Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/6FF3915EBC6D11EFB4C4B622C4F9AE02.roa
File: 6FF3915EBC6D11EFB4C4B622C4F9AE02.roa (raw, json)
Hash identifier: MCTTOnp1Zfg3wKE2PPHTVEM9JVedVKpGmfYhc0llssA=
Subject key identifier: B9:34:6C:8B:14:B0:9C:06:68:F4:E6:30:10:65:99:6C:96:5F:1D:58
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0BB2
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/6FF3915EBC6D11EFB4C4B622C4F9AE02.roa
Signing time: Tue 17 Dec 2024 11:52:49 +0000
ROA not before: Tue 17 Dec 2024 11:52:49 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 208485
IP address blocks: 14.192.136.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:05:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2994 (0xbb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Dec 17 11:52:49 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67616611-082e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:be:ba:00:5d:50:71:91:70:9b:57:cc:8b:a3:
bc:98:19:52:47:e6:d1:4a:69:1b:14:46:d5:2f:27:
ce:b6:a0:67:e6:43:cd:9f:27:96:7a:bc:db:af:cd:
5d:c9:44:6f:bf:54:11:5c:5b:e3:d1:54:2d:85:47:
ff:97:e2:84:a5:0b:aa:b2:cd:40:77:30:95:b9:ff:
40:79:d8:a9:16:98:e1:d2:f8:fa:53:96:c5:2d:67:
30:56:0f:10:46:8f:4f:70:3b:be:ce:24:84:1b:a7:
2f:78:27:2f:3d:5d:23:d9:42:68:51:6f:89:62:7e:
bd:d7:44:53:73:f7:ec:00:c2:3c:9a:68:5f:1b:4f:
1b:1b:01:9a:80:1c:00:77:d3:97:b6:ea:59:04:dd:
8b:90:02:70:4f:80:07:8c:3b:f6:f3:31:33:45:35:
a7:4f:ae:2b:59:33:1a:fa:ed:49:8f:20:42:fd:64:
6e:70:8a:7a:f7:86:b3:30:1f:86:7f:d8:5f:b7:2f:
c6:eb:95:f7:f0:5e:02:84:1d:49:bc:2f:93:b3:3c:
21:af:0b:75:00:3b:ac:5c:53:2a:f3:57:db:85:0c:
fb:ae:18:cf:a2:f2:37:e1:c4:08:18:76:d5:42:13:
87:e3:0e:4a:d6:7a:ca:67:e2:20:92:6a:f4:f1:8a:
63:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:34:6C:8B:14:B0:9C:06:68:F4:E6:30:10:65:99:6C:96:5F:1D:58
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/6FF3915EBC6D11EFB4C4B622C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.136.0/24
14.192.138.0/23
14.192.143.0/24
14.192.145.0-14.192.146.255
14.192.158.0/23
43.247.123.0/24
103.20.133.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:86:49:34:62:46:d2:32:3a:db:e0:cf:8a:30:c5:ac:ec:5f:
15:e0:a8:8d:c1:d0:b0:53:e5:5c:43:d5:f3:c3:3a:06:f4:5e:
7c:71:52:00:ef:5b:55:3a:38:f0:55:bb:a9:ba:8d:a8:72:08:
94:7c:82:b3:a1:62:c7:1b:c8:6a:68:d0:34:1e:84:ba:4f:c8:
fe:14:ca:1c:45:17:3b:ab:53:e8:0e:e7:89:21:d4:68:be:4c:
30:58:44:27:e4:9f:ac:b6:6d:10:11:c1:6d:95:2f:40:fd:c9:
62:62:b5:7c:fc:54:69:a3:78:d8:97:ac:ff:3e:a4:e4:fa:c9:
a6:fc:22:fd:90:30:14:7b:64:2e:74:6f:8c:bb:63:fe:82:f7:
bd:91:56:df:3a:bd:75:64:dc:28:94:e0:38:de:41:e1:cd:b9:
b1:21:b7:ea:d0:06:d2:89:d8:cf:5c:e6:55:4c:ba:d4:28:53:
7e:5d:47:b1:1e:f8:c1:a7:76:ab:10:65:7e:0b:c6:7b:2a:fb:
52:00:f7:fb:14:0e:f2:06:5a:34:82:26:49:13:f9:ef:d4:79:
5a:58:f0:d7:69:19:a1:5a:6a:cd:e9:c6:c0:15:d6:9f:72:f3:
49:2c:68:7d:d7:fa:28:7e:11:83:63:8f:4d:da:de:5f:a2:b5:
d3:ca:5f:87
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICC7IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQxMjE3MTE1MjQ5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYxNjYxMS0wODJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5L66AF1QcZFwm1fMi6O8mBlSR+bRSmkbFEbVLyfOtqBn5kPNnyeWerzbr81d
yURvv1QRXFvj0VQthUf/l+KEpQuqss1AdzCVuf9AedipFpjh0vj6U5bFLWcwVg8Q
Ro9PcDu+ziSEG6cveCcvPV0j2UJoUW+JYn6910RTc/fsAMI8mmhfG08bGwGagBwA
d9OXtupZBN2LkAJwT4AHjDv28zEzRTWnT64rWTMa+u1JjyBC/WRucIp694azMB+G
f9hfty/G65X38F4ChB1JvC+Tszwhrwt1ADusXFMq81fbhQz7rhjPovI34cQIGHbV
QhOH4w5K1nrKZ+Igkmr08YpjpQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFLk0bIsU
sJwGaPTmMBBlmWyWXx1YMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNkZGMzkxNUVC
QzZEMTFFRkI0QzRCNjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MDgEAgABMDIDBAAOwIgDBAEOwIoDBAAOwI8wDAMEAA7AkQMEAA7AkgMEAQ7A
ngMEACv3ewMEAGcUhTANBgkqhkiG9w0BAQsFAAOCAQEAo4ZJNGJG0jI62+DPijDF
rOxfFeCojcHQsFPlXEPV88M6BvRefHFSAO9bVTo48FW7qbqNqHIIlHyCs6FixxvI
amjQNB6Euk/I/hTKHEUXO6tT6A7niSHUaL5MMFhEJ+SfrLZtEBHBbZUvQP3JYmK1
fPxUaaN42Jes/z6k5PrJpvwi/ZAwFHtkLnRvjLtj/oL3vZFW3zq9dWTcKJTgON5B
4c25sSG36tAG0onYz1zmVUy61ChTfl1HsR74wad2qxBlfgvGeyr7UgD3+xQO8gZa
NIImSRP579R5Wljw12kZoVpqzenGwBXWn3LzSSxofdf6KH4Rg2OPTdreX6K108pf
hw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:37 2025 by rpki-client