Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/789FDAE0BBD911EFB88DD448C4F9AE02.roa
File: 789FDAE0BBD911EFB88DD448C4F9AE02.roa (raw, json)
Hash identifier: sCiVWVFSwoNn/5kTwKIvzBY96Fu4kv32V7SWQjcgnbU=
Subject key identifier: 9C:49:57:1F:4A:81:E6:ED:66:A9:5C:6D:79:82:3F:2E:B8:46:C9:CB
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1FD5
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/789FDAE0BBD911EFB88DD448C4F9AE02.roa
Signing time: Mon 16 Dec 2024 18:13:38 +0000
ROA not before: Mon 16 Dec 2024 18:13:38 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 43.226.224.0/24 maxlen: 24
43.226.225.0/24 maxlen: 24
43.226.226.0/24 maxlen: 24
43.226.227.0/24 maxlen: 24
103.151.27.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.215.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.248.0/24 maxlen: 24
115.167.3.0/24 maxlen: 24
115.167.5.0/24 maxlen: 24
115.167.9.0/24 maxlen: 24
115.167.12.0/22 maxlen: 24
115.167.28.0/24 maxlen: 24
115.167.50.0/24 maxlen: 24
115.167.52.0/24 maxlen: 24
115.167.53.0/24 maxlen: 24
115.167.54.0/24 maxlen: 24
115.167.55.0/24 maxlen: 24
115.167.73.0/24 maxlen: 24
115.167.76.0/24 maxlen: 24
115.167.77.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
115.167.101.0/24 maxlen: 24
115.167.102.0/24 maxlen: 24
115.167.103.0/24 maxlen: 24
175.110.80.0/22 maxlen: 24
175.110.89.0/24 maxlen: 24
175.110.91.0/24 maxlen: 24
175.110.97.0/24 maxlen: 24
175.110.104.0/24 maxlen: 24
175.110.106.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
180.178.165.0/24 maxlen: 24
180.178.167.0/24 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.169.0/24 maxlen: 24
180.178.178.0/24 maxlen: 24
223.29.228.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.231.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 19:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8149 (0x1fd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Dec 16 18:13:38 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67606dd2-3224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0e:9a:3c:80:e7:0d:25:a4:13:4f:45:02:71:
e4:e0:e1:c3:20:96:3a:b7:77:a2:49:5f:a6:72:1d:
5a:c2:66:24:8d:63:fc:9b:70:10:29:19:40:d3:e6:
63:54:52:3a:77:12:59:84:bc:2a:89:36:8a:af:c2:
99:e0:b2:b4:a1:f6:87:1c:99:8e:9e:d2:d8:b0:35:
69:9b:9a:24:c0:cc:8e:f0:b3:c2:d8:43:56:76:2a:
83:9c:b3:88:5c:1e:d1:86:f4:75:25:09:15:22:05:
10:78:ab:46:89:61:c3:d8:87:3e:59:9e:9c:08:8e:
d5:1b:7a:9e:0f:7f:e6:76:b8:9e:3f:bb:e8:49:5d:
4b:c2:f1:75:c7:40:e4:ee:84:02:7e:07:a7:87:4a:
32:44:d2:dd:70:5d:d1:2c:d4:65:80:5a:1b:81:f1:
49:11:17:32:8e:05:f8:20:02:58:d2:00:a2:fb:db:
eb:37:7e:29:84:83:48:71:e8:36:54:27:f0:7e:77:
da:13:a1:17:d6:c8:15:4a:90:21:66:06:fb:72:88:
43:3d:e3:f2:51:65:80:b2:56:30:69:b3:59:1f:fd:
0e:f0:be:00:a5:08:6b:7e:22:8f:7a:a1:02:ad:54:
4b:b7:76:78:79:62:d4:7f:74:18:6a:1e:25:89:86:
42:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:49:57:1F:4A:81:E6:ED:66:A9:5C:6D:79:82:3F:2E:B8:46:C9:CB
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/789FDAE0BBD911EFB88DD448C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.224.0/22
