 24
180.178.187.0/24 maxlen: 24
180.178.188.0/24 maxlen: 24
180.178.191.0/24 maxlen: 24
202.92.26.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.229.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Nov 2024 16:16:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7703 (0x1e17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Nov 28 14:24:18 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67487d12-ef75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:92:bd:a3:8d:79:16:71:d2:54:68:fc:0e:
b9:63:dc:82:b4:b4:08:00:00:20:a0:9a:eb:a5:16:
d6:40:e2:f5:3a:55:9b:56:1a:53:6f:cb:18:23:ce:
83:d3:b0:b2:90:90:cf:f3:1d:82:51:6f:7b:53:97:
f3:68:b9:6c:36:88:7e:a1:6c:94:41:8f:24:d4:45:
a0:e6:0c:30:cd:f3:fd:8e:04:bb:15:1f:9a:c4:78:
18:a9:4f:f6:ae:11:9d:30:70:91:c3:94:27:d3:4a:
e0:a5:15:e7:7f:e4:6f:95:35:38:5e:d1:71:33:c8:
e9:68:11:e2:db:da:34:86:7f:f5:78:28:68:0a:68:
33:f4:d3:44:47:68:df:bc:2e:20:ef:6a:61:23:76:
37:e2:7a:56:87:05:5a:42:a9:a4:06:2e:cc:b5:b0:
bc:db:94:f7:45:ce:5f:0e:79:07:5c:14:00:37:b7:
1f:6d:f4:b0:5a:db:66:b5:b0:7e:a3:17:2d:ae:90:
1c:1b:ee:c0:65:51:60:6f:bd:36:5f:ce:3e:e3:d0:
35:22:82:5d:68:21:7e:b0:10:0c:d5:c5:59:ed:81:
40:43:4b:af:d4:95:4e:f3:e5:0b:77:79:9f:3e:01:
e2:4c:87:6d:0d:b1:83:d2:5c:19:82:3e:cb:c8:8f:
4b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:86:68:1E:C9:EB:12:7E:95:1C:A0:66:EE:F9:E0:AE:D1:BD:8E:FC
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/73A02656AD9411EF97E96A80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.225.0-43.226.227.255
103.11.63.0/24
113.203.222.0/24
113.203.231.0/24
113.203.241.0-113.203.242.255
113.203.253.0/24
113.203.255.0/24
115.167.16.0/22
115.167.29.0-115.167.31.255
115.167.48.0/24
115.167.64.0/24
115.167.66.0/24
115.167.73.0/24
115.167.124.0/23
175.110.80.0/22
175.110.111.0/24
180.178.142.0/24
180.178.144.0/24
180.178.146.0/24
180.178.148.0/24
180.178.150.0/24
180.178.160.0-180.178.162.255
180.178.165.0/24
180.178.167.0/24
180.178.176.0/22
180.178.183.0/24
180.178.187.0-180.178.188.255
180.178.191.0/24
202.92.26.0/24
223.29.225.0/24
223.29.229.0/24
223.29.235.0-223.29.236.255
223.29.239.0/24
Signature Algorithm: sha256WithRSAEncryption
90:62:9b:dd:da:67:06:11:62:cb:1d:51:f3:24:97:10:e7:d5:
ba:15:4c:31:0b:cc:7f:84:8c:b6:9f:d8:af:16:68:ca:be:be:
