Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/6A57E01CBC4811EFA298C04EC4F9AE02.roa
File: 6A57E01CBC4811EFA298C04EC4F9AE02.roa (raw, json)
Hash identifier: xXq9MKLV219XvMyL6Te/aAezG0vbHF8RBn/YGHRNFb8=
Subject key identifier: 16:78:B7:7A:0A:47:89:38:24:95:B1:C9:63:07:15:36:E3:EE:AB:0E
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0BC1
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/6A57E01CBC4811EFA298C04EC4F9AE02.roa
Signing time: Thu 26 Dec 2024 19:16:15 +0000
ROA not before: Thu 26 Dec 2024 19:16:15 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 62425
IP address blocks: 14.192.142.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 10:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3009 (0xbc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Dec 26 19:16:15 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=676dab7f-8151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9b:4b:42:e1:bc:50:8c:1b:03:7d:78:e1:10:
4a:dc:34:df:ae:0a:7b:f9:c0:60:2b:2c:43:da:ed:
42:00:b0:be:49:b6:d4:f0:c3:c7:1d:d4:71:cd:89:
19:37:7b:67:0a:42:5d:1b:65:ee:ca:cd:d7:e0:60:
85:d7:9d:86:be:93:b3:e4:76:65:9b:25:ac:48:b7:
4e:31:44:a9:34:63:a4:96:11:ec:97:19:50:ad:9d:
0f:22:9d:5e:df:f6:fc:4b:1a:3f:e0:d2:d6:4d:7d:
77:de:1e:d3:b6:13:87:68:9a:3a:9c:a6:da:8a:9a:
c4:43:e2:4f:f1:e5:77:dd:c8:b9:5d:1f:99:d5:a2:
46:8e:3b:3e:81:d7:f1:93:c2:36:f4:93:68:5a:85:
71:10:bc:a0:c8:38:a8:ed:f9:b2:7a:cf:90:4e:03:
f6:3d:86:6c:40:33:4d:86:23:d4:3c:21:31:53:9a:
46:73:76:9b:e2:2c:8e:ce:fd:7d:23:06:e7:b2:92:
da:30:f5:41:56:d2:25:59:1d:68:8e:26:53:d9:7d:
cb:8b:d9:93:1d:98:44:ac:c9:f4:d8:34:18:0e:9f:
ea:f7:d5:a3:4c:89:ee:89:e3:f4:1e:b0:7e:07:51:
c0:b9:9b:8c:e7:93:df:dd:ad:95:df:24:8b:61:f9:
1c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:78:B7:7A:0A:47:89:38:24:95:B1:C9:63:07:15:36:E3:EE:AB:0E
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/6A57E01CBC4811EFA298C04EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.142.0/24
14.192.151.0-14.192.152.255
Signature Algorithm: sha256WithRSAEncryption
50:fd:a3:4f:b6:f6:b7:58:ea:0e:41:2e:ac:3f:40:ad:7e:ad:
9f:0e:c9:fd:b2:cf:8b:28:9c:7f:c8:2d:3d:73:6f:78:c7:7e:
21:89:dd:b0:b3:bc:92:4f:50:67:51:8b:41:67:58:b0:78:38:
74:cd:b7:0a:6f:eb:5c:34:33:bf:81:ff:a7:5f:db:92:d1:96:
f9:b1:ae:37:fa:68:ce:e4:89:52:d0:32:67:ca:25:84:b4:82:
0c:ee:b9:9d:bb:26:70:c0:81:8d:24:db:df:b7:f8:bb:dc:39:
c7:7b:97:34:dc:e5:c7:08:5d:c7:ef:b1:69:b6:63:0c:0f:8c:
ad:8e:41:9c:4c:25:45:99:fd:a6:66:c4:f3:b2:44:6a:32:59:
3e:6c:d2:8b:cb:61:69:a6:17:3d:c1:89:8a:48:35:64:46:e0:
64:6d:50:32:c5:2e:51:80:56:f5:93:3c:ba:59:aa:32:9a:3c:
1d:33:ce:d8:85:e0:35:31:e8:6b:bf:0e:4a:e6:9f:34:90:a7:
67:f6:8a:2b:86:32:03:a1:9a:c2:57:94:f7:86:0d:ca:fc:dd:
ba:bb:21:26:d1:f3:39:66:03:3c:91:27:3c:d4:08:94:ae:ca:
cf:13:8d:a7:45:dd:6c:97:96:e2:7b:0a:87:d4:a1:46:38:f5:
86:5c:e6:25
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICC8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQxMjI2MTkxNjE1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZkYWI3Zi04MTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs5tLQuG8UIwbA3144RBK3DTfrgp7+cBgKyxD2u1CALC+SbbU8MPHHdRxzYkZ
N3tnCkJdG2Xuys3X4GCF152GvpOz5HZlmyWsSLdOMUSpNGOklhHslxlQrZ0PIp1e
3/b8Sxo/4NLWTX133h7TthOHaJo6nKbaiprEQ+JP8eV33ci5XR+Z1aJGjjs+gdfx
k8I29JNoWoVxELygyDio7fmyes+QTgP2PYZsQDNNhiPUPCExU5pGc3ab4iyOzv19
IwbnspLaMPVBVtIlWR1ojiZT2X3Li9mTHZhErMn02DQYDp/q99WjTInuieP0HrB+
B1HAuZuM55Pf3a2V3ySLYfkcSQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFBZ4t3oK
R4k4JJWxyWMHFTbj7qsOMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNkE1N0UwMUNC
QzQ4MTFFRkEyOThDMDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAAOwI4wDAMEAA7AlwMEAA7AmDANBgkqhkiG9w0BAQsFAAOC
AQEAUP2jT7b2t1jqDkEurD9ArX6tnw7J/bLPiyicf8gtPXNveMd+IYndsLO8kk9Q
Z1GLQWdYsHg4dM23Cm/rXDQzv4H/p1/bktGW+bGuN/pozuSJUtAyZ8olhLSCDO65
nbsmcMCBjSTb37f4u9w5x3uXNNzlxwhdx++xabZjDA+MrY5BnEwlRZn9pmbE87JE
ajJZPmzSi8thaaYXPcGJikg1ZEbgZG1QMsUuUYBW9ZM8ulmqMpo8HTPO2IXgNTHo
a78OSuafNJCnZ/aKK4YyA6GawleU94YNyvzdurshJtHzOWYDPJEnPNQIlK7KzxON
p0XdbJeW4nsKh9ShRjj1hlzmJQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:34 2025 by rpki-client