Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/DED0DBC04F1411EFB35E3361C4F9AE02.roa
File: DED0DBC04F1411EFB35E3361C4F9AE02.roa (raw, json)
Hash identifier: Il7SJOkJabDTsy/y/WohTkHXv6+9yrXPTi+ArJhTPi4=
Subject key identifier: F6:7C:E6:28:45:B7:68:75:3C:A4:F5:82:C8:94:48:B7:99:BD:67:FA
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 149F
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/DED0DBC04F1411EFB35E3361C4F9AE02.roa
Signing time: Wed 31 Jul 2024 08:14:13 +0000
ROA not before: Wed 31 Jul 2024 08:14:13 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 136030
IP address blocks: 103.151.26.0/24 maxlen: 24
115.167.50.0/24 maxlen: 24
115.167.64.0/24 maxlen: 24
115.167.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 10:09:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5279 (0x149f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Jul 31 08:14:13 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66a9f255-cb5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:46:65:6a:e8:b9:cc:4d:3b:f1:20:d3:01:cb:
b0:9d:04:5c:2e:ef:f9:ea:42:f0:40:5f:94:ba:93:
19:2c:36:29:e6:22:79:68:fd:a6:99:b2:80:1e:a4:
98:11:fa:c1:2c:5d:eb:1b:84:8c:72:58:be:2f:22:
bd:60:ce:f3:9d:9a:d9:73:6b:22:61:42:4f:ca:b0:
cc:d8:58:9c:f3:f6:b7:4c:65:5e:4a:8e:e8:a5:e2:
40:f8:63:af:5b:8f:f6:ce:ac:1c:d5:ee:81:bb:14:
08:f4:2a:6a:c7:4e:96:35:34:11:30:93:12:2a:a4:
1e:b2:97:91:76:f5:a3:e2:0b:50:6e:fc:99:f3:91:
f6:9c:df:4f:00:ec:0b:44:e1:9b:4b:31:1a:e1:89:
06:2e:3b:74:a9:69:c5:07:c7:f7:52:7a:f9:cf:3d:
0a:2d:ca:30:5c:da:93:de:a2:50:bc:98:44:a4:fe:
a2:19:fe:3f:dd:b6:6d:47:74:5a:f4:a8:b8:ad:c9:
0f:60:9c:6d:28:d6:24:0d:b2:cc:60:d0:9b:95:ab:
ab:a8:c5:5d:a4:8e:d8:f6:6b:c8:16:4a:39:88:0f:
e3:dc:d0:16:59:0b:24:e1:4f:40:2e:24:d3:58:24:
0e:13:4c:2a:66:a2:fe:91:3f:cd:59:ce:be:f7:f1:
cc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:7C:E6:28:45:B7:68:75:3C:A4:F5:82:C8:94:48:B7:99:BD:67:FA
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/DED0DBC04F1411EFB35E3361C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.26.0/24
115.167.50.0/24
115.167.64.0/24
115.167.66.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:ab:cc:8a:57:3b:a5:d1:48:8c:d4:17:47:78:3f:6e:93:13:
7c:65:67:5f:c7:0b:6c:f9:ea:ed:cc:57:5e:27:b9:14:6d:41:
9e:6f:22:b3:82:59:73:cd:df:ed:90:23:a9:5a:05:cc:74:59:
cd:7b:57:54:ba:e4:37:4a:c7:16:04:cc:8a:41:00:83:2d:92:
87:55:47:8b:42:35:06:b1:00:43:02:d8:d6:b6:ce:90:e4:a5:
8e:e8:86:00:0c:d3:04:cb:2f:00:6c:eb:18:f9:5a:ac:d5:c0:
af:67:70:0b:6e:73:64:ac:d5:9f:08:5a:8c:c5:98:52:41:66:
2b:4d:60:84:ef:a0:88:a0:88:7e:db:da:81:30:47:59:86:db:
07:35:5c:42:a4:d7:c5:29:5a:88:6c:85:f5:6e:2f:10:53:17:
f2:aa:aa:a2:79:41:69:b2:11:11:5e:79:94:41:ef:f7:00:94:
d7:1e:85:67:69:0c:2d:5d:dd:85:c8:e1:f4:c4:87:4c:0b:b7:
39:da:27:1c:b5:22:e6:8f:bd:f6:f8:4f:2e:9c:fe:92:4e:5d:
cd:01:dc:05:85:46:5e:a4:61:b8:68:c3:5b:f1:f1:4d:e0:e6:
c9:60:d3:35:dd:43:83:ac:2b:6b:04:2e:ed:91:80:94:2b:c0:
52:20:bc:29
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNzMxMDgxNDEzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5ZjI1NS1jYjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxkZlaui5zE078SDTAcuwnQRcLu/56kLwQF+UupMZLDYp5iJ5aP2mmbKAHqSY
EfrBLF3rG4SMcli+LyK9YM7znZrZc2siYUJPyrDM2Fic8/a3TGVeSo7opeJA+GOv
W4/2zqwc1e6BuxQI9Cpqx06WNTQRMJMSKqQespeRdvWj4gtQbvyZ85H2nN9PAOwL
ROGbSzEa4YkGLjt0qWnFB8f3Unr5zz0KLcowXNqT3qJQvJhEpP6iGf4/3bZtR3Ra
9Ki4rckPYJxtKNYkDbLMYNCblaurqMVdpI7Y9mvIFko5iA/j3NAWWQsk4U9ALiTT
WCQOE0wqZqL+kT/NWc6+9/HMXQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFPZ85ihF
t2h1PKT1gsiUSLeZvWf6MB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvREVEMERCQzA0
RjE0MTFFRkIzNUUzMzYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABnlxoDBABzpzIDBABzp0ADBABzp0IwDQYJKoZIhvcNAQEL
BQADggEBAA+rzIpXO6XRSIzUF0d4P26TE3xlZ1/HC2z56u3MV14nuRRtQZ5vIrOC
WXPN3+2QI6laBcx0Wc17V1S65DdKxxYEzIpBAIMtkodVR4tCNQaxAEMC2Na2zpDk
pY7ohgAM0wTLLwBs6xj5WqzVwK9ncAtuc2Ss1Z8IWozFmFJBZitNYITvoIigiH7b
2oEwR1mG2wc1XEKk18UpWohshfVuLxBTF/KqqqJ5QWmyERFeeZRB7/cAlNcehWdp
DC1d3YXI4fTEh0wLtznaJxy1IuaPvfb4Ty6c/pJOXc0B3AWFRl6kYbhow1vx8U3g
5slg0zXdQ4OsK2sELu2RgJQrwFIgvCk=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:05:00 2025 by rpki-client