Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/EF2F76300B9811EF816F7E58C4F9AE02.roa
File: EF2F76300B9811EF816F7E58C4F9AE02.roa (raw, json)
Hash identifier: 0FRVMmDWZzCsaQFdd2rb/xEqLVkriXWnn2SDym5iyb4=
Subject key identifier: F3:5C:B4:C0:54:D9:C9:77:82:5E:DA:E9:90:21:B4:EC:42:89:66:C6
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1196
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/EF2F76300B9811EF816F7E58C4F9AE02.roa
Signing time: Mon 06 May 2024 17:25:48 +0000
ROA not before: Mon 06 May 2024 17:25:48 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 136030
IP address blocks: 103.151.26.0/24 maxlen: 24
113.203.241.0/24 maxlen: 24
115.167.50.0/24 maxlen: 24
115.167.64.0/24 maxlen: 24
115.167.65.0/24 maxlen: 24
115.167.66.0/24 maxlen: 24
115.167.67.0/24 maxlen: 24
115.167.76.0/24 maxlen: 24
115.167.124.0/24 maxlen: 24
115.167.125.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 06:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4502 (0x1196)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: May 6 17:25:48 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6639129c-f6b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:49:c7:d7:22:ab:ad:96:08:75:b5:ed:8b:b4:
72:30:42:b0:ff:b0:c2:0b:5b:76:25:c5:5c:77:71:
86:20:32:a2:21:d5:ae:a7:31:02:db:ad:58:4c:fa:
82:ed:f7:85:5f:06:ea:40:bf:51:a5:b3:ed:a7:a2:
b9:cd:7e:58:ce:bf:8b:63:29:1a:54:dc:3f:64:38:
e0:4f:7c:38:f6:a6:d3:b8:94:4d:84:bf:92:db:16:
70:05:c6:dc:b1:45:3d:4e:95:81:45:d0:36:fc:d3:
ba:9c:27:af:fc:ff:c0:43:d2:9d:88:10:4e:a0:fb:
d8:21:d9:98:9a:c8:78:ab:88:11:06:76:35:89:7c:
7f:7e:54:33:73:06:d2:c7:f9:63:c3:49:ee:e3:7a:
31:33:ac:18:2e:2f:c8:e4:93:0c:ef:48:40:11:05:
28:a0:4c:8b:e0:7b:32:da:c4:b1:20:a9:b3:72:ba:
76:37:57:cb:42:90:97:be:4d:70:53:77:10:11:97:
6a:b9:6c:96:e3:1d:6e:60:f0:f5:a5:89:7d:06:c6:
9b:52:ec:ed:99:1b:1e:03:25:6d:42:e0:2f:f0:55:
88:d6:aa:28:04:28:fc:b0:51:1e:b2:ff:92:a9:88:
71:52:9f:97:21:17:77:9b:d5:fa:9e:36:75:95:6f:
21:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:5C:B4:C0:54:D9:C9:77:82:5E:DA:E9:90:21:B4:EC:42:89:66:C6
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/EF2F76300B9811EF816F7E58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.26.0/24
113.203.241.0/24
115.167.50.0/24
115.167.64.0/22
115.167.76.0/24
115.167.124.0/23
223.29.225.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:d9:49:9d:d6:11:4c:2b:01:8f:11:bd:22:4b:98:ad:c4:dd:
59:91:b0:16:16:56:b5:17:9f:eb:c0:bb:51:24:8b:4d:ee:7b:
c1:7e:3b:13:8e:4a:97:2d:40:53:3e:0e:ee:15:ac:80:81:fa:
ba:1a:28:47:21:59:84:2f:ad:46:4a:d8:bf:6f:b0:d8:ff:57:
55:da:57:5e:9f:e6:4c:7e:df:49:35:15:dd:d7:bf:3e:cf:02:
dd:06:11:9e:09:b0:49:6e:00:4c:bf:b5:1d:99:20:b7:1b:e4:
70:eb:ca:ca:c9:d0:ce:ff:4b:a7:e0:ca:48:5a:e4:52:9d:bc:
f2:b2:07:28:45:24:0d:52:0b:7d:d3:b9:d3:6e:44:78:22:83:
7b:2e:83:4c:ea:0c:b3:c6:8e:87:9c:af:55:e7:c8:4c:90:52:
2a:e9:12:75:ef:2c:26:53:53:63:4a:fc:46:b3:f5:cf:4c:d7:
e1:bd:58:43:e1:3a:e1:d2:95:d8:ed:97:52:02:49:58:10:61:
3c:03:74:97:f5:cd:f8:b1:3d:5c:b3:08:07:7a:42:df:20:85:
bf:eb:04:9f:fe:c9:62:ee:b5:ce:01:da:55:53:60:20:b6:ed:
d2:df:eb:fe:ce:1d:b0:30:c4:af:08:ef:74:26:f0:a2:bf:f3:
05:67:a1:c7
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICEZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNTA2MTcyNTQ4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM5MTI5Yy1mNmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz0nH1yKrrZYIdbXti7RyMEKw/7DCC1t2JcVcd3GGIDKiIdWupzEC261YTPqC
7feFXwbqQL9RpbPtp6K5zX5Yzr+LYykaVNw/ZDjgT3w49qbTuJRNhL+S2xZwBcbc
sUU9TpWBRdA2/NO6nCev/P/AQ9KdiBBOoPvYIdmYmsh4q4gRBnY1iXx/flQzcwbS
x/ljw0nu43oxM6wYLi/I5JMM70hAEQUooEyL4Hsy2sSxIKmzcrp2N1fLQpCXvk1w
U3cQEZdquWyW4x1uYPD1pYl9BsabUuztmRseAyVtQuAv8FWI1qooBCj8sFEesv+S
qYhxUp+XIRd3m9X6njZ1lW8hIwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFPNctMBU
2cl3gl7a6ZAhtOxCiWbGMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRUYyRjc2MzAw
Qjk4MTFFRjgxNkY3RTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBABnlxoDBABxy/EDBABzpzIDBAJzp0ADBABzp0wDBAFzp3wD
BADfHeEwDQYJKoZIhvcNAQELBQADggEBAE7ZSZ3WEUwrAY8RvSJLmK3E3VmRsBYW
VrUXn+vAu1Eki03ue8F+OxOOSpctQFM+Du4VrICB+roaKEchWYQvrUZK2L9vsNj/
V1XaV16f5kx+30k1Fd3Xvz7PAt0GEZ4JsEluAEy/tR2ZILcb5HDrysrJ0M7/S6fg
ykha5FKdvPKyByhFJA1SC33TudNuRHgig3sug0zqDLPGjoecr1XnyEyQUirpEnXv
LCZTU2NK/Eaz9c9M1+G9WEPhOuHSldjtl1ICSVgQYTwDdJf1zfixPVyzCAd6Qt8g
hb/rBJ/+yWLutc4B2lVTYCC27dLf6/7OHbAwxK8I73Qm8KK/8wVnocc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:35 2024 by rpki-client on console-ams.rpki-client.org