Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D33C22B891FB11EF998CA14AC4F9AE02.roa
File: D33C22B891FB11EF998CA14AC4F9AE02.roa (raw, json)
Hash identifier: JPgG6f46ttPg/F1oUpat1Rp40aWYI7QvXls1FUyFhdA=
Subject key identifier: A6:63:3C:0D:F3:DC:A4:14:A2:67:FF:D4:FB:68:B5:5E:E0:A6:1A:BB
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 18FD
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D33C22B891FB11EF998CA14AC4F9AE02.roa
Signing time: Thu 24 Oct 2024 11:33:45 +0000
ROA not before: Thu 24 Oct 2024 11:33:45 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 43.226.224.0/22 maxlen: 24
103.11.63.0/24 maxlen: 24
115.167.125.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
202.92.26.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Oct 2024 06:37:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6397 (0x18fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Oct 24 11:33:45 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=671a3098-3a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1c:be:3d:e5:a9:90:78:6d:c8:ce:fb:13:d1:
e0:7e:04:31:d3:3e:39:62:21:fe:6a:6c:40:34:8a:
7e:95:1e:47:b0:6c:ec:c8:a8:e9:ef:25:b3:d5:9f:
a2:97:b3:1c:25:90:30:95:8a:e0:1c:89:e7:6b:83:
43:db:76:5c:fe:48:b3:eb:c1:65:81:ec:fe:ce:f8:
1d:e9:6e:e2:52:b6:22:fc:90:c3:19:bd:61:e9:94:
c1:68:e1:f5:ee:0f:9a:4a:ae:49:43:a2:3e:0b:3e:
8b:75:fa:eb:09:a4:8d:34:a1:f1:aa:cf:99:ee:5a:
03:5d:05:e8:02:30:af:52:4d:26:57:ee:09:db:25:
95:9b:28:30:17:95:9c:5a:cd:be:ca:8d:b4:5c:14:
10:d8:cc:2f:27:ec:02:28:a9:bb:41:14:ad:de:b5:
c1:46:e4:c0:d7:8d:bf:63:56:71:8a:17:45:a1:a4:
68:cc:c7:49:ca:ac:bf:50:11:7c:ee:a2:a4:66:21:
8b:22:ba:50:fc:b1:92:20:76:e6:85:21:19:f1:c5:
14:1c:97:af:a9:fb:ed:b5:2f:6c:a3:40:cc:16:65:
ba:ce:57:81:5c:59:d9:46:2c:18:b5:8d:06:e6:69:
10:b1:be:df:ee:3e:99:ab:37:b5:46:35:3b:1a:c3:
23:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:63:3C:0D:F3:DC:A4:14:A2:67:FF:D4:FB:68:B5:5E:E0:A6:1A:BB
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D33C22B891FB11EF998CA14AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.224.0/22
103.11.63.0/24
115.167.125.0/24
180.178.142.0/24
202.92.26.0/24
223.29.239.0/24
Signature Algorithm: sha256WithRSAEncryption
14:94:98:06:b5:2c:56:06:58:09:79:d4:01:47:47:f9:9c:ca:
c4:7f:55:27:4a:85:af:99:df:65:d1:77:d4:44:5b:8e:70:52:
2a:ba:2b:3d:da:e0:d0:a2:68:ad:02:96:8d:da:25:3c:ca:7d:
0a:1b:72:9a:80:46:ec:8b:62:92:82:45:c3:36:7e:6c:e0:28:
fd:3a:a3:18:08:b1:ef:c9:f8:b3:9b:d4:c8:53:63:fc:c6:a6:
d2:95:4a:6e:54:ee:99:3b:1f:6e:e7:97:df:b7:33:fc:5a:47:
2b:0b:d9:30:ea:9a:4c:20:ac:96:0b:9c:fc:ab:76:a2:87:d5:
c1:2d:94:d4:17:98:9e:d7:8f:14:1d:fd:20:56:77:4f:54:71:
9a:47:e8:2e:c7:68:9d:09:0c:23:1d:93:47:9c:eb:31:1e:9f:
4a:69:0a:57:2f:4b:d2:d5:a4:36:d0:99:a0:c2:ee:66:70:e2:
eb:4c:57:81:53:ce:60:f8:4a:ef:98:15:06:cc:a4:0d:3a:97:
9c:d5:80:c7:9f:c4:8f:99:f7:d0:5d:94:ce:c6:f4:33:ca:0a:
fd:62:3d:97:10:2c:8c:58:fb:ee:c5:54:f5:3b:ce:c5:23:a3:
fa:b4:31:c9:13:2f:26:f2:1b:f8:c3:76:f3:6d:a7:9f:0d:06:
82:35:ce:9b
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICGP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMDI0MTEzMzQ1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFhMzA5OC0zYTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7By+PeWpkHhtyM77E9HgfgQx0z45YiH+amxANIp+lR5HsGzsyKjp7yWz1Z+i
l7McJZAwlYrgHInna4ND23Zc/kiz68Flgez+zvgd6W7iUrYi/JDDGb1h6ZTBaOH1
7g+aSq5JQ6I+Cz6LdfrrCaSNNKHxqs+Z7loDXQXoAjCvUk0mV+4J2yWVmygwF5Wc
Ws2+yo20XBQQ2MwvJ+wCKKm7QRSt3rXBRuTA142/Y1ZxihdFoaRozMdJyqy/UBF8
7qKkZiGLIrpQ/LGSIHbmhSEZ8cUUHJevqfvttS9so0DMFmW6zleBXFnZRiwYtY0G
5mkQsb7f7j6Zqze1RjU7GsMjywIDAQABo4ICszCCAq8wHQYDVR0OBBYEFKZjPA3z
3KQUomf/1PtotV7gphq7MB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRDMzQzIyQjg5
MUZCMTFFRjk5OENBMTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAIr4uADBABnCz8DBABzp30DBAC0so4DBADKXBoDBADfHe8w
DQYJKoZIhvcNAQELBQADggEBABSUmAa1LFYGWAl51AFHR/mcysR/VSdKha+Z32XR
d9REW45wUiq6Kz3a4NCiaK0Clo3aJTzKfQobcpqARuyLYpKCRcM2fmzgKP06oxgI
se/J+LOb1MhTY/zGptKVSm5U7pk7H27nl9+3M/xaRysL2TDqmkwgrJYLnPyrdqKH
1cEtlNQXmJ7XjxQd/SBWd09UcZpH6C7HaJ0JDCMdk0ec6zEen0ppClcvS9LVpDbQ
maDC7mZw4utMV4FTzmD4Su+YFQbMpA06l5zVgMefxI+Z99BdlM7G9DPKCv1iPZcQ
LIxY++7FVPU7zsUjo/q0MckTLybyG/jDdvNtp58NBoI1zps=
-----END CERTIFICATE-----
Generated at Wed Oct 30 09:11:26 2024 by rpki-client on console.sobornost.net