Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8694877E629B11EE9EB06B19C4F9AE02.roa
File: 8694877E629B11EE9EB06B19C4F9AE02.roa (raw, json)
Hash identifier: dhgDISL+rn+XFRuzY4uzHhiwRcXqhXR1LgEu1y1hGJc=
Subject key identifier: 13:78:B7:7E:42:1E:CB:80:32:F2:2E:48:30:FF:C5:4C:2A:AB:C9:8C
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 0D5E
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8694877E629B11EE9EB06B19C4F9AE02.roa
Signing time: Wed 04 Oct 2023 09:51:01 +0000
ROA not before: Wed 04 Oct 2023 09:51:01 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
113.203.210.0/24 maxlen: 24
113.203.212.0/22 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.218.0/24 maxlen: 24
113.203.220.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.228.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.252.0/24 maxlen: 24
113.203.253.0/24 maxlen: 24
113.203.254.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.148.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.176.0/24 maxlen: 24
180.178.178.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
180.178.185.0/24 maxlen: 24
180.178.187.0/24 maxlen: 24
180.178.189.0/24 maxlen: 24
180.178.190.0/24 maxlen: 24
180.178.191.0/24 maxlen: 24
223.29.226.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
223.29.228.0/24 maxlen: 24
223.29.229.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.231.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3422 (0xd5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Oct 4 09:51:01 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=651d3585-5c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:56:64:c9:7d:b6:d5:31:a1:86:75:52:8b:b1:
8a:b0:6e:86:3a:4f:e9:a6:a6:8b:be:0e:2a:bb:ba:
56:1b:79:cc:be:df:df:07:64:2a:c9:c8:a3:0e:b1:
1c:52:2b:de:51:c2:d4:9f:21:7e:b3:03:d2:fa:d2:
1f:cb:c6:50:de:3f:f8:a1:05:98:db:c2:c9:c7:48:
98:0c:bc:72:94:d3:53:e1:92:bb:55:eb:44:7e:c1:
e5:bb:c1:98:0b:62:e3:ea:31:d0:9e:8c:ef:2b:f5:
6d:7d:57:20:1d:40:fd:4f:a2:76:6e:db:75:a7:c0:
03:84:96:15:e7:ec:c7:ed:17:da:0a:69:eb:a5:56:
7c:54:22:82:01:e1:2f:0a:d4:36:6a:d4:6d:fa:60:
92:93:d4:a6:a5:10:d1:58:fe:45:d1:af:2e:23:8c:
7c:bb:e9:da:da:99:6e:bd:aa:cb:ae:14:e9:ea:83:
66:f0:b2:98:40:5d:3a:c2:91:8e:d2:d5:62:03:2f:
57:00:e9:04:39:55:be:a2:01:1b:e9:d2:21:10:2e:
83:5a:da:01:7b:fb:76:25:dd:78:01:d9:6f:d5:e3:
d0:25:5c:78:e8:23:be:98:e6:da:cd:e4:74:d4:cb:
5b:96:10:13:a8:63:80:06:1e:d4:f2:33:06:74:90:
9a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:78:B7:7E:42:1E:CB:80:32:F2:2E:48:30:FF:C5:4C:2A:AB:C9:8C
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8694877E629B11EE9EB06B19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/24
113.203.210.0/24
113.203.212.0-113.203.216.255
113.203.218.0/24
113.203.220.0/24
113.203.222.0/24
113.203.227.0-113.203.228.255
