Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0D94E8BC564411EF8D1ABA0BC4F9AE02.roa
File: 0D94E8BC564411EF8D1ABA0BC4F9AE02.roa (raw, json)
Hash identifier: A1kyWmKdVRPn38dr2893XwXmlFlrXcYDSgdHZb+mTcg=
Subject key identifier: FE:07:32:59:2D:3B:C7:6A:38:A4:5E:FD:31:5F:5C:8A:C7:4C:DA:A9
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0A5F
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0D94E8BC564411EF8D1ABA0BC4F9AE02.roa
Signing time: Fri 09 Aug 2024 11:39:36 +0000
ROA not before: Fri 09 Aug 2024 11:39:36 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/19 maxlen: 19
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 12 Aug 2024 11:17:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2655 (0xa5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Aug 9 11:39:36 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66b5fff7-8d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:17:90:c4:5a:02:35:48:92:8d:3e:78:69:43:
2d:63:0a:a6:eb:bd:c7:d8:fa:e5:18:82:f6:95:b6:
52:8f:22:88:a1:7f:65:88:4d:f2:5f:3b:ef:41:70:
4b:75:63:37:94:af:23:5c:ef:d3:5e:cf:3e:5a:7d:
df:3a:8b:db:90:23:62:99:d7:11:7e:d8:79:4a:d5:
35:d1:14:ae:d4:d8:95:2e:01:09:f7:ea:ba:f3:86:
b1:3c:57:b8:01:11:47:ac:63:5b:cd:15:74:a9:96:
12:a0:b4:be:35:1c:2a:dc:df:2f:6c:9c:ab:39:5a:
7c:d4:2b:d8:e8:fc:2d:d8:f4:ed:21:b8:51:78:16:
8c:54:66:6b:4d:db:a7:9c:16:71:5c:f3:a2:44:8d:
24:3f:ec:e1:92:7e:bc:b4:7c:48:e1:51:7a:0b:c1:
f2:b0:81:1e:27:ba:b1:e6:56:ba:d6:a9:48:7f:9f:
8b:4f:c4:3f:95:2b:45:c5:21:7d:58:40:64:28:6d:
f1:38:b2:bc:14:f6:a4:38:ac:eb:97:5a:90:6a:49:
d5:ae:f1:69:f8:c3:b9:80:5f:4c:72:c7:cd:53:09:
73:3b:42:57:6f:d9:06:15:77:d3:c8:39:5b:27:f1:
98:36:94:6e:b8:e0:e5:e0:0e:19:13:1a:c7:87:e5:
55:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:07:32:59:2D:3B:C7:6A:38:A4:5E:FD:31:5F:5C:8A:C7:4C:DA:A9
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0D94E8BC564411EF8D1ABA0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.129.0-14.192.130.255
14.192.132.0-14.192.139.255
14.192.145.0-14.192.147.255
14.192.149.0-14.192.150.255
14.192.155.0/24
14.192.159.0/24
43.247.120.0/22
103.20.132.0/22
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
56:0c:e7:1b:f6:a8:c6:d0:ea:37:95:6a:ea:20:74:0a:b5:0d:
aa:a8:ad:5b:b5:3f:7e:a2:0e:d9:31:fd:d0:9a:5f:16:4a:59:
55:c3:cd:7f:55:73:bc:77:b8:dc:d1:67:51:dc:ac:a4:aa:aa:
80:fd:4e:36:30:a1:40:75:10:9c:d2:ed:0d:c6:a2:f4:bd:19:
4a:ec:c7:8d:82:af:6b:75:48:1a:49:c1:ba:f8:74:39:d8:7d:
d1:6c:f7:54:12:c9:b4:83:6b:af:70:a7:55:2b:75:f0:34:e0:
a1:89:d5:64:eb:20:a8:d6:6c:52:8a:43:b1:f7:f4:85:ab:70:
43:ae:b9:92:1f:21:16:5c:ac:6e:3e:af:fa:f9:8b:bd:57:a3:
6a:e2:20:00:19:38:9a:21:bb:78:2f:75:61:dd:ad:fd:d8:a6:
b2:2c:8a:17:e0:d1:a7:85:d1:0c:72:55:a6:13:46:0b:90:11:
d7:a5:25:16:4a:80:f5:22:18:4b:5c:30:73:6a:5e:21:66:52:
76:fd:df:c9:94:51:a8:f0:59:58:d1:2c:a6:2f:d9:38:a1:ec:
ba:4c:b9:e7:0e:c1:c4:09:01:96:fc:e2:39:51:0b:46:a0:12:
88:3b:62:fc:07:8c:ee:1b:7f:5a:c8:96:e7:f7:6e:4d:b5:e7:
b2:2c:33:86
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgICCl8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwODA5MTEzOTM2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI1ZmZmNy04ZDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3xeQxFoCNUiSjT54aUMtYwqm673H2PrlGIL2lbZSjyKIoX9liE3yXzvvQXBL
dWM3lK8jXO/TXs8+Wn3fOovbkCNimdcRfth5StU10RSu1NiVLgEJ9+q684axPFe4
ARFHrGNbzRV0qZYSoLS+NRwq3N8vbJyrOVp81CvY6Pwt2PTtIbhReBaMVGZrTdun
nBZxXPOiRI0kP+zhkn68tHxI4VF6C8HysIEeJ7qx5la61qlIf5+LT8Q/lStFxSF9
WEBkKG3xOLK8FPakOKzrl1qQaknVrvFp+MO5gF9McsfNUwlzO0JXb9kGFXfTyDlb
J/GYNpRuuODl4A4ZExrHh+VVywIDAQABo4IC9DCCAvAwHQYDVR0OBBYEFP4HMlkt
O8dqOKRe/TFfXIrHTNqpMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMEQ5NEU4QkM1
NjQ0MTFFRjhEMUFCQTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfgYIKwYBBQUHAQcBAf8E
bzBtMFwEAgABMFYwDAMEAA7AgQMEAA7AgjAMAwQCDsCEAwQCDsCIMAwDBAAOwJED
BAIOwJAwDAMEAA7AlQMEAA7AlgMEAA7AmwMEAA7AnwMEAiv3eAMEAmcUhAMEBW9c
gDANBAIAAjAHAwUAJAN5gDANBgkqhkiG9w0BAQsFAAOCAQEAVgznG/aoxtDqN5Vq
6iB0CrUNqqitW7U/fqIO2TH90JpfFkpZVcPNf1VzvHe43NFnUdyspKqqgP1ONjCh
QHUQnNLtDcai9L0ZSuzHjYKva3VIGknBuvh0Odh90Wz3VBLJtINrr3CnVSt18DTg
oYnVZOsgqNZsUopDsff0hatwQ665kh8hFlysbj6v+vmLvVejauIgABk4miG7eC91
Yd2t/dimsiyKF+DRp4XRDHJVphNGC5AR16UlFkqA9SIYS1wwc2peIWZSdv3fyZRR
qPBZWNEspi/ZOKHsuky55w7BxAkBlvziOVELRqASiDti/AeM7ht/WsiW5/duTbXn
siwzhg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:29 2025 by rpki-client