Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BCAB416292CA11EF8E173D0BC4F9AE02.roa
File: BCAB416292CA11EF8E173D0BC4F9AE02.roa (raw, json)
Hash identifier: 7tG8oW5DSAirrvZM8/xwe8DpvTJYy7zBBMvyleQAttI=
Subject key identifier: BD:51:E6:16:32:4C:1A:70:48:40:A8:4D:CC:D1:BE:5E:B5:31:65:48
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 199F
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BCAB416292CA11EF8E173D0BC4F9AE02.roa
Signing time: Fri 25 Oct 2024 12:14:52 +0000
ROA not before: Fri 25 Oct 2024 12:14:52 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 115.167.1.0/24 maxlen: 24
115.167.24.0/22 maxlen: 22
115.167.100.0/24 maxlen: 24
115.167.104.0/22 maxlen: 24
115.167.112.0/22 maxlen: 24
175.110.72.0/22 maxlen: 24
175.110.84.0/22 maxlen: 24
175.110.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 17:35:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6559 (0x199f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Oct 25 12:14:52 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=671b8bbc-6a13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4c:d9:47:a4:3f:67:3b:a3:dd:8f:25:8d:24:
c7:40:32:1c:49:81:40:1c:14:6f:04:08:02:61:97:
a9:d7:63:ec:a5:60:b3:e3:24:7b:d9:f7:d5:d1:81:
91:00:21:30:f6:63:bb:98:27:05:28:ef:5b:75:12:
23:a6:b1:be:01:bb:e2:4b:bc:bf:ef:6a:f8:bf:23:
9f:c7:1e:c5:a3:54:f0:4b:27:18:e0:5b:88:13:83:
17:38:72:eb:e9:13:1a:07:fa:78:c1:d9:cf:86:c3:
89:27:ab:42:ec:94:af:9b:2e:43:e4:26:40:ce:a2:
fe:a2:00:f5:a8:44:3b:a6:69:d7:e4:ab:16:96:99:
07:39:63:fe:0e:b2:a5:c0:f0:01:36:37:e1:7d:f2:
68:58:cc:86:8f:4c:3f:ce:7c:66:4f:3b:47:7e:98:
c3:5b:3b:75:cb:f5:b5:1e:1f:e9:7d:de:68:42:a1:
4a:fc:e9:63:f9:ae:4d:eb:12:3d:e1:92:e7:b2:92:
5b:c8:dc:76:7c:72:36:40:b1:e5:4f:dd:6d:48:d3:
78:fb:01:05:52:a8:da:8c:28:8e:f9:59:c8:ac:6a:
8c:1a:16:09:3e:b5:c6:ac:a1:46:ab:de:bf:a6:7b:
5f:5b:11:a7:b5:95:e8:1b:43:38:36:ef:df:44:bd:
36:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:51:E6:16:32:4C:1A:70:48:40:A8:4D:CC:D1:BE:5E:B5:31:65:48
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BCAB416292CA11EF8E173D0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.167.1.0/24
115.167.24.0/22
115.167.100.0/24
115.167.104.0/22
115.167.112.0/22
175.110.72.0/22
175.110.84.0/22
175.110.96.0/24
Signature Algorithm: sha256WithRSAEncryption
06:f3:68:c6:bd:5a:06:24:ff:c7:bd:5f:89:23:02:67:3b:e5:
8a:03:f9:1d:15:5e:23:2b:4b:10:04:ab:b8:90:8e:63:de:f0:
56:b8:45:db:5a:8f:fc:4d:0a:fa:e1:46:c2:a0:bf:b4:76:9a:
bd:d1:49:d3:08:31:5c:73:2a:cb:e0:ee:3b:25:d8:f2:50:da:
42:a0:2d:8b:e3:a7:78:a2:50:cf:a5:ca:e4:84:9a:4a:8d:07:
2c:30:74:1d:60:28:2d:60:d8:55:20:9f:cb:8f:b8:64:7e:b3:
ba:3f:82:14:76:5d:9d:cf:e6:c8:f3:31:e0:47:07:62:70:f8:
7f:9e:48:5b:56:80:4a:c9:cb:3b:84:a0:6f:a9:5d:9b:db:fd:
0e:da:c9:89:9d:22:1d:9f:4e:79:23:f8:63:64:f9:6c:0c:bf:
69:fa:8f:48:cb:24:21:bf:9e:98:c1:79:d5:26:50:df:a5:21:
65:a0:59:6b:9c:d9:f3:f6:59:da:a0:64:3b:6c:6d:ec:fa:48:
cb:76:57:35:a0:2c:5f:2f:85:81:08:97:da:9a:fc:60:09:08:
68:f2:ac:f1:af:c5:83:31:71:fb:96:01:77:e8:59:70:51:f2:
0f:4e:11:71:11:da:bd:d3:b1:9c:2f:a7:5c:8c:e7:76:c2:1f:
04:c5:b3:90
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICGZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMDI1MTIxNDUyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFiOGJiYy02YTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAykzZR6Q/Zzuj3Y8ljSTHQDIcSYFAHBRvBAgCYZep12PspWCz4yR72ffV0YGR
ACEw9mO7mCcFKO9bdRIjprG+AbviS7y/72r4vyOfxx7Fo1TwSycY4FuIE4MXOHLr
6RMaB/p4wdnPhsOJJ6tC7JSvmy5D5CZAzqL+ogD1qEQ7pmnX5KsWlpkHOWP+DrKl
wPABNjfhffJoWMyGj0w/znxmTztHfpjDWzt1y/W1Hh/pfd5oQqFK/Olj+a5N6xI9
4ZLnspJbyNx2fHI2QLHlT91tSNN4+wEFUqjajCiO+VnIrGqMGhYJPrXGrKFGq96/
pntfWxGntZXoG0M4Nu/fRL02tQIDAQABo4ICvzCCArswHQYDVR0OBBYEFL1R5hYy
TBpwSECoTczRvl61MWVIMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQkNBQjQxNjI5
MkNBMTFFRjhFMTczRDBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBABzpwEDBAJzpxgDBABzp2QDBAJzp2gDBAJzp3ADBAKvbkgD
BAKvblQDBACvbmAwDQYJKoZIhvcNAQELBQADggEBAAbzaMa9WgYk/8e9X4kjAmc7
5YoD+R0VXiMrSxAEq7iQjmPe8Fa4Rdtaj/xNCvrhRsKgv7R2mr3RSdMIMVxzKsvg
7jsl2PJQ2kKgLYvjp3iiUM+lyuSEmkqNBywwdB1gKC1g2FUgn8uPuGR+s7o/ghR2
XZ3P5sjzMeBHB2Jw+H+eSFtWgErJyzuEoG+pXZvb/Q7ayYmdIh2fTnkj+GNk+WwM
v2n6j0jLJCG/npjBedUmUN+lIWWgWWuc2fP2WdqgZDtsbez6SMt2VzWgLF8vhYEI
l9qa/GAJCGjyrPGvxYMxcfuWAXfoWXBR8g9OEXER2r3TsZwvp1yM53bCHwTFs5A=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:21:44 2025 by rpki-client