Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/47CBC1CA646A11EF94F74224C4F9AE02.roa
File: 47CBC1CA646A11EF94F74224C4F9AE02.roa (raw, json)
Hash identifier: y5O38yppL0M4LQdEieV1bCzASpucN5K02t6DtL1xc98=
Subject key identifier: 9A:AC:3B:9A:E2:6B:92:C5:8E:3F:AD:15:E5:51:E1:08:0D:18:4E:E1
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0AA6
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/47CBC1CA646A11EF94F74224C4F9AE02.roa
Signing time: Tue 03 Sep 2024 18:35:01 +0000
ROA not before: Tue 03 Sep 2024 18:35:01 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 205220
IP address blocks: 14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 03:20:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2726 (0xaa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Sep 3 18:35:01 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66d756d5-a70f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ee:62:2e:18:fe:7b:7e:b4:5e:fc:9a:99:bc:
76:42:4a:ec:60:29:00:14:be:aa:20:b2:18:d6:d9:
32:17:89:fb:d3:ff:07:3e:87:d7:19:46:3d:00:9e:
ea:d8:90:b3:ca:7d:58:d6:cf:1b:ce:3a:92:82:f9:
56:2a:cd:64:2d:5e:20:75:7c:12:cb:bb:9a:71:c1:
24:ec:a2:28:f0:09:a3:c2:79:0f:35:e4:95:8e:0f:
bd:e9:e0:c1:83:26:eb:b1:6c:67:44:92:80:34:74:
41:5a:ad:bd:8c:34:0f:db:11:a2:d2:69:ab:19:f6:
8d:fe:b2:4d:da:f4:a4:4c:77:7f:92:24:9f:a7:bf:
3a:cf:be:b2:de:7d:d3:01:79:3d:b0:1d:42:bf:a3:
9c:e9:35:bc:ef:8f:e9:55:56:2c:5b:f5:04:20:cf:
c9:9a:a5:22:38:12:cc:fb:33:ba:1e:b8:cf:46:83:
b8:aa:be:90:70:1f:af:bf:2f:ff:44:bd:8f:fd:c4:
a2:ae:7c:2d:af:3e:d0:d5:66:7e:f7:ed:20:3a:ea:
4e:de:ed:10:f8:f7:97:b7:3f:9a:3b:26:e6:e1:2d:
ee:34:d7:c4:cf:72:34:24:e2:78:b4:66:92:30:f6:
1f:f2:01:5e:21:59:2b:6e:6c:b9:4d:a6:10:0d:9c:
d8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AC:3B:9A:E2:6B:92:C5:8E:3F:AD:15:E5:51:E1:08:0D:18:4E:E1
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/47CBC1CA646A11EF94F74224C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.140.0/23
14.192.154.0/23
103.20.134.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:34:6b:fc:18:35:c9:85:c9:34:1d:51:2c:40:cc:f4:2c:a5:
30:95:0b:57:ad:64:1d:62:1b:05:18:f2:c6:79:d1:4f:38:c9:
cd:7a:f4:a6:c8:35:1e:1f:4e:3f:92:b3:98:ec:13:a1:42:01:
ed:8f:eb:eb:4d:34:6a:c4:b3:04:f0:88:09:16:ba:0d:6d:06:
5c:de:eb:82:17:43:5b:06:0b:89:a6:04:62:87:67:38:54:ab:
81:9a:cd:94:d0:7d:6c:d0:4f:b8:f1:5d:8f:50:5c:ab:e4:e1:
81:cb:6d:f8:ad:92:8a:bd:63:10:89:0f:0c:90:09:8f:3d:d5:
02:16:2a:15:20:8b:c4:0e:bc:20:d8:e8:c7:3b:cf:f1:0b:eb:
5b:87:47:db:1e:02:ca:86:3a:39:65:0b:ea:d0:82:78:45:73:
e3:80:5e:64:93:d1:eb:39:23:8a:8f:d5:59:12:21:35:55:d0:
77:7b:3c:9e:b3:ce:84:9c:33:12:c8:42:15:08:ff:a5:2c:fd:
3f:8f:38:8d:10:da:37:5c:c1:ae:83:a6:2c:40:f3:53:fe:3f:
09:f0:c5:ee:e0:ca:5a:9d:df:11:68:dc:40:e6:33:89:07:83:
35:02:c6:c0:05:9b:9b:1e:95:a5:2d:df:47:19:4c:92:9c:a5:
fc:08:7f:f1
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCqYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwOTAzMTgzNTAxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ3NTZkNS1hNzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmu5iLhj+e360Xvyambx2QkrsYCkAFL6qILIY1tkyF4n70/8HPofXGUY9AJ7q
2JCzyn1Y1s8bzjqSgvlWKs1kLV4gdXwSy7uaccEk7KIo8AmjwnkPNeSVjg+96eDB
gybrsWxnRJKANHRBWq29jDQP2xGi0mmrGfaN/rJN2vSkTHd/kiSfp786z76y3n3T
AXk9sB1Cv6Oc6TW874/pVVYsW/UEIM/JmqUiOBLM+zO6HrjPRoO4qr6QcB+vvy//
RL2P/cSirnwtrz7Q1WZ+9+0gOupO3u0Q+PeXtz+aOybm4S3uNNfEz3I0JOJ4tGaS
MPYf8gFeIVkrbmy5TaYQDZzYmQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJqsO5ri
a5LFjj+tFeVR4QgNGE7hMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNDdDQkMxQ0E2
NDZBMTFFRjk0Rjc0MjI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAEOwIwDBAEOwJoDBAFnFIYwDQYJKoZIhvcNAQELBQADggEB
ALI0a/wYNcmFyTQdUSxAzPQspTCVC1etZB1iGwUY8sZ50U84yc169KbINR4fTj+S
s5jsE6FCAe2P6+tNNGrEswTwiAkWug1tBlze64IXQ1sGC4mmBGKHZzhUq4GazZTQ
fWzQT7jxXY9QXKvk4YHLbfitkoq9YxCJDwyQCY891QIWKhUgi8QOvCDY6Mc7z/EL
61uHR9seAsqGOjllC+rQgnhFc+OAXmST0es5I4qP1VkSITVV0Hd7PJ6zzoScMxLI
QhUI/6Us/T+POI0Q2jdcwa6DpixA81P+Pwnwxe7gylqd3xFo3EDmM4kHgzUCxsAF
m5selaUt30cZTJKcpfwIf/E=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:19 2025 by rpki-client