Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1BA3F562D25C11EFB20F5434C4F9AE02.roa
File: 1BA3F562D25C11EFB20F5434C4F9AE02.roa (raw, json)
Hash identifier: HnnxHctTYzMEThAazyG2U89+3QXoPcqmzlbfyDm8jek=
Subject key identifier: 1C:68:36:8D:AF:86:04:05:79:91:62:BB:2C:FE:92:E6:96:99:14:4A
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0C0F
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1BA3F562D25C11EFB20F5434C4F9AE02.roa
Signing time: Thu 16 Jan 2025 07:46:44 +0000
ROA not before: Thu 16 Jan 2025 07:46:44 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 55154
IP address blocks: 14.192.132.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 14:56:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3087 (0xc0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jan 16 07:46:44 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6788b964-8bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0a:30:8a:70:a3:4e:89:b1:57:6b:f5:1f:cb:
7d:5e:a0:f3:1f:a5:43:7e:b0:65:97:be:37:4f:be:
cf:d1:b2:b2:f8:3e:87:48:d5:27:9c:1d:bb:85:da:
a9:6b:04:43:2b:d7:a7:c8:37:09:9d:41:95:f3:07:
31:87:23:e9:60:14:4b:7f:dc:e1:34:cb:cb:f8:40:
e3:fd:b6:a7:68:6d:d4:57:3c:82:78:44:3a:43:f3:
ba:d5:8c:c3:16:c4:11:01:5e:be:9c:4b:a2:35:f6:
6d:23:01:2f:3c:ca:b6:6d:fd:32:2b:82:58:b2:d9:
cf:5d:f7:82:ad:5e:99:8d:ee:70:89:63:2a:31:44:
38:f7:6b:eb:ee:d0:82:b5:2a:5c:df:15:b1:9e:41:
1a:92:62:33:b3:23:ef:05:32:0b:07:b5:6c:3d:58:
0e:99:82:5a:6f:f4:bb:11:70:7c:ec:57:2e:40:11:
95:97:3d:51:31:0b:40:d6:24:7f:cf:33:e1:aa:c8:
4f:05:42:5e:5a:e4:17:b6:5e:b5:14:5b:73:c8:98:
53:9b:f1:3e:b9:d5:f2:48:a4:05:7d:56:f1:7d:89:
8f:96:47:10:24:d9:95:1f:56:40:8c:27:dd:87:eb:
9a:e9:d0:2f:d8:45:ac:95:27:da:ea:94:2f:98:c4:
3b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:68:36:8D:AF:86:04:05:79:91:62:BB:2C:FE:92:E6:96:99:14:4A
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1BA3F562D25C11EFB20F5434C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.132.0/24
14.192.152.0/23
103.20.132.0/24
Signature Algorithm: sha256WithRSAEncryption
83:62:01:29:9d:69:a7:2d:7c:f8:5b:45:86:78:18:ad:5e:75:
d4:e5:94:e9:22:72:e1:23:75:8d:a3:39:a6:92:2b:ac:7b:f3:
42:17:52:3d:8a:7b:cc:0f:7a:60:14:58:3d:33:70:26:c7:a1:
26:1b:f7:86:60:20:74:d4:b3:b3:be:e8:ac:2f:a3:4d:a7:61:
45:1f:a4:28:06:68:78:6e:86:f5:8c:4e:15:80:f5:f9:d7:0a:
2e:b4:b0:9e:36:f7:76:1b:69:55:1c:94:76:78:35:92:40:37:
8d:62:d3:d9:b8:31:8f:03:88:24:b2:5f:87:b9:34:a8:14:0f:
01:ef:4f:cc:ec:60:37:ad:37:12:d6:e0:20:e7:53:c8:7e:74:
ac:96:6b:a9:10:b9:51:57:0f:c0:b9:1f:25:64:a6:7a:51:d7:
2c:b8:8a:26:14:e8:63:41:c6:1c:6e:ab:c4:4f:c4:f3:fa:af:
2a:29:06:d0:dd:3f:77:07:df:66:f4:90:25:e6:97:ce:91:ef:
cd:67:75:d2:50:d9:9c:d7:9d:eb:4a:de:12:a0:da:53:04:8d:
6f:90:3b:3a:d1:83:18:2a:d9:1f:9f:8b:d4:35:a5:d0:d0:37:
a5:8f:82:0b:ca:e5:05:4a:4d:de:cc:15:b0:5f:63:03:86:61:
d0:14:8b:f0
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTE2MDc0NjQ0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg4Yjk2NC04YmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0gowinCjTomxV2v1H8t9XqDzH6VDfrBll743T77P0bKy+D6HSNUnnB27hdqp
awRDK9enyDcJnUGV8wcxhyPpYBRLf9zhNMvL+EDj/banaG3UVzyCeEQ6Q/O61YzD
FsQRAV6+nEuiNfZtIwEvPMq2bf0yK4JYstnPXfeCrV6Zje5wiWMqMUQ492vr7tCC
tSpc3xWxnkEakmIzsyPvBTILB7VsPVgOmYJab/S7EXB87FcuQBGVlz1RMQtA1iR/
zzPhqshPBUJeWuQXtl61FFtzyJhTm/E+udXySKQFfVbxfYmPlkcQJNmVH1ZAjCfd
h+ua6dAv2EWslSfa6pQvmMQ7jwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFBxoNo2v
hgQFeZFiuyz+kuaWmRRKMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMUJBM0Y1NjJE
MjVDMTFFRkIyMEY1NDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAOwIQDBAEOwJgDBABnFIQwDQYJKoZIhvcNAQELBQADggEB
AINiASmdaactfPhbRYZ4GK1eddTllOkicuEjdY2jOaaSK6x780IXUj2Ke8wPemAU
WD0zcCbHoSYb94ZgIHTUs7O+6Kwvo02nYUUfpCgGaHhuhvWMThWA9fnXCi60sJ42
93YbaVUclHZ4NZJAN41i09m4MY8DiCSyX4e5NKgUDwHvT8zsYDetNxLW4CDnU8h+
dKyWa6kQuVFXD8C5HyVkpnpR1yy4iiYU6GNBxhxuq8RPxPP6ryopBtDdP3cH32b0
kCXml86R781nddJQ2ZzXnetK3hKg2lMEjW+QOzrRgxgq2R+fi9Q1pdDQN6WPggvK
5QVKTd7MFbBfYwOGYdAUi/A=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:27 2025 by rpki-client