Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/F4276F8E57EE11EE9C30EE47C4F9AE02.roa
File: F4276F8E57EE11EE9C30EE47C4F9AE02.roa (raw, json)
Hash identifier: hV/5cd8+THfJ73LtGznEu+o6K6MtvI2EsH82DsbbsQI=
Subject key identifier: 45:6F:12:0C:61:9A:1A:2C:21:9D:D9:6A:D1:EF:BC:19:21:03:F1:A3
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 0D3B
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/F4276F8E57EE11EE9C30EE47C4F9AE02.roa
Signing time: Wed 20 Sep 2023 19:50:30 +0000
ROA not before: Wed 20 Sep 2023 19:50:30 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
113.203.212.0/22 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.218.0/24 maxlen: 24
113.203.220.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.230.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
113.203.253.0/24 maxlen: 24
113.203.254.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.148.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.164.0/22 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.173.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
180.178.176.0/24 maxlen: 24
180.178.178.0/24 maxlen: 24
180.178.180.0/22 maxlen: 24
180.178.185.0/24 maxlen: 24
180.178.187.0/24 maxlen: 24
180.178.188.0/24 maxlen: 24
180.178.189.0/24 maxlen: 24
180.178.190.0/24 maxlen: 24
180.178.191.0/24 maxlen: 24
223.29.226.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
223.29.228.0/24 maxlen: 24
223.29.229.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.231.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3387 (0xd3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Sep 20 19:50:30 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=650b4d06-93ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:04:6c:89:e0:66:26:06:67:10:bf:da:81:43:
f5:a4:43:81:75:58:5b:9f:f8:f8:b6:bb:df:dc:36:
14:1d:28:1b:40:00:56:b5:0c:ee:94:60:04:cb:f3:
8b:d2:19:bf:24:0e:18:86:8d:66:5c:ec:98:42:14:
4a:05:1b:05:f8:8c:f5:b4:08:64:a4:45:71:f8:6c:
67:a9:b2:43:0f:b9:12:61:20:b4:27:42:ac:ea:56:
24:aa:ae:a5:85:88:d3:4b:c8:b0:16:43:e7:b8:66:
2e:bc:d2:60:d7:37:6d:9c:e7:71:f1:7e:d8:d0:76:
5f:96:11:c3:6b:dd:a7:db:6c:06:2b:fe:58:d2:7b:
7b:46:9f:1c:ec:8f:3e:0f:5c:de:98:b5:1d:d5:8e:
61:ca:13:e8:b3:49:a7:93:d2:f8:85:04:2d:bb:16:
e1:e1:8a:90:f0:fe:2a:4f:93:b7:2f:14:b2:50:55:
38:aa:68:0d:79:a9:0f:4e:76:82:8e:4d:5a:8a:be:
87:2a:f2:33:b3:d8:7d:1c:f0:ad:30:89:94:ce:25:
5d:d1:29:7e:31:89:d9:53:a5:2a:34:90:6f:3b:2a:
8c:c7:70:d5:2e:8e:a2:4f:6f:ce:ed:ba:aa:e9:fc:
3e:f2:25:88:bd:0a:b6:69:74:08:e4:f0:12:84:f2:
07:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6F:12:0C:61:9A:1A:2C:21:9D:D9:6A:D1:EF:BC:19:21:03:F1:A3
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/F4276F8E57EE11EE9C30EE47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/24
113.203.212.0-113.203.216.255
113.203.218.0/24
