Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/42E95D8ED35A11EFA72B1286C4F9AE02.roa
File: 42E95D8ED35A11EFA72B1286C4F9AE02.roa (raw, json)
Hash identifier: e4GJFdKpDDCg2Akt56CGHI2UUjh8te5+VJOZeT3trrc=
Subject key identifier: 3A:92:1C:0C:E3:FB:18:B0:AA:20:34:A1:9F:54:02:FF:55:1A:43:E8
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0C12
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/42E95D8ED35A11EFA72B1286C4F9AE02.roa
Signing time: Thu 16 Jan 2025 11:55:25 +0000
ROA not before: Thu 16 Jan 2025 11:55:25 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 208485
IP address blocks: 14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Jan 2025 10:44:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3090 (0xc12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jan 16 11:55:25 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6788f3ad-537d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:33:0c:01:1a:5d:a3:b1:04:73:ce:6a:f7:e8:
ee:f7:91:36:c6:c6:25:a7:ca:0c:fe:4d:8c:45:78:
d4:3d:e3:8e:c3:37:a8:ba:51:69:b9:53:ef:7b:9a:
8f:6b:c6:0f:f1:9b:47:91:a0:9b:73:29:70:b7:9d:
30:67:0d:59:a2:64:76:8d:5f:73:1c:be:89:3c:00:
d8:70:ca:95:01:e0:19:d3:f6:83:b1:bc:ee:be:74:
27:37:e8:2f:a7:12:1b:a5:67:d2:a9:63:d5:05:03:
5b:cf:bb:dd:88:b7:0b:d5:95:c7:6d:20:22:4c:3c:
54:4c:1b:d4:17:c7:1f:34:ad:16:23:10:56:7b:f6:
47:42:1e:96:10:59:28:29:24:16:43:61:62:ce:0d:
78:ed:17:25:97:23:9b:a0:80:c3:20:54:bd:67:48:
28:de:ea:7f:3d:e6:38:c2:ed:78:72:a8:b8:fa:19:
74:46:be:d2:68:30:a9:28:a4:a2:e6:2b:7a:92:aa:
ee:90:6d:cc:ea:29:ab:05:48:0e:ee:b4:68:0f:11:
43:19:58:94:51:f0:10:13:af:d8:ea:89:5c:35:23:
14:ca:3f:ff:ae:66:8f:03:a1:54:bf:26:5b:16:a4:
03:ab:4d:75:e8:94:3f:8d:c2:ef:8c:84:40:df:f2:
32:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:92:1C:0C:E3:FB:18:B0:AA:20:34:A1:9F:54:02:FF:55:1A:43:E8
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/42E95D8ED35A11EFA72B1286C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.138.0/23
14.192.143.0/24
14.192.145.0/24
14.192.158.0/24
43.247.123.0/24
103.20.133.0/24
103.20.135.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:d1:f1:92:ad:0a:77:cd:20:2a:26:2e:7f:b1:8d:47:b4:36:
8d:60:ab:e8:83:2b:ed:1d:f6:16:2a:46:13:e8:d0:5d:6b:8a:
78:f0:ef:f6:25:60:8c:28:02:67:03:4e:3c:5e:18:81:6a:06:
51:5d:a1:64:0d:4a:85:3f:e7:00:be:b3:b7:db:4c:93:76:ca:
3b:3e:e7:3f:5a:b8:5d:fd:06:22:8d:83:22:dd:a9:db:35:25:
2c:e0:db:26:a2:ed:d9:9f:0b:89:98:6d:de:20:db:f6:83:f2:
44:eb:01:21:ee:bd:21:7b:05:33:db:ab:9a:b0:cf:bb:55:88:
c4:d6:be:f9:1d:f3:7a:fc:d4:82:c3:5b:76:7d:11:9a:83:a7:
5f:a3:89:70:2b:75:cc:7f:5b:5f:f4:bb:0f:00:95:25:de:ba:
2f:d0:21:26:07:85:10:ff:b3:c0:7a:fe:ef:52:24:75:7e:c0:
b5:32:98:6f:1c:05:29:a8:af:f4:a8:c0:c2:c9:2b:c2:09:15:
7c:90:56:c6:82:bc:27:e5:0c:8d:19:73:17:fb:73:48:c7:21:
53:42:f2:ba:f2:e1:1a:7a:ed:83:d0:e2:98:54:7f:df:41:7c:
1c:dd:90:98:2a:db:f1:bb:2e:fe:3a:ea:ed:c2:62:69:61:25:
0f:9f:ab:bb
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICDBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTE2MTE1NTI1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg4ZjNhZC01MzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuTMMARpdo7EEc85q9+ju95E2xsYlp8oM/k2MRXjUPeOOwzeoulFpuVPve5qP
a8YP8ZtHkaCbcylwt50wZw1ZomR2jV9zHL6JPADYcMqVAeAZ0/aDsbzuvnQnN+gv
pxIbpWfSqWPVBQNbz7vdiLcL1ZXHbSAiTDxUTBvUF8cfNK0WIxBWe/ZHQh6WEFko
KSQWQ2Fizg147RcllyOboIDDIFS9Z0go3up/PeY4wu14cqi4+hl0Rr7SaDCpKKSi
5it6kqrukG3M6imrBUgO7rRoDxFDGViUUfAQE6/Y6olcNSMUyj//rmaPA6FUvyZb
FqQDq0116JQ/jcLvjIRA3/Iy2QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFDqSHAzj
+xiwqiA0oZ9UAv9VGkPoMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNDJFOTVEOEVE
MzVBMTFFRkE3MkIxMjg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAEOwIoDBAAOwI8DBAAOwJEDBAAOwJ4DBAAr93sDBABnFIUD
BABnFIcwDQYJKoZIhvcNAQELBQADggEBALXR8ZKtCnfNIComLn+xjUe0No1gq+iD
K+0d9hYqRhPo0F1rinjw7/YlYIwoAmcDTjxeGIFqBlFdoWQNSoU/5wC+s7fbTJN2
yjs+5z9auF39BiKNgyLdqds1JSzg2yai7dmfC4mYbd4g2/aD8kTrASHuvSF7BTPb
q5qwz7tViMTWvvkd83r81ILDW3Z9EZqDp1+jiXArdcx/W1/0uw8AlSXeui/QISYH
hRD/s8B6/u9SJHV+wLUymG8cBSmor/SowMLJK8IJFXyQVsaCvCflDI0Zcxf7c0jH
IVNC8rry4Rp67YPQ4phUf99BfBzdkJgq2/G7Lv466u3CYmlhJQ+fq7s=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:11 2025 by rpki-client