Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/53BF74C0669C11EFB4B74C6CC4F9AE02.roa
File: 53BF74C0669C11EFB4B74C6CC4F9AE02.roa (raw, json)
Hash identifier: Ym5OIzr6+7L5Q6Nv6Eqh7WR07HoSZ/du+KfzOd9n0jM=
Subject key identifier: 28:45:C5:49:BF:4F:33:0A:6D:48:4B:81:11:E1:5A:8F:93:70:F8:FB
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0AAD
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/53BF74C0669C11EFB4B74C6CC4F9AE02.roa
Signing time: Sat 07 Sep 2024 20:30:31 +0000
ROA not before: Sat 07 Sep 2024 20:30:31 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/19 maxlen: 19
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Sun 22 Sep 2024 11:51:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2733 (0xaad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Sep 7 20:30:31 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66dcb7e7-8d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1d:34:49:d0:f5:ab:67:09:3e:59:6d:16:7a:
a3:23:82:9e:7a:aa:15:a6:ef:0b:76:4e:1c:ec:14:
29:cd:1f:94:4b:cc:51:8a:1e:f9:bf:fa:f8:6f:91:
83:f6:16:f7:2c:b4:f1:36:09:0c:9c:eb:0e:a4:2e:
2f:8e:89:d6:b2:21:c6:88:ec:39:f5:68:f6:78:ff:
c6:2b:a4:cf:a5:d2:51:7f:62:6b:f7:85:56:63:72:
7b:ce:af:c7:4e:01:22:5e:57:ec:44:d4:28:9d:65:
af:62:6c:0b:6f:bc:4a:56:82:d3:4d:17:7e:56:91:
ef:3d:4d:8b:8f:b0:4e:be:10:7d:ad:87:8d:05:7a:
8f:c2:a1:4d:81:99:74:2d:b1:04:35:c2:c1:e2:8d:
41:33:d2:ae:2f:fd:3d:9c:79:12:85:53:18:c5:e9:
d5:be:80:b8:c4:9f:62:2d:1e:ec:ac:2e:19:e0:72:
a2:ef:14:7e:38:f0:ec:f7:13:30:a8:94:b5:f9:8d:
0c:fc:3c:48:4a:8a:7c:96:1d:e3:84:dc:51:17:59:
18:de:b5:12:c8:3d:fc:58:2a:a4:b0:68:2a:9f:df:
29:4c:76:66:69:71:5d:e0:af:e5:27:e4:40:e4:0d:
ff:57:17:12:e1:1e:82:69:ad:1b:da:a3:ed:44:67:
af:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:45:C5:49:BF:4F:33:0A:6D:48:4B:81:11:E1:5A:8F:93:70:F8:FB
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/53BF74C0669C11EFB4B74C6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0/24
14.192.133.0/24
14.192.135.0-14.192.136.255
14.192.139.0/24
14.192.143.0/24
14.192.145.0-14.192.147.255
14.192.149.0-14.192.150.255
14.192.155.0/24
14.192.159.0/24
43.247.120.0/22
103.20.133.0-103.20.135.255
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
94:73:b4:a5:da:2f:f4:08:15:cf:59:24:3a:a3:4a:36:01:57:
d6:bb:b8:65:9e:25:de:be:c9:90:be:a2:10:31:c7:9b:d6:ec:
d9:6b:d8:9b:04:91:7c:c8:b8:8c:9e:95:97:41:3b:c7:fd:5d:
78:b1:61:4b:1c:80:a5:54:63:6b:41:8c:ab:0c:be:86:60:cf:
2f:a6:9f:f1:65:73:0f:1a:4d:79:6b:3e:01:ca:4b:19:2f:40:
b0:2e:cc:87:a8:0e:ec:bd:f8:28:b8:5f:a8:71:3b:ba:91:3d:
9d:8d:16:3c:18:14:c9:79:2e:b6:b6:aa:48:4c:30:9d:d0:7d:
28:29:f2:7a:4f:26:e7:8b:50:8b:1c:8a:c4:48:7b:a9:0d:7d:
55:62:10:ad:13:ed:6d:84:1a:08:8e:71:0f:9c:65:07:c7:3c:
79:fc:42:0e:1d:07:6f:32:9d:9f:1e:1c:e7:a4:49:3b:33:dd:
79:d6:0f:f8:da:46:13:bd:95:6a:69:eb:0b:57:7b:35:d3:ce:
32:80:9e:5c:1d:fe:52:01:47:ec:a2:a8:72:f7:02:93:e1:35:
6b:c1:06:8a:1f:c4:54:bc:cb:1b:db:19:2d:4d:bc:2d:52:d7:
b8:bf:2a:55:77:54:5f:9f:e2:db:f6:9b:60:3d:b6:da:00:5d:
c3:45:e1:23
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgICCq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwOTA3MjAzMDMxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmRjYjdlNy04ZDk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyh00SdD1q2cJPlltFnqjI4KeeqoVpu8Ldk4c7BQpzR+US8xRih75v/r4b5GD
9hb3LLTxNgkMnOsOpC4vjonWsiHGiOw59Wj2eP/GK6TPpdJRf2Jr94VWY3J7zq/H
TgEiXlfsRNQonWWvYmwLb7xKVoLTTRd+VpHvPU2Lj7BOvhB9rYeNBXqPwqFNgZl0
LbEENcLB4o1BM9KuL/09nHkShVMYxenVvoC4xJ9iLR7srC4Z4HKi7xR+OPDs9xMw
qJS1+Y0M/DxISop8lh3jhNxRF1kY3rUSyD38WCqksGgqn98pTHZmaXFd4K/lJ+RA
5A3/VxcS4R6Caa0b2qPtRGevjQIDAQABo4IDDzCCAwswHQYDVR0OBBYEFChFxUm/
TzMKbUhLgRHhWo+TcPj7MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNTNCRjc0QzA2
NjlDMTFFRkI0Qjc0QzZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZgGCCsGAQUFBwEHAQH/
BIGIMIGFMHQEAgABMG4DBAEOwIADBAAOwIMDBAAOwIUwDAMEAA7AhwMEAA7AiAME
AA7AiwMEAA7AjzAMAwQADsCRAwQCDsCQMAwDBAAOwJUDBAAOwJYDBAAOwJsDBAAO
wJ8DBAIr93gwDAMEAGcUhQMEA2cUgAMEBW9cgDANBAIAAjAHAwUAJAN5gDANBgkq
hkiG9w0BAQsFAAOCAQEAlHO0pdov9AgVz1kkOqNKNgFX1ru4ZZ4l3r7JkL6iEDHH
m9bs2WvYmwSRfMi4jJ6Vl0E7x/1deLFhSxyApVRja0GMqwy+hmDPL6af8WVzDxpN
eWs+AcpLGS9AsC7Mh6gO7L34KLhfqHE7upE9nY0WPBgUyXkutraqSEwwndB9KCny
ek8m54tQixyKxEh7qQ19VWIQrRPtbYQaCI5xD5xlB8c8efxCDh0HbzKdnx4c56RJ
OzPdedYP+NpGE72VamnrC1d7NdPOMoCeXB3+UgFH7KKocvcCk+E1a8EGih/EVLzL
G9sZLU28LVLXuL8qVXdUX5/i2/abYD222gBdw0XhIw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:14 2025 by rpki-client