Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/848BF064589C11EFB0107660C4F9AE02.roa
File: 848BF064589C11EFB0107660C4F9AE02.roa (raw, json)
Hash identifier: Uuo9mHVUtwh28L/ath2bzx5ywQcep4poj+EjD/SICg8=
Subject key identifier: 40:AD:44:99:CF:13:DA:0E:01:15:D4:2F:7F:F8:53:09:C5:DC:14:C4
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0A69
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/848BF064589C11EFB0107660C4F9AE02.roa
Signing time: Mon 12 Aug 2024 11:17:53 +0000
ROA not before: Mon 12 Aug 2024 11:17:53 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 197450
IP address blocks: 14.192.131.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 12:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2665 (0xa69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Aug 12 11:17:53 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66b9ef61-511a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:10:77:92:75:a8:86:1b:0e:07:c0:10:76:7f:
77:44:35:75:9b:d1:ab:68:3e:29:ea:9f:ea:7f:29:
24:1c:77:13:2d:e9:81:ab:45:74:c9:00:0e:8d:f2:
6d:54:ba:b9:45:78:4a:36:4b:f9:e9:60:f6:5d:66:
03:05:cd:20:d2:d0:1d:de:97:19:97:6d:a3:07:48:
b3:70:df:ff:73:ed:cd:96:cd:5f:f9:0d:45:82:e9:
42:2e:27:2c:e7:79:25:c3:87:56:a3:28:73:ac:f9:
61:98:e8:48:51:2b:39:3a:20:74:b0:42:dc:27:0f:
4d:d8:d5:92:de:f3:41:2b:dc:8f:d8:7e:a1:bb:9e:
74:72:9a:1a:73:00:3a:96:4e:85:a6:1e:74:8d:a5:
e1:5c:b3:03:c9:72:29:33:1f:4d:87:02:d6:a9:66:
a1:86:eb:37:aa:45:4d:60:88:85:6c:b6:62:03:8e:
37:46:15:31:2e:26:f0:da:29:2c:a0:58:bb:6f:e0:
30:ed:05:00:c1:b9:04:c0:b8:55:27:4f:8c:a9:46:
64:b4:2c:49:7b:73:ee:06:e6:08:23:38:8f:74:11:
90:ff:f4:65:71:16:b2:d3:14:b5:6e:22:4a:f8:e7:
5b:a8:9a:da:7b:01:a6:99:01:3b:b1:58:ab:55:16:
fb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:AD:44:99:CF:13:DA:0E:01:15:D4:2F:7F:F8:53:09:C5:DC:14:C4
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/848BF064589C11EFB0107660C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.131.0/24
14.192.135.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:a1:a3:fa:1e:e3:54:bc:59:71:0b:80:73:e0:78:65:bf:61:
19:8f:b7:80:a0:c3:ec:61:21:4a:43:23:f4:52:ca:77:af:42:
7f:59:82:e2:15:ed:02:75:c5:ee:df:9e:7b:ef:02:0d:39:03:
5c:6e:a5:49:1a:5b:cb:67:6d:ec:cf:7d:74:c3:f3:9e:d3:33:
59:6f:77:dc:23:71:27:78:11:49:b9:10:2c:ee:28:58:4b:bd:
a6:23:a2:bd:9b:1f:3e:8d:18:cc:13:9d:0e:66:03:3c:8b:9a:
09:f2:af:40:ba:d0:23:ef:31:66:5d:9a:9e:d1:80:49:f4:86:
96:4b:69:54:01:a2:5f:26:e9:63:26:73:46:dc:85:e7:f0:cd:
c4:71:9c:7d:e0:ee:cc:36:91:4b:13:ca:42:e2:d1:03:04:4a:
37:ce:a6:60:98:33:40:75:a8:52:ba:b6:b9:34:e9:74:dd:75:
fc:01:59:8d:aa:ca:ab:72:ea:cd:e9:bf:a2:b9:14:dc:04:69:
bd:c0:a7:f0:d0:c7:be:96:88:17:17:1b:c4:31:44:5a:5c:94:
d0:94:74:08:71:d8:f2:04:77:93:d0:5d:69:b4:f6:6b:6a:d9:
68:88:97:0f:aa:1e:d6:f2:32:e6:fa:ee:5d:4e:03:be:64:f8:
20:f0:18:1b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwODEyMTExNzUzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI5ZWY2MS01MTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvxB3knWohhsOB8AQdn93RDV1m9GraD4p6p/qfykkHHcTLemBq0V0yQAOjfJt
VLq5RXhKNkv56WD2XWYDBc0g0tAd3pcZl22jB0izcN//c+3Nls1f+Q1FgulCLics
53klw4dWoyhzrPlhmOhIUSs5OiB0sELcJw9N2NWS3vNBK9yP2H6hu550cpoacwA6
lk6Fph50jaXhXLMDyXIpMx9NhwLWqWahhus3qkVNYIiFbLZiA443RhUxLibw2iks
oFi7b+Aw7QUAwbkEwLhVJ0+MqUZktCxJe3PuBuYIIziPdBGQ//RlcRay0xS1biJK
+OdbqJraewGmmQE7sVirVRb7lQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFECtRJnP
E9oOARXUL3/4UwnF3BTEMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvODQ4QkYwNjQ1
ODlDMTFFRkIwMTA3NjYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAOwIMDBAAOwIcwDQYJKoZIhvcNAQELBQADggEBAKmho/oe
41S8WXELgHPgeGW/YRmPt4Cgw+xhIUpDI/RSynevQn9ZguIV7QJ1xe7fnnvvAg05
A1xupUkaW8tnbezPfXTD857TM1lvd9wjcSd4EUm5ECzuKFhLvaYjor2bHz6NGMwT
nQ5mAzyLmgnyr0C60CPvMWZdmp7RgEn0hpZLaVQBol8m6WMmc0bchefwzcRxnH3g
7sw2kUsTykLi0QMESjfOpmCYM0B1qFK6trk06XTddfwBWY2qyqty6s3pv6K5FNwE
ab3Ap/DQx76WiBcXG8QxRFpclNCUdAhx2PIEd5PQXWm09mtq2WiIlw+qHtbyMub6
7l1OA75k+CDwGBs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:44 2025 by rpki-client