Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BAC2AA28259E11EFB4F9D354C4F9AE02.roa
File: BAC2AA28259E11EFB4F9D354C4F9AE02.roa (raw, json)
Hash identifier: zM/v0zGGNZzevrLH9n+RcrbFSDcPc3QsePpXSuosIQM=
Subject key identifier: 71:82:32:C4:8A:72:20:82:28:1B:2D:DA:59:1D:D1:3B:6F:0D:47:E5
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1304
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BAC2AA28259E11EFB4F9D354C4F9AE02.roa
Signing time: Sat 08 Jun 2024 13:55:15 +0000
ROA not before: Sat 08 Jun 2024 13:55:15 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 113.203.245.0/24 maxlen: 24
115.167.49.0/24 maxlen: 24
115.167.65.0/24 maxlen: 24
115.167.66.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jun 2024 13:59:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4868 (0x1304)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Jun 8 13:55:15 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=666462c2-12e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:03:26:df:0a:5c:00:94:b8:bb:df:c9:a3:e0:
d1:1e:6d:27:bf:18:fb:51:30:28:bc:88:7f:84:e2:
19:74:ba:30:37:ab:9b:47:20:4c:04:8d:5c:07:4d:
e0:6c:19:99:2a:0f:b5:60:06:a9:c1:81:d4:cc:05:
4d:d7:85:cb:b7:fc:eb:87:41:aa:19:e7:1e:83:af:
39:1d:fe:4b:3c:2a:ac:88:5a:84:c6:43:57:31:38:
b4:c2:ed:b7:da:a5:39:9a:b8:fe:66:3d:1a:5b:97:
79:8e:99:d8:25:2e:e8:61:61:41:bd:83:36:ef:70:
2c:f6:de:ea:06:7a:94:a1:2e:e2:88:af:aa:18:31:
c7:d9:76:58:08:b5:d4:3b:22:94:0f:f3:77:32:39:
9f:80:ce:9b:ec:ab:b2:15:a9:3d:6a:fe:9b:e2:be:
5c:19:19:32:eb:f5:5a:de:82:42:f2:d0:b5:0f:21:
04:ec:b8:85:af:dc:c6:11:ab:a7:f4:37:16:dd:cd:
4a:b0:f9:30:bf:c3:37:9d:ec:2a:be:08:4f:75:5a:
11:ef:a0:64:8e:a8:8c:3e:f3:36:5c:3f:4e:4a:2e:
e3:30:07:02:e6:87:f5:14:f5:eb:52:67:75:03:17:
f5:dc:65:6a:9f:01:24:c3:27:02:d7:2f:cf:8c:56:
9b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:82:32:C4:8A:72:20:82:28:1B:2D:DA:59:1D:D1:3B:6F:0D:47:E5
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BAC2AA28259E11EFB4F9D354C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.245.0/24
115.167.49.0/24
115.167.65.0-115.167.66.255
180.178.142.0/24
223.29.225.0/24
223.29.227.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:88:93:c3:8b:79:d5:0b:58:58:70:bc:58:d3:72:85:06:3f:
21:93:1d:99:51:5c:0c:ec:b7:a5:12:a9:69:dd:e3:ed:8b:d0:
8a:a6:54:1a:2c:e8:62:eb:c7:e4:5a:2d:15:a1:e9:a1:ad:00:
77:53:83:07:dc:8b:ce:bb:e7:e5:73:aa:52:44:40:39:3f:e5:
37:16:de:b8:94:f1:c7:8c:6d:43:07:08:04:b9:49:20:00:a9:
f4:e4:f8:d1:66:91:14:6e:e2:c6:20:76:c7:3e:0d:78:2c:aa:
30:ca:fc:59:de:7e:3e:03:9b:d1:6a:3b:c4:7e:34:9f:47:0f:
a9:4a:0a:59:cf:d0:f7:0e:47:76:23:37:83:e7:92:ba:e1:27:
25:78:08:38:e4:6c:32:55:c0:6d:6a:61:cd:33:a5:ca:68:96:
b1:f8:7b:ee:32:dc:50:98:12:35:a0:91:77:bc:e4:34:e7:65:
92:88:ff:d4:04:ae:30:3e:bc:80:98:a8:ad:c1:a6:e0:6f:16:
8c:d9:56:51:df:d5:75:0a:56:2f:36:b6:5f:22:36:f6:18:29:
4e:50:de:1d:34:ea:fc:2a:10:96:3a:3f:24:7e:2f:03:09:0a:
12:20:eb:89:56:a8:00:b4:92:4c:f3:6a:35:1c:ac:57:dc:08:
bd:cf:93:48
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICEwQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNjA4MTM1NTE1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjY0NjJjMi0xMmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuwMm3wpcAJS4u9/Jo+DRHm0nvxj7UTAovIh/hOIZdLowN6ubRyBMBI1cB03g
bBmZKg+1YAapwYHUzAVN14XLt/zrh0GqGeceg685Hf5LPCqsiFqExkNXMTi0wu23
2qU5mrj+Zj0aW5d5jpnYJS7oYWFBvYM273As9t7qBnqUoS7iiK+qGDHH2XZYCLXU
OyKUD/N3MjmfgM6b7KuyFak9av6b4r5cGRky6/Va3oJC8tC1DyEE7LiFr9zGEaun
9DcW3c1KsPkwv8M3newqvghPdVoR76BkjqiMPvM2XD9OSi7jMAcC5of1FPXrUmd1
Axf13GVqnwEkwycC1y/PjFabjwIDAQABo4ICuzCCArcwHQYDVR0OBBYEFHGCMsSK
ciCCKBst2lkd0TtvDUflMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQkFDMkFBMjgy
NTlFMTFFRkI0RjlEMzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwDBABxy/UDBABzpzEwDAMEAHOnQQMEAHOnQgMEALSyjgMEAN8d
4QMEAN8d4zANBgkqhkiG9w0BAQsFAAOCAQEAroiTw4t51QtYWHC8WNNyhQY/IZMd
mVFcDOy3pRKpad3j7YvQiqZUGizoYuvH5FotFaHpoa0Ad1ODB9yLzrvn5XOqUkRA
OT/lNxbeuJTxx4xtQwcIBLlJIACp9OT40WaRFG7ixiB2xz4NeCyqMMr8Wd5+PgOb
0Wo7xH40n0cPqUoKWc/Q9w5HdiM3g+eSuuEnJXgIOORsMlXAbWphzTOlymiWsfh7
7jLcUJgSNaCRd7zkNOdlkoj/1ASuMD68gJiorcGm4G8WjNlWUd/VdQpWLza2XyI2
9hgpTlDeHTTq/CoQljo/JH4vAwkKEiDriVaoALSSTPNqNRysV9wIvc+TSA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:12:11 2025 by rpki-client