Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/7EA8FE8AE74011EEA0AA1E52C4F9AE02.roa
File: 7EA8FE8AE74011EEA0AA1E52C4F9AE02.roa (raw, json)
Hash identifier: Ib2i3Fa6xMwCpR8SdtPUVSgKI/Lne8lnEsSb5BKgHXU=
Subject key identifier: A8:F6:0E:C5:1F:7B:9C:44:8F:89:CD:88:F0:30:F4:F2:CC:1A:E3:32
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 14EA
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/7EA8FE8AE74011EEA0AA1E52C4F9AE02.roa
Signing time: Fri 30 Aug 2024 04:42:41 +0000
ROA not before: Fri 30 Aug 2024 04:42:41 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 115.167.28.0/22 maxlen: 22
115.167.60.0/22 maxlen: 24
202.92.19.0/24 maxlen: 24
202.92.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 10:11:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5354 (0x14ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Aug 30 04:42:41 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66d14dc1-2541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:0c:53:37:92:ac:3b:ba:41:72:05:47:70:
11:57:2e:02:3f:88:97:5a:1d:0b:ae:21:0c:72:b0:
26:76:4b:0b:32:8d:d1:39:7b:a4:7e:98:6f:50:66:
7f:03:bc:81:39:88:4b:f8:eb:88:34:60:55:48:01:
be:02:1d:65:c4:78:56:c0:1b:5a:82:91:51:67:9a:
ef:a7:8b:d1:dd:fb:3a:d9:02:d2:8a:7d:9f:07:f9:
40:04:fb:04:d1:d2:5c:26:8c:b5:95:33:4a:ab:8a:
12:dc:ec:8c:49:c7:b8:db:dd:df:c8:5a:c5:49:37:
80:a5:7f:7d:ce:f3:f3:0e:22:48:31:bd:38:80:1f:
46:5e:6d:93:a0:07:ee:77:33:16:db:66:3e:88:9e:
5a:79:fb:ad:0b:70:6b:3f:78:e2:56:5c:16:89:6b:
a9:38:36:c1:34:72:4b:e6:5e:1c:1e:5a:b0:cf:74:
f6:b9:d7:98:41:55:ac:a3:2b:4f:c2:eb:60:f7:21:
7c:08:77:03:7c:37:3b:97:96:f2:c6:af:4e:22:f3:
65:93:d3:ed:bd:ed:2c:65:e7:b8:c1:5d:c6:14:d5:
fe:81:bc:ba:d4:4d:6a:e4:da:be:1b:1f:91:01:c1:
06:3e:63:0b:81:2d:e3:41:de:b4:81:54:e0:78:e0:
be:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F6:0E:C5:1F:7B:9C:44:8F:89:CD:88:F0:30:F4:F2:CC:1A:E3:32
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/7EA8FE8AE74011EEA0AA1E52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.167.28.0/22
115.167.60.0/22
202.92.19.0/24
202.92.21.0/24
Signature Algorithm: sha256WithRSAEncryption
39:18:ee:f0:63:a6:2c:89:71:9a:b8:c1:46:fe:7f:a8:4b:43:
9c:d3:ab:3b:16:73:e2:ca:8e:60:5c:8e:3e:c8:ae:5e:ee:da:
59:ed:10:84:21:35:ed:7c:ab:31:4d:19:8d:23:6e:a0:99:83:
bc:b3:ce:08:35:cd:4b:f7:63:8f:12:c6:63:fe:cf:b4:c2:44:
14:31:a1:9a:28:57:39:f7:72:55:94:61:ee:63:c4:eb:24:29:
b7:9c:6b:56:81:b6:d3:20:4a:de:ec:0b:4e:74:66:74:00:60:
68:6e:ea:94:10:ba:3d:b6:e9:8b:f2:84:14:af:a9:91:8f:b7:
a3:c6:bc:c8:a0:26:34:c0:b1:ef:44:b1:11:f3:49:29:86:f9:
70:26:99:01:43:62:06:6f:12:e5:98:f0:07:eb:3c:a1:52:ff:
87:56:48:52:95:65:85:79:17:55:3f:89:d6:c8:54:30:28:44:
68:a7:7c:4b:73:2b:a9:52:c6:87:7c:00:68:75:f1:67:7b:0f:
a4:ee:7e:83:7b:5a:9d:61:3f:83:47:17:6b:72:5d:b6:1b:0d:
8d:89:d3:f9:1e:aa:ae:53:86:c5:a0:9c:25:c8:57:13:2f:80:
6b:60:44:db:57:45:42:1a:00:18:98:67:15:09:00:d0:08:69:
b9:4a:f9:df
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwODMwMDQ0MjQxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQxNGRjMS0yNTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzfoMUzeSrDu6QXIFR3ARVy4CP4iXWh0LriEMcrAmdksLMo3ROXukfphvUGZ/
A7yBOYhL+OuINGBVSAG+Ah1lxHhWwBtagpFRZ5rvp4vR3fs62QLSin2fB/lABPsE
0dJcJoy1lTNKq4oS3OyMSce4293fyFrFSTeApX99zvPzDiJIMb04gB9GXm2ToAfu
dzMW22Y+iJ5aefutC3BrP3jiVlwWiWupODbBNHJL5l4cHlqwz3T2udeYQVWsoytP
wutg9yF8CHcDfDc7l5byxq9OIvNlk9Ptve0sZee4wV3GFNX+gby61E1q5Nq+Gx+R
AcEGPmMLgS3jQd60gVTgeOC+FwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFKj2DsUf
e5xEj4nNiPAw9PLMGuMyMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvN0VBOEZFOEFF
NzQwMTFFRUEwQUExRTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAJzpxwDBAJzpzwDBADKXBMDBADKXBUwDQYJKoZIhvcNAQEL
BQADggEBADkY7vBjpiyJcZq4wUb+f6hLQ5zTqzsWc+LKjmBcjj7Irl7u2lntEIQh
Ne18qzFNGY0jbqCZg7yzzgg1zUv3Y48SxmP+z7TCRBQxoZooVzn3clWUYe5jxOsk
Kbeca1aBttMgSt7sC050ZnQAYGhu6pQQuj226YvyhBSvqZGPt6PGvMigJjTAse9E
sRHzSSmG+XAmmQFDYgZvEuWY8AfrPKFS/4dWSFKVZYV5F1U/idbIVDAoRGinfEtz
K6lSxod8AGh18Wd7D6TufoN7Wp1hP4NHF2tyXbYbDY2J0/keqq5ThsWgnCXIVxMv
gGtgRNtXRUIaABiYZxUJANAIablK+d8=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:09:52 2025 by rpki-client