Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/601A60C0647311EFA9D3EA21C4F9AE02.roa
File: 601A60C0647311EFA9D3EA21C4F9AE02.roa (raw, json)
Hash identifier: cZM5TOkJ8Dh+PmncL9BU5UKxG2u2WVe5QcCvCuIWZPc=
Subject key identifier: BC:A2:2C:FE:22:53:1A:E7:CF:B8:A4:E9:27:AE:DC:7E:08:5B:3E:2C
Certificate issuer: /CN=A914E93F/serialNumber=B2F8AB00D57464DD5D05A45A47C420F5F896B8FC
Certificate serial: 1340
Authority key identifier: B2:F8:AB:00:D5:74:64:DD:5D:05:A4:5A:47:C4:20:F5:F8:96:B8:FC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/svirANV0ZN1dBaRaR8Qg9fiWuPw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/601A60C0647311EFA9D3EA21C4F9AE02.roa
Signing time: Tue 27 Aug 2024 12:53:37 +0000
ROA not before: Tue 27 Aug 2024 12:53:37 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 135542
IP address blocks: 14.192.48.0/24 maxlen: 24
14.192.49.0/24 maxlen: 24
14.192.51.0/24 maxlen: 24
103.64.12.0/24 maxlen: 24
103.64.13.0/24 maxlen: 24
103.78.242.0/24 maxlen: 24
2001:df2:8e00::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Sep 2024 11:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4928 (0x1340)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914E93F/serialNumber=B2F8AB00D57464DD5D05A45A47C420F5F896B8FC
Validity
Not Before: Aug 27 12:53:37 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66cdcc51-1cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:08:a4:2c:74:87:db:21:35:cd:7e:b4:ff:f1:
60:5c:26:4f:db:b3:1f:38:6b:f0:4b:47:bc:89:85:
f0:c1:04:f6:cc:35:3c:8e:c7:71:b9:56:b7:be:b2:
41:c5:1b:27:7c:01:d2:5e:0f:43:a3:fe:97:87:11:
ed:21:11:59:c0:f4:c4:b1:37:df:b2:f7:02:ca:71:
36:60:2f:c1:ea:51:81:ec:3c:b4:df:11:fa:0f:5d:
21:96:59:0b:78:07:de:23:49:b0:19:20:a8:fb:fe:
ad:48:29:8b:0c:8d:20:5d:2f:fe:fe:a7:14:93:a8:
34:1e:23:34:92:1b:2c:1a:63:47:cd:f8:c1:33:28:
2d:3b:72:48:09:60:39:b0:97:3d:92:6c:16:d2:0a:
0b:27:e1:79:54:f9:8b:ec:81:05:9a:64:c8:0c:3c:
94:a5:ed:f1:d5:36:5d:33:88:6b:b9:4b:e4:6b:65:
b9:21:40:1f:ea:c7:c8:a1:60:f6:b3:b9:29:06:34:
f7:23:fb:e0:eb:3c:0c:36:a7:6c:de:eb:3c:08:42:
37:6c:5d:74:c8:ce:1e:ec:95:d9:6c:94:39:82:ca:
84:dc:62:b2:cb:bb:2b:da:10:e6:0f:20:5d:60:10:
e9:69:c1:d7:2a:bc:2a:23:d8:92:21:43:ba:06:ed:
df:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A2:2C:FE:22:53:1A:E7:CF:B8:A4:E9:27:AE:DC:7E:08:5B:3E:2C
X509v3 Authority Key Identifier:
keyid:B2:F8:AB:00:D5:74:64:DD:5D:05:A4:5A:47:C4:20:F5:F8:96:B8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/svirANV0ZN1dBaRaR8Qg9fiWuPw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/svirANV0ZN1dBaRaR8Qg9fiWuPw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/601A60C0647311EFA9D3EA21C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.48.0/23
