Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/C0C5CEF2CB9411EC87C24075C4F9AE02.roa
File: C0C5CEF2CB9411EC87C24075C4F9AE02.roa (raw, json)
Hash identifier: UPMU+HrzpRT4n7lrEPAAUGOxakEyPhOy+IJ1ffPQYjU=
Subject key identifier: B7:23:B6:72:1B:4D:13:5D:5D:C0:AC:78:A0:DA:F0:B5:38:88:4F:88
Certificate issuer: /CN=A914E93F/serialNumber=B2F8AB00D57464DD5D05A45A47C420F5F896B8FC
Certificate serial: 1319
Authority key identifier: B2:F8:AB:00:D5:74:64:DD:5D:05:A4:5A:47:C4:20:F5:F8:96:B8:FC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/svirANV0ZN1dBaRaR8Qg9fiWuPw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/C0C5CEF2CB9411EC87C24075C4F9AE02.roa
Signing time: Wed 26 Jun 2024 17:47:30 +0000
ROA not before: Wed 26 Jun 2024 17:47:30 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 135542
IP address blocks: 14.192.48.0/24 maxlen: 24
14.192.49.0/24 maxlen: 24
14.192.50.0/24 maxlen: 24
14.192.51.0/24 maxlen: 24
103.64.12.0/24 maxlen: 24
103.64.13.0/24 maxlen: 24
103.78.242.0/24 maxlen: 24
103.78.243.0/24 maxlen: 24
2001:df2:8e00::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Aug 2024 10:40:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4889 (0x1319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914E93F/serialNumber=B2F8AB00D57464DD5D05A45A47C420F5F896B8FC
Validity
Not Before: Jun 26 17:47:30 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=667c5432-ecaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9f:e4:a9:7f:5c:fd:0c:04:41:1c:ea:6b:b0:
77:50:b7:39:cb:9e:62:86:62:32:89:e5:35:44:b1:
6f:82:cb:00:ca:6f:4f:14:d7:b4:bb:3a:33:07:c8:
fd:df:83:0d:46:71:05:2f:82:29:4f:e8:47:fe:ca:
e6:88:04:bd:be:31:5f:be:9f:bc:07:30:79:a5:5e:
ae:02:b6:ac:f7:17:24:78:81:55:70:e6:03:be:1c:
b0:32:c3:d6:0e:83:f6:9d:41:3a:24:bd:4b:66:5b:
db:d8:48:0c:65:8c:79:cf:77:26:c5:07:7f:87:d8:
58:bc:cb:4c:76:75:e3:b0:01:87:d3:e4:cf:d8:ac:
69:46:26:c3:7f:19:18:3b:7d:b7:70:6a:33:2f:bd:
48:6d:4b:53:34:a4:da:6d:25:b0:c0:08:43:c4:3a:
40:07:d1:57:17:f5:ed:df:df:38:01:a6:1b:8c:00:
08:41:fb:87:3e:74:1e:78:cb:20:72:d1:10:3d:2c:
2c:80:4c:da:36:ef:eb:c4:8d:5e:a6:5d:32:38:de:
22:1b:87:11:5c:5d:d9:6a:0f:82:db:b3:d7:25:85:
c6:2b:8d:db:8f:fd:d9:8e:f8:97:b5:37:37:ae:2b:
11:a9:f3:27:bb:c6:d2:bb:40:0b:fd:15:80:bc:2a:
d8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:23:B6:72:1B:4D:13:5D:5D:C0:AC:78:A0:DA:F0:B5:38:88:4F:88
X509v3 Authority Key Identifier:
keyid:B2:F8:AB:00:D5:74:64:DD:5D:05:A4:5A:47:C4:20:F5:F8:96:B8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/svirANV0ZN1dBaRaR8Qg9fiWuPw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/svirANV0ZN1dBaRaR8Qg9fiWuPw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/C0C5CEF2CB9411EC87C24075C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.48.0/22
