Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/AE0B274E009D11F09341322EC4F9AE02.roa
File: AE0B274E009D11F09341322EC4F9AE02.roa (raw, json)
Hash identifier: dvb+dgmC2dtPcOuExPG065F6d6K0pCx9VO6eWgkvzCM=
Subject key identifier: E6:E3:BC:E4:ED:EB:CE:67:58:5C:DA:A7:67:32:C8:F6:04:37:FB:8B
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 24A9
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/AE0B274E009D11F09341322EC4F9AE02.roa
Signing time: Fri 14 Mar 2025 06:29:28 +0000
ROA not before: Fri 14 Mar 2025 06:29:28 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 115.167.6.0/24 maxlen: 24
115.167.15.0/24 maxlen: 24
115.167.28.0/24 maxlen: 24
115.167.101.0/24 maxlen: 24
115.167.117.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 08:41:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9385 (0x24a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Mar 14 06:29:28 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67d3ccc8-f8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6d:75:fd:ca:12:06:61:ff:ac:56:5f:db:b4:
f7:84:0f:84:7d:2d:07:9a:7d:14:6b:e3:53:cc:ee:
bf:64:4d:dd:4e:8b:e2:ae:e0:15:74:a7:44:59:ba:
b9:7d:f8:35:16:04:8d:89:78:50:e0:e5:bd:b2:8e:
c2:1a:65:53:3c:f3:61:0d:39:c6:b5:60:3d:77:92:
3d:49:12:5c:3a:fb:10:be:be:be:e5:99:34:4c:82:
69:2d:73:19:5a:4b:c0:f4:dc:1c:1f:f7:d1:3c:b2:
61:23:2b:ff:0a:2e:a9:46:56:6a:c4:c3:10:85:af:
67:d4:74:48:2d:2b:c0:b0:18:03:7c:bd:76:26:09:
ed:87:3f:31:7e:85:ab:2e:9b:eb:71:5e:01:bb:9f:
e2:21:54:0f:fd:5d:eb:72:e3:3d:81:41:22:a5:91:
17:bb:65:30:d3:7a:61:32:97:6f:7b:b1:c6:28:a6:
65:3f:18:6c:5b:18:68:03:55:ee:82:bd:1a:17:35:
dd:2e:35:a7:45:d3:0e:ae:26:0f:55:3b:63:fa:65:
d2:50:cf:fd:b9:d9:32:48:e1:67:f3:d2:63:23:d4:
68:91:10:16:fb:09:d6:0a:64:47:9b:ab:d8:75:bd:
e7:6e:dc:16:b4:59:7e:5a:30:a4:75:ad:68:16:04:
d8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:E3:BC:E4:ED:EB:CE:67:58:5C:DA:A7:67:32:C8:F6:04:37:FB:8B
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/AE0B274E009D11F09341322EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.167.6.0/24
115.167.15.0/24
115.167.28.0/24
115.167.101.0/24
115.167.117.0/24
223.29.237.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:f5:b9:80:08:9a:25:69:4a:40:7b:d3:66:2a:bd:a2:fe:b7:
42:49:5d:e2:ef:99:52:3e:b3:dd:05:a1:07:44:2b:f7:5c:cc:
c5:15:fc:36:ee:8b:68:e6:c5:40:e5:51:cd:b6:b3:38:4c:b6:
02:76:32:1b:8a:08:16:06:05:c5:68:6d:4b:18:ea:35:0b:e0:
68:3a:b2:84:d1:f4:05:08:aa:0e:97:ff:aa:48:45:15:a5:e6:
69:95:d6:fc:cd:be:e8:ec:56:96:a7:9f:3a:c3:b5:6c:1f:dd:
df:9e:03:76:bf:43:61:60:44:5f:50:51:e7:ae:41:60:98:fd:
3d:ed:47:c9:e9:7e:a6:0a:c7:3c:8d:b8:97:4a:85:51:a9:75:
51:cc:84:c3:05:37:ee:9a:97:14:4a:19:53:4c:09:0d:e3:39:
0b:e0:f6:c4:44:50:df:10:90:55:b0:35:05:ee:1d:73:4c:18:
58:a9:12:51:03:a4:47:91:72:df:b3:85:9d:b5:99:44:9e:ba:
ed:ac:b3:0e:f0:b6:3b:cc:b4:e9:f2:56:9b:b4:1d:3e:e5:d1:
e5:b1:a3:73:d0:d2:3b:a0:5e:72:47:fe:f1:3b:1b:a7:b6:5e:
66:e8:d8:f1:c3:22:85:64:9a:a8:f2:f3:ae:2d:d6:72:b7:4a:
d9:f7:c9:3d
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICJKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMzE0MDYyOTI4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2QzY2NjOC1mOGE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyW11/coSBmH/rFZf27T3hA+EfS0Hmn0Ua+NTzO6/ZE3dToviruAVdKdEWbq5
ffg1FgSNiXhQ4OW9so7CGmVTPPNhDTnGtWA9d5I9SRJcOvsQvr6+5Zk0TIJpLXMZ
WkvA9NwcH/fRPLJhIyv/Ci6pRlZqxMMQha9n1HRILSvAsBgDfL12Jgnthz8xfoWr
LpvrcV4Bu5/iIVQP/V3rcuM9gUEipZEXu2Uw03phMpdve7HGKKZlPxhsWxhoA1Xu
gr0aFzXdLjWnRdMOriYPVTtj+mXSUM/9udkySOFn89JjI9RokRAW+wnWCmRHm6vY
db3nbtwWtFl+WjCkda1oFgTYIwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFObjvOTt
685nWFzap2cyyPYEN/uLMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQUUwQjI3NEUw
MDlEMTFGMDkzNDEzMjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBABzpwYDBABzpw8DBABzpxwDBABzp2UDBABzp3UDBADfHe0w
DQYJKoZIhvcNAQELBQADggEBAEz1uYAImiVpSkB702YqvaL+t0JJXeLvmVI+s90F
oQdEK/dczMUV/Dbui2jmxUDlUc22szhMtgJ2MhuKCBYGBcVobUsY6jUL4Gg6soTR
9AUIqg6X/6pIRRWl5mmV1vzNvujsVpannzrDtWwf3d+eA3a/Q2FgRF9QUeeuQWCY
/T3tR8npfqYKxzyNuJdKhVGpdVHMhMMFN+6alxRKGVNMCQ3jOQvg9sREUN8QkFWw
NQXuHXNMGFipElEDpEeRct+zhZ21mUSeuu2ssw7wtjvMtOnyVpu0HT7l0eWxo3PQ
0jugXnJH/vE7G6e2Xmbo2PHDIoVkmqjy864t1nK3Stn3yT0=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:12:12 2025 by rpki-client