Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/A96B6C9E0BC011EF9735DF5AC4F9AE02.roa
File: A96B6C9E0BC011EF9735DF5AC4F9AE02.roa (raw, json)
Hash identifier: Op5zZsRa5fnbbLPdlOrxk6tTqxhvkiBScz7QVOb7v1I=
Subject key identifier: FB:1C:14:CA:8D:6A:54:5D:22:1C:0E:89:0B:EC:92:EA:42:9F:AA:A4
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1194
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/A96B6C9E0BC011EF9735DF5AC4F9AE02.roa
Signing time: Mon 06 May 2024 15:52:38 +0000
ROA not before: Mon 06 May 2024 15:52:38 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138241
IP address blocks: 103.151.27.0/24 maxlen: 24
113.203.208.0/24 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.250.0/24 maxlen: 24
115.167.49.0/24 maxlen: 24
115.167.66.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
180.178.152.0/21 maxlen: 21
202.92.18.0/24 maxlen: 24
202.92.20.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 17:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4500 (0x1194)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: May 6 15:52:38 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6638fcc5-7a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f3:ee:2c:3f:e1:1a:a2:64:fc:48:05:5b:3c:
e4:60:5c:55:8e:59:ef:72:19:21:f0:36:b7:2d:dc:
78:c3:81:10:12:f5:95:3e:15:f2:64:1e:1f:77:40:
da:43:ab:7d:48:cc:1d:e3:06:12:c2:eb:a0:d6:42:
5b:4e:e8:ca:f5:1b:0c:2e:48:8d:aa:45:1d:cf:eb:
69:7e:3b:3d:1d:37:11:b7:dc:e6:87:71:ad:c9:99:
a2:a0:10:aa:8d:a1:37:99:46:f3:9e:1a:58:32:de:
14:f1:97:60:bb:7d:f4:f2:2d:d0:68:50:08:94:ae:
74:94:95:e3:be:1f:6c:0b:09:dc:1c:bd:00:7a:64:
24:18:b3:e3:8b:81:16:b1:2d:7b:e8:d8:f4:9b:7f:
19:ff:02:d5:64:5b:fe:1b:08:58:1a:05:06:77:1e:
7a:34:21:d8:7b:0c:42:9e:e3:4a:e2:e2:aa:5a:c8:
ce:b8:61:42:5e:c2:bb:7c:89:39:45:62:63:74:d6:
43:5d:f9:03:ae:32:36:72:28:c1:c2:db:37:5c:f0:
5c:0d:10:d5:fb:9e:a2:64:9b:2b:d0:ac:c4:bc:8b:
ee:fb:5e:23:f9:f0:84:91:1d:e7:6a:4a:12:7e:81:
51:eb:06:0a:84:9a:7d:38:31:70:9a:4b:b2:74:7e:
33:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:1C:14:CA:8D:6A:54:5D:22:1C:0E:89:0B:EC:92:EA:42:9F:AA:A4
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/A96B6C9E0BC011EF9735DF5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.27.0/24
113.203.208.0/24
113.203.216.0/23
113.203.231.0/24
113.203.250.0/24
115.167.49.0/24
115.167.66.0/24
115.167.78.0/24
180.178.142.0/24
180.178.152.0/21
202.92.18.0/24
202.92.20.0/24
223.29.227.0/24
223.29.235.0-223.29.236.255
223.29.238.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:4b:40:aa:6c:9c:1b:ca:d7:2e:3b:ff:c7:9d:b4:cb:ae:f8:
0d:7d:09:1d:0c:48:39:18:e3:ba:d1:3c:3d:82:7b:ee:8d:44:
a1:4c:48:f9:41:ed:66:36:35:e7:ae:7b:f2:36:01:ff:43:2d:
a7:30:b0:5d:ae:82:cf:69:de:bf:76:f3:f7:b6:a1:ce:ca:c7:
03:f2:bb:ce:cd:ec:81:f8:9d:44:97:17:09:4b:a2:55:a7:a5:
e9:ff:fc:76:f8:42:d1:36:da:cd:ee:57:b2:ab:d0:3b:83:61:
3d:67:6a:86:0e:9a:b9:77:41:9c:8b:bb:93:79:1e:fc:34:1b:
8d:79:65:a2:bf:e1:13:a9:c3:c9:cd:d2:4e:e0:51:64:96:d8:
22:23:a5:25:9f:05:2a:a0:27:58:0c:34:59:3a:38:fd:3d:4f:
3d:e1:b2:ea:bb:20:19:00:3d:a5:fb:c8:88:77:12:84:46:99:
d6:ad:d1:20:63:d4:ba:fa:7f:aa:e9:81:26:80:34:b7:8d:97:
ce:01:70:8d:66:e0:9c:24:c8:e9:df:ea:9e:97:79:d9:17:17:
fe:7a:9d:38:cf:2a:27:f0:6b:9b:c0:a8:92:32:22:5c:8b:72:
44:cb:2b:98:96:e8:52:34:39:d9:b8:98:d2:f0:b9:70:d5:8a:
9f:aa:d5:b8
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICEZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNTA2MTU1MjM4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4ZmNjNS03YTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApPPuLD/hGqJk/EgFWzzkYFxVjlnvchkh8Da3Ldx4w4EQEvWVPhXyZB4fd0Da
Q6t9SMwd4wYSwuug1kJbTujK9RsMLkiNqkUdz+tpfjs9HTcRt9zmh3GtyZmioBCq
jaE3mUbznhpYMt4U8Zdgu3308i3QaFAIlK50lJXjvh9sCwncHL0AemQkGLPji4EW
sS176Nj0m38Z/wLVZFv+GwhYGgUGdx56NCHYewxCnuNK4uKqWsjOuGFCXsK7fIk5
RWJjdNZDXfkDrjI2cijBwts3XPBcDRDV+56iZJsr0KzEvIvu+14j+fCEkR3nakoS
foFR6wYKhJp9ODFwmkuydH4zGwIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFPscFMqN
alRdIhwOiQvskupCn6qkMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQTk2QjZDOUUw
QkMwMTFFRjk3MzVERjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E
bDBqMGgEAgABMGIDBABnlxsDBABxy9ADBAFxy9gDBABxy+cDBABxy/oDBABzpzED
BABzp0IDBABzp04DBAC0so4DBAO0spgDBADKXBIDBADKXBQDBADfHeMwDAMEAN8d
6wMEAN8d7AMEAN8d7jANBgkqhkiG9w0BAQsFAAOCAQEAL0tAqmycG8rXLjv/x520
y674DX0JHQxIORjjutE8PYJ77o1EoUxI+UHtZjY156578jYB/0MtpzCwXa6Cz2ne
v3bz97ahzsrHA/K7zs3sgfidRJcXCUuiVael6f/8dvhC0Tbaze5XsqvQO4NhPWdq
hg6auXdBnIu7k3ke/DQbjXllor/hE6nDyc3STuBRZJbYIiOlJZ8FKqAnWAw0WTo4
/T1PPeGy6rsgGQA9pfvIiHcShEaZ1q3RIGPUuvp/qumBJoA0t42XzgFwjWbgnCTI
6d/qnpd52RcX/nqdOM8qJ/Brm8CokjIiXItyRMsrmJboUjQ52biY0vC5cNWKn6rV
uA==
-----END CERTIFICATE-----
Generated at Mon May 6 21:52:08 2024 by rpki-client on console-ams.rpki-client.org