Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BD76E2261E7C11EF98DC2E7EC4F9AE02.roa
File: BD76E2261E7C11EF98DC2E7EC4F9AE02.roa (raw, json)
Hash identifier: mzFci2nOTnCq+ffuncMSxXFEUYCmKmIF2fDhJf1af1I=
Subject key identifier: 4F:AE:38:23:A3:FB:B5:7C:FB:27:17:1F:56:C3:DE:70:33:52:3D:2B
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 127E
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BD76E2261E7C11EF98DC2E7EC4F9AE02.roa
Signing time: Thu 30 May 2024 12:04:17 +0000
ROA not before: Thu 30 May 2024 12:04:17 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 150177
IP address blocks: 223.29.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 13:45:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4734 (0x127e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: May 30 12:04:17 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66586b41-f7c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d1:53:01:f9:96:b3:f5:26:cc:40:17:6b:a8:
d1:f9:a1:9c:8b:58:6f:04:5b:af:aa:6d:cb:5e:a2:
7c:25:7b:91:99:1a:b8:51:0c:70:4a:25:26:9c:90:
1b:dc:22:8b:1e:89:f5:b2:94:fa:2d:a5:9b:ac:fc:
d7:2a:6d:60:1b:a5:d0:65:eb:ea:f8:78:e2:ec:b2:
87:5a:c3:52:73:c6:f8:0c:85:40:ab:2c:cf:4d:33:
a0:67:c0:ce:7e:be:32:09:cf:0a:b6:e7:57:d6:72:
15:60:36:be:45:61:9b:e5:5a:b4:18:e1:94:53:96:
36:6e:ae:05:0f:f8:ab:61:ea:0b:82:bc:25:45:f9:
56:a9:b0:d6:a3:d2:fe:d3:53:af:df:f3:c2:a0:b7:
b0:5f:96:3a:d2:fa:ca:c5:b4:77:67:77:29:db:5f:
d6:31:a4:31:f8:a0:da:c2:3d:9e:57:cf:9a:fd:88:
d8:3c:1e:5a:59:5e:f6:47:93:57:1f:a7:82:64:fe:
2e:14:5f:bb:4b:13:e4:86:8a:b9:c5:c5:bb:a0:f9:
a2:f7:d7:4c:04:22:8d:28:49:d8:dd:a6:fc:d0:ae:
1b:c0:fc:c2:e7:fd:9b:56:a6:17:77:eb:11:fc:5a:
46:e6:cc:b0:e2:3e:e8:85:73:70:dc:73:49:b1:43:
55:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:AE:38:23:A3:FB:B5:7C:FB:27:17:1F:56:C3:DE:70:33:52:3D:2B
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BD76E2261E7C11EF98DC2E7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.233.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:23:0d:52:44:aa:d6:cb:2e:0f:3e:22:c7:5b:c0:f7:6f:d6:
c3:62:7b:34:79:36:bd:bf:41:7c:b2:e5:55:87:33:86:c2:76:
f2:e8:eb:91:0e:96:c4:cc:76:8f:77:b8:8c:1b:cc:0d:e7:6b:
85:b3:ef:af:9a:0b:84:13:a0:9c:23:79:7c:49:10:b9:8c:b5:
a3:f5:23:b0:35:43:91:c4:94:f7:ca:09:c3:58:0c:6e:89:2b:
3e:df:17:0b:d7:0c:ad:5d:59:67:c9:c2:9e:4b:80:b5:ea:11:
b0:8d:18:1c:a8:d3:ea:a5:4e:b8:ae:cc:d8:e0:b3:1f:c9:5b:
ed:11:9a:f0:0f:b9:fa:d4:74:f1:31:24:06:da:82:a0:1b:bf:
9c:1b:d8:d1:a6:69:00:82:dd:14:81:c5:58:07:1d:bd:5e:da:
56:40:9f:63:e7:20:72:ba:16:1a:b8:21:83:c5:69:b0:5c:98:
75:38:ea:2a:f8:54:91:19:d4:8d:d6:ff:c8:d8:3c:b1:3e:fb:
a4:7d:f3:6f:18:cb:2d:5a:db:58:e4:73:9a:84:fb:9a:b9:1f:
c0:0c:08:dc:bf:a7:af:b2:2b:33:6e:3a:95:f7:ea:af:d8:d3:
2e:e6:6a:ca:ab:2e:bd:5d:3f:26:5d:18:d4:a4:8a:b3:1e:29:
68:d1:a4:d1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNTMwMTIwNDE3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU4NmI0MS1mN2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw9FTAfmWs/UmzEAXa6jR+aGci1hvBFuvqm3LXqJ8JXuRmRq4UQxwSiUmnJAb
3CKLHon1spT6LaWbrPzXKm1gG6XQZevq+Hji7LKHWsNSc8b4DIVAqyzPTTOgZ8DO
fr4yCc8KtudX1nIVYDa+RWGb5Vq0GOGUU5Y2bq4FD/irYeoLgrwlRflWqbDWo9L+
01Ov3/PCoLewX5Y60vrKxbR3Z3cp21/WMaQx+KDawj2eV8+a/YjYPB5aWV72R5NX
H6eCZP4uFF+7SxPkhoq5xcW7oPmi99dMBCKNKEnY3ab80K4bwPzC5/2bVqYXd+sR
/FpG5syw4j7ohXNw3HNJsUNVkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE+uOCOj
+7V8+ycXH1bD3nAzUj0rMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQkQ3NkUyMjYx
RTdDMTFFRjk4REMyRTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADfHekwDQYJKoZIhvcNAQELBQADggEBAMIjDVJEqtbLLg8+
IsdbwPdv1sNiezR5Nr2/QXyy5VWHM4bCdvLo65EOlsTMdo93uIwbzA3na4Wz76+a
C4QToJwjeXxJELmMtaP1I7A1Q5HElPfKCcNYDG6JKz7fFwvXDK1dWWfJwp5LgLXq
EbCNGByo0+qlTriuzNjgsx/JW+0RmvAPufrUdPExJAbagqAbv5wb2NGmaQCC3RSB
xVgHHb1e2lZAn2PnIHK6Fhq4IYPFabBcmHU46ir4VJEZ1I3W/8jYPLE++6R9828Y
yy1a21jkc5qE+5q5H8AMCNy/p6+yKzNuOpX36q/Y0y7masqrLr1dPyZdGNSkirMe
KWjRpNE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:55:45 2025 by rpki-client