Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3DB788023EAB11EF81DA322BC4F9AE02.roa
File: 3DB788023EAB11EF81DA322BC4F9AE02.roa (raw, json)
Hash identifier: zgG3NejXFjJsFeZiC+9e8GmuvtR8d3tOSo1r2IxLXms=
Subject key identifier: 6B:BA:78:01:5E:86:45:00:68:31:69:90:5A:17:9E:5A:D2:7F:49:6C
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0A2E
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3DB788023EAB11EF81DA322BC4F9AE02.roa
Signing time: Thu 18 Jul 2024 13:49:01 +0000
ROA not before: Thu 18 Jul 2024 13:49:01 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 197450
IP address blocks: 14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 11:17:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2606 (0xa2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jul 18 13:49:01 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66991d4d-9c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7a:dc:76:f4:1d:46:90:4b:d7:55:84:26:d5:
6e:70:4e:5f:41:46:9b:66:87:c2:66:5e:03:91:69:
9c:72:c1:ea:3c:17:de:43:e1:7f:34:79:2c:6e:11:
5f:3c:f1:d0:fb:a0:94:dd:21:50:59:31:7f:e6:f7:
01:17:df:5a:79:4f:37:b5:6a:69:a3:f4:15:d6:c9:
10:e1:12:38:ae:db:53:38:63:b2:e7:81:91:96:b3:
f2:ea:73:1d:e9:36:00:1d:ec:5b:5c:f6:b1:5d:95:
63:25:9d:da:fc:93:41:87:dd:b8:d1:cf:a7:f7:5a:
bb:78:d2:cf:f0:66:da:61:05:dd:55:2b:3d:96:59:
78:d8:b2:bc:8e:6e:80:9f:4d:fd:9b:5b:a5:78:20:
98:8e:f0:3a:5d:e1:88:e3:09:f5:ff:5c:08:7a:99:
bc:5b:c7:52:71:19:53:90:0b:cb:35:d5:18:84:66:
65:c1:6d:7e:2e:a6:97:9a:be:2b:3b:b0:2b:73:ea:
19:58:cd:d8:43:e5:0d:c2:95:03:0f:de:b3:17:ec:
b1:37:06:fd:88:c5:48:64:dc:e6:56:06:d1:6b:04:
b1:17:12:a0:05:7e:c5:59:c1:ba:aa:98:ab:06:ea:
4f:c6:83:39:b6:c1:9c:cd:59:d0:eb:13:5c:f2:f4:
b1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:BA:78:01:5E:86:45:00:68:31:69:90:5A:17:9E:5A:D2:7F:49:6C
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3DB788023EAB11EF81DA322BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.130.0/23
14.192.135.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:b2:05:e0:92:4e:9e:bd:34:1b:ce:3a:b3:67:1a:b7:fd:60:
1a:38:2a:6c:61:c6:e2:35:bd:7d:a2:bf:db:96:6e:61:41:0a:
f0:9e:f1:e3:ad:3a:d0:b0:b0:79:98:cf:17:c7:9e:d5:fe:d0:
3e:81:80:d0:2f:d9:ed:81:bf:38:e2:89:b2:46:83:0f:c0:03:
e7:58:2f:a9:51:73:1b:84:9b:a7:89:bd:70:2f:cc:3d:56:b4:
60:d1:b5:b8:4f:52:ae:c5:ac:24:18:e0:97:07:da:6a:e1:ba:
23:58:86:c0:97:48:6c:ae:e4:51:01:9a:85:82:c3:d2:69:86:
db:ca:5c:ba:3e:80:42:de:7b:c4:13:74:a7:a9:5d:eb:70:35:
d9:62:78:fe:35:3b:0e:0e:ed:8f:bc:b8:80:5b:55:8a:64:00:
9e:92:8c:c0:72:81:c3:92:1f:e2:c1:6d:d0:bc:2f:b8:fb:a6:
ab:af:b7:60:7b:66:c6:13:48:07:28:7b:ba:c7:a6:78:7a:c5:
a0:73:33:22:e9:bf:71:66:88:12:fc:ba:de:c2:66:b3:ce:a4:
59:31:10:d5:0a:bf:03:13:7e:f7:50:c8:a4:1a:cc:75:1e:e9:
62:7c:c4:fb:d4:a5:a9:8d:1d:1d:ed:32:23:83:78:eb:f2:38:
51:45:27:28
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwNzE4MTM0OTAxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk5MWQ0ZC05YzA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArHrcdvQdRpBL11WEJtVucE5fQUabZofCZl4DkWmccsHqPBfeQ+F/NHksbhFf
PPHQ+6CU3SFQWTF/5vcBF99aeU83tWppo/QV1skQ4RI4rttTOGOy54GRlrPy6nMd
6TYAHexbXPaxXZVjJZ3a/JNBh9240c+n91q7eNLP8GbaYQXdVSs9lll42LK8jm6A
n039m1uleCCYjvA6XeGI4wn1/1wIepm8W8dScRlTkAvLNdUYhGZlwW1+LqaXmr4r
O7Arc+oZWM3YQ+UNwpUDD96zF+yxNwb9iMVIZNzmVgbRawSxFxKgBX7FWcG6qpir
BupPxoM5tsGczVnQ6xNc8vSxiwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGu6eAFe
hkUAaDFpkFoXnlrSf0lsMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvM0RCNzg4MDIz
RUFCMTFFRjgxREEzMjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEOwIIDBAAOwIcwDQYJKoZIhvcNAQELBQADggEBAB2yBeCS
Tp69NBvOOrNnGrf9YBo4KmxhxuI1vX2iv9uWbmFBCvCe8eOtOtCwsHmYzxfHntX+
0D6BgNAv2e2BvzjiibJGgw/AA+dYL6lRcxuEm6eJvXAvzD1WtGDRtbhPUq7FrCQY
4JcH2mrhuiNYhsCXSGyu5FEBmoWCw9JphtvKXLo+gELee8QTdKepXetwNdlieP41
Ow4O7Y+8uIBbVYpkAJ6SjMBygcOSH+LBbdC8L7j7pquvt2B7ZsYTSAcoe7rHpnh6
xaBzMyLpv3FmiBL8ut7CZrPOpFkxENUKvwMTfvdQyKQazHUe6WJ8xPvUpamNHR3t
MiODeOvyOFFFJyg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:29 2025 by rpki-client