Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/FA81E68CAF7011EE8E33700EC4F9AE02.roa
File: FA81E68CAF7011EE8E33700EC4F9AE02.roa (raw, json)
Hash identifier: 0SRe+378AYHBjO2NDMGIc2EUTTBYBgpBaJa8Xazf6fc=
Subject key identifier: CA:41:17:AA:9C:6B:CD:8B:3A:04:7D:0A:AE:65:9D:17:89:7E:61:74
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 0F6D
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/FA81E68CAF7011EE8E33700EC4F9AE02.roa
Signing time: Fri 12 Jan 2024 08:07:00 +0000
ROA not before: Fri 12 Jan 2024 08:07:00 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138241
IP address blocks: 113.203.208.0/24 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.248.0/24 maxlen: 24
113.203.250.0/24 maxlen: 24
115.167.20.0/22 maxlen: 24
115.167.49.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
115.167.116.0/22 maxlen: 24
115.167.120.0/22 maxlen: 24
175.110.80.0/22 maxlen: 24
175.110.88.0/22 maxlen: 24
175.110.105.0/24 maxlen: 24
175.110.106.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
180.178.152.0/21 maxlen: 21
202.92.18.0/24 maxlen: 24
202.92.20.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
223.29.229.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 10:40:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3949 (0xf6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Jan 12 08:07:00 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65a0f323-94b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:63:96:c5:ee:e2:64:07:33:a0:78:6c:7f:25:
85:21:28:43:61:c1:da:3b:ec:9c:34:fc:e8:bd:70:
bf:89:cd:46:df:76:f7:87:a7:68:c9:8c:4e:40:b4:
41:0a:35:14:20:48:9a:1c:65:ae:ef:36:62:95:65:
7b:3b:b2:1c:4a:82:54:0e:2d:8f:45:bd:98:41:8b:
63:15:18:b9:98:00:ea:4f:ff:34:ef:78:c6:fa:23:
93:b9:bf:fd:de:7d:43:e2:aa:e6:eb:51:d4:fa:49:
81:13:fd:92:56:7b:80:96:0b:97:9e:f8:6e:ed:76:
c1:e9:09:4e:c2:68:62:f6:a1:9e:4c:37:ca:37:f1:
6c:84:47:ac:c4:dc:86:41:3c:84:d9:5d:a3:97:f4:
6e:1f:06:01:3b:f2:4b:ae:63:7f:ae:7a:10:97:14:
e6:54:41:41:85:f5:89:80:0f:31:00:05:16:f2:a9:
f5:4e:91:92:e8:8a:7c:54:f3:0c:c9:78:61:09:e2:
df:96:55:9c:a2:4b:0c:a2:f4:53:38:3b:1f:b3:42:
12:9d:69:14:0b:3c:c0:3b:8d:8b:2e:71:36:6e:4e:
f7:cc:c2:73:74:24:9d:36:d1:71:93:47:bd:38:f7:
e8:8c:01:37:30:3e:1d:96:01:be:ce:fa:0e:62:18:
fd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:41:17:AA:9C:6B:CD:8B:3A:04:7D:0A:AE:65:9D:17:89:7E:61:74
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/FA81E68CAF7011EE8E33700EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.208.0/24
113.203.216.0/24
113.203.231.0/24
113.203.248.0/24
113.203.250.0/24
115.167.20.0/22
115.167.49.0/24
115.167.78.0/24
