Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D3E0389C682811EEAE59FF14C4F9AE02.roa
File: D3E0389C682811EEAE59FF14C4F9AE02.roa (raw, json)
Hash identifier: vzMRmYEvoRTmkst5uOg9jWH5iEcbObalttYJ4Mg70UY=
Subject key identifier: 4A:24:A2:74:BE:5F:43:8C:FA:05:F2:57:37:1D:92:72:21:FD:64:63
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 0D6C
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D3E0389C682811EEAE59FF14C4F9AE02.roa
Signing time: Wed 11 Oct 2023 11:25:06 +0000
ROA not before: Wed 11 Oct 2023 11:25:06 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 113.203.223.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
115.167.120.0/22 maxlen: 24
180.178.170.0/24 maxlen: 24
202.92.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3436 (0xd6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Oct 11 11:25:06 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65268612-ed42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:64:9c:32:b9:77:8b:8c:d4:9c:ac:e5:58:8a:
2f:d0:6e:85:4f:09:2f:8a:37:4f:00:f8:69:85:7b:
68:44:f5:90:c9:85:19:56:75:02:12:b4:66:5f:e1:
f4:0a:18:f4:e3:c1:a4:51:1f:a1:e7:01:b2:a9:b0:
60:99:60:b8:09:cd:83:1d:8c:b1:d4:92:f7:f8:b7:
e0:cb:9f:ea:dd:70:e6:c1:1b:78:12:84:80:7f:5e:
31:51:5b:50:73:8d:99:ff:a2:76:ec:92:ec:3d:b4:
72:23:95:25:db:21:21:e0:89:7e:4a:b2:78:43:3f:
0b:12:bd:da:92:7a:e3:d6:b0:23:d2:f2:73:7d:52:
3b:bb:2e:dc:63:b2:62:98:63:aa:a9:3e:9f:e4:7f:
61:2d:3e:ff:1b:ea:2b:72:fa:5d:28:0c:7b:f5:10:
c2:23:0a:dd:4b:5c:dd:8e:81:2f:5d:c4:e2:f0:9f:
05:ef:4d:21:34:6b:ab:d2:0a:b9:e8:27:59:05:6a:
bd:33:96:3e:07:f9:39:d9:4c:db:68:35:cc:86:1c:
8d:b9:d7:ef:cd:4e:7d:7a:10:1b:56:74:ba:1b:46:
23:d0:23:72:c6:37:5d:4e:ec:8d:fc:45:84:d8:aa:
79:4d:ae:68:2d:ce:75:e2:e8:51:0b:84:15:cb:15:
bd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:24:A2:74:BE:5F:43:8C:FA:05:F2:57:37:1D:92:72:21:FD:64:63
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D3E0389C682811EEAE59FF14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.223.0-113.203.224.255
115.167.120.0/22
180.178.170.0/24
202.92.18.0/24
Signature Algorithm: sha256WithRSAEncryption
37:26:03:91:47:23:70:3c:eb:99:5c:9f:7b:11:c1:bf:29:f8:
45:03:06:54:03:bd:b3:9a:0b:3a:dc:da:98:82:2c:73:06:d6:
7d:9f:92:be:bb:76:2d:21:c7:54:2e:85:81:f3:ff:e9:7f:08:
05:60:69:b4:b1:82:f5:67:3b:2d:9a:d2:3a:63:30:33:b5:05:
87:36:ba:9d:f5:46:8e:27:15:27:0e:e3:25:38:58:f2:02:89:
9e:70:34:bc:29:ac:11:e5:8d:38:a4:4d:63:f6:e7:40:e8:9c:
e9:50:6b:82:28:e8:a8:63:dc:e4:61:8d:35:43:e1:65:12:29:
61:60:42:00:d2:e8:b9:45:d0:5e:18:fd:fc:6d:3e:24:6a:9a:
15:67:97:af:bc:c2:1f:64:65:df:3a:96:ab:aa:76:ad:16:7a:
e9:f6:92:39:14:b4:82:07:58:a6:d0:00:6a:8b:13:a8:ab:11:
7c:ef:97:f0:83:98:92:05:28:58:78:3d:df:3d:e4:3a:19:f2:
35:f4:bc:21:aa:68:36:73:98:95:15:e6:37:dc:aa:66:d1:6a:
73:08:29:a7:58:e1:16:e1:fb:73:b2:51:2a:05:a5:ed:bb:63:
5f:e6:b9:db:c5:ac:bd:bf:bc:81:cd:59:eb:a6:b2:67:79:46:
6d:3c:17:54
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICDWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjMxMDExMTEyNTA2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI2ODYxMi1lZDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnWScMrl3i4zUnKzlWIov0G6FTwkvijdPAPhphXtoRPWQyYUZVnUCErRmX+H0
Chj048GkUR+h5wGyqbBgmWC4Cc2DHYyx1JL3+Lfgy5/q3XDmwRt4EoSAf14xUVtQ
c42Z/6J27JLsPbRyI5Ul2yEh4Il+SrJ4Qz8LEr3aknrj1rAj0vJzfVI7uy7cY7Ji
mGOqqT6f5H9hLT7/G+orcvpdKAx79RDCIwrdS1zdjoEvXcTi8J8F700hNGur0gq5
6CdZBWq9M5Y+B/k52UzbaDXMhhyNudfvzU59ehAbVnS6G0Yj0CNyxjddTuyN/EWE
2Kp5Ta5oLc514uhRC4QVyxW9JwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFEokonS+
X0OM+gXyVzcdknIh/WRjMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRDNFMDM4OUM2
ODI4MTFFRUFFNTlGRjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCAwDAMEAHHL3wMEAHHL4AMEAnOneAMEALSyqgMEAMpcEjANBgkq
hkiG9w0BAQsFAAOCAQEANyYDkUcjcDzrmVyfexHBvyn4RQMGVAO9s5oLOtzamIIs
cwbWfZ+Svrt2LSHHVC6FgfP/6X8IBWBptLGC9Wc7LZrSOmMwM7UFhza6nfVGjicV
Jw7jJThY8gKJnnA0vCmsEeWNOKRNY/bnQOic6VBrgijoqGPc5GGNNUPhZRIpYWBC
ANLouUXQXhj9/G0+JGqaFWeXr7zCH2Rl3zqWq6p2rRZ66faSORS0ggdYptAAaosT
qKsRfO+X8IOYkgUoWHg93z3kOhnyNfS8IapoNnOYlRXmN9yqZtFqcwgpp1jhFuH7
c7JRKgWl7btjX+a528Wsvb+8gc1Z66ayZ3lGbTwXVA==
-----END CERTIFICATE-----
Generated at Mon Oct 16 06:12:30 2023 by rpki-client on console-ams.rpki-client.org