14.192.51.0/24
103.64.12.0/23
103.78.242.0/24
IPv6:
2001:df2:8e00::/48
Signature Algorithm: sha256WithRSAEncryption
0d:86:42:a9:e1:94:ab:20:16:28:17:95:73:32:b5:95:82:c2:
7c:34:75:2e:91:28:dc:20:1e:c9:d1:e2:ea:47:54:cf:20:e1:
fa:c3:2e:c5:c9:ec:f7:86:9a:65:b3:cf:33:12:4c:30:22:1e:
57:6a:1d:d9:bf:d4:99:ac:8d:01:1c:59:4e:b1:13:02:18:a6:
ca:b3:53:01:16:72:00:87:41:93:f0:26:e2:5a:e9:09:34:bc:
2c:e0:b2:f0:3a:8d:87:62:2f:30:f7:57:32:5b:50:27:c7:a5:
bb:62:dc:cf:25:f1:94:2f:bd:86:19:34:66:ad:26:0d:eb:8d:
b9:6a:01:dc:74:a0:29:5e:30:d0:5c:be:41:7f:83:65:0c:52:
d0:c5:25:28:2e:52:d4:d8:2e:08:b7:d5:cc:41:3c:b6:5a:7a:
36:2a:e3:c2:50:d4:86:d1:a2:b8:2f:8b:6f:d8:89:a9:01:02:
35:fe:60:71:08:1d:ca:ab:21:f6:9b:b2:b8:b9:f1:e1:c9:b9:
f5:46:b8:bd:29:3a:ab:7f:c3:b8:66:78:19:7e:53:02:80:bd:
58:e6:bc:7c:63:db:47:3f:31:7e:bb:96:f3:ac:83:ea:b9:a8:
90:42:56:1d:4c:b7:a7:d4:b1:2e:67:b1:c4:b8:d4:09:1a:33:
3a:8a:cd:10
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICE0AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEU5M0YxMTAvBgNVBAUTKEIyRjhBQjAwRDU3NDY0REQ1RDA1QTQ1QTQ3QzQyMEY1
Rjg5NkI4RkMwHhcNMjQwODI3MTI1MzM3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNkY2M1MS0xY2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqgikLHSH2yE1zX60//FgXCZP27MfOGvwS0e8iYXwwQT2zDU8jsdxuVa3vrJB
xRsnfAHSXg9Do/6XhxHtIRFZwPTEsTffsvcCynE2YC/B6lGB7Dy03xH6D10hllkL
eAfeI0mwGSCo+/6tSCmLDI0gXS/+/qcUk6g0HiM0khssGmNHzfjBMygtO3JICWA5
sJc9kmwW0goLJ+F5VPmL7IEFmmTIDDyUpe3x1TZdM4hruUvka2W5IUAf6sfIoWD2
s7kpBjT3I/vg6zwMNqds3us8CEI3bF10yM4e7JXZbJQ5gsqE3GKyy7sr2hDmDyBd
YBDpacHXKrwqI9iSIUO6Bu3fjwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFLyiLP4i
Uxrnz7ik6Seu3H4IWz4sMB8GA1UdIwQYMBaAFLL4qwDVdGTdXQWkWkfEIPX4lrj8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTkzRi8yRUQ3NzVEQUEz
NkMxMUU4OTE0MDU5MjZDNEY5QUUwMi9zdmlyQU5WMFpOMWRCYVJhUjhRZzlmaVd1
UHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3N2aXJBTlYwWk4xZEJhUmFSOFFnOWZpV3VQdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEU5M0YvMkVENzc1REFBMzZDMTFFODkxNDA1OTI2QzRGOUFFMDIvNjAxQTYwQzA2
NDczMTFFRkE5RDNFQTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMB4EAgABMBgDBAEOwDADBAAOwDMDBAFnQAwDBABnTvIwDwQCAAIwCQMHACAB
DfKOADANBgkqhkiG9w0BAQsFAAOCAQEADYZCqeGUqyAWKBeVczK1lYLCfDR1LpEo
3CAeydHi6kdUzyDh+sMuxcns94aaZbPPMxJMMCIeV2od2b/UmayNARxZTrETAhim
yrNTARZyAIdBk/Am4lrpCTS8LOCy8DqNh2IvMPdXMltQJ8elu2LczyXxlC+9hhk0
Zq0mDeuNuWoB3HSgKV4w0Fy+QX+DZQxS0MUlKC5S1NguCLfVzEE8tlp6NirjwlDU
htGiuC+Lb9iJqQECNf5gcQgdyqsh9puyuLnx4cm59Ua4vSk6q3/DuGZ4GX5TAoC9
WOa8fGPbRz8xfruW86yD6rmokEJWHUy3p9SxLmexxLjUCRozOorNEA==
-----END CERTIFICATE-----
Generated at Fri Sep 20 15:00:17 2024 by rpki-client on console-ams.rpki-client.org