Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/934A58F8815411EF9BA0EB1EC4F9AE02.roa
File: 934A58F8815411EF9BA0EB1EC4F9AE02.roa (raw, json)
Hash identifier: ug74Au3GgZOCDLW6I1lO2NEXeqC5k4NVo09BOvVpN1s=
Subject key identifier: 47:0E:58:B2:AC:B0:3E:1B:BC:7B:42:48:23:52:1D:33:4F:71:97:ED
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 170F
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/934A58F8815411EF9BA0EB1EC4F9AE02.roa
Signing time: Thu 03 Oct 2024 06:56:12 +0000
ROA not before: Thu 03 Oct 2024 06:56:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 43.254.12.0/22 maxlen: 24
115.167.68.0/22 maxlen: 24
115.167.108.0/22 maxlen: 24
175.110.76.0/22 maxlen: 24
175.110.92.0/22 maxlen: 24
175.110.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Dec 2024 05:10:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5903 (0x170f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Oct 3 06:56:12 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66fe400c-0b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c8:34:92:c4:f7:55:de:95:a8:99:f5:60:18:
84:0a:d4:12:8b:ef:18:5b:51:6b:dc:40:e3:0f:1d:
fb:4e:37:51:5c:8e:8d:09:b1:60:58:9e:4f:24:19:
70:37:a8:df:b1:39:76:ed:16:01:5a:36:7e:e3:1f:
bd:bf:9a:d6:30:e6:32:b9:b4:cf:ce:81:f7:c4:cc:
86:42:29:3c:77:42:13:31:85:01:14:a9:79:e8:c4:
4b:ce:21:6c:1c:26:98:85:f8:9d:b8:e4:85:35:c3:
e0:c0:a5:23:e7:58:20:d3:12:3f:b1:a8:3a:1f:d9:
c0:91:f5:1a:67:3a:ec:db:3b:62:9d:bf:b3:c2:da:
75:d2:fc:ff:0e:be:d4:f7:42:ff:5a:02:36:b9:cc:
b5:56:f9:3b:c8:ed:92:66:08:21:f8:cd:89:46:00:
e3:c5:86:3c:97:f4:ed:d6:ce:76:16:aa:ca:8c:6e:
3a:e6:d0:cb:f8:f0:2a:1c:02:74:90:fc:d7:c1:a4:
56:bd:d6:3d:78:95:9f:56:01:1d:c7:00:9a:b8:f0:
b0:66:ed:cc:4a:20:07:94:52:7c:b3:cb:c3:08:fc:
24:e8:48:be:01:3b:e9:a4:9d:7b:a6:03:94:9e:c8:
97:e0:45:41:3c:4d:f5:ec:fd:b0:28:05:21:79:39:
c5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0E:58:B2:AC:B0:3E:1B:BC:7B:42:48:23:52:1D:33:4F:71:97:ED
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/934A58F8815411EF9BA0EB1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.12.0/22
115.167.68.0/22
115.167.108.0/22
175.110.76.0/22
175.110.92.0/22
175.110.98.0/24
Signature Algorithm: sha256WithRSAEncryption
03:0f:dd:82:03:24:6f:6b:2d:4f:3c:b7:a4:e9:c5:03:50:d9:
ca:f4:2b:87:05:0d:6e:9f:8d:9c:d4:c5:ae:62:77:fb:c2:7d:
5e:16:4f:1f:75:c3:77:6b:eb:db:3e:22:83:53:59:60:6b:cb:
ec:04:87:3f:c6:aa:15:15:83:75:35:dd:9e:4c:8c:80:73:55:
b2:06:da:b7:7f:5f:a6:5c:1a:26:24:9a:bf:14:84:04:52:95:
18:4d:5d:59:4d:de:40:f5:c1:bf:9b:cd:af:3d:56:4b:7d:3f:
74:b5:9a:3f:21:08:04:9a:0f:22:a6:f6:2a:ad:c6:aa:7e:95:
ad:47:51:d9:7b:b0:21:9d:03:7a:72:ad:5f:0a:3c:ee:2a:be:
e3:e0:87:29:c6:3c:86:c4:1e:1b:57:4b:fb:71:2b:10:4f:00:
70:90:2d:b1:cd:3f:dd:54:e9:f1:60:ab:5b:e5:a0:3b:a3:6d:
48:63:45:50:7f:68:c6:05:7c:8c:ce:8a:23:ba:0a:ea:a5:2f:
c5:17:1e:0e:12:35:d8:c8:8a:77:4a:df:e2:79:53:2a:64:7e:
00:94:82:3e:d7:47:22:ce:78:ef:c2:04:9e:24:81:0f:b5:1f:
06:74:7c:11:09:16:dd:e9:74:d2:bc:3d:b7:2d:c1:60:1c:b2:
52:e3:e8:75
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICFw8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMDAzMDY1NjEyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZlNDAwYy0wYjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtsg0ksT3Vd6VqJn1YBiECtQSi+8YW1Fr3EDjDx37TjdRXI6NCbFgWJ5PJBlw
N6jfsTl27RYBWjZ+4x+9v5rWMOYyubTPzoH3xMyGQik8d0ITMYUBFKl56MRLziFs
HCaYhfiduOSFNcPgwKUj51gg0xI/sag6H9nAkfUaZzrs2ztinb+zwtp10vz/Dr7U
90L/WgI2ucy1Vvk7yO2SZggh+M2JRgDjxYY8l/Tt1s52FqrKjG465tDL+PAqHAJ0
kPzXwaRWvdY9eJWfVgEdxwCauPCwZu3MSiAHlFJ8s8vDCPwk6Ei+ATvppJ17pgOU
nsiX4EVBPE317P2wKAUheTnFWwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFEcOWLKs
sD4bvHtCSCNSHTNPcZftMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOTM0QTU4Rjg4
MTU0MTFFRjlCQTBFQjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAIr/gwDBAJzp0QDBAJzp2wDBAKvbkwDBAKvblwDBACvbmIw
DQYJKoZIhvcNAQELBQADggEBAAMP3YIDJG9rLU88t6TpxQNQ2cr0K4cFDW6fjZzU
xa5id/vCfV4WTx91w3dr69s+IoNTWWBry+wEhz/GqhUVg3U13Z5MjIBzVbIG2rd/
X6ZcGiYkmr8UhARSlRhNXVlN3kD1wb+bza89Vkt9P3S1mj8hCASaDyKm9iqtxqp+
la1HUdl7sCGdA3pyrV8KPO4qvuPghynGPIbEHhtXS/txKxBPAHCQLbHNP91U6fFg
q1vloDujbUhjRVB/aMYFfIzOiiO6CuqlL8UXHg4SNdjIindK3+J5UypkfgCUgj7X
RyLOeO/CBJ4kgQ+1HwZ0fBEJFt3pdNK8PbctwWAcslLj6HU=
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:50:49 2025 by rpki-client