Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3E67C250E1FB11EF9278A040C4F9AE02.roa
File: 3E67C250E1FB11EF9278A040C4F9AE02.roa (raw, json)
Hash identifier: 16a/zmnYhPvrb7JzWA/KTM5gBPKDsEDuXNOF3ws0img=
Subject key identifier: 4B:18:B6:A2:B0:E0:41:93:EC:DD:DF:84:8C:61:0B:11:5D:02:33:E3
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0C46
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3E67C250E1FB11EF9278A040C4F9AE02.roa
Signing time: Mon 03 Feb 2025 06:51:07 +0000
ROA not before: Mon 03 Feb 2025 06:51:07 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 62425
IP address blocks: 14.192.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 20:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3142 (0xc46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Feb 3 06:51:07 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67a0675b-e605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:42:d2:90:45:9f:24:c2:40:e3:50:7d:dd:5e:
a8:1b:16:6f:54:49:08:ca:e9:7e:72:78:29:f3:aa:
ea:7d:b6:a8:15:be:1d:76:f0:84:96:8d:32:61:0a:
90:b2:16:a8:d3:ac:fb:90:df:99:37:39:e0:ca:42:
1d:b1:71:f4:02:25:fd:94:5d:da:7d:ca:c8:35:1e:
54:96:eb:3b:37:85:c0:12:25:b5:4c:f3:cd:16:b3:
c6:d0:3c:18:0a:43:7b:20:a9:74:15:cd:a9:e9:13:
a6:3b:53:29:b2:d2:7a:da:e7:a4:7c:34:62:b1:cc:
24:8c:c6:7d:61:98:2e:48:ea:1e:b4:05:9b:2d:29:
f6:ac:fd:05:74:57:fd:6f:41:2b:da:be:e6:59:aa:
76:92:9a:c6:ea:05:b0:19:bd:23:80:1b:61:ee:33:
38:f8:f9:06:c8:b2:01:10:77:70:17:78:a4:c8:b6:
03:2e:9f:14:a9:22:97:dc:fe:36:a9:6f:0e:b7:95:
2b:f2:3c:d0:a1:7e:39:ae:0f:34:1b:4e:c2:d0:b2:
67:a7:97:b3:d7:f4:8f:18:75:f9:51:27:41:aa:88:
c5:02:86:26:81:42:bb:ff:48:78:46:33:5c:98:9b:
5a:2e:51:12:cf:66:89:31:de:3d:47:fa:66:7a:23:
b9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:18:B6:A2:B0:E0:41:93:EC:DD:DF:84:8C:61:0B:11:5D:02:33:E3
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3E67C250E1FB11EF9278A040C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.142.0/24
Signature Algorithm: sha256WithRSAEncryption
96:ea:5e:b6:ea:e7:99:79:36:17:ec:43:b5:ce:20:b5:20:35:
b0:28:b6:64:90:bd:83:ad:0c:2e:d9:d4:b6:8f:f4:90:ce:cf:
38:13:e1:a6:5f:bc:8e:5a:e5:59:51:86:4e:36:cc:73:4d:a1:
1b:ed:74:f7:0d:f2:9d:ec:94:33:b0:ed:37:16:e0:02:b0:b2:
e0:2d:67:d1:52:e0:4a:91:27:d6:e4:08:8b:5d:51:e2:20:f8:
04:de:25:a5:bc:5b:17:11:44:13:dc:88:91:d0:07:48:e8:11:
b1:27:03:09:84:d5:fc:b0:0f:81:21:4c:38:92:c3:52:10:e9:
a6:11:78:23:a1:50:0b:e3:de:96:db:51:0e:1c:cb:09:40:86:
8c:fa:ae:92:41:e7:33:2d:e4:04:4a:1e:80:d6:ce:98:c7:fd:
2f:04:55:e2:be:f5:04:17:23:14:d9:36:09:ed:00:1d:0c:59:
67:91:4d:ad:b8:66:05:75:e7:33:53:d0:e8:bc:25:e8:cb:ee:
81:c5:b2:47:0a:da:26:af:42:38:91:c9:20:9f:c3:d3:23:a9:
4d:c0:5b:57:b1:97:dc:07:51:7b:8f:e6:07:71:cb:2a:4f:82:
90:e6:cf:e9:36:df:cd:39:1d:1d:18:85:78:45:ba:60:d8:60:
c2:3b:84:4c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDEYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMjAzMDY1MTA3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwNjc1Yi1lNjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxkLSkEWfJMJA41B93V6oGxZvVEkIyul+cngp86rqfbaoFb4ddvCElo0yYQqQ
shao06z7kN+ZNzngykIdsXH0AiX9lF3afcrINR5Ulus7N4XAEiW1TPPNFrPG0DwY
CkN7IKl0Fc2p6ROmO1MpstJ62uekfDRiscwkjMZ9YZguSOoetAWbLSn2rP0FdFf9
b0Er2r7mWap2kprG6gWwGb0jgBth7jM4+PkGyLIBEHdwF3ikyLYDLp8UqSKX3P42
qW8Ot5Ur8jzQoX45rg80G07C0LJnp5ez1/SPGHX5USdBqojFAoYmgUK7/0h4RjNc
mJtaLlESz2aJMd49R/pmeiO5kwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEsYtqKw
4EGT7N3fhIxhCxFdAjPjMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvM0U2N0MyNTBF
MUZCMTFFRjkyNzhBMDQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAOwI4wDQYJKoZIhvcNAQELBQADggEBAJbqXrbq55l5Nhfs
Q7XOILUgNbAotmSQvYOtDC7Z1LaP9JDOzzgT4aZfvI5a5VlRhk42zHNNoRvtdPcN
8p3slDOw7TcW4AKwsuAtZ9FS4EqRJ9bkCItdUeIg+ATeJaW8WxcRRBPciJHQB0jo
EbEnAwmE1fywD4EhTDiSw1IQ6aYReCOhUAvj3pbbUQ4cywlAhoz6rpJB5zMt5ARK
HoDWzpjH/S8EVeK+9QQXIxTZNgntAB0MWWeRTa24ZgV15zNT0Oi8JejL7oHFskcK
2iavQjiRySCfw9MjqU3AW1exl9wHUXuP5gdxyypPgpDmz+k23805HR0YhXhFumDY
YMI7hEw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:28 2025 by rpki-client