Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8F21AE70EF8B11EF935A845BC4F9AE02.roa
File: 8F21AE70EF8B11EF935A845BC4F9AE02.roa (raw, json)
Hash identifier: zRLmKxCQLH6iUkSnK2d1zvqVm/qpk89VxPKK2ZR5l7w=
Subject key identifier: 30:24:E2:7B:C0:BD:77:26:AC:52:39:41:EA:72:3A:43:7B:0C:CE:96
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 23CA
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8F21AE70EF8B11EF935A845BC4F9AE02.roa
Signing time: Thu 20 Feb 2025 13:06:55 +0000
ROA not before: Thu 20 Feb 2025 13:06:55 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 60721
IP address blocks: 113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.230.0/24 maxlen: 24
113.203.241.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.248.0/24 maxlen: 24
113.203.252.0/24 maxlen: 24
113.203.253.0/24 maxlen: 24
113.203.254.0/24 maxlen: 24
115.167.9.0/24 maxlen: 24
115.167.76.0/24 maxlen: 24
223.29.228.0/24 maxlen: 24
223.29.229.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.231.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Mar 2025 06:38:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9162 (0x23ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Feb 20 13:06:55 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67b728ef-3eb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3e:a3:ec:2b:71:d9:e0:45:26:73:bb:dd:86:
52:08:19:da:8a:d6:47:f7:65:8f:15:f4:e2:75:d6:
b8:2e:d8:96:48:f1:28:1e:76:a8:45:4b:0d:c9:ec:
96:64:78:a4:5e:4d:af:48:1d:2b:76:87:61:2a:7c:
97:1f:0c:10:ac:9a:bf:3f:e4:47:7c:a8:5d:44:73:
dc:b5:ec:c0:0f:55:5e:96:f1:4d:f6:9d:3e:d0:3b:
a4:18:ab:2a:e3:15:c7:86:ae:29:c1:17:db:df:50:
d4:a6:0f:f2:dc:d2:06:bf:1f:7e:43:99:a9:0c:0b:
df:03:fd:83:7a:82:6c:b1:29:90:d6:7f:4f:4d:2b:
fa:c1:0d:75:57:de:bc:dd:54:11:44:a2:58:96:c1:
b3:a6:58:4e:62:4c:58:d2:54:4e:14:81:eb:ce:28:
a6:6c:85:74:6a:fe:39:9f:e9:84:a1:82:9b:70:57:
2e:3d:59:c8:d7:20:cf:fa:a4:28:12:ef:aa:da:84:
6e:08:93:96:46:ea:b6:70:9c:20:c9:28:7f:9c:59:
d4:46:49:2a:38:f6:36:b2:ea:6f:de:52:09:3d:2b:
21:49:a7:32:15:a0:6d:a0:a9:0f:2f:b8:63:ff:5d:
29:61:c2:b5:cb:d6:6e:1e:a8:29:6c:20:85:c6:f4:
a9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:24:E2:7B:C0:BD:77:26:AC:52:39:41:EA:72:3A:43:7B:0C:CE:96
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/8F21AE70EF8B11EF935A845BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.228.0-113.203.230.255
113.203.241.0-113.203.242.255
113.203.244.0/24
113.203.248.0/24
113.203.252.0-113.203.254.255
115.167.9.0/24
115.167.76.0/24
223.29.228.0/22
223.29.235.0/24
223.29.237.0-223.29.239.255
Signature Algorithm: sha256WithRSAEncryption
18:5c:c5:b8:a9:6c:81:d8:72:b4:8d:0f:40:3f:4b:51:ad:cf:
fa:48:16:ac:ef:a7:84:c6:76:5b:04:1c:0a:26:51:fb:60:2c:
ab:8c:50:4a:21:85:73:51:77:c1:68:bd:63:bf:b7:98:79:2a:
b2:44:f3:5b:f1:32:b0:30:30:4a:a0:07:e6:03:b2:c3:f6:aa:
00:65:11:a0:94:33:d8:07:52:04:a4:c1:b4:12:e9:09:7c:9b:
79:7e:f7:3f:4b:cd:70:57:5c:cf:21:e1:3f:94:f7:37:8f:d3:
87:2d:65:24:92:92:02:a9:af:db:ea:f9:88:13:90:86:36:e0:
e7:4a:d7:69:ff:b5:89:6b:39:d1:5e:4c:15:6b:90:ef:6b:d5:
cf:bb:7c:95:81:ee:7b:89:58:98:06:d2:79:de:f1:46:13:eb:
73:b9:da:61:7e:a6:6c:c3:e4:a5:1e:09:74:0d:e1:e7:d1:9a:
ec:51:89:49:bb:fe:60:b9:a2:49:80:eb:81:b7:9f:fe:fa:8b:
47:e9:cd:25:46:b7:6a:d9:7c:47:04:68:b1:8a:0a:c7:87:10:
63:35:59:02:b7:33:28:c5:eb:6a:38:d0:f9:84:3d:d2:6e:70:
4d:1d:de:14:c1:c2:0e:79:55:a7:f5:d0:ad:c4:0d:12:09:f3:
ce:f2:42:a0
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgICI8owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMjIwMTMwNjU1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3MjhlZi0zZWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzj6j7Ctx2eBFJnO73YZSCBnaitZH92WPFfTidda4LtiWSPEoHnaoRUsNyeyW
ZHikXk2vSB0rdodhKnyXHwwQrJq/P+RHfKhdRHPctezAD1VelvFN9p0+0DukGKsq
4xXHhq4pwRfb31DUpg/y3NIGvx9+Q5mpDAvfA/2DeoJssSmQ1n9PTSv6wQ11V968
3VQRRKJYlsGzplhOYkxY0lROFIHrziimbIV0av45n+mEoYKbcFcuPVnI1yDP+qQo
Eu+q2oRuCJOWRuq2cJwgySh/nFnURkkqOPY2supv3lIJPSshSacyFaBtoKkPL7hj
/10pYcK1y9ZuHqgpbCCFxvSp9wIDAQABo4IC6zCCAucwHQYDVR0OBBYEFDAk4nvA
vXcmrFI5QepyOkN7DM6WMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOEYyMUFFNzBF
RjhCMTFFRjkzNUE4NDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdQYIKwYBBQUHAQcBAf8E
ZjBkMGIEAgABMFwwDAMEAnHL5AMEAHHL5jAMAwQAccvxAwQAccvyAwQAccv0AwQA
ccv4MAwDBAJxy/wDBABxy/4DBABzpwkDBABzp0wDBALfHeQDBADfHeswDAMEAN8d
7QMEBN8d4DANBgkqhkiG9w0BAQsFAAOCAQEAGFzFuKlsgdhytI0PQD9LUa3P+kgW
rO+nhMZ2WwQcCiZR+2Asq4xQSiGFc1F3wWi9Y7+3mHkqskTzW/EysDAwSqAH5gOy
w/aqAGURoJQz2AdSBKTBtBLpCXybeX73P0vNcFdczyHhP5T3N4/Thy1lJJKSAqmv
2+r5iBOQhjbg50rXaf+1iWs50V5MFWuQ72vVz7t8lYHue4lYmAbSed7xRhPrc7na
YX6mbMPkpR4JdA3h59Ga7FGJSbv+YLmiSYDrgbef/vqLR+nNJUa3atl8RwRosYoK
x4cQYzVZArczKMXrajjQ+YQ90m5wTR3eFMHCDnlVp/XQrcQNEgnzzvJCoA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:46:05 2025 by rpki-client