Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/CB423056758711EF83FC0F32C4F9AE02.roa
File: CB423056758711EF83FC0F32C4F9AE02.roa (raw, json)
Hash identifier: 1VBc27QhFkjV5laOOMpSoJTA5YU16p6G34kYdcszkeA=
Subject key identifier: 6B:80:DC:E6:DB:49:A2:E9:EF:09:91:E4:6D:D8:B4:7E:66:00:D8:EA
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1641
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/CB423056758711EF83FC0F32C4F9AE02.roa
Signing time: Wed 18 Sep 2024 10:50:02 +0000
ROA not before: Wed 18 Sep 2024 10:50:02 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 205220
IP address blocks: 103.151.27.0/24 maxlen: 24
115.167.2.0/24 maxlen: 24
115.167.3.0/24 maxlen: 24
115.167.73.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
175.110.107.0/24 maxlen: 24
175.110.109.0/24 maxlen: 24
175.110.110.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 10:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5697 (0x1641)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Sep 18 10:50:02 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66eab05a-5870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e0:a0:fe:be:94:fc:31:c7:94:c6:4a:7d:b5:
c7:5d:e8:68:93:54:40:12:e6:c1:e7:f0:4b:3e:45:
d7:e9:21:af:b2:2a:20:20:8e:e7:3e:0c:5e:c6:7b:
b2:ac:09:9c:56:9d:23:46:10:0f:ea:78:1c:99:61:
fe:e4:87:5c:78:42:26:fd:ff:3d:17:e7:2b:3a:bf:
6a:cc:1f:79:e5:67:d5:1f:c8:c2:b2:0d:40:7d:8d:
49:60:12:ae:66:84:16:8b:bb:71:f1:93:fb:ac:0d:
21:d3:f7:9d:69:c7:34:e3:2a:f2:1f:37:24:89:cb:
11:50:97:31:3e:b6:8b:0d:91:45:e8:4a:2c:b0:81:
d4:fc:46:38:f2:50:77:78:0a:25:0c:39:1b:f8:46:
c9:e9:8c:47:4b:86:e0:35:a5:9d:84:a8:ba:3e:d6:
d2:50:4e:be:19:06:bc:80:74:ea:34:97:76:da:95:
33:a7:6b:32:33:a7:63:d6:81:54:7a:6e:5e:e3:33:
a7:ca:95:a0:c8:8a:b8:81:b7:f8:bf:15:e2:0a:96:
de:f7:48:ce:13:a9:31:79:08:d0:17:a7:0d:fa:0c:
9f:66:09:d8:8e:0e:ad:cb:d1:45:2f:df:1f:7e:24:
ab:1d:85:f9:be:08:32:27:17:4f:f9:05:59:92:84:
ef:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:80:DC:E6:DB:49:A2:E9:EF:09:91:E4:6D:D8:B4:7E:66:00:D8:EA
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/CB423056758711EF83FC0F32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.27.0/24
115.167.2.0/23
115.167.73.0/24
115.167.78.0/24
175.110.107.0/24
175.110.109.0-175.110.111.255
Signature Algorithm: sha256WithRSAEncryption
69:c3:dd:56:d9:6f:28:89:bb:69:72:3f:cf:74:f8:34:1d:c7:
73:b7:9e:aa:33:b9:f4:22:cd:c4:36:12:81:5b:0f:38:f6:bc:
2b:f0:82:62:b7:97:bf:5e:f1:d6:5e:b5:aa:5e:2e:46:93:b8:
92:86:c1:b7:92:2c:fa:ad:21:4e:de:b4:7e:34:72:71:fe:f4:
5f:12:2f:2b:6a:05:28:cf:45:16:79:1b:6d:5c:a8:b0:70:e0:
42:50:df:10:e4:2f:a9:3c:14:60:10:34:cd:e9:35:25:f9:f8:
84:b6:f4:81:0a:6b:2c:7d:d1:5b:cc:21:2e:0c:7c:27:29:9e:
91:23:17:fd:15:32:82:4c:29:fd:b6:c7:2b:b9:09:c0:09:d2:
a4:8c:c3:8c:3a:15:20:39:5f:29:9f:f0:33:36:5e:77:70:6f:
66:80:99:67:62:d6:02:b4:ce:88:bc:6e:e8:fd:13:fb:ef:3f:
7d:bd:96:54:dd:00:b0:5b:27:ef:bc:b3:c8:b7:d9:73:dc:af:
6f:99:f8:15:21:3d:52:de:99:a0:ca:c0:b4:73:ad:bc:2f:ef:
fc:5b:a9:75:2a:ee:98:b2:3d:47:4c:b2:bb:7f:40:f5:7e:c2:
a9:d3:ee:5c:9d:79:73:ba:84:df:6d:00:1c:37:e7:e0:6a:60:
68:f5:7d:3d
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICFkEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwOTE4MTA1MDAyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmVhYjA1YS01ODcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy+Cg/r6U/DHHlMZKfbXHXehok1RAEubB5/BLPkXX6SGvsiogII7nPgxexnuy
rAmcVp0jRhAP6ngcmWH+5IdceEIm/f89F+crOr9qzB955WfVH8jCsg1AfY1JYBKu
ZoQWi7tx8ZP7rA0h0/edacc04yryHzckicsRUJcxPraLDZFF6EossIHU/EY48lB3
eAolDDkb+EbJ6YxHS4bgNaWdhKi6PtbSUE6+GQa8gHTqNJd22pUzp2syM6dj1oFU
em5e4zOnypWgyIq4gbf4vxXiCpbe90jOE6kxeQjQF6cN+gyfZgnYjg6ty9FFL98f
fiSrHYX5vggyJxdP+QVZkoTv6wIDAQABo4ICuzCCArcwHQYDVR0OBBYEFGuA3Obb
SaLp7wmR5G3YtH5mANjqMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQ0I0MjMwNTY3
NTg3MTFFRjgzRkMwRjMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwDBABnlxsDBAFzpwIDBABzp0kDBABzp04DBACvbmswDAMEAK9u
bQMEBK9uYDANBgkqhkiG9w0BAQsFAAOCAQEAacPdVtlvKIm7aXI/z3T4NB3Hc7ee
qjO59CLNxDYSgVsPOPa8K/CCYreXv17x1l61ql4uRpO4kobBt5Is+q0hTt60fjRy
cf70XxIvK2oFKM9FFnkbbVyosHDgQlDfEOQvqTwUYBA0zek1Jfn4hLb0gQprLH3R
W8whLgx8JymekSMX/RUygkwp/bbHK7kJwAnSpIzDjDoVIDlfKZ/wMzZed3BvZoCZ
Z2LWArTOiLxu6P0T++8/fb2WVN0AsFsn77yzyLfZc9yvb5n4FSE9Ut6ZoMrAtHOt
vC/v/FupdSrumLI9R0yyu39A9X7CqdPuXJ15c7qE320AHDfn4GpgaPV9PQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:26:27 2025 by rpki-client