103.151.27.0/24
113.203.211.0/24
113.203.213.0/24
113.203.215.0/24
113.203.219.0/24
113.203.224.0/23
113.203.227.0/24
113.203.243.0/24
113.203.248.0/24
115.167.3.0/24
115.167.5.0/24
115.167.9.0/24
115.167.12.0/22
115.167.28.0/24
115.167.50.0/24
115.167.52.0/22
115.167.73.0/24
115.167.76.0-115.167.78.255
115.167.101.0-115.167.103.255
175.110.80.0/22
175.110.89.0/24
175.110.91.0/24
175.110.97.0/24
175.110.104.0/24
175.110.106.0/24
175.110.111.0/24
180.178.165.0/24
180.178.167.0-180.178.169.255
180.178.178.0/24
223.29.228.0/24
223.29.230.0/23
223.29.235.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
a1:ea:92:84:5d:dd:14:fe:45:0f:42:6d:80:87:b1:1f:b8:e4:
4f:0f:7b:a8:72:e4:4b:c6:8b:29:7d:28:2c:f3:d9:11:4b:8f:
33:5a:62:90:62:35:be:03:5e:95:f5:7d:47:10:09:2e:d4:32:
7c:b6:70:71:e5:84:c3:f9:5c:7b:43:34:7f:2a:6a:c6:fb:28:
a4:90:26:8f:99:4a:65:2c:1d:a8:8f:ec:68:81:03:31:74:a4:
73:30:48:69:0d:ee:ab:da:58:09:e6:7f:a5:9f:b6:a1:2e:9d:
c5:d7:9c:ad:4b:e5:43:6d:22:52:3b:06:04:bd:ee:ad:3f:62:
b2:c4:37:df:29:a5:77:e3:8d:ca:8a:fa:03:dc:b5:46:f4:f8:
e1:d4:fa:26:17:b0:37:58:46:f5:32:36:46:0d:37:21:b5:25:
4f:1a:7d:09:47:e5:f8:4e:f1:13:1e:49:7e:b6:63:80:f5:9a:
40:77:97:40:d6:db:5c:b3:7a:3d:13:e6:0f:b7:c2:74:f4:1e:
92:87:95:b4:67:21:0e:d2:67:8f:2c:da:f9:09:8b:4c:ce:74:
fd:2a:c9:87:8a:6c:61:d1:d3:66:88:9f:a9:2e:31:87:ce:74:
de:02:c9:2b:40:77:ff:fe:7d:f4:1e:2f:9b:85:d0:2f:64:1d:
b2:7e:01:c7
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgICH9UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMjE2MTgxMzM4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYwNmRkMi0zMjI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0g6aPIDnDSWkE09FAnHk4OHDIJY6t3eiSV+mch1awmYkjWP8m3AQKRlA0+Zj
VFI6dxJZhLwqiTaKr8KZ4LK0ofaHHJmOntLYsDVpm5okwMyO8LPC2ENWdiqDnLOI
XB7RhvR1JQkVIgUQeKtGiWHD2Ic+WZ6cCI7VG3qeD3/mdrieP7voSV1LwvF1x0Dk
7oQCfgenh0oyRNLdcF3RLNRlgFobgfFJERcyjgX4IAJY0gCi+9vrN34phINIceg2
VCfwfnfaE6EX1sgVSpAhZgb7cohDPePyUWWAslYwabNZH/0O8L4ApQhrfiKPeqEC
rVRLt3Z4eWLUf3QYah4liYZC3QIDAQABo4IDezCCA3cwHQYDVR0OBBYEFJxJVx9K
gebtZqlcbXmCPy64RsnLMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNzg5RkRBRTBC
QkQ5MTFFRkI4OERENDQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEDBggrBgEFBQcBBwEB
/wSB8zCB8DCB7QQCAAEwgeYDBAIr4uADBABnlxsDBABxy9MDBABxy9UDBABxy9cD
BABxy9sDBAFxy+ADBABxy+MDBABxy/MDBABxy/gDBABzpwMDBABzpwUDBABzpwkD
BAJzpwwDBABzpxwDBABzpzIDBAJzpzQDBABzp0kwDAMEAnOnTAMEAHOnTjAMAwQA
c6dlAwQDc6dgAwQCr25QAwQAr25ZAwQAr25bAwQAr25hAwQAr25oAwQAr25qAwQA
r25vAwQAtLKlMAwDBAC0sqcDBAG0sqgDBAC0srIDBADfHeQDBAHfHeYwDAMEAN8d
6wMEAN8d7jANBgkqhkiG9w0BAQsFAAOCAQEAoeqShF3dFP5FD0JtgIexH7jkTw97
qHLkS8aLKX0oLPPZEUuPM1pikGI1vgNelfV9RxAJLtQyfLZwceWEw/lce0M0fypq
xvsopJAmj5lKZSwdqI/saIEDMXSkczBIaQ3uq9pYCeZ/pZ+2oS6dxdecrUvlQ20i
UjsGBL3urT9issQ33ymld+ONyor6A9y1RvT44dT6JhewN1hG9TI2Rg03IbUlTxp9
CUfl+E7xEx5JfrZjgPWaQHeXQNbbXLN6PRPmD7fCdPQekoeVtGchDtJnjyza+QmL
TM50/SrJh4psYdHTZoifqS4xh8503gLJK0B3//599B4vm4XQL2Qdsn4Bxw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:32:32 2025 by rpki-client