Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/23B17C80510F11EFAB83FA70C4F9AE02.roa
File: 23B17C80510F11EFAB83FA70C4F9AE02.roa (raw, json)
Hash identifier: SzzTQQSK8BAUEUt59Y5Zsputi3srQg/WlWv4gkp/dvQ=
Subject key identifier: 0D:FF:2C:F8:F0:30:43:43:5A:B4:AC:7C:EF:F7:16:32:2A:1A:8F:0D
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0A54
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/23B17C80510F11EFAB83FA70C4F9AE02.roa
Signing time: Sat 03 Aug 2024 14:55:05 +0000
ROA not before: Sat 03 Aug 2024 14:55:05 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 43260
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Aug 2024 11:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2644 (0xa54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Aug 3 14:55:05 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66ae44c9-38a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:60:5c:c6:09:29:d4:8e:20:5f:6e:d8:14:42:
ea:f1:b2:67:b7:f7:f1:b7:9d:ac:5a:e1:88:26:72:
81:8e:d6:75:37:29:b0:d5:79:06:ac:61:79:69:74:
bb:76:7c:04:d2:fa:7c:41:f0:e4:63:9c:7b:c0:0d:
13:d0:34:70:7b:cf:39:76:c0:bd:30:66:10:c2:2f:
29:f4:61:af:b2:4e:eb:f6:71:04:78:58:de:d1:88:
76:1d:3f:fb:6d:97:cc:9c:4a:5b:73:9d:36:2a:3c:
bd:bc:86:13:f8:d6:dd:18:af:15:9a:d2:fc:73:a5:
04:72:b2:dd:7c:e9:22:b3:8e:8a:3a:ee:15:61:b4:
74:5b:7c:34:8b:3d:bf:fe:02:3b:58:cb:4e:a9:e9:
01:48:c3:99:b9:b0:15:55:7a:44:df:e2:00:d9:4e:
1e:94:8c:a2:27:d8:46:a1:a3:b7:c3:d2:fd:14:65:
6c:8a:6f:6b:87:0f:25:7f:be:5f:ef:62:d4:a3:b4:
7f:17:08:fd:37:a3:09:79:ce:89:47:4f:dd:e7:c7:
53:99:b4:80:61:d7:fd:b3:88:69:a6:47:84:cc:0a:
4e:02:4f:0f:49:15:3d:95:7f:62:4e:c3:9f:90:5f:
25:89:35:70:da:ed:77:fc:81:9b:fd:d6:4e:cb:b4:
47:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:FF:2C:F8:F0:30:43:43:5A:B4:AC:7C:EF:F7:16:32:2A:1A:8F:0D
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/23B17C80510F11EFAB83FA70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/24
14.192.144.0/24
14.192.148.0/24
14.192.151.0-14.192.153.255
14.192.156.0-14.192.158.255
Signature Algorithm: sha256WithRSAEncryption
27:9b:d0:b4:ee:aa:7c:66:29:88:de:f3:e3:79:2d:79:9b:ad:
94:9f:c0:02:95:6d:e2:3f:bc:18:a1:09:1f:a4:fd:76:99:41:
99:c9:6f:e7:b0:c2:b5:e5:71:58:7a:12:9c:6d:ff:77:21:60:
16:ef:be:41:68:fc:6c:a9:4e:d2:88:22:af:a5:f6:c6:d6:87:
7c:6c:c0:33:88:4a:ee:14:89:8a:60:dd:69:a4:9a:b8:51:07:
d3:56:78:70:37:a7:fa:6f:9b:78:32:ad:87:75:9e:19:1b:40:
65:82:82:49:78:85:b9:8a:76:31:11:4a:68:f8:98:70:88:2b:
a6:6e:ce:79:aa:9f:c8:6a:df:4c:98:4a:8c:a1:67:a5:92:80:
5f:f0:88:5d:08:28:04:f7:a1:bd:19:0f:38:cf:69:49:a2:a6:
b2:3c:1f:0f:85:dd:6f:96:96:ce:9f:7b:07:20:d7:f0:55:d3:
99:7f:a4:33:cb:5d:61:89:ca:69:3d:8b:05:5a:33:3f:27:f4:
43:b1:5c:f0:8e:93:7d:ab:cc:d8:50:97:9a:08:c3:1a:e6:fb:
cd:8b:f1:4d:88:bc:0d:09:9c:ce:3c:11:ee:50:b7:f9:b9:84:
2a:60:cd:70:f7:8f:67:40:48:90:e8:dd:16:a5:b7:83:8d:db:
f8:ed:c5:a0
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICClQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwODAzMTQ1NTA1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFlNDRjOS0zOGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA92Bcxgkp1I4gX27YFELq8bJnt/fxt52sWuGIJnKBjtZ1Nymw1XkGrGF5aXS7
dnwE0vp8QfDkY5x7wA0T0DRwe885dsC9MGYQwi8p9GGvsk7r9nEEeFje0Yh2HT/7
bZfMnEpbc502Kjy9vIYT+NbdGK8VmtL8c6UEcrLdfOkis46KOu4VYbR0W3w0iz2/
/gI7WMtOqekBSMOZubAVVXpE3+IA2U4elIyiJ9hGoaO3w9L9FGVsim9rhw8lf75f
72LUo7R/Fwj9N6MJec6JR0/d58dTmbSAYdf9s4hppkeEzApOAk8PSRU9lX9iTsOf
kF8liTVw2u13/IGb/dZOy7RHnwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFA3/LPjw
MENDWrSsfO/3FjIqGo8NMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMjNCMTdDODA1
MTBGMTFFRkFCODNGQTcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4DBAAOwIADBAAOwJADBAAOwJQwDAMEAA7AlwMEAQ7AmDAMAwQC
DsCcAwQADsCeMA0GCSqGSIb3DQEBCwUAA4IBAQAnm9C07qp8ZimI3vPjeS15m62U
n8AClW3iP7wYoQkfpP12mUGZyW/nsMK15XFYehKcbf93IWAW775BaPxsqU7SiCKv
pfbG1od8bMAziEruFImKYN1ppJq4UQfTVnhwN6f6b5t4Mq2HdZ4ZG0BlgoJJeIW5
inYxEUpo+JhwiCumbs55qp/Iat9MmEqMoWelkoBf8IhdCCgE96G9GQ84z2lJoqay
PB8Phd1vlpbOn3sHINfwVdOZf6Qzy11hicppPYsFWjM/J/RDsVzwjpN9q8zYUJea
CMMa5vvNi/FNiLwNCZzOPBHuULf5uYQqYM1w949nQEiQ6N0WpbeDjdv47cWg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:50 2025 by rpki-client