Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0802DB4E993711EF8158D33BC4F9AE02.roa
File: 0802DB4E993711EF8158D33BC4F9AE02.roa (raw, json)
Hash identifier: P55zFRchim8WySHs/+xyu13k8uKYShQalglDKGJ7VZY=
Subject key identifier: 05:8C:D4:83:85:59:CE:DC:56:45:AE:26:05:66:DB:EB:D3:D8:37:21
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0B46
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0802DB4E993711EF8158D33BC4F9AE02.roa
Signing time: Sat 02 Nov 2024 16:25:11 +0000
ROA not before: Sat 02 Nov 2024 16:25:11 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 55154
IP address blocks: 14.192.134.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 13:42:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2886 (0xb46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Nov 2 16:25:11 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67265267-95d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:67:67:5b:36:c3:a2:38:49:9c:7d:3e:d4:e1:
08:b7:24:f4:1c:c9:5e:55:94:77:78:72:9b:33:59:
6c:3c:ca:3f:58:90:ec:7d:81:14:5d:45:f4:3e:be:
cb:7b:a2:04:81:ba:6c:bd:18:3e:51:f1:b4:3f:b3:
46:1b:87:a2:ee:17:9d:57:dc:53:d2:19:7e:fc:f3:
0a:df:0a:79:93:fe:35:e4:5d:ff:ce:6e:01:32:57:
07:11:80:0f:54:c1:18:68:6f:98:ae:76:d0:83:11:
cf:58:39:21:28:f6:5e:42:3c:8e:78:39:b3:b5:4a:
1b:f1:8e:0c:57:75:1b:17:2a:ac:a8:40:20:78:c0:
fb:b6:68:06:46:f7:28:8a:fa:97:77:db:dc:d2:f6:
76:70:3d:1a:02:a6:f3:ff:82:83:14:40:91:02:01:
c4:e9:e2:3a:29:5a:68:6b:d3:3f:ea:32:b6:f5:63:
81:c1:53:80:58:10:5d:70:d4:cd:07:a0:26:77:7c:
9e:0a:4f:cc:a8:ab:49:6a:00:19:ca:6c:de:18:e8:
0b:80:04:ce:00:6e:bb:e3:db:f1:5b:9d:bf:48:00:
54:32:97:40:8e:e8:3d:81:8d:bb:97:bb:8d:fb:aa:
d2:48:8c:c9:da:f9:7a:be:b1:24:b6:4b:09:70:b1:
ef:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8C:D4:83:85:59:CE:DC:56:45:AE:26:05:66:DB:EB:D3:D8:37:21
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0802DB4E993711EF8158D33BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.134.0/24
14.192.142.0/24
103.20.135.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:7f:53:f9:80:40:07:1d:60:bc:3e:53:eb:2a:85:12:a0:db:
40:58:cf:07:e0:d4:4a:b6:d9:d4:44:c0:15:83:f3:ae:b2:97:
9a:46:4a:80:af:e7:96:19:53:c8:9b:87:97:f7:f5:4f:b9:6a:
05:73:3d:d0:81:f6:af:20:b8:b4:9b:52:cf:fc:29:5b:44:e3:
bd:17:2c:91:a1:19:c4:e3:a7:f5:5d:0d:32:1f:e6:73:be:10:
29:93:91:f6:62:8a:7e:42:e2:db:be:63:20:c3:3d:e9:a1:63:
77:1d:79:ac:c6:0e:d1:ee:19:55:63:9a:34:a4:f6:52:41:19:
00:0b:3c:35:01:1b:7d:d5:90:eb:41:3d:88:8c:8d:7f:4a:84:
8e:34:1e:96:64:4f:a8:40:a3:a6:75:de:8e:34:30:dd:e8:59:
69:b2:0c:a9:b9:9d:94:30:a3:87:5e:1e:ee:84:c1:1a:86:c7:
f2:df:44:8d:d6:2e:23:e2:2c:ca:4f:4c:a9:66:63:51:fe:b7:
ec:96:6f:d0:93:d9:38:df:ad:f0:0e:c2:62:a7:95:7b:3d:1e:
ad:1b:68:c4:08:59:8c:2a:d4:a0:c9:e5:27:c3:f0:8b:4c:42:
00:06:35:65:8c:e6:ef:2f:06:df:fa:dd:c3:32:80:10:85:18:
52:9b:f0:4a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICC0YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQxMTAyMTYyNTExWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI2NTI2Ny05NWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3GdnWzbDojhJnH0+1OEItyT0HMleVZR3eHKbM1lsPMo/WJDsfYEUXUX0Pr7L
e6IEgbpsvRg+UfG0P7NGG4ei7hedV9xT0hl+/PMK3wp5k/415F3/zm4BMlcHEYAP
VMEYaG+YrnbQgxHPWDkhKPZeQjyOeDmztUob8Y4MV3UbFyqsqEAgeMD7tmgGRvco
ivqXd9vc0vZ2cD0aAqbz/4KDFECRAgHE6eI6KVpoa9M/6jK29WOBwVOAWBBdcNTN
B6Amd3yeCk/MqKtJagAZymzeGOgLgATOAG6749vxW52/SABUMpdAjug9gY27l7uN
+6rSSIzJ2vl6vrEktksJcLHvRQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAWM1IOF
Wc7cVkWuJgVm2+vT2DchMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMDgwMkRCNEU5
OTM3MTFFRjgxNThEMzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAOwIYDBAAOwI4DBABnFIcwDQYJKoZIhvcNAQELBQADggEB
AH1/U/mAQAcdYLw+U+sqhRKg20BYzwfg1Eq22dREwBWD866yl5pGSoCv55YZU8ib
h5f39U+5agVzPdCB9q8guLSbUs/8KVtE470XLJGhGcTjp/VdDTIf5nO+ECmTkfZi
in5C4tu+YyDDPemhY3cdeazGDtHuGVVjmjSk9lJBGQALPDUBG33VkOtBPYiMjX9K
hI40HpZkT6hAo6Z13o40MN3oWWmyDKm5nZQwo4deHu6EwRqGx/LfRI3WLiPiLMpP
TKlmY1H+t+yWb9CT2TjfrfAOwmKnlXs9Hq0baMQIWYwq1KDJ5SfD8ItMQgAGNWWM
5u8vBt/63cMygBCFGFKb8Eo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:06 2025 by rpki-client