Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0B84EB2878D911EF9E6B3675C4F9AE02.roa
File: 0B84EB2878D911EF9E6B3675C4F9AE02.roa (raw, json)
Hash identifier: yRX+BocpcxwNxOBYS9Y+owZ60hPK5WK00mlY0FgmKpg=
Subject key identifier: 7D:BB:0D:F7:8C:F3:3B:00:F6:45:78:58:AE:29:EF:39:D0:B2:74:AD
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0ABC
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0B84EB2878D911EF9E6B3675C4F9AE02.roa
Signing time: Sun 22 Sep 2024 11:51:47 +0000
ROA not before: Sun 22 Sep 2024 11:51:47 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/19 maxlen: 19
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 25 Sep 2024 14:08:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2748 (0xabc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Sep 22 11:51:47 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66f004d3-08c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2f:35:6f:23:94:a6:c8:fb:ab:33:d0:52:c0:
1f:78:a3:42:ba:8d:f3:0f:50:98:5c:76:15:94:4b:
c2:52:7a:64:3a:62:10:b0:77:a3:1a:22:78:52:63:
0b:b7:c5:9c:aa:3b:e3:1d:41:14:6d:d0:23:ad:ea:
a5:36:30:8a:72:08:28:83:99:d4:1c:df:3e:bf:8c:
cf:e3:2d:71:fc:d8:fe:c2:7c:7d:81:b8:08:54:75:
2d:70:f8:dc:a6:c5:f8:7e:8f:de:b2:7d:54:20:76:
93:f9:ea:b6:8b:6e:7b:81:c1:c2:86:7e:cc:b5:02:
2d:58:1c:40:8c:72:18:76:69:8f:5f:b6:0d:41:ab:
a5:36:9c:f2:5a:6f:b6:ca:92:10:72:f5:f8:33:52:
23:53:8e:73:99:28:66:14:b7:0b:c5:0c:b3:96:8b:
c9:c9:f9:20:65:df:6a:69:09:38:1e:14:5a:e2:43:
35:88:c2:ac:93:de:26:13:35:06:bc:ba:02:f9:a2:
4c:b1:c3:88:ec:a6:06:ff:d7:23:8d:98:b2:28:d8:
b6:35:2b:5c:c4:fc:f1:04:cd:41:8b:a0:fa:06:81:
f5:da:62:a4:50:5e:28:3b:7f:be:f4:92:54:2d:ba:
f8:9c:07:a5:6f:e7:2c:1d:43:9e:5a:fd:a7:8d:42:
1d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:BB:0D:F7:8C:F3:3B:00:F6:45:78:58:AE:29:EF:39:D0:B2:74:AD
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0B84EB2878D911EF9E6B3675C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0/24
14.192.135.0-14.192.136.255
14.192.139.0/24
14.192.143.0/24
14.192.145.0-14.192.147.255
14.192.149.0-14.192.150.255
14.192.155.0/24
14.192.159.0/24
43.247.120.0/22
103.20.133.0-103.20.135.255
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
ab:03:7b:d7:37:88:e4:df:15:49:32:a7:f7:75:b1:e1:61:83:
93:be:86:a3:9c:7a:88:4a:00:7c:b5:50:d4:ca:5a:bb:1d:e8:
79:b8:37:9f:fc:d5:6f:71:71:5c:73:98:fd:8a:f9:f3:cb:98:
09:70:b9:b7:73:78:bd:62:45:64:05:70:04:3e:27:fb:23:4a:
0d:23:8e:93:23:24:d8:b1:9a:17:fa:5b:c0:87:5d:b2:aa:cb:
f3:ce:44:90:cd:07:e9:3e:0e:98:b0:b8:4d:cf:9d:a1:1c:5f:
59:12:c4:65:bb:19:ff:ec:e5:de:71:cb:9c:a8:af:32:59:4c:
88:a0:95:7f:61:f2:b0:7d:81:bd:d8:dc:66:6d:10:51:dc:a4:
f0:6d:53:9a:f0:c7:88:de:d8:4d:d7:3b:48:cf:7a:79:a2:1c:
8a:d5:0c:71:24:7f:69:68:ca:82:26:6b:bb:27:f7:52:29:25:
31:db:c7:d2:76:6c:a0:56:50:19:2a:0e:20:0b:12:8d:dd:4f:
4e:50:89:e4:64:a4:e1:49:64:b3:df:86:09:35:4f:ff:3a:1d:
bd:1c:75:d0:0f:b9:9f:88:33:2d:98:96:68:23:5d:0c:aa:d8:
91:57:70:eb:32:9a:ea:26:dc:4b:30:8e:c4:2b:9d:72:9f:1e:
b1:71:ee:89
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgICCrwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwOTIyMTE1MTQ3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYwMDRkMy0wOGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxy81byOUpsj7qzPQUsAfeKNCuo3zD1CYXHYVlEvCUnpkOmIQsHejGiJ4UmML
t8WcqjvjHUEUbdAjreqlNjCKcggog5nUHN8+v4zP4y1x/Nj+wnx9gbgIVHUtcPjc
psX4fo/esn1UIHaT+eq2i257gcHChn7MtQItWBxAjHIYdmmPX7YNQaulNpzyWm+2
ypIQcvX4M1IjU45zmShmFLcLxQyzlovJyfkgZd9qaQk4HhRa4kM1iMKsk94mEzUG
vLoC+aJMscOI7KYG/9cjjZiyKNi2NStcxPzxBM1Bi6D6BoH12mKkUF4oO3++9JJU
Lbr4nAelb+csHUOeWv2njUIdFQIDAQABo4IDCDCCAwQwHQYDVR0OBBYEFH27DfeM
8zsA9kV4WK4p7znQsnStMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMEI4NEVCMjg3
OEQ5MTFFRjlFNkIzNjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZEGCCsGAQUFBwEHAQH/
BIGBMH8wbgQCAAEwaAMEAQ7AgAMEAA7AgzAMAwQADsCHAwQADsCIAwQADsCLAwQA
DsCPMAwDBAAOwJEDBAIOwJAwDAMEAA7AlQMEAA7AlgMEAA7AmwMEAA7AnwMEAiv3
eDAMAwQAZxSFAwQDZxSAAwQFb1yAMA0EAgACMAcDBQAkA3mAMA0GCSqGSIb3DQEB
CwUAA4IBAQCrA3vXN4jk3xVJMqf3dbHhYYOTvoajnHqISgB8tVDUylq7Heh5uDef
/NVvcXFcc5j9ivnzy5gJcLm3c3i9YkVkBXAEPif7I0oNI46TIyTYsZoX+lvAh12y
qsvzzkSQzQfpPg6YsLhNz52hHF9ZEsRluxn/7OXeccucqK8yWUyIoJV/YfKwfYG9
2NxmbRBR3KTwbVOa8MeI3thN1ztIz3p5ohyK1QxxJH9paMqCJmu7J/dSKSUx28fS
dmygVlAZKg4gCxKN3U9OUInkZKThSWSz34YJNU//Oh29HHXQD7mfiDMtmJZoI10M
qtiRV3DrMprqJtxLMI7EK51ynx6xce6J
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:07 2025 by rpki-client