Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/67DF25F8589C11EFBFA45260C4F9AE02.roa
File: 67DF25F8589C11EFBFA45260C4F9AE02.roa (raw, json)
Hash identifier: GgJF/9i+tO9PMQ51PaspkVgPT6D1ZsJgzJunq8hYJz8=
Subject key identifier: B3:E2:FE:F4:40:11:BD:2D:5B:B9:E6:91:66:EC:BF:03:8A:EC:12:89
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0ADB
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/67DF25F8589C11EFBFA45260C4F9AE02.roa
Signing time: Sat 28 Sep 2024 08:25:12 +0000
ROA not before: Sat 28 Sep 2024 08:25:12 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 55154
IP address blocks: 14.192.133.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 16:24:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2779 (0xadb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Sep 28 08:25:12 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66f7bd68-e573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:de:d9:68:62:19:6f:72:94:e3:6f:c1:3e:2e:
03:65:03:7f:68:f1:cf:97:2e:1d:77:27:32:57:4f:
e4:0b:02:83:c0:aa:3d:b0:70:3a:2d:cc:59:70:e3:
f0:20:94:d3:12:51:5d:b0:e4:58:a6:31:1b:e4:50:
cd:e4:51:40:85:6d:18:0d:11:ed:0f:7b:6e:51:d0:
83:a4:4d:90:5e:be:3b:4d:8b:d3:2c:62:c8:bd:bf:
41:b4:96:5b:b8:46:83:e3:60:0b:1a:08:0e:48:23:
1d:63:f3:c0:06:8f:ae:7d:1e:91:de:25:53:41:ee:
19:52:5e:20:b7:b0:82:f5:59:46:af:ba:a6:2d:f0:
fc:d3:5f:83:51:bb:a9:29:26:01:00:51:56:62:bb:
26:89:ae:21:47:ee:3d:91:2d:a9:29:1c:b4:42:20:
29:f1:09:c4:40:22:51:8a:5b:b3:77:2f:58:c2:21:
71:54:92:7e:ac:d6:23:3b:1e:92:2b:9a:ec:fa:f1:
26:2c:f4:17:dd:97:22:2b:34:a0:ec:93:58:8e:1c:
00:b0:2e:eb:fc:45:82:67:bf:f2:2e:e4:5e:ad:51:
d5:da:dc:e1:f8:d1:ff:be:e7:e9:00:28:32:66:0e:
f1:f3:c4:25:1f:dc:b6:d8:e2:f1:6c:2c:d3:78:e1:
24:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E2:FE:F4:40:11:BD:2D:5B:B9:E6:91:66:EC:BF:03:8A:EC:12:89
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/67DF25F8589C11EFBFA45260C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.133.0-14.192.134.255
14.192.153.0/24
14.192.156.0/23
Signature Algorithm: sha256WithRSAEncryption
30:5f:4c:06:70:37:3a:b7:56:7c:5f:55:07:6c:ae:06:44:0e:
bf:63:ee:78:76:26:88:50:c4:2f:8f:93:10:49:a4:b7:55:61:
6c:62:36:33:82:30:ec:b6:6e:b2:67:da:e9:df:68:da:81:ed:
c0:11:f3:e2:b6:72:64:ae:24:4a:79:7b:b7:2f:a0:11:d4:4a:
9c:ff:d2:f4:18:4b:15:c3:80:3e:31:6a:d4:5e:60:6b:b7:09:
d1:01:0f:88:da:7d:d6:30:32:f2:b3:28:77:93:64:44:c0:a6:
c7:7f:c7:71:a8:ab:78:04:f0:ca:74:8f:cb:ca:49:27:34:3f:
8f:37:04:aa:74:3d:62:f7:9d:d6:1b:1d:23:8f:a2:a0:b8:68:
fa:08:c6:e6:a3:14:dd:64:16:67:df:5c:2c:59:c8:58:3f:92:
d5:bb:34:b8:fd:75:29:a3:32:64:ca:ee:53:fe:db:92:f6:25:
06:d8:ec:40:b5:aa:e9:5b:5b:34:b6:a3:14:32:5f:52:55:03:
06:6c:e8:37:f5:ad:62:4f:13:22:09:25:16:ec:1c:72:6d:85:
85:be:3b:60:46:c5:19:90:40:96:63:dd:17:1b:de:de:08:8c:
f8:a3:1a:e8:13:85:a4:c7:60:60:c9:7d:7c:22:96:7b:d5:b5:
41:00:67:3c
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwOTI4MDgyNTEyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY3YmQ2OC1lNTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu97ZaGIZb3KU42/BPi4DZQN/aPHPly4ddycyV0/kCwKDwKo9sHA6LcxZcOPw
IJTTElFdsORYpjEb5FDN5FFAhW0YDRHtD3tuUdCDpE2QXr47TYvTLGLIvb9BtJZb
uEaD42ALGggOSCMdY/PABo+ufR6R3iVTQe4ZUl4gt7CC9VlGr7qmLfD801+DUbup
KSYBAFFWYrsmia4hR+49kS2pKRy0QiAp8QnEQCJRiluzdy9YwiFxVJJ+rNYjOx6S
K5rs+vEmLPQX3ZciKzSg7JNYjhwAsC7r/EWCZ7/yLuRerVHV2tzh+NH/vufpACgy
Zg7x88QlH9y22OLxbCzTeOEkgwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFLPi/vRA
Eb0tW7nmkWbsvwOK7BKJMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNjdERjI1Rjg1
ODlDMTFFRkJGQTQ1MjYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAA7AhQMEAA7AhgMEAA7AmQMEAQ7AnDANBgkqhkiG9w0B
AQsFAAOCAQEAMF9MBnA3OrdWfF9VB2yuBkQOv2PueHYmiFDEL4+TEEmkt1VhbGI2
M4Iw7LZusmfa6d9o2oHtwBHz4rZyZK4kSnl7ty+gEdRKnP/S9BhLFcOAPjFq1F5g
a7cJ0QEPiNp91jAy8rMod5NkRMCmx3/HcaireATwynSPy8pJJzQ/jzcEqnQ9Yved
1hsdI4+ioLho+gjG5qMU3WQWZ99cLFnIWD+S1bs0uP11KaMyZMruU/7bkvYlBtjs
QLWq6VtbNLajFDJfUlUDBmzoN/WtYk8TIgklFuwccm2Fhb47YEbFGZBAlmPdFxve
3giM+KMa6BOFpMdgYMl9fCKWe9W1QQBnPA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:22 2025 by rpki-client