Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8F37B714A0A011EEA0FE5184C4F9AE02.roa
File: 8F37B714A0A011EEA0FE5184C4F9AE02.roa (raw, json)
Hash identifier: aaYxD6/ZgeHjSp5emzx4kR+ai0e1nsc6QMjMnjvP/+4=
Subject key identifier: 55:B8:7C:B8:A1:EF:5D:B0:36:34:E6:3D:C8:B3:E5:76:91:A6:D5:13
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 0EC0
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8F37B714A0A011EEA0FE5184C4F9AE02.roa
Signing time: Fri 22 Dec 2023 08:03:15 +0000
ROA not before: Fri 22 Dec 2023 08:03:15 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 395839
IP address blocks: 113.203.225.0/24 maxlen: 24
113.203.251.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 09:55:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3776 (0xec0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Dec 22 08:03:15 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=658542c3-7ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:75:45:36:05:c0:54:82:39:4f:ce:e6:40:e2:
02:48:ac:33:e2:14:28:8b:e5:9f:5d:f7:d3:a8:9b:
1f:b7:e8:0a:40:07:4b:5d:ec:74:a5:1f:e8:40:17:
65:5e:ad:90:ad:51:bd:a4:20:79:a8:2b:4a:1f:f0:
d9:7b:56:0d:a4:17:2b:a1:43:cc:aa:b0:02:61:e3:
54:3e:bf:55:c3:df:32:a9:85:bc:9d:4f:38:26:e6:
fa:aa:01:6f:05:a2:bc:d0:1b:78:e1:4f:f1:31:7d:
9c:90:41:cb:d9:ce:94:86:92:e3:18:39:db:94:2b:
55:db:df:1d:ab:3f:5a:4b:df:66:f1:95:af:ba:04:
d7:a4:c0:97:32:00:e4:4a:97:33:34:b2:ca:49:54:
45:5d:8f:07:d5:a7:c4:d4:7b:18:d9:b0:28:c2:cf:
b5:93:01:db:60:2b:c2:cf:95:28:d4:9c:53:f6:fc:
cd:56:b2:32:3b:bf:f8:2b:5a:36:21:b3:b3:01:ba:
68:c0:f9:59:ad:1b:0a:3d:0a:a6:bb:97:23:15:22:
88:79:1b:a7:24:10:9f:b0:98:70:f2:a7:48:a8:22:
76:3b:ef:14:d5:93:a2:ec:c3:f7:5e:83:20:80:04:
86:dd:88:17:19:de:b1:cb:0d:81:bd:19:35:35:cc:
5e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:B8:7C:B8:A1:EF:5D:B0:36:34:E6:3D:C8:B3:E5:76:91:A6:D5:13
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8F37B714A0A011EEA0FE5184C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.225.0/24
113.203.251.0/24
180.178.173.0/24
180.178.186.0/24
Signature Algorithm: sha256WithRSAEncryption
45:1e:8a:31:8e:6c:f5:56:3f:54:57:bf:26:e0:a9:8e:67:c5:
c8:c7:0c:e7:62:cc:1a:ef:52:02:f6:1c:f1:92:0b:c2:6a:f2:
1a:b7:7a:51:8b:2f:f8:55:b4:69:6d:2b:dc:30:79:55:8c:e7:
4e:f4:53:81:bb:b5:83:45:0e:08:03:1f:8c:31:fb:84:0f:ea:
20:a9:a8:5a:7a:35:e4:07:43:1b:8e:9c:79:8d:dc:b9:a5:9d:
3d:47:c1:2d:53:8a:ab:eb:fe:0f:c0:9b:e2:28:f5:46:fe:7b:
8c:5e:2a:19:e1:82:c7:11:c4:3b:30:97:0e:00:b2:1b:4f:d0:
86:c1:68:3d:f0:fa:07:73:d4:9b:97:3b:2e:dd:72:ff:f3:3a:
a8:75:a4:b4:1f:d6:46:3f:c0:d7:f8:0f:c5:38:08:e5:18:1f:
78:d4:d8:c6:ff:77:ac:f9:9a:57:96:51:41:51:35:2c:47:18:
fa:9a:8f:c7:6e:f5:55:19:20:55:35:d3:e5:1f:cd:ca:70:fd:
ff:68:71:7a:39:de:d4:62:e7:f2:c8:59:9d:6b:e1:89:75:e9:
bc:5c:d9:4a:36:38:d6:04:70:52:be:77:c8:2e:ac:00:e4:80:
3a:ac:3f:5d:8a:44:37:c2:58:30:f9:81:ac:a3:fa:f0:e3:39:
10:2f:71:22
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDsAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjMxMjIyMDgwMzE1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTg1NDJjMy03ZmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA23VFNgXAVII5T87mQOICSKwz4hQoi+WfXffTqJsft+gKQAdLXex0pR/oQBdl
Xq2QrVG9pCB5qCtKH/DZe1YNpBcroUPMqrACYeNUPr9Vw98yqYW8nU84Jub6qgFv
BaK80Bt44U/xMX2ckEHL2c6UhpLjGDnblCtV298dqz9aS99m8ZWvugTXpMCXMgDk
SpczNLLKSVRFXY8H1afE1HsY2bAows+1kwHbYCvCz5Uo1JxT9vzNVrIyO7/4K1o2
IbOzAbpowPlZrRsKPQqmu5cjFSKIeRunJBCfsJhw8qdIqCJ2O+8U1ZOi7MP3XoMg
gASG3YgXGd6xyw2BvRk1NcxeZQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFFW4fLih
712wNjTmPciz5XaRptUTMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOEYzN0I3MTRB
MEEwMTFFRUEwRkU1MTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABxy+EDBABxy/sDBAC0sq0DBAC0srowDQYJKoZIhvcNAQEL
BQADggEBAEUeijGObPVWP1RXvybgqY5nxcjHDOdizBrvUgL2HPGSC8Jq8hq3elGL
L/hVtGltK9wweVWM5070U4G7tYNFDggDH4wx+4QP6iCpqFp6NeQHQxuOnHmN3Lml
nT1HwS1Tiqvr/g/Am+Io9Ub+e4xeKhnhgscRxDswlw4AshtP0IbBaD3w+gdz1JuX
Oy7dcv/zOqh1pLQf1kY/wNf4D8U4COUYH3jU2Mb/d6z5mleWUUFRNSxHGPqaj8du
9VUZIFU10+Ufzcpw/f9ocXo53tRi5/LIWZ1r4Yl16bxc2Uo2ONYEcFK+d8gurADk
gDqsP12KRDfCWDD5gayj+vDjORAvcSI=
-----END CERTIFICATE-----
Generated at Wed Mar 27 12:24:09 2024 by rpki-client on console-ams.rpki-client.org