f3:16:77:50:65:e5:a5:40:62:c8:82:f3:9d:46:f0:8b:e8:8b:
49:9a:67:a6:62:f4:56:73:3d:57:5c:51:8a:d4:e9:69:f6:23:
b8:a8:1c:90:bd:70:cd:5f:43:c9:8d:ea:e4:22:b2:d1:f2:c9:
87:0e:e6:41:53:88:d9:38:f7:7a:4c:5c:bd:c5:5a:75:4f:6b:
e8:af:60:41:05:24:82:c0:f1:9d:ee:c8:1f:b3:3f:f5:47:eb:
97:2a:02:b5:1d:c2:04:61:60:8a:b9:cc:28:34:60:6e:5c:b5:
dc:e5:07:09:90:82:23:0d:b7:ff:24:ff:46:98:8d:82:5a:6c:
06:bc:41:95:cf:e5:54:19:da:9c:4c:64:11:d3:81:33:e9:d2:
17:dd:91:db:11:be:b0:cc:a0:de:0a:77:c5:35:8c:38:dc:f9:
78:89:59:15:69:f6:b3:a1:3a:0f:c5:01:c4:f5:fc:37:91:77:
9d:bb:66:90:97:ab:99:e0:af:43:22:bb:9e:2f:6c:12:c9:7a:
c7:44:78:d1:e5:d4:0e:63:19:67:11:08:05:d2:1d:76:12:64:
0f:7a:36:48
-----BEGIN CERTIFICATE-----
MIIGaTCCBVGgAwIBAgICHhcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMTI4MTQyNDE4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ4N2QxMi1lZjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3r6SvaONeRZx0lRo/A65Y9yCtLQIAAAgoJrrpRbWQOL1OlWbVhpTb8sYI86D
07CykJDP8x2CUW97U5fzaLlsNoh+oWyUQY8k1EWg5gwwzfP9jgS7FR+axHgYqU/2
rhGdMHCRw5Qn00rgpRXnf+RvlTU4XtFxM8jpaBHi29o0hn/1eChoCmgz9NNER2jf
vC4g72phI3Y34npWhwVaQqmkBi7MtbC825T3Rc5fDnkHXBQAN7cfbfSwWttmtbB+
oxctrpAcG+7AZVFgb702X84+49A1IoJdaCF+sBAM1cVZ7YFAQ0uv1JVO8+ULd3mf
PgHiTIdtDbGD0lwZgj7LyI9LoQIDAQABo4IDjTCCA4kwHQYDVR0OBBYEFPSGaB7J
6xJ+lRygZu754K7RvY78MB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNzNBMDI2NTZB
RDk0MTFFRjk3RTk2QTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEVBggrBgEFBQcBBwEB
/wSCAQQwggEAMIH9BAIAATCB9jAMAwQAK+LhAwQCK+LgAwQAZws/AwQAccveAwQA
ccvnMAwDBABxy/EDBABxy/IDBABxy/0DBABxy/8DBAJzpxAwDAMEAHOnHQMEBXOn
AAMEAHOnMAMEAHOnQAMEAHOnQgMEAHOnSQMEAXOnfAMEAq9uUAMEAK9ubwMEALSy
jgMEALSykAMEALSykgMEALSylAMEALSyljAMAwQFtLKgAwQAtLKiAwQAtLKlAwQA
tLKnAwQCtLKwAwQAtLK3MAwDBAC0srsDBAC0srwDBAC0sr8DBADKXBoDBADfHeED
BADfHeUwDAMEAN8d6wMEAN8d7AMEAN8d7zANBgkqhkiG9w0BAQsFAAOCAQEAkGKb
3dpnBhFiyx1R8ySXEOfVuhVMMQvMf4SMtp/YrxZoyr6+8xZ3UGXlpUBiyILznUbw
i+iLSZpnpmL0VnM9V1xRitTpafYjuKgckL1wzV9DyY3q5CKy0fLJhw7mQVOI2Tj3
ekxcvcVadU9r6K9gQQUkgsDxne7IH7M/9UfrlyoCtR3CBGFgirnMKDRgbly13OUH
CZCCIw23/yT/RpiNglpsBrxBlc/lVBnanExkEdOBM+nSF92R2xG+sMyg3gp3xTWM
ONz5eIlZFWn2s6E6D8UBxPX8N5F3nbtmkJermeCvQyK7ni9sEsl6x0R40eXUDmMZ
ZxEIBdIddhJkD3o2SA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:14:29 2025 by rpki-client