113.203.220.0/24
113.203.222.0/24
113.203.227.0-113.203.230.255
113.203.234.0-113.203.240.255
113.203.253.0-113.203.254.255
180.178.128.0/23
180.178.132.0-180.178.139.255
180.178.148.0/23
180.178.161.0-180.178.162.255
180.178.164.0/22
180.178.172.0-180.178.176.255
180.178.178.0/24
180.178.180.0/22
180.178.185.0/24
180.178.187.0-180.178.191.255
223.29.226.0-223.29.231.255
223.29.235.0/24
Signature Algorithm: sha256WithRSAEncryption
27:12:da:b9:26:93:c3:0c:c6:6f:e3:ec:7c:9a:ac:ad:59:b2:
28:8b:6d:3e:95:19:67:d2:05:6b:db:6a:a3:ad:a1:a2:fa:fa:
25:68:35:6d:44:1c:57:a9:e9:c9:60:36:77:b1:53:67:03:1b:
66:1d:fc:b7:fe:4b:77:fc:59:9d:6e:45:72:b0:77:33:94:f0:
5c:2c:7d:c8:4b:a1:50:c6:d2:eb:9c:54:b9:64:59:54:28:ff:
73:d5:76:38:b7:e2:af:5f:ab:ac:02:c3:bd:dc:a2:61:97:2c:
23:c9:84:d2:cd:3b:b0:4f:ba:ef:85:c0:12:e9:28:2e:19:0c:
f0:81:ea:66:55:b7:b3:3c:c9:cd:be:68:4b:2e:60:1a:09:14:
79:2a:18:33:b5:ac:6c:01:86:30:fd:a4:52:1c:5c:a7:40:c4:
fa:f1:5b:4c:83:2d:5a:fb:36:61:a3:2a:21:6c:b0:85:52:8d:
84:be:82:cb:82:b5:7c:d3:cb:2c:e6:37:fc:d9:55:1d:c0:7e:
a4:46:f3:4c:68:a5:ce:de:fb:40:4c:96:17:b6:7e:fc:1a:1a:
cf:3c:70:d7:2f:4e:fe:8d:47:1a:1f:12:ee:45:5c:94:84:2c:
64:e0:49:71:5d:e8:d8:e3:40:34:74:a8:08:58:d3:d1:37:6d:
a2:66:15:ee
-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgICDTswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjMwOTIwMTk1MDMwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBiNGQwNi05M2NhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4QRsieBmJgZnEL/agUP1pEOBdVhbn/j4trvf3DYUHSgbQABWtQzulGAEy/OL
0hm/JA4Yho1mXOyYQhRKBRsF+Iz1tAhkpEVx+GxnqbJDD7kSYSC0J0Ks6lYkqq6l
hYjTS8iwFkPnuGYuvNJg1zdtnOdx8X7Y0HZflhHDa92n22wGK/5Y0nt7Rp8c7I8+
D1zemLUd1Y5hyhPos0mnk9L4hQQtuxbh4YqQ8P4qT5O3LxSyUFU4qmgNeakPTnaC
jk1air6HKvIzs9h9HPCtMImUziVd0Sl+MYnZU6UqNJBvOyqMx3DVLo6iT2/O7bqq
6fw+8iWIvQq2aXQI5PAShPIHRwIDAQABo4IDVDCCA1AwHQYDVR0OBBYEFEVvEgxh
mhosIZ3ZatHvvBkhA/GjMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRjQyNzZGOEU1
N0VFMTFFRTlDMzBFRTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgd0GCCsGAQUFBwEHAQH/
BIHNMIHKMIHHBAIAATCBwAMEAGcLPDAMAwQCccvUAwQAccvYAwQAccvaAwQAccvc
AwQAccveMAwDBABxy+MDBABxy+YwDAMEAXHL6gMEAHHL8DAMAwQAccv9AwQAccv+
AwQBtLKAMAwDBAK0soQDBAK0sogDBAG0spQwDAMEALSyoQMEALSyogMEArSypDAM
AwQCtLKsAwQAtLKwAwQAtLKyAwQCtLK0AwQAtLK5MAwDBAC0srsDBAa0soAwDAME
Ad8d4gMEA98d4AMEAN8d6zANBgkqhkiG9w0BAQsFAAOCAQEAJxLauSaTwwzGb+Ps
fJqsrVmyKIttPpUZZ9IFa9tqo62hovr6JWg1bUQcV6npyWA2d7FTZwMbZh38t/5L
d/xZnW5FcrB3M5TwXCx9yEuhUMbS65xUuWRZVCj/c9V2OLfir1+rrALDvdyiYZcs
I8mE0s07sE+674XAEukoLhkM8IHqZlW3szzJzb5oSy5gGgkUeSoYM7WsbAGGMP2k
Uhxcp0DE+vFbTIMtWvs2YaMqIWywhVKNhL6Cy4K1fNPLLOY3/NlVHcB+pEbzTGil
zt77QEyWF7Z+/Boazzxw1y9O/o1HGh8S7kVclIQsZOBJcV3o2ONANHSoCFjT0Tdt
omYV7g==
-----END CERTIFICATE-----
Generated at Mon Sep 25 16:53:08 2023 by rpki-client on console-ams.rpki-client.org