113.203.234.0-113.203.240.255
113.203.252.0-113.203.254.255
180.178.128.0/23
180.178.132.0-180.178.139.255
180.178.148.0/23
180.178.161.0-180.178.162.255
180.178.164.0/22
180.178.172.0-180.178.176.255
180.178.178.0/24
180.178.180.0/22
180.178.185.0/24
180.178.187.0/24
180.178.189.0-180.178.191.255
223.29.226.0-223.29.231.255
223.29.235.0/24
Signature Algorithm: sha256WithRSAEncryption
57:40:51:8c:91:45:87:29:0b:5c:c0:d7:da:2a:6a:32:7d:a1:
cc:81:3a:d5:38:5a:d6:d6:f7:bb:4a:3c:e9:50:04:d9:54:b1:
34:b3:46:70:9a:60:47:4f:3d:5a:4d:83:6c:11:45:6d:71:ea:
d1:10:ff:27:7c:a2:50:91:9d:b6:62:ee:b3:5e:09:e2:f8:7e:
5a:08:32:aa:43:8d:c2:47:f1:98:8d:0e:af:67:dc:cc:d7:f1:
45:0f:2b:35:84:e5:99:93:6b:30:d9:d3:8a:0e:41:01:ce:00:
3a:6d:4a:92:b5:ed:95:1b:81:a6:1d:29:85:db:5a:16:8a:ca:
98:42:eb:d3:ae:7a:10:2c:63:e6:6b:0d:6a:d3:da:d7:3e:c4:
b2:2f:cd:20:87:f0:a8:87:70:60:53:11:b8:fa:ad:5d:27:8d:
c0:b3:61:0b:f8:53:1a:4c:be:b7:04:40:8f:b1:f2:7d:37:d6:
b1:8e:cb:9b:f8:93:23:10:12:94:0a:0a:29:56:11:ac:7f:c3:
5a:5f:7f:76:f4:c3:31:2e:82:49:8e:1d:fd:a7:32:a1:f8:3a:
92:92:72:b7:89:38:03:5a:31:c3:c5:9b:16:67:84:3e:47:b9:
4d:ac:52:57:fc:d2:af:02:a6:70:11:f6:a8:ed:0a:10:e7:bf:
07:49:aa:d5
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgICDV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjMxMDA0MDk1MTAxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkMzU4NS01YzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0FZkyX221TGhhnVSi7GKsG6GOk/ppqaLvg4qu7pWG3nMvt/fB2QqycijDrEc
UiveUcLUnyF+swPS+tIfy8ZQ3j/4oQWY28LJx0iYDLxylNNT4ZK7VetEfsHlu8GY
C2Lj6jHQnozvK/VtfVcgHUD9T6J2btt1p8ADhJYV5+zH7RfaCmnrpVZ8VCKCAeEv
CtQ2atRt+mCSk9SmpRDRWP5F0a8uI4x8u+na2pluvarLrhTp6oNm8LKYQF06wpGO
0tViAy9XAOkEOVW+ogEb6dIhEC6DWtoBe/t2Jd14Adlv1ePQJVx46CO+mObazeR0
1MtblhATqGOABh7U8jMGdJCaMwIDAQABo4IDYDCCA1wwHQYDVR0OBBYEFBN4t35C
HsuAMvIuSDD/xUwqq8mMMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvODY5NDg3N0U2
MjlCMTFFRTlFQjA2QjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgekGCCsGAQUFBwEHAQH/
BIHZMIHWMIHTBAIAATCBzAMEAGcLPAMEAHHL0jAMAwQCccvUAwQAccvYAwQAccva
AwQAccvcAwQAccveMAwDBABxy+MDBABxy+QwDAMEAXHL6gMEAHHL8DAMAwQCccv8
AwQAccv+AwQBtLKAMAwDBAK0soQDBAK0sogDBAG0spQwDAMEALSyoQMEALSyogME
ArSypDAMAwQCtLKsAwQAtLKwAwQAtLKyAwQCtLK0AwQAtLK5AwQAtLK7MAwDBAC0
sr0DBAa0soAwDAMEAd8d4gMEA98d4AMEAN8d6zANBgkqhkiG9w0BAQsFAAOCAQEA
V0BRjJFFhykLXMDX2ipqMn2hzIE61Tha1tb3u0o86VAE2VSxNLNGcJpgR089Wk2D
bBFFbXHq0RD/J3yiUJGdtmLus14J4vh+WggyqkONwkfxmI0Or2fczNfxRQ8rNYTl
mZNrMNnTig5BAc4AOm1KkrXtlRuBph0phdtaForKmELr0656ECxj5msNatPa1z7E
si/NIIfwqIdwYFMRuPqtXSeNwLNhC/hTGky+twRAj7HyfTfWsY7Lm/iTIxASlAoK
KVYRrH/DWl9/dvTDMS6CSY4d/acyofg6kpJyt4k4A1oxw8WbFmeEPke5TaxSV/zS
rwKmcBH2qO0KEOe/B0mq1Q==
-----END CERTIFICATE-----
Generated at Tue Oct 10 17:07:18 2023 by rpki-client on console-ams.rpki-client.org