Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8BF0B1948C6F11EF82EC906CC4F9AE02.roa
File: 8BF0B1948C6F11EF82EC906CC4F9AE02.roa (raw, json)
Hash identifier: DczvfLeU0ctTS8DFGL/zSLwP7D9rQlckCpFjG4ZoK8c=
Subject key identifier: C4:24:18:85:8F:D0:1D:77:24:EE:86:27:C2:EF:DD:FE:B6:AE:6A:D3
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 24C9
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8BF0B1948C6F11EF82EC906CC4F9AE02.roa
Signing time: Wed 19 Mar 2025 04:08:46 +0000
ROA not before: Wed 19 Mar 2025 04:08:46 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 180.178.152.0/22 maxlen: 24
202.92.19.0/24 maxlen: 24
202.92.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Mar 2025 08:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9417 (0x24c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Mar 19 04:08:46 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67da434e-7456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:46:7f:2b:15:ff:f3:2f:d9:94:8a:30:08:
f1:a4:59:15:30:8a:23:7b:70:64:7d:59:cc:f9:8d:
92:ce:fa:2a:03:c9:f3:e7:6f:7f:99:86:d9:79:a3:
46:2b:0d:01:08:4d:f0:98:ae:ae:ed:3e:2e:9d:4e:
81:ba:ef:37:38:38:96:e5:8a:85:fb:60:3b:7a:09:
e0:5f:00:e1:39:c4:83:a1:4d:59:4b:38:f4:d9:54:
12:de:60:f6:ca:59:d1:5a:d9:c3:65:cd:69:75:8c:
1a:05:45:ed:ba:b0:fa:0a:65:1c:2e:6c:4c:60:f3:
0b:a1:5a:69:1c:c9:d2:7f:9b:85:a4:7f:08:b5:b9:
c9:97:e2:ed:7a:6b:98:45:80:ce:e0:63:3e:48:3a:
94:c1:05:f5:be:59:af:70:74:4a:cf:36:b9:e3:79:
68:0d:b2:58:34:63:02:20:55:56:cb:fb:ac:b7:db:
64:a7:4c:17:03:ab:ae:69:d1:e2:35:e0:35:41:c3:
9e:af:d0:10:45:e2:8e:60:e3:86:cd:26:3a:fc:80:
10:46:06:7e:39:f1:f8:40:8f:ec:7a:ed:7c:72:0c:
3d:f1:21:cb:a5:7f:78:3e:39:24:c6:a3:c5:4f:aa:
8f:55:5b:f6:ba:cf:0e:41:66:48:3b:c7:6d:20:fc:
fe:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:24:18:85:8F:D0:1D:77:24:EE:86:27:C2:EF:DD:FE:B6:AE:6A:D3
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8BF0B1948C6F11EF82EC906CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.178.152.0/22
202.92.19.0/24
202.92.21.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:51:d8:dd:55:52:67:60:f3:52:88:e8:a6:3f:ca:76:24:36:
e0:93:07:2b:17:2c:a7:cf:e3:54:66:a2:dd:32:8d:74:79:55:
0c:0c:0a:f1:eb:d7:7f:68:c9:bf:c1:bb:89:49:9a:67:c0:30:
d6:53:e8:1b:b6:4d:90:42:f5:27:4d:54:7e:c8:1a:77:7a:55:
70:c3:ff:41:6e:3a:e0:84:04:33:72:34:96:36:aa:1c:2b:25:
16:91:25:7c:df:36:0a:48:07:bc:d1:bb:ec:c5:09:bf:79:d7:
9d:0c:92:5f:b5:52:ed:3a:14:8d:7d:6c:9b:e0:85:6c:d7:01:
d3:6a:5a:72:d7:07:27:ac:af:2c:53:fc:f7:19:97:a9:50:29:
3a:75:8a:95:e2:8a:37:cf:ad:8f:aa:61:d9:92:56:ec:7f:66:
8d:4d:af:5f:24:30:15:c3:63:92:74:bf:07:81:52:8f:54:77:
1e:c0:c5:0f:05:c9:80:67:7a:34:6f:24:e7:69:1f:82:fc:2a:
b1:b6:fc:62:65:e4:28:37:c7:0d:86:35:9f:86:23:b7:5d:f1:
0c:6d:38:03:58:b2:86:3c:bd:ef:c7:a1:9c:49:7a:10:f3:be:
72:c2:5e:b5:4a:ba:50:19:9b:68:fa:34:0a:94:99:35:25:89:
54:6a:ef:27
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICJMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMzE5MDQwODQ2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RhNDM0ZS03NDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuuVGfysV//Mv2ZSKMAjxpFkVMIoje3BkfVnM+Y2SzvoqA8nz529/mYbZeaNG
Kw0BCE3wmK6u7T4unU6Buu83ODiW5YqF+2A7egngXwDhOcSDoU1ZSzj02VQS3mD2
ylnRWtnDZc1pdYwaBUXturD6CmUcLmxMYPMLoVppHMnSf5uFpH8ItbnJl+LtemuY
RYDO4GM+SDqUwQX1vlmvcHRKzza543loDbJYNGMCIFVWy/ust9tkp0wXA6uuadHi
NeA1QcOer9AQReKOYOOGzSY6/IAQRgZ+OfH4QI/seu18cgw98SHLpX94PjkkxqPF
T6qPVVv2us8OQWZIO8dtIPz+tQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFMQkGIWP
0B13JO6GJ8Lv3f62rmrTMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOEJGMEIxOTQ4
QzZGMTFFRjgyRUM5MDZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAK0spgDBADKXBMDBADKXBUwDQYJKoZIhvcNAQELBQADggEB
AE5R2N1VUmdg81KI6KY/ynYkNuCTBysXLKfP41Rmot0yjXR5VQwMCvHr139oyb/B
u4lJmmfAMNZT6Bu2TZBC9SdNVH7IGnd6VXDD/0FuOuCEBDNyNJY2qhwrJRaRJXzf
NgpIB7zRu+zFCb95150Mkl+1Uu06FI19bJvghWzXAdNqWnLXByesryxT/PcZl6lQ
KTp1ipXiijfPrY+qYdmSVux/Zo1Nr18kMBXDY5J0vweBUo9Udx7AxQ8FyYBnejRv
JOdpH4L8KrG2/GJl5Cg3xw2GNZ+GI7dd8QxtOANYsoY8ve/HoZxJehDzvnLCXrVK
ulAZm2j6NAqUmTUliVRq7yc=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:09:53 2025 by rpki-client