103.64.12.0/23
103.78.242.0/23
IPv6:
2001:df2:8e00::/48
Signature Algorithm: sha256WithRSAEncryption
4e:cc:cf:e8:06:5e:01:b6:da:89:6b:c8:81:e8:d7:64:bb:c9:
58:03:26:23:cb:99:75:b8:62:fb:40:45:12:ff:90:97:82:94:
58:d9:41:29:f4:20:d5:e1:cc:4f:09:99:44:67:dc:cf:78:97:
51:7d:65:ef:d8:5d:13:3d:f5:0d:b5:34:5c:0a:35:14:cd:0f:
53:39:71:05:7d:00:fa:51:6b:20:bc:db:45:7a:c0:06:b5:10:
bb:c1:93:27:ca:91:8e:86:11:1e:84:f2:87:3e:38:41:60:26:
b3:5c:9e:a1:b6:39:24:84:60:90:0e:3a:24:3b:c8:01:e2:62:
00:d2:01:72:3c:e7:19:af:26:15:69:64:2a:66:55:0a:7f:c0:
22:fd:87:ec:73:de:e7:1f:00:61:99:08:56:c8:63:c0:8b:d4:
11:21:54:e0:f2:c3:94:29:bc:53:9d:f6:90:c4:2e:03:8b:6e:
43:df:46:76:1f:41:2e:54:7a:b9:b6:33:32:f3:e5:75:83:c4:
48:c3:29:eb:c4:81:37:8f:b9:26:7f:8d:dc:f9:50:01:46:74:
38:34:b8:d7:07:52:bd:1f:89:a0:8a:3b:68:14:89:69:2f:a2:
a1:d5:0d:d9:0b:c6:2e:12:7b:f4:47:6d:f7:4b:b1:38:79:7c:
2a:6a:6b:f0
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICExkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEU5M0YxMTAvBgNVBAUTKEIyRjhBQjAwRDU3NDY0REQ1RDA1QTQ1QTQ3QzQyMEY1
Rjg5NkI4RkMwHhcNMjQwNjI2MTc0NzMwWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdjNTQzMi1lY2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqZ/kqX9c/QwEQRzqa7B3ULc5y55ihmIyieU1RLFvgssAym9PFNe0uzozB8j9
34MNRnEFL4IpT+hH/srmiAS9vjFfvp+8BzB5pV6uAras9xckeIFVcOYDvhywMsPW
DoP2nUE6JL1LZlvb2EgMZYx5z3cmxQd/h9hYvMtMdnXjsAGH0+TP2KxpRibDfxkY
O323cGozL71IbUtTNKTabSWwwAhDxDpAB9FXF/Xt3984AaYbjAAIQfuHPnQeeMsg
ctEQPSwsgEzaNu/rxI1epl0yON4iG4cRXF3Zag+C27PXJYXGK43bj/3ZjviXtTc3
risRqfMnu8bSu0AL/RWAvCrYgQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFLcjtnIb
TRNdXcCseKDa8LU4iE+IMB8GA1UdIwQYMBaAFLL4qwDVdGTdXQWkWkfEIPX4lrj8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTkzRi8yRUQ3NzVEQUEz
NkMxMUU4OTE0MDU5MjZDNEY5QUUwMi9zdmlyQU5WMFpOMWRCYVJhUjhRZzlmaVd1
UHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3N2aXJBTlYwWk4xZEJhUmFSOFFnOWZpV3VQdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEU5M0YvMkVENzc1REFBMzZDMTFFODkxNDA1OTI2QzRGOUFFMDIvQzBDNUNFRjJD
Qjk0MTFFQzg3QzI0MDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAIOwDADBAFnQAwDBAFnTvIwDwQCAAIwCQMHACABDfKOADAN
BgkqhkiG9w0BAQsFAAOCAQEATszP6AZeAbbaiWvIgejXZLvJWAMmI8uZdbhi+0BF
Ev+Ql4KUWNlBKfQg1eHMTwmZRGfcz3iXUX1l79hdEz31DbU0XAo1FM0PUzlxBX0A
+lFrILzbRXrABrUQu8GTJ8qRjoYRHoTyhz44QWAms1yeobY5JIRgkA46JDvIAeJi
ANIBcjznGa8mFWlkKmZVCn/AIv2H7HPe5x8AYZkIVshjwIvUESFU4PLDlCm8U532
kMQuA4tuQ99Gdh9BLlR6ubYzMvPldYPESMMp68SBN4+5Jn+N3PlQAUZ0ODS41wdS
vR+JoIo7aBSJaS+iodUN2QvGLhJ79Edt90uxOHl8Kmpr8A==
-----END CERTIFICATE-----
Generated at Thu Aug 22 16:53:01 2024 by rpki-client on console-ams.rpki-client.org