Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/9673D5D6056111F0A7B47D68C4F9AE02.roa
File: 9673D5D6056111F0A7B47D68C4F9AE02.roa (raw, json)
Hash identifier: n7BRM9+M8ojVriHjbG9uE4OwBon2X2ZKLLrnjrFY6MY=
Subject key identifier: 74:11:58:FE:8A:41:1B:01:23:30:42:3C:8F:4B:A0:8F:D8:3D:F9:17
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 24D8
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/9673D5D6056111F0A7B47D68C4F9AE02.roa
Signing time: Thu 20 Mar 2025 08:02:15 +0000
ROA not before: Thu 20 Mar 2025 08:02:15 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 180.178.152.0/22 maxlen: 22
202.92.19.0/24 maxlen: 24
202.92.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 07:16:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9432 (0x24d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Mar 20 08:02:15 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67dbcb87-8692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a2:dd:df:df:c5:1a:cb:fc:21:23:98:f8:aa:
8a:df:03:1b:41:a0:ac:28:fe:af:4a:24:b0:71:12:
7c:b9:d2:5a:6c:82:43:12:ce:dd:b2:74:32:3a:67:
f9:4b:0c:84:18:99:50:e7:8c:8e:91:87:bc:57:ff:
23:44:54:ee:f8:1a:34:ce:a3:25:c8:d9:ff:3a:9f:
dc:63:88:25:fc:1d:cf:a6:21:49:37:fd:c8:f4:df:
4b:1f:05:eb:ee:62:94:8d:a9:24:3b:9f:df:21:c0:
25:74:d3:12:94:e9:a7:71:3f:48:11:2e:e4:b9:d2:
b2:61:60:ff:a4:46:f0:f8:73:23:f1:b4:1e:0a:b5:
53:60:b2:32:a3:e2:8f:69:85:93:f3:cd:1f:52:b9:
08:7d:1f:ba:1a:ce:4f:f7:d7:0f:7e:fa:f0:12:2e:
3f:46:67:9a:30:97:c9:4c:4e:77:4a:24:97:72:c8:
17:97:20:cb:ff:7c:c6:22:f6:86:e2:cc:d1:46:e6:
4b:82:9f:87:59:66:40:6a:fb:76:ca:7d:98:67:03:
58:6e:02:1a:9e:8a:ca:87:a1:45:17:2f:68:20:10:
b8:81:36:a7:52:8f:dc:7c:97:b8:62:18:29:91:b0:
6f:95:be:6d:97:ba:08:e2:cd:a3:2a:0d:d7:35:3e:
ce:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:11:58:FE:8A:41:1B:01:23:30:42:3C:8F:4B:A0:8F:D8:3D:F9:17
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/9673D5D6056111F0A7B47D68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.178.152.0/22
202.92.19.0/24
202.92.21.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:92:9f:25:44:85:c1:6e:7a:44:ee:f6:44:41:e5:93:9d:f3:
19:63:c6:ec:f2:97:28:ff:b4:6d:e8:cf:98:11:4b:5a:aa:31:
fb:17:e8:82:22:13:8d:b9:63:e4:57:e6:d9:31:3b:a8:21:2c:
ea:fb:6f:ea:02:58:57:49:44:1a:99:7c:f9:41:12:14:a7:5c:
02:e9:80:3b:f6:57:e1:b8:2e:1c:80:2d:35:d2:d8:88:e9:7e:
f9:29:77:37:ed:64:42:e0:74:42:5a:b0:ab:4e:59:84:e1:5e:
55:4f:2a:7e:af:c1:0a:40:99:95:73:5c:c6:aa:01:28:51:e4:
bc:4d:be:91:80:94:82:f9:93:2a:8d:24:a2:ff:15:4c:e5:d5:
03:6c:de:b7:5b:94:64:40:cf:db:46:e1:a5:d1:0a:f9:16:f6:
1c:8a:10:99:0f:ec:38:92:75:d2:ab:76:3f:be:a6:7f:bf:47:
75:19:ef:5f:36:81:54:41:ee:76:b1:d1:8d:93:8b:24:79:29:
a7:a6:45:0c:b1:ea:bd:a0:74:d9:18:6d:b3:fa:8d:72:40:bb:
43:8d:81:b7:be:72:e2:67:14:99:27:dd:69:c5:85:0a:18:05:
88:1b:4b:bf:ad:b5:de:fa:c7:aa:bf:bc:16:d5:e2:a6:a5:53:
0a:0c:4d:44
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICJNgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMzIwMDgwMjE1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RiY2I4Ny04NjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq6Ld39/FGsv8ISOY+KqK3wMbQaCsKP6vSiSwcRJ8udJabIJDEs7dsnQyOmf5
SwyEGJlQ54yOkYe8V/8jRFTu+Bo0zqMlyNn/Op/cY4gl/B3PpiFJN/3I9N9LHwXr
7mKUjakkO5/fIcAldNMSlOmncT9IES7kudKyYWD/pEbw+HMj8bQeCrVTYLIyo+KP
aYWT880fUrkIfR+6Gs5P99cPfvrwEi4/RmeaMJfJTE53SiSXcsgXlyDL/3zGIvaG
4szRRuZLgp+HWWZAavt2yn2YZwNYbgIanorKh6FFFy9oIBC4gTanUo/cfJe4Yhgp
kbBvlb5tl7oI4s2jKg3XNT7OnwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHQRWP6K
QRsBIzBCPI9LoI/YPfkXMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOTY3M0Q1RDYw
NTYxMTFGMEE3QjQ3RDY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAK0spgDBADKXBMDBADKXBUwDQYJKoZIhvcNAQELBQADggEB
AD6SnyVEhcFuekTu9kRB5ZOd8xljxuzylyj/tG3oz5gRS1qqMfsX6IIiE425Y+RX
5tkxO6ghLOr7b+oCWFdJRBqZfPlBEhSnXALpgDv2V+G4LhyALTXS2Ijpfvkpdzft
ZELgdEJasKtOWYThXlVPKn6vwQpAmZVzXMaqAShR5LxNvpGAlIL5kyqNJKL/FUzl
1QNs3rdblGRAz9tG4aXRCvkW9hyKEJkP7DiSddKrdj++pn+/R3UZ7182gVRB7nax
0Y2TiyR5KaemRQyx6r2gdNkYbbP6jXJAu0ONgbe+cuJnFJkn3WnFhQoYBYgbS7+t
td76x6q/vBbV4qalUwoMTUQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:41:24 2025 by rpki-client