Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/391EFA9255DA11EEB836ED36C4F9AE02.roa
File: 391EFA9255DA11EEB836ED36C4F9AE02.roa (raw, json)
Hash identifier: kJV2jq3kHcS2hFFKoaOxwSB4oPOQlhFP7d1qWR8oOFg=
Subject key identifier: 98:0E:8D:04:19:F2:9A:34:7E:31:14:93:19:2D:E7:55:39:A7:27:36
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 0D32
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/391EFA9255DA11EEB836ED36C4F9AE02.roa
Signing time: Mon 18 Sep 2023 04:26:17 +0000
ROA not before: Mon 18 Sep 2023 04:26:17 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 115.167.28.0/22 maxlen: 22
202.92.19.0/24 maxlen: 24
202.92.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 10:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3378 (0xd32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Sep 18 04:26:17 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6507d168-a6e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:61:f7:45:01:d2:f5:1f:28:dc:1e:a4:4b:6b:
e3:56:95:2f:43:6e:aa:22:2d:23:66:99:a7:7f:90:
ab:86:52:0a:a4:ca:f0:e7:d5:c9:3a:7e:bc:75:76:
b9:be:bb:9a:e2:76:82:e0:fd:3a:14:31:28:18:45:
f5:a6:dd:20:3c:d0:36:dc:00:f0:c8:95:16:bc:40:
a9:dc:7a:6a:d8:67:b1:fa:19:3d:c2:be:de:ae:bc:
e2:4a:b5:ca:0b:d6:8c:fc:9f:e5:5e:f0:0d:3d:85:
2d:2e:19:c6:61:70:26:96:32:66:b6:d4:c1:91:dd:
66:80:06:ad:58:80:58:27:c5:b1:9f:f6:c0:c9:80:
ff:65:7b:71:0f:ae:c8:12:6e:4e:18:69:5b:7e:7b:
36:ce:90:af:fa:df:db:4f:c7:8b:ea:53:2d:4f:6e:
57:c3:df:e1:03:61:01:17:e0:30:a0:65:db:e7:f3:
c0:89:04:72:db:fc:d4:50:25:24:6c:54:fa:6c:6a:
51:d2:2b:90:91:4b:24:85:85:9a:b7:0e:a8:b8:1c:
53:d0:d0:31:4f:57:2f:83:1a:e5:a2:34:e6:91:07:
c3:e7:54:32:7e:a7:f0:40:82:6f:b1:18:be:cf:40:
22:8b:65:7a:31:4c:12:8d:fe:3c:1e:26:d7:44:d7:
d4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0E:8D:04:19:F2:9A:34:7E:31:14:93:19:2D:E7:55:39:A7:27:36
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/391EFA9255DA11EEB836ED36C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.167.28.0/22
202.92.19.0/24
202.92.21.0/24
Signature Algorithm: sha256WithRSAEncryption
19:51:a8:74:8f:2e:08:57:02:53:d8:a3:64:c9:65:f3:99:43:
b5:b8:0e:60:b5:64:8c:c0:1b:18:16:12:80:a0:0f:34:8e:5c:
97:5d:41:a6:01:f7:43:c9:1b:64:0f:79:b3:bc:01:e4:11:f6:
dd:c4:2e:03:19:e0:1d:23:f6:c8:db:de:7e:cf:ea:f1:1c:c9:
66:89:55:41:4b:11:50:33:65:c3:d2:be:3d:f9:aa:65:dd:c3:
97:07:71:2e:84:51:77:6b:5f:f3:cd:84:71:91:99:d3:17:2b:
b1:ef:3b:96:62:82:0a:7c:71:05:82:f2:f9:16:7e:06:f6:93:
c9:f1:5c:9d:34:fb:43:49:6d:f0:1e:0d:b6:78:5a:c4:de:43:
52:3c:52:aa:60:ec:75:e2:65:d8:86:65:71:ee:41:82:bf:4d:
46:b4:1a:b3:3c:25:3a:36:fe:3f:d9:6e:97:43:18:0f:01:cc:
e7:59:ac:ff:37:6d:a9:91:80:c8:56:28:19:35:9d:cd:f8:d9:
66:9d:e6:82:d7:37:f0:31:30:ea:ac:58:a8:a7:89:97:79:a7:
45:8b:27:7f:3d:06:11:55:52:6f:8f:06:a7:1a:d6:6b:0e:af:
6f:95:e6:9d:c7:83:1d:25:28:91:5f:d0:3c:1e:30:3d:b3:f1:
fb:98:d1:e1
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDTIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjMwOTE4MDQyNjE3WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA3ZDE2OC1hNmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyGH3RQHS9R8o3B6kS2vjVpUvQ26qIi0jZpmnf5CrhlIKpMrw59XJOn68dXa5
vrua4naC4P06FDEoGEX1pt0gPNA23ADwyJUWvECp3Hpq2Gex+hk9wr7errziSrXK
C9aM/J/lXvANPYUtLhnGYXAmljJmttTBkd1mgAatWIBYJ8Wxn/bAyYD/ZXtxD67I
Em5OGGlbfns2zpCv+t/bT8eL6lMtT25Xw9/hA2EBF+AwoGXb5/PAiQRy2/zUUCUk
bFT6bGpR0iuQkUskhYWatw6ouBxT0NAxT1cvgxrlojTmkQfD51QyfqfwQIJvsRi+
z0Aii2V6MUwSjf48HibXRNfUYQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJgOjQQZ
8po0fjEUkxkt51U5pyc2MB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMzkxRUZBOTI1
NURBMTFFRUI4MzZFRDM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJzpxwDBADKXBMDBADKXBUwDQYJKoZIhvcNAQELBQADggEB
ABlRqHSPLghXAlPYo2TJZfOZQ7W4DmC1ZIzAGxgWEoCgDzSOXJddQaYB90PJG2QP
ebO8AeQR9t3ELgMZ4B0j9sjb3n7P6vEcyWaJVUFLEVAzZcPSvj35qmXdw5cHcS6E
UXdrX/PNhHGRmdMXK7HvO5Ziggp8cQWC8vkWfgb2k8nxXJ00+0NJbfAeDbZ4WsTe
Q1I8Uqpg7HXiZdiGZXHuQYK/TUa0GrM8JTo2/j/ZbpdDGA8BzOdZrP83bamRgMhW
KBk1nc342Wad5oLXN/AxMOqsWKiniZd5p0WLJ389BhFVUm+PBqca1msOr2+V5p3H
gx0lKJFf0DweMD2z8fuY0eE=
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:03 2024 by rpki-client on console.sobornost.net