Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/164EBAA2DD8811EFB0F9275CC4F9AE02.roa
File: 164EBAA2DD8811EFB0F9275CC4F9AE02.roa (raw, json)
Hash identifier: 7gqZZTyK0uYN/Q9kZPn1Tmk2beJl1Gn3McCZaCZaeVE=
Subject key identifier: 0F:84:D0:2A:07:D7:DF:00:6A:CE:78:31:7E:11:31:B9:AD:AE:31:27
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0C2B
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/164EBAA2DD8811EFB0F9275CC4F9AE02.roa
Signing time: Tue 28 Jan 2025 14:56:43 +0000
ROA not before: Tue 28 Jan 2025 14:56:43 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 213990
IP address blocks: 14.192.144.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Feb 2025 16:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3115 (0xc2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jan 28 14:56:43 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6798f02b-ef10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c4:05:b3:4c:14:b2:aa:21:37:06:3e:57:56:
25:32:97:97:3b:95:3d:5b:fb:6b:54:a4:c5:e9:f2:
f3:41:f4:ce:6f:6d:9e:8c:2e:df:10:31:5a:7e:d2:
92:5b:34:95:0c:f4:9a:01:44:b9:02:6f:67:97:4b:
13:2c:65:f2:e7:c6:19:8d:28:5e:e6:75:b9:e0:3d:
38:c8:8f:7a:a5:7d:1d:fd:6a:e8:72:c5:eb:02:a0:
a7:df:c3:fa:f9:c9:81:2e:cd:d3:00:64:be:0a:45:
36:14:7f:0d:16:e0:7b:c1:cb:08:f9:29:16:5f:c6:
c2:ac:be:16:52:75:92:20:84:f7:7d:88:f2:12:04:
f2:5a:a0:a8:2e:20:8c:d8:36:c4:59:27:ea:f8:b3:
4b:95:8f:af:33:4f:79:7e:72:c1:7a:b1:51:98:c0:
84:b4:57:0e:13:8d:b7:6c:8b:0b:b8:1f:5d:f0:d4:
c8:d1:29:ea:ab:ea:2c:35:f9:3c:75:33:2b:53:4d:
fa:fb:36:2b:cb:d4:27:cc:17:6f:59:37:3f:6d:a3:
8b:3e:c8:4b:ea:79:40:0e:f4:ea:6b:a2:82:5d:d6:
d5:ad:3b:60:92:a9:e9:4e:df:0c:83:81:82:b2:5b:
a7:95:a6:c8:d3:8a:26:33:d8:36:78:0f:68:78:01:
ec:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:84:D0:2A:07:D7:DF:00:6A:CE:78:31:7E:11:31:B9:AD:AE:31:27
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/164EBAA2DD8811EFB0F9275CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.144.0/24
14.192.151.0/24
103.20.134.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:21:47:f0:3f:14:72:be:ba:a3:78:26:0e:39:44:b2:52:da:
17:7b:e5:03:0d:7a:29:9e:75:33:a2:a7:89:34:b4:0d:c0:3d:
b8:13:d7:c7:4c:9a:ec:dc:66:11:31:5a:dd:d0:7d:7c:1a:43:
62:4a:66:72:56:2c:98:b5:93:c6:7f:d2:27:ef:ab:f9:ee:8c:
b1:11:6e:f2:22:1f:5d:cd:d0:ec:ca:6e:43:5c:cc:20:3b:4d:
b5:5f:f3:6c:2c:cc:f5:af:78:dd:0d:c5:ed:fa:d4:c8:8e:47:
54:d2:96:00:0a:21:18:ea:ce:57:ea:f5:fe:e1:92:42:39:3a:
50:ab:6f:34:0f:c7:6f:f9:85:7b:58:1b:4d:8c:91:5f:8b:e3:
ab:cb:b5:bf:2e:e1:b7:ce:12:3e:18:c9:40:d1:28:53:f5:ba:
a8:72:a6:ec:90:1f:29:a2:1d:ae:f8:71:58:e7:a6:cd:27:a1:
57:ba:2e:5f:87:1f:8a:ef:7f:18:bf:e7:ff:67:b7:ff:24:6b:
6d:89:8c:4d:4c:45:1a:2c:13:31:61:3f:1a:24:c9:4e:ca:ba:
52:ba:d2:48:3e:9a:f5:29:7e:fe:9f:2b:91:44:82:8a:bf:68:
b8:80:e3:2e:6c:55:87:cc:2d:05:65:90:3b:ef:9e:da:8e:c7:
e5:3d:b7:53
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTI4MTQ1NjQzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk4ZjAyYi1lZjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4sQFs0wUsqohNwY+V1YlMpeXO5U9W/trVKTF6fLzQfTOb22ejC7fEDFaftKS
WzSVDPSaAUS5Am9nl0sTLGXy58YZjShe5nW54D04yI96pX0d/WrocsXrAqCn38P6
+cmBLs3TAGS+CkU2FH8NFuB7wcsI+SkWX8bCrL4WUnWSIIT3fYjyEgTyWqCoLiCM
2DbEWSfq+LNLlY+vM095fnLBerFRmMCEtFcOE423bIsLuB9d8NTI0Snqq+osNfk8
dTMrU036+zYry9QnzBdvWTc/baOLPshL6nlADvTqa6KCXdbVrTtgkqnpTt8Mg4GC
slunlabI04omM9g2eA9oeAHs5QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFA+E0CoH
198Aas54MX4RMbmtrjEnMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMTY0RUJBQTJE
RDg4MTFFRkIwRjkyNzVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAOwJADBAAOwJcDBABnFIYwDQYJKoZIhvcNAQELBQADggEB
AAwhR/A/FHK+uqN4Jg45RLJS2hd75QMNeimedTOip4k0tA3APbgT18dMmuzcZhEx
Wt3QfXwaQ2JKZnJWLJi1k8Z/0ifvq/nujLERbvIiH13N0OzKbkNczCA7TbVf82ws
zPWveN0Nxe361MiOR1TSlgAKIRjqzlfq9f7hkkI5OlCrbzQPx2/5hXtYG02MkV+L
46vLtb8u4bfOEj4YyUDRKFP1uqhypuyQHymiHa74cVjnps0noVe6Ll+HH4rvfxi/
5/9nt/8ka22JjE1MRRosEzFhPxokyU7KulK60kg+mvUpfv6fK5FEgoq/aLiA4y5s
VYfMLQVlkDvvntqOx+U9t1M=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:00 2025 by rpki-client