Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/58A36E90DB8911EE9E4E6962C4F9AE02.roa
File: 58A36E90DB8911EE9E4E6962C4F9AE02.roa (raw, json)
Hash identifier: wKQgijkd+heY4MpnkCGTPqiHmPUq2fWEGD3i5fYYs9Q=
Subject key identifier: D9:58:AA:2B:CF:2E:07:74:4E:30:2D:11:07:21:5E:FE:7F:C8:30:6F
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 0FF0
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/58A36E90DB8911EE9E4E6962C4F9AE02.roa
Signing time: Wed 06 Mar 2024 07:16:27 +0000
ROA not before: Wed 06 Mar 2024 07:16:27 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 115.167.28.0/22 maxlen: 24
202.92.19.0/24 maxlen: 24
202.92.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 05:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4080 (0xff0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Mar 6 07:16:27 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65e8184b-2a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b5:59:3b:a9:8d:ae:3b:0b:6c:e6:18:5a:6a:
b8:d6:b0:26:8a:4b:81:8b:19:70:e4:de:5c:cb:3f:
47:7e:39:fb:a1:44:8f:23:b4:ae:f5:84:bf:18:74:
63:17:14:80:6b:da:5b:01:b2:62:3e:ab:55:59:32:
e5:0d:a0:67:68:03:b6:e3:97:7f:eb:21:99:03:c5:
62:07:f7:bd:ad:37:ec:fb:c3:69:d6:e7:bb:9f:5a:
9c:c6:61:c1:09:f7:dc:b4:cf:24:33:b9:26:52:ed:
08:e0:8d:3e:7e:5d:27:3e:16:d3:95:0a:9f:e4:eb:
23:c2:7d:4d:cc:b8:02:13:52:68:d0:d4:91:24:28:
d9:3a:f0:27:56:22:32:65:0b:4c:a0:f5:37:a6:e6:
b1:1c:5d:22:f7:37:1e:f3:d8:1e:fe:8f:eb:3e:36:
95:4b:4a:ba:ed:be:ac:db:cc:98:22:49:6d:ff:bf:
86:67:b5:67:fb:50:8d:2e:c1:39:7d:06:12:ec:c3:
b1:c2:15:26:51:91:5f:71:ed:80:39:3a:53:16:a0:
83:6e:ec:54:bc:50:a4:f5:0b:d5:7c:30:f1:bd:9e:
d9:ac:f1:e5:19:e0:81:08:a9:18:2a:5a:00:c2:88:
ad:3c:da:7b:b7:f3:11:4d:0b:c7:e4:71:2a:b4:7b:
a8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:58:AA:2B:CF:2E:07:74:4E:30:2D:11:07:21:5E:FE:7F:C8:30:6F
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/58A36E90DB8911EE9E4E6962C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.167.28.0/22
202.92.19.0/24
202.92.21.0/24
Signature Algorithm: sha256WithRSAEncryption
48:3b:9f:e8:89:e0:45:92:4b:2c:58:a1:93:88:8d:a5:2a:e8:
a2:92:81:24:c7:5b:93:eb:63:48:1a:45:00:95:b8:a7:7e:11:
be:cc:59:5d:26:9b:02:4b:ce:e6:f2:c3:5c:e8:f7:a5:24:e3:
f3:5a:e8:16:22:6d:32:dc:33:e8:d3:93:64:d1:71:bb:bc:8e:
e4:2c:07:d3:a0:b9:bf:f6:f4:f1:66:03:0f:24:14:8f:30:50:
f6:77:e5:13:b7:c6:cf:df:80:c4:5f:02:cd:25:9d:d5:75:df:
43:8d:b6:a9:e7:f1:ac:61:be:68:0d:64:ca:cc:fc:4b:21:59:
dc:2c:7b:be:cd:51:41:6d:3a:76:23:61:13:47:5c:06:b3:2e:
97:d1:f0:b4:c9:fd:54:bf:3e:28:0b:0a:de:17:38:90:43:66:
7e:bb:c3:8c:c1:44:de:1e:f3:8f:34:9a:e1:fe:1d:67:71:d6:
70:5b:ac:c4:d8:71:c7:46:63:1b:c7:c5:82:31:c9:1f:2e:03:
34:e8:4d:9c:10:ce:91:79:52:1c:f0:88:16:b5:e8:4e:e8:ce:
71:25:76:2f:94:1a:40:c1:7d:f1:d8:44:72:ea:12:e6:66:73:
79:4d:3c:6e:9c:8c:03:fc:27:75:ea:59:b9:bd:cb:31:8f:7b:
50:76:52:76
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICD/AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwMzA2MDcxNjI3WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU4MTg0Yi0yYTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4LVZO6mNrjsLbOYYWmq41rAmikuBixlw5N5cyz9Hfjn7oUSPI7Su9YS/GHRj
FxSAa9pbAbJiPqtVWTLlDaBnaAO245d/6yGZA8ViB/e9rTfs+8Np1ue7n1qcxmHB
CffctM8kM7kmUu0I4I0+fl0nPhbTlQqf5Osjwn1NzLgCE1Jo0NSRJCjZOvAnViIy
ZQtMoPU3puaxHF0i9zce89ge/o/rPjaVS0q67b6s28yYIklt/7+GZ7Vn+1CNLsE5
fQYS7MOxwhUmUZFfce2AOTpTFqCDbuxUvFCk9QvVfDDxvZ7ZrPHlGeCBCKkYKloA
woitPNp7t/MRTQvH5HEqtHuoIQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNlYqivP
Lgd0TjAtEQchXv5/yDBvMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNThBMzZFOTBE
Qjg5MTFFRTlFNEU2OTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJzpxwDBADKXBMDBADKXBUwDQYJKoZIhvcNAQELBQADggEB
AEg7n+iJ4EWSSyxYoZOIjaUq6KKSgSTHW5PrY0gaRQCVuKd+Eb7MWV0mmwJLzuby
w1zo96Uk4/Na6BYibTLcM+jTk2TRcbu8juQsB9Ogub/29PFmAw8kFI8wUPZ35RO3
xs/fgMRfAs0lndV130ONtqnn8axhvmgNZMrM/EshWdwse77NUUFtOnYjYRNHXAaz
LpfR8LTJ/VS/PigLCt4XOJBDZn67w4zBRN4e8480muH+HWdx1nBbrMTYccdGYxvH
xYIxyR8uAzToTZwQzpF5UhzwiBa16E7oznEldi+UGkDBffHYRHLqEuZmc3lNPG6c
jAP8J3XqWbm9yzGPe1B2UnY=
-----END CERTIFICATE-----
Generated at Thu Mar 21 07:19:56 2024 by rpki-client on console-fra.rpki-client.org