115.167.116.0-115.167.123.255
175.110.80.0/22
175.110.88.0/22
175.110.105.0-175.110.106.255
175.110.111.0/24
180.178.152.0/21
202.92.18.0/24
202.92.20.0/24
223.29.227.0/24
223.29.229.0-223.29.230.255
223.29.235.0-223.29.236.255
223.29.238.0/24
Signature Algorithm: sha256WithRSAEncryption
19:88:9c:99:3b:2d:89:9f:98:f9:9c:69:b9:e0:c7:a2:4f:e3:
e3:e6:5a:63:30:c7:ca:5a:85:11:4c:f3:64:22:d6:ba:68:56:
8e:a8:4a:8a:bb:03:f7:13:d2:6c:c2:d8:5d:fe:a8:87:dc:e3:
da:34:3f:94:a8:4e:2c:29:62:b1:84:31:a0:d8:ec:77:07:9e:
61:89:2e:78:94:93:8c:53:5c:ed:c8:c9:e7:0b:ab:23:b9:74:
98:7d:08:3b:46:df:4a:7e:c3:46:09:b2:c8:29:e2:10:d2:80:
0f:d2:3e:78:8f:4b:3e:57:15:90:cd:4a:56:41:82:22:1c:ae:
58:6a:26:a2:54:ae:34:6b:50:ca:98:ec:16:ac:e8:a8:44:d5:
fe:5d:c7:8a:ab:a1:ad:e9:98:cd:fa:b4:36:51:ff:2e:92:2e:
f9:b1:38:3f:02:d4:33:66:55:0e:76:bc:65:bf:36:ac:57:73:
4d:e3:54:99:da:6c:77:dc:ed:2b:29:5d:c7:57:15:89:2f:8a:
ac:0c:54:4c:fa:9c:16:7b:d6:52:52:51:c2:42:3f:02:b0:ab:
28:92:6c:8d:9f:59:9a:84:d0:98:9d:20:2b:e4:f7:0a:fb:4c:
22:dd:9a:19:6e:e4:5b:94:7c:80:b3:f1:33:78:78:31:c4:14:
7d:3a:75:75
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgICD20wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwMTEyMDgwNzAwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWEwZjMyMy05NGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAymOWxe7iZAczoHhsfyWFIShDYcHaO+ycNPzovXC/ic1G33b3h6doyYxOQLRB
CjUUIEiaHGWu7zZilWV7O7IcSoJUDi2PRb2YQYtjFRi5mADqT/8073jG+iOTub/9
3n1D4qrm61HU+kmBE/2SVnuAlguXnvhu7XbB6QlOwmhi9qGeTDfKN/FshEesxNyG
QTyE2V2jl/RuHwYBO/JLrmN/rnoQlxTmVEFBhfWJgA8xAAUW8qn1TpGS6Ip8VPMM
yXhhCeLfllWcoksMovRTODsfs0ISnWkUCzzAO42LLnE2bk73zMJzdCSdNtFxk0e9
OPfojAE3MD4dlgG+zvoOYhj9aQIDAQABo4IDLDCCAygwHQYDVR0OBBYEFMpBF6qc
a82LOgR9Cq5lnReJfmF0MB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRkE4MUU2OENB
RjcwMTFFRThFMzM3MDBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbUGCCsGAQUFBwEHAQH/
BIGlMIGiMIGfBAIAATCBmAMEAHHL0AMEAHHL2AMEAHHL5wMEAHHL+AMEAHHL+gME
AnOnFAMEAHOnMQMEAHOnTjAMAwQCc6d0AwQCc6d4AwQCr25QAwQCr25YMAwDBACv
bmkDBACvbmoDBACvbm8DBAO0spgDBADKXBIDBADKXBQDBADfHeMwDAMEAN8d5QME
AN8d5jAMAwQA3x3rAwQA3x3sAwQA3x3uMA0GCSqGSIb3DQEBCwUAA4IBAQAZiJyZ
Oy2Jn5j5nGm54MeiT+Pj5lpjMMfKWoURTPNkIta6aFaOqEqKuwP3E9Jswthd/qiH
3OPaND+UqE4sKWKxhDGg2Ox3B55hiS54lJOMU1ztyMnnC6sjuXSYfQg7Rt9KfsNG
CbLIKeIQ0oAP0j54j0s+VxWQzUpWQYIiHK5YaiaiVK40a1DKmOwWrOioRNX+XceK
q6Gt6ZjN+rQ2Uf8uki75sTg/AtQzZlUOdrxlvzasV3NN41SZ2mx33O0rKV3HVxWJ
L4qsDFRM+pwWe9ZSUlHCQj8CsKsokmyNn1mahNCYnSAr5PcK+0wi3ZoZbuRblHyA
s/EzeHgxxBR9OnV1
-----END CERTIFICATE-----
Generated at Fri Jan 12 13:34:42 2024 by rpki-client on console-ams.rpki-client.org