Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D602A9460B9A11EFB95CA45BC4F9AE02.roa
File: D602A9460B9A11EFB95CA45BC4F9AE02.roa (raw, json)
Hash identifier: 53FaOxH+SdhfNNOs3pAznx6k7xQzby5/w/ynPtqTFko=
Subject key identifier: E2:DE:4C:14:CB:4C:F8:7D:EE:85:2F:D8:C4:6A:C5:5E:50:85:E6:09
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 118F
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D602A9460B9A11EFB95CA45BC4F9AE02.roa
Signing time: Mon 06 May 2024 11:21:52 +0000
ROA not before: Mon 06 May 2024 11:21:52 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138241
IP address blocks: 103.151.27.0/24 maxlen: 24
113.203.208.0/24 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.250.0/24 maxlen: 24
115.167.49.0/24 maxlen: 24
115.167.66.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
180.178.152.0/21 maxlen: 21
202.92.18.0/24 maxlen: 24
202.92.20.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 15:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4495 (0x118f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: May 6 11:21:52 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6638bd4f-0d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:28:88:30:d2:c3:64:9b:28:e2:c1:fd:f1:a7:
b3:83:be:4e:df:f2:be:e9:c7:0c:2a:b9:53:01:7d:
6c:34:78:be:15:cc:a4:fc:7c:5a:4b:b7:55:f5:d3:
0a:5a:83:70:5f:5d:7e:d8:e4:57:3d:1b:9e:a7:37:
9f:fe:75:66:9c:6d:16:6a:7b:1f:4d:cd:24:b7:e6:
31:8c:64:9f:07:a4:6a:84:a4:19:37:12:fd:29:f2:
fe:7e:74:98:19:94:b3:01:6b:65:9a:c8:b3:72:10:
fb:ac:76:f9:88:97:fe:d6:9c:cc:e2:3c:1d:77:0d:
78:e2:23:34:7e:7a:72:13:f8:dc:b5:c7:ad:23:25:
75:2a:8e:49:6f:fe:a7:1c:06:69:1b:09:5c:69:81:
dd:2f:80:42:5f:7d:0a:96:53:17:99:70:5a:07:ec:
32:06:61:3a:aa:92:3b:d6:b7:44:44:6c:f7:d2:8c:
73:af:93:37:b7:de:d9:d9:90:02:42:c5:38:de:b9:
8b:56:d0:bb:8e:a4:f8:dd:74:af:77:07:ee:fc:f1:
a2:9a:0f:fb:f2:e5:0c:f1:63:45:0a:2f:ca:ca:62:
4a:11:a4:b0:18:ea:57:a5:51:99:1d:1e:74:ed:8a:
d5:52:ec:0f:ab:b7:c0:4a:b7:86:c5:f1:7a:2f:7e:
e5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DE:4C:14:CB:4C:F8:7D:EE:85:2F:D8:C4:6A:C5:5E:50:85:E6:09
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D602A9460B9A11EFB95CA45BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.27.0/24
113.203.208.0/24
113.203.216.0/23
113.203.231.0/24
113.203.250.0/24
115.167.49.0/24
115.167.66.0/24
115.167.78.0/24
180.178.142.0/24
180.178.152.0/21
202.92.18.0/24
202.92.20.0/24
223.29.227.0/24
223.29.235.0-223.29.236.255
223.29.238.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:6e:71:33:c0:de:02:cc:58:f7:36:e3:cc:ca:1f:b2:b8:26:
40:b7:ab:ab:c3:01:7b:b2:27:51:a5:8f:71:b7:36:53:42:8d:
af:5b:45:e2:c8:64:f0:88:22:65:a7:82:7b:92:a4:a9:fc:44:
80:ff:b4:ae:59:07:ba:58:65:a2:e9:28:f4:06:45:e0:24:40:
94:7c:9f:b5:b9:cd:36:74:aa:7a:de:92:67:d3:b3:72:b6:e8:
df:78:08:6c:fc:d4:21:98:b0:7a:78:7b:95:1a:44:e1:53:6a:
f3:e4:3a:33:b1:a6:e1:c5:2a:f7:1c:56:92:27:5a:f4:04:6a:
66:83:d3:a2:a2:a5:48:94:35:d1:2a:43:9e:a0:f0:6f:2c:21:
f5:91:94:2f:88:74:dd:35:93:4d:e0:fa:1f:fe:0b:d6:a5:4b:
b6:4c:33:16:ff:b5:00:26:1c:9c:16:86:3a:d0:c8:bf:e4:c1:
43:90:1f:dd:8a:7a:f5:8d:b3:2e:e9:e0:37:fc:73:7a:fc:d1:
e8:b5:b6:5b:c3:5f:45:0e:2c:82:9c:14:b2:74:5e:f2:e6:dc:
0a:be:14:d7:af:92:2b:6e:80:8d:88:a4:44:2f:90:20:f6:34:
2b:5b:79:4a:3e:d0:17:ea:32:b2:6e:d4:1c:00:fb:c5:64:61:
8d:89:67:7b
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICEY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNTA2MTEyMTUyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4YmQ0Zi0wZDdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvCiIMNLDZJso4sH98aezg75O3/K+6ccMKrlTAX1sNHi+Fcyk/HxaS7dV9dMK
WoNwX11+2ORXPRuepzef/nVmnG0WansfTc0kt+YxjGSfB6RqhKQZNxL9KfL+fnSY
GZSzAWtlmsizchD7rHb5iJf+1pzM4jwddw144iM0fnpyE/jctcetIyV1Ko5Jb/6n
HAZpGwlcaYHdL4BCX30KllMXmXBaB+wyBmE6qpI71rdERGz30oxzr5M3t97Z2ZAC
QsU43rmLVtC7jqT43XSvdwfu/PGimg/78uUM8WNFCi/KymJKEaSwGOpXpVGZHR50
7YrVUuwPq7fASreGxfF6L37lWwIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFOLeTBTL
TPh97oUv2MRqxV5QheYJMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRDYwMkE5NDYw
QjlBMTFFRkI5NUNBNDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E
bDBqMGgEAgABMGIDBABnlxsDBABxy9ADBAFxy9gDBABxy+cDBABxy/oDBABzpzED
BABzp0IDBABzp04DBAC0so4DBAO0spgDBADKXBIDBADKXBQDBADfHeMwDAMEAN8d
6wMEAN8d7AMEAd8d7jANBgkqhkiG9w0BAQsFAAOCAQEAT25xM8DeAsxY9zbjzMof
srgmQLerq8MBe7InUaWPcbc2U0KNr1tF4shk8IgiZaeCe5KkqfxEgP+0rlkHulhl
ouko9AZF4CRAlHyftbnNNnSqet6SZ9Ozcrbo33gIbPzUIZiwenh7lRpE4VNq8+Q6
M7Gm4cUq9xxWkida9ARqZoPToqKlSJQ10SpDnqDwbywh9ZGUL4h03TWTTeD6H/4L
1qVLtkwzFv+1ACYcnBaGOtDIv+TBQ5Af3Yp69Y2zLungN/xzevzR6LW2W8NfRQ4s
gpwUsnRe8ubcCr4U16+SK26AjYikRC+QIPY0K1t5Sj7QF+oysm7UHAD7xWRhjYln
ew==
-----END CERTIFICATE-----
Generated at Mon May 6 19:36:52 2024 by rpki-client on console-fra.rpki-client.org