Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3F76E6BCE17011EE9902AD37C4F9AE02.roa
File: 3F76E6BCE17011EE9902AD37C4F9AE02.roa (raw, json)
Hash identifier: pfgnFW7WvTm4nwycfnTHlPT+QK0NTx08juMx8bS9lnM=
Subject key identifier: D8:3D:75:B4:B1:2C:67:34:44:F8:20:C6:FC:68:BE:5F:8B:46:E5:C0
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0911
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3F76E6BCE17011EE9902AD37C4F9AE02.roa
Signing time: Wed 13 Mar 2024 19:31:12 +0000
ROA not before: Wed 13 Mar 2024 19:31:12 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 150750
IP address blocks: 14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 20:37:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2321 (0x911)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Mar 13 19:31:12 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65f1feff-e7c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:79:56:05:2f:25:7c:d6:7e:b1:a8:1a:77:11:
a3:9a:94:22:2a:63:db:80:de:ba:6c:94:bd:83:79:
93:dd:3a:09:b5:53:07:35:5c:ad:87:07:ec:38:f7:
7f:4f:60:71:a6:49:1d:1e:7c:1e:c4:e6:97:5d:f6:
a4:dd:98:62:5a:fe:e6:66:3d:68:53:24:b2:e8:16:
48:5a:ea:7d:89:1f:26:4d:c0:28:3c:93:f7:46:63:
97:13:53:2e:de:59:8b:ff:ee:7f:cc:d2:f6:59:d1:
2b:55:9a:6a:19:6f:2a:4f:5c:87:73:02:7a:0e:a1:
2c:bc:ca:09:47:88:3e:86:74:5f:6f:1a:e9:c4:e6:
47:77:6b:b6:53:7e:6a:f9:c9:c0:4c:d1:42:b3:6e:
76:14:ed:47:dc:15:af:3e:3c:95:cf:fc:00:60:e6:
cb:0b:89:19:60:6a:11:a8:41:b4:47:67:87:00:35:
76:da:b6:c1:9f:b1:fe:67:55:a2:b3:b0:da:bc:d9:
e9:5e:35:94:28:d9:e5:ef:86:39:32:28:e3:ef:f6:
fd:27:88:dc:c3:95:3a:df:38:9c:a5:75:4f:15:89:
e7:76:56:d8:04:73:13:b5:a4:50:55:cf:82:0e:44:
c9:07:df:6c:9c:94:67:ed:e0:b1:93:c0:13:5f:0a:
d1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3D:75:B4:B1:2C:67:34:44:F8:20:C6:FC:68:BE:5F:8B:46:E5:C0
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3F76E6BCE17011EE9902AD37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.130.0-14.192.139.255
Signature Algorithm: sha256WithRSAEncryption
1f:65:3e:80:94:4d:b6:6e:fb:75:ba:06:f0:92:ef:95:4d:70:
cc:ea:9f:d4:0e:06:12:6b:8d:d6:e9:63:12:13:22:67:30:14:
5f:fe:85:fc:b6:3d:a6:59:00:a2:63:96:cb:b1:c1:e1:fa:85:
63:6f:06:c9:fb:22:e7:90:d7:71:8c:38:73:0c:00:33:65:00:
1f:47:10:92:ee:77:09:2a:27:b4:74:9c:0b:ee:ef:fa:c1:c0:
e1:75:f0:f7:39:98:68:a2:e4:9e:68:88:1c:45:f8:e1:3d:aa:
ec:fa:86:4e:5d:61:f2:06:51:88:cc:14:09:e2:ec:ef:73:44:
d0:31:34:3e:a8:b7:20:f1:65:34:6d:ef:3c:28:41:c4:e8:32:
74:c8:81:db:16:a0:f2:fd:d6:e1:bf:49:76:cf:4a:5e:8d:e4:
46:a5:db:10:ae:40:21:01:76:52:bd:56:c2:e8:bb:8a:cf:9d:
6a:01:9b:3f:9e:57:d2:3b:e3:39:f2:bc:08:b9:9b:99:ff:3b:
6c:73:bc:61:dc:b1:ae:c5:0a:a4:c0:d4:3c:6f:a5:35:d8:8c:
a6:bb:7f:e4:75:ac:e2:70:4a:6a:b9:fc:48:fe:c2:1b:fe:76:
17:02:46:45:04:81:ef:db:e3:7d:9b:d7:dc:2e:21:3b:59:f9:
2e:4c:7f:57
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCREwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwMzEzMTkzMTEyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYxZmVmZi1lN2MxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy3lWBS8lfNZ+sagadxGjmpQiKmPbgN66bJS9g3mT3ToJtVMHNVythwfsOPd/
T2BxpkkdHnwexOaXXfak3ZhiWv7mZj1oUySy6BZIWup9iR8mTcAoPJP3RmOXE1Mu
3lmL/+5/zNL2WdErVZpqGW8qT1yHcwJ6DqEsvMoJR4g+hnRfbxrpxOZHd2u2U35q
+cnATNFCs252FO1H3BWvPjyVz/wAYObLC4kZYGoRqEG0R2eHADV22rbBn7H+Z1Wi
s7DavNnpXjWUKNnl74Y5Mijj7/b9J4jcw5U63zicpXVPFYnndlbYBHMTtaRQVc+C
DkTJB99snJRn7eCxk8ATXwrRVwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFNg9dbSx
LGc0RPggxvxovl+LRuXAMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvM0Y3NkU2QkNF
MTcwMTFFRTk5MDJBRDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAQ7AggMEAg7AiDANBgkqhkiG9w0BAQsFAAOCAQEAH2U+
gJRNtm77dboG8JLvlU1wzOqf1A4GEmuN1uljEhMiZzAUX/6F/LY9plkAomOWy7HB
4fqFY28Gyfsi55DXcYw4cwwAM2UAH0cQku53CSontHScC+7v+sHA4XXw9zmYaKLk
nmiIHEX44T2q7PqGTl1h8gZRiMwUCeLs73NE0DE0Pqi3IPFlNG3vPChBxOgydMiB
2xag8v3W4b9Jds9KXo3kRqXbEK5AIQF2Ur1Wwui7is+dagGbP55X0jvjOfK8CLmb
mf87bHO8YdyxrsUKpMDUPG+lNdiMprt/5HWs4nBKarn8SP7CG/52FwJGRQSB79vj
fZvX3C4hO1n5Lkx/Vw==
-----END CERTIFICATE-----
Generated at Wed Mar 13 23:03:50 2024 by rpki-client on console-fra.rpki-client.org