Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1C8631FE409211EF9D224D1FC4F9AE02.roa
File: 1C8631FE409211EF9D224D1FC4F9AE02.roa (raw, json)
Hash identifier: gIL9SRya9xlQTQNS5AP7067QWoWutWY4m1a/NMHujQA=
Subject key identifier: 34:39:48:F0:A7:9A:8F:FB:05:2C:F4:3F:93:8F:54:B5:CE:EE:8A:FA
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0A1F
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1C8631FE409211EF9D224D1FC4F9AE02.roa
Signing time: Fri 12 Jul 2024 21:02:56 +0000
ROA not before: Fri 12 Jul 2024 21:02:56 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 141421
IP address blocks: 14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 12:10:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2591 (0xa1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jul 12 21:02:56 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66919a00-3593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:01:a7:b0:aa:17:46:b8:16:d6:44:d5:c1:09:
a2:61:15:92:a2:5f:1c:fc:bf:54:51:9e:e4:a8:8c:
d2:c3:b0:6e:54:85:24:b5:54:e8:a0:aa:7f:89:f0:
97:75:df:c6:2a:c0:dd:7d:eb:38:b9:20:28:8c:64:
2b:4f:43:31:33:7b:6e:6a:88:49:35:bf:ab:8e:67:
d0:19:0c:7d:54:b4:e4:ea:b2:c1:80:ea:0c:ab:21:
6d:a2:2c:32:66:4c:53:ff:32:74:94:c3:24:2e:c0:
00:9c:e4:32:e5:1a:2e:0e:3d:17:9a:2b:38:23:dd:
59:16:23:88:d8:16:e7:cf:2f:9c:40:9b:a3:f6:6f:
1b:4a:ad:83:38:26:84:d8:6b:ae:a0:3f:37:d4:d4:
d4:5b:3d:c3:75:84:1a:5b:35:f4:85:d2:70:89:36:
86:20:d0:4a:35:4d:ff:83:d6:98:35:6a:4d:28:f6:
fd:86:61:8a:5e:da:19:06:cc:07:91:24:10:d3:c7:
d1:48:6c:eb:b2:8b:ef:63:cd:9b:56:fa:d9:6e:22:
bc:26:5e:cc:96:ed:3e:d6:a7:35:62:5a:47:02:d8:
de:fb:ac:52:56:64:61:c6:6e:e2:a3:32:7f:a8:66:
5e:84:f4:65:54:5e:ea:aa:71:c1:a3:8c:44:56:10:
72:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:39:48:F0:A7:9A:8F:FB:05:2C:F4:3F:93:8F:54:B5:CE:EE:8A:FA
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1C8631FE409211EF9D224D1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.137.0-14.192.138.255
Signature Algorithm: sha256WithRSAEncryption
74:d1:d6:44:7d:2d:28:ba:a3:6c:4e:26:21:36:22:48:ee:41:
cc:a3:90:31:9c:b8:2a:7b:88:6c:73:59:2f:4b:88:8b:ec:16:
92:aa:94:00:c7:79:91:46:08:c1:69:5d:d1:d4:bc:29:09:ba:
c8:fe:7b:f9:0c:f7:cc:db:f9:f8:66:58:78:0d:ac:ad:8b:8f:
86:96:b3:73:29:9d:fa:15:e4:39:b5:ed:9e:5d:09:47:a3:59:
7e:2b:ee:37:e2:a3:b4:d7:27:a7:9f:64:38:10:b9:1f:ac:6f:
21:99:af:ab:4f:b8:49:ce:d6:a7:28:47:80:61:84:4a:4b:1f:
ae:39:54:69:98:6c:7a:d0:fe:09:dd:7c:a7:fd:0c:ae:59:e9:
9b:ea:c5:16:77:9a:7e:72:56:9c:10:bc:71:f1:7e:6f:9e:a2:
6d:d6:12:13:28:71:4c:43:08:e0:63:0a:a6:4d:2f:05:22:ef:
5f:c8:3d:4c:cf:cf:59:25:93:e3:c5:5f:07:2e:00:c4:58:22:
fd:f9:f8:f8:7a:60:23:c7:c1:a4:57:87:61:ae:d9:0a:93:c5:
63:12:52:89:1f:59:db:0b:a5:ac:45:92:70:f5:6d:43:85:49:
73:93:dc:f5:1f:69:68:91:55:78:46:a1:c7:f4:59:42:85:22:
96:f7:c1:12
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwNzEyMjEwMjU2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkxOWEwMC0zNTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtQGnsKoXRrgW1kTVwQmiYRWSol8c/L9UUZ7kqIzSw7BuVIUktVTooKp/ifCX
dd/GKsDdfes4uSAojGQrT0MxM3tuaohJNb+rjmfQGQx9VLTk6rLBgOoMqyFtoiwy
ZkxT/zJ0lMMkLsAAnOQy5RouDj0Xmis4I91ZFiOI2Bbnzy+cQJuj9m8bSq2DOCaE
2GuuoD831NTUWz3DdYQaWzX0hdJwiTaGINBKNU3/g9aYNWpNKPb9hmGKXtoZBswH
kSQQ08fRSGzrsovvY82bVvrZbiK8Jl7Mlu0+1qc1YlpHAtje+6xSVmRhxm7iozJ/
qGZehPRlVF7qqnHBo4xEVhByBQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFDQ5SPCn
mo/7BSz0P5OPVLXO7or6MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMUM4NjMxRkU0
MDkyMTFFRjlEMjI0RDFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAA7AiQMEAA7AijANBgkqhkiG9w0BAQsFAAOCAQEAdNHW
RH0tKLqjbE4mITYiSO5BzKOQMZy4KnuIbHNZL0uIi+wWkqqUAMd5kUYIwWld0dS8
KQm6yP57+Qz3zNv5+GZYeA2srYuPhpazcymd+hXkObXtnl0JR6NZfivuN+KjtNcn
p59kOBC5H6xvIZmvq0+4Sc7WpyhHgGGESksfrjlUaZhsetD+Cd18p/0Mrlnpm+rF
FneafnJWnBC8cfF+b56ibdYSEyhxTEMI4GMKpk0vBSLvX8g9TM/PWSWT48VfBy4A
xFgi/fn4+HpgI8fBpFeHYa7ZCpPFYxJSiR9Z2wulrEWScPVtQ4VJc5Pc9R9paJFV
eEahx/RZQoUilvfBEg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:44 2025 by rpki-client