Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/290E0F96CDFA11EFAB92A663C4F9AE02.roa
File: 290E0F96CDFA11EFAB92A663C4F9AE02.roa (raw, json)
Hash identifier: AdoGbytBiGWd0uFOX14cKD1YkgM1MxR+6oCKVHD/KPs=
Subject key identifier: 21:5F:12:E0:04:61:32:CE:22:02:AE:E1:57:87:D1:37:AD:D2:8D:BC
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0C3C
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/290E0F96CDFA11EFAB92A663C4F9AE02.roa
Signing time: Fri 31 Jan 2025 08:25:59 +0000
ROA not before: Fri 31 Jan 2025 08:25:59 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133933
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
111.92.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 06:27:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3132 (0xc3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jan 31 08:25:59 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=679c8917-3d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8e:ed:9a:44:4f:a4:d6:e6:bb:81:75:0b:c5:
37:dd:0a:7b:3c:eb:29:87:2d:9d:1d:76:48:36:08:
91:7e:07:03:37:27:ee:48:c9:8e:6c:29:d0:38:64:
2e:21:c2:09:2d:5e:80:25:f0:c9:5e:0e:01:6c:e7:
4a:c6:d0:b0:af:73:91:9d:db:6e:a3:58:a2:54:1c:
4c:66:50:5a:57:e1:28:cc:41:21:f3:15:68:0a:ca:
d2:90:0e:e6:79:66:05:38:27:dd:94:bf:72:78:bf:
41:e9:fb:0f:1e:d0:2c:29:3a:e7:be:b0:81:de:d4:
16:2b:12:d3:ad:74:99:e1:83:81:c9:ab:45:50:10:
54:ba:72:e3:cd:9d:a6:78:4d:05:c2:c6:ac:e4:0e:
52:d5:56:bc:77:95:72:68:4f:81:21:db:b9:5d:63:
dc:38:f7:e9:8e:f1:ab:43:f8:64:07:76:68:28:3b:
5e:d4:ee:2b:fc:9c:a5:44:32:04:7d:af:8f:17:14:
e6:30:30:52:f6:0a:a7:bb:a8:50:3e:31:d8:d5:68:
56:e1:6b:f0:03:51:6f:af:6a:3d:79:5e:ef:47:fc:
03:a3:cd:19:97:9d:9a:3d:34:72:96:2c:3d:e1:44:
70:52:8c:a4:e7:77:bf:c4:a8:8b:fb:89:96:fb:e8:
04:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:5F:12:E0:04:61:32:CE:22:02:AE:E1:57:87:D1:37:AD:D2:8D:BC
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/290E0F96CDFA11EFAB92A663C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.133.0/24
14.192.136.0/23
14.192.145.0-14.192.148.255
14.192.156.0/23
14.192.159.0/24
43.247.120.0-43.247.122.255
103.20.134.0/24
111.92.128.0/19
Signature Algorithm: sha256WithRSAEncryption
ac:3d:eb:e8:e4:94:b9:d9:82:99:f9:4f:59:5f:0f:a0:a1:b4:
3d:68:4f:28:dc:79:d6:7b:e2:d2:e4:c8:c5:91:e3:a7:26:9b:
aa:31:14:f0:09:cf:28:ef:e3:bb:f0:ad:70:bc:cb:7b:c8:b5:
24:fd:5a:82:57:75:67:e2:95:11:96:c3:28:01:d3:a9:fd:77:
93:8d:74:6b:16:35:be:f2:da:60:ef:84:43:db:9c:1a:b4:87:
97:5e:a6:42:09:5c:d5:1d:44:20:89:d2:9d:f7:26:41:72:16:
90:a7:7c:23:d3:17:86:85:41:99:6f:aa:85:39:bb:89:89:2d:
43:15:89:83:b1:5f:79:58:5a:ba:af:04:7c:55:aa:8c:a5:7d:
d4:45:95:2f:d4:72:92:7e:60:35:5c:f4:d4:9c:72:21:27:13:
ec:48:8c:e2:f0:d9:86:ee:18:5d:1d:39:05:54:40:92:dd:38:
28:ff:5f:a9:a5:4f:f4:b0:24:68:6f:d2:3c:2b:7a:89:75:14:
ea:00:44:4f:f2:a5:09:1d:2e:0a:a4:38:5f:dc:c0:35:c4:24:
f2:b4:88:f7:a1:0d:dc:69:7d:7c:7d:66:b9:8d:37:82:ec:75:
04:c7:83:3e:e5:4a:25:1e:78:04:96:2b:bd:08:53:5b:a7:90:
3f:30:3b:e5
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgICDDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTMxMDgyNTU5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljODkxNy0zZDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA047tmkRPpNbmu4F1C8U33Qp7POsphy2dHXZINgiRfgcDNyfuSMmObCnQOGQu
IcIJLV6AJfDJXg4BbOdKxtCwr3ORndtuo1iiVBxMZlBaV+EozEEh8xVoCsrSkA7m
eWYFOCfdlL9yeL9B6fsPHtAsKTrnvrCB3tQWKxLTrXSZ4YOByatFUBBUunLjzZ2m
eE0Fwsas5A5S1Va8d5VyaE+BIdu5XWPcOPfpjvGrQ/hkB3ZoKDte1O4r/JylRDIE
fa+PFxTmMDBS9gqnu6hQPjHY1WhW4WvwA1Fvr2o9eV7vR/wDo80Zl52aPTRyliw9
4URwUoyk53e/xKiL+4mW++gEbQIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFCFfEuAE
YTLOIgKu4VeH0Tet0o28MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMjkwRTBGOTZD
REZBMTFFRkFCOTJBNjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E
UDBOMEwEAgABMEYDBAEOwIADBAAOwIUDBAEOwIgwDAMEAA7AkQMEAA7AlAMEAQ7A
nAMEAA7AnzAMAwQDK/d4AwQAK/d6AwQAZxSGAwQFb1yAMA0GCSqGSIb3DQEBCwUA
A4IBAQCsPevo5JS52YKZ+U9ZXw+gobQ9aE8o3HnWe+LS5MjFkeOnJpuqMRTwCc8o
7+O78K1wvMt7yLUk/VqCV3Vn4pURlsMoAdOp/XeTjXRrFjW+8tpg74RD25watIeX
XqZCCVzVHUQgidKd9yZBchaQp3wj0xeGhUGZb6qFObuJiS1DFYmDsV95WFq6rwR8
VaqMpX3URZUv1HKSfmA1XPTUnHIhJxPsSIzi8NmG7hhdHTkFVECS3Tgo/1+ppU/0
sCRob9I8K3qJdRTqAERP8qUJHS4KpDhf3MA1xCTytIj3oQ3caX18fWa5jTeC7HUE
x4M+5UolHngEliu9CFNbp5A/MDvl
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:26 2025 by rpki-client