Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/90A91E28C69F11EF8DC1B95EC4F9AE02.roa
File: 90A91E28C69F11EF8DC1B95EC4F9AE02.roa (raw, json)
Hash identifier: bVhjclsZaiCLMRFoBkc0YUv7tzzeSqQRWVDvu15Ndc0=
Subject key identifier: 41:BF:BE:68:6E:16:D3:F4:76:62:9D:1F:E2:77:01:8D:48:46:08:D0
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 2092
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/90A91E28C69F11EF8DC1B95EC4F9AE02.roa
Signing time: Mon 30 Dec 2024 11:16:50 +0000
ROA not before: Mon 30 Dec 2024 11:16:50 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 213990
IP address blocks: 113.203.233.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
115.167.62.0/23 maxlen: 23
175.110.64.0/22 maxlen: 22
223.29.226.0/24 maxlen: 24
223.29.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 11:18:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8338 (0x2092)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Dec 30 11:16:50 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67728122-82dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:87:11:ef:dd:36:52:a9:9a:ef:4d:7d:e7:f3:
d7:81:d6:fa:2e:a0:a1:3c:2c:73:09:05:58:11:ad:
f7:fb:28:ef:f6:ac:da:98:d2:e5:6a:0e:ec:c8:7d:
f0:a4:64:0d:ec:1d:05:fe:51:04:f7:22:4d:0f:31:
e9:f4:2c:85:36:da:af:51:5c:22:f0:57:85:77:89:
ac:59:82:71:5d:a1:65:7e:97:95:bc:2d:ae:58:ce:
50:22:ed:94:8f:bc:e6:03:e8:5d:6d:f0:8e:40:d4:
88:2a:e8:fc:68:92:8f:79:93:b9:a1:be:c7:b3:6e:
e3:81:19:93:a6:13:b9:7a:d3:2f:ac:cc:d2:17:a4:
41:26:a7:c5:0d:31:cc:4d:cf:54:ad:20:f6:1a:3f:
f5:be:ff:c5:29:61:32:62:dc:14:2d:2f:1b:94:c8:
02:90:76:f7:14:07:61:a5:ed:fb:07:61:3f:a7:c4:
c7:59:00:cf:40:51:2e:3a:5f:c0:a9:46:b6:d4:8f:
f3:10:d5:b3:dd:8d:30:24:9a:71:91:c0:74:60:60:
9a:02:c1:93:51:42:e7:c2:67:85:3c:54:a1:f9:39:
0f:d5:99:74:f5:a3:26:59:5b:5c:ca:a8:ac:22:12:
05:1e:a0:a0:11:66:90:64:3f:8e:1f:ea:35:bf:92:
8b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BF:BE:68:6E:16:D3:F4:76:62:9D:1F:E2:77:01:8D:48:46:08:D0
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/90A91E28C69F11EF8DC1B95EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.233.0/24
113.203.245.0/24
115.167.62.0/23
175.110.64.0/22
223.29.226.0/24
223.29.229.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:03:50:d1:cd:c6:a6:65:cc:fc:58:cf:3e:dc:e1:37:40:87:
26:4f:3c:df:86:d8:65:e4:0d:49:58:87:7f:1f:33:1f:91:5c:
c1:13:5b:2f:33:1a:f1:6b:33:f1:bc:1a:70:78:66:0c:ef:64:
78:22:8f:2c:6d:34:ef:dc:16:6b:a1:f7:80:56:a7:71:9a:95:
19:c2:50:ae:7d:ee:63:3c:9e:68:d7:21:7b:81:f6:df:b9:36:
ad:99:ca:c7:0c:39:47:71:53:7f:df:db:58:c2:a0:98:d6:89:
1d:80:17:31:8e:47:83:cc:67:6f:32:f9:ef:1a:77:e8:e3:bb:
c4:4e:9e:00:de:ec:78:98:ae:dc:89:23:ef:69:5a:42:86:f5:
5f:06:35:d4:fb:cd:7d:31:58:a2:5d:1d:aa:16:b8:9f:5f:5d:
17:9b:05:f7:81:6e:9c:4f:79:ac:81:5b:5e:72:8a:90:0b:fb:
49:f4:9a:3b:95:f7:56:6b:78:e7:83:33:b4:3e:1d:e0:4b:da:
48:d0:b9:f1:f5:22:73:d8:61:9c:a3:f7:e0:07:cf:90:a2:a3:
5c:95:aa:17:33:57:bd:35:d4:54:ab:1b:fa:af:56:21:a1:77:
95:0b:69:19:9a:04:41:f5:da:8c:7c:45:2c:55:77:fa:3f:9a:
fb:44:6e:43
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICIJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMjMwMTExNjUwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcyODEyMi04MmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuocR7902Uqma70195/PXgdb6LqChPCxzCQVYEa33+yjv9qzamNLlag7syH3w
pGQN7B0F/lEE9yJNDzHp9CyFNtqvUVwi8FeFd4msWYJxXaFlfpeVvC2uWM5QIu2U
j7zmA+hdbfCOQNSIKuj8aJKPeZO5ob7Hs27jgRmTphO5etMvrMzSF6RBJqfFDTHM
Tc9UrSD2Gj/1vv/FKWEyYtwULS8blMgCkHb3FAdhpe37B2E/p8THWQDPQFEuOl/A
qUa21I/zENWz3Y0wJJpxkcB0YGCaAsGTUULnwmeFPFSh+TkP1Zl09aMmWVtcyqis
IhIFHqCgEWaQZD+OH+o1v5KLOQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFEG/vmhu
FtP0dmKdH+J3AY1IRgjQMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOTBBOTFFMjhD
NjlGMTFFRjhEQzFCOTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBABxy+kDBABxy/UDBAFzpz4DBAKvbkADBADfHeIDBADfHeUw
DQYJKoZIhvcNAQELBQADggEBADsDUNHNxqZlzPxYzz7c4TdAhyZPPN+G2GXkDUlY
h38fMx+RXMETWy8zGvFrM/G8GnB4ZgzvZHgijyxtNO/cFmuh94BWp3GalRnCUK59
7mM8nmjXIXuB9t+5Nq2ZyscMOUdxU3/f21jCoJjWiR2AFzGOR4PMZ28y+e8ad+jj
u8ROngDe7HiYrtyJI+9pWkKG9V8GNdT7zX0xWKJdHaoWuJ9fXRebBfeBbpxPeayB
W15yipAL+0n0mjuV91ZreOeDM7Q+HeBL2kjQufH1InPYYZyj9+AHz5Cio1yVqhcz
V7011FSrG/qvViGhd5ULaRmaBEH12ox8RSxVd/o/mvtEbkM=
-----END CERTIFICATE-----
Generated at Mon May 12 22:08:15 2025 by rpki-client