Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/98D7B8B4AEBA11EE8F69E720C4F9AE02.roa
File: 98D7B8B4AEBA11EE8F69E720C4F9AE02.roa (raw, json)
Hash identifier: xqnUkRlM8BgeJfLNnv+spbAWxImmWO6pBy2xRgcMfzU=
Subject key identifier: 97:AA:17:0D:73:38:72:FF:A1:79:23:96:EF:08:8A:0E:44:76:23:01
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 0F4C
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/98D7B8B4AEBA11EE8F69E720C4F9AE02.roa
Signing time: Tue 09 Jan 2024 06:44:55 +0000
ROA not before: Tue 09 Jan 2024 06:44:55 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 5650
IP address blocks: 115.167.56.0/22 maxlen: 24
115.167.120.0/22 maxlen: 22
175.110.104.0/22 maxlen: 23
175.110.104.0/24 maxlen: 24
175.110.106.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 10:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3916 (0xf4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Jan 9 06:44:55 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=659ceb66-de25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:21:ca:9b:f3:6b:47:81:63:e4:7b:75:7b:57:
32:a6:d2:1b:0e:f9:13:af:44:f4:2e:d6:d4:ed:1e:
84:d7:52:b0:40:9a:8f:a1:95:f4:06:8c:02:14:fd:
ea:27:2c:6f:20:5b:11:20:4f:50:7d:d6:c2:76:e2:
09:97:2d:f2:27:c3:ef:36:c1:d4:1a:32:7e:85:4a:
6e:b5:5f:2b:db:2a:98:2b:0f:e5:27:ff:09:f2:a9:
16:16:83:b9:a3:a8:b6:1d:73:1a:c1:e7:34:6d:fa:
36:90:0d:19:00:60:63:14:a8:2d:1e:0d:6a:bb:cc:
99:d0:93:0c:cb:17:e7:75:6e:c6:2a:12:31:04:28:
3c:3c:77:08:46:29:fb:31:70:d3:c8:43:3f:8a:64:
39:ce:3d:ce:99:26:9c:c9:db:d8:76:f6:c5:f9:4f:
b4:51:12:a4:8f:74:fe:00:dd:db:ff:82:01:54:13:
ba:23:cb:4b:7f:35:b6:ba:ed:d1:23:2b:b3:11:90:
39:e5:7d:97:11:c2:1e:f6:73:1a:14:70:9e:a8:00:
fc:24:82:86:dc:10:0c:6b:16:11:1b:c8:67:35:f0:
e4:c5:ad:35:27:a9:19:eb:90:6b:d4:98:5f:36:4e:
55:df:21:d4:42:f3:0a:7e:56:18:02:39:0e:6c:78:
4c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AA:17:0D:73:38:72:FF:A1:79:23:96:EF:08:8A:0E:44:76:23:01
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/98D7B8B4AEBA11EE8F69E720C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.167.56.0/22
115.167.120.0/22
175.110.104.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:f8:d9:58:fd:79:61:df:a5:4c:15:7e:49:01:9b:98:5d:78:
12:b5:95:42:05:54:ff:24:7e:89:c1:8e:90:c9:40:0a:6c:30:
1e:5b:c5:f4:a5:02:02:19:0f:67:8a:63:4b:e9:b4:5a:40:46:
18:96:d1:b6:05:ca:b5:fa:d5:09:05:58:52:72:cb:73:b1:46:
28:86:e0:c5:4b:68:1c:19:68:9b:ea:b7:0c:68:19:30:2d:f2:
27:e7:30:0a:bf:a0:d8:e0:16:17:8d:ce:cd:eb:b2:28:43:cb:
c6:a1:69:31:0e:7c:68:9f:7c:30:a7:48:09:22:8e:84:cf:bc:
14:11:2f:17:83:b3:dc:66:e4:b3:6d:d1:6e:9a:80:fd:95:31:
d8:b7:f0:3e:25:51:ce:ed:c5:4c:c5:d5:27:c2:a9:48:a5:1e:
f0:6e:ff:5c:2d:6b:71:3d:e5:70:90:cf:e7:c7:75:77:ad:65:
06:10:cb:d6:a2:98:6c:07:af:47:3a:c6:1c:1b:59:0f:9a:fe:
49:c3:54:f0:a1:f7:00:64:e5:ad:de:f8:ab:45:dc:59:c4:14:
e9:80:36:cd:fb:e9:c8:67:b0:c8:92:f7:0a:8c:d4:7b:85:11:
4b:87:cc:cd:19:42:01:b6:fa:3a:ff:45:9c:7a:57:8a:62:46:
b4:a0:f1:c5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICD0wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwMTA5MDY0NDU1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTljZWI2Ni1kZTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApSHKm/NrR4Fj5Ht1e1cyptIbDvkTr0T0LtbU7R6E11KwQJqPoZX0BowCFP3q
JyxvIFsRIE9QfdbCduIJly3yJ8PvNsHUGjJ+hUputV8r2yqYKw/lJ/8J8qkWFoO5
o6i2HXMawec0bfo2kA0ZAGBjFKgtHg1qu8yZ0JMMyxfndW7GKhIxBCg8PHcIRin7
MXDTyEM/imQ5zj3OmSacydvYdvbF+U+0URKkj3T+AN3b/4IBVBO6I8tLfzW2uu3R
IyuzEZA55X2XEcIe9nMaFHCeqAD8JIKG3BAMaxYRG8hnNfDkxa01J6kZ65Br1Jhf
Nk5V3yHUQvMKflYYAjkObHhMNQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJeqFw1z
OHL/oXkjlu8Iig5EdiMBMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOThEN0I4QjRB
RUJBMTFFRThGNjlFNzIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJzpzgDBAJzp3gDBAKvbmgwDQYJKoZIhvcNAQELBQADggEB
AKf42Vj9eWHfpUwVfkkBm5hdeBK1lUIFVP8kfonBjpDJQApsMB5bxfSlAgIZD2eK
Y0vptFpARhiW0bYFyrX61QkFWFJyy3OxRiiG4MVLaBwZaJvqtwxoGTAt8ifnMAq/
oNjgFheNzs3rsihDy8ahaTEOfGiffDCnSAkijoTPvBQRLxeDs9xm5LNt0W6agP2V
Mdi38D4lUc7txUzF1SfCqUilHvBu/1wta3E95XCQz+fHdXetZQYQy9aimGwHr0c6
xhwbWQ+a/knDVPCh9wBk5a3e+KtF3FnEFOmANs376chnsMiS9wqM1HuFEUuHzM0Z
QgG2+jr/RZx6V4piRrSg8cU=
-----END CERTIFICATE-----
Generated at Tue Jan 9 13:52:09 2024 by rpki-client on console-ams.rpki-client.org