Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/865AF3C2860F11EFB2270F39C4F9AE02.roa
File: 865AF3C2860F11EFB2270F39C4F9AE02.roa (raw, json)
Hash identifier: zw8eqfQFA8uIgeJ7mHn/gadU5he8hafLZM0SQh0nAbg=
Subject key identifier: 40:26:0F:4A:A2:D7:D0:07:66:9F:38:E9:F3:65:A2:94:D0:DE:0A:1C
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0B5B
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/865AF3C2860F11EFB2270F39C4F9AE02.roa
Signing time: Tue 05 Nov 2024 08:01:31 +0000
ROA not before: Tue 05 Nov 2024 08:01:31 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133933
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 05:44:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2907 (0xb5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Nov 5 08:01:31 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6729d0da-47bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e8:93:d0:95:06:f7:04:1e:e9:8e:b3:dc:7f:
43:70:af:f2:89:d4:ec:4b:c7:ac:8d:7e:ab:f5:44:
cf:f5:40:48:de:96:50:34:f2:9b:00:73:d4:12:a8:
f5:1b:03:98:4d:f7:c4:2b:b6:21:de:63:ff:22:8f:
1b:ff:0a:ce:18:f5:4d:1f:c2:49:28:63:ba:20:50:
b1:19:6b:41:1d:35:ff:bb:a0:8c:aa:f0:9f:25:f6:
2c:08:49:fd:d3:74:c4:e6:a2:02:53:f9:ae:ba:87:
b5:a0:ee:be:8a:90:6b:c6:69:73:30:6a:af:e1:f5:
be:92:77:7f:76:16:6e:81:95:06:a4:8f:38:3e:5f:
19:a1:6f:0d:86:41:39:4d:e0:f8:c7:d1:f9:a8:a6:
6b:ad:ac:79:fd:9d:f8:ff:81:6b:94:e3:eb:66:3b:
2a:a1:27:86:96:20:7d:f9:c4:e3:5b:6a:8d:11:a2:
93:91:1b:63:5a:17:0f:59:7f:e2:d0:ca:de:62:17:
07:2f:31:2e:96:7e:65:17:38:b3:1b:61:45:ce:98:
95:6c:ba:50:71:9f:02:1d:bf:55:0a:0e:1b:90:1c:
f5:a6:0d:26:1f:97:21:40:94:23:5a:f6:e0:99:08:
d5:7a:ab:da:fb:20:a9:7c:8f:a1:cd:d8:8b:8c:03:
e0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:26:0F:4A:A2:D7:D0:07:66:9F:38:E9:F3:65:A2:94:D0:DE:0A:1C
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/865AF3C2860F11EFB2270F39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0/24
14.192.133.0/24
14.192.136.0/24
14.192.144.0/24
14.192.147.0-14.192.148.255
14.192.153.0/24
14.192.156.0/23
14.192.159.0/24
43.247.120.0-43.247.122.255
103.20.134.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:85:b8:3b:e7:08:67:92:1f:b4:10:6d:f3:00:be:17:2e:9a:
89:ae:8b:e6:8e:5f:d7:1f:2f:c5:ad:bf:88:4e:94:b5:98:8e:
8d:f2:c5:31:e9:d1:6e:fc:19:8e:55:ef:cd:2c:ba:c3:9f:56:
56:e8:9b:f8:8a:02:2e:7d:3f:f5:35:52:2d:9c:61:8c:29:d9:
8c:6c:2d:94:13:d6:24:fc:6a:62:78:aa:9d:3f:11:b0:52:eb:
89:fc:8f:dc:6c:b0:cc:86:44:24:4b:36:fb:b7:42:17:17:6e:
99:b1:79:59:7b:02:2a:5e:f5:59:ba:47:33:7a:5e:ab:be:0e:
1a:30:eb:45:b3:d0:65:d7:97:1a:a5:b5:23:ed:48:af:ba:21:
52:fa:ac:f3:4a:ec:40:aa:54:70:d9:b6:dc:02:23:07:56:c2:
02:c1:93:7f:30:f5:a6:47:fb:3d:3a:ac:fd:cb:6a:da:6a:7b:
15:82:36:6c:3e:16:a5:af:32:4e:73:89:c9:80:e7:37:a0:25:
45:1d:b0:a9:d4:4d:ef:5e:3c:a7:7c:be:be:9f:c9:91:a7:66:
07:72:db:8a:6f:de:7f:f3:09:e3:67:eb:d2:2b:f3:78:9e:4c:
2c:87:c6:ef:e2:63:86:ea:b4:a0:97:97:f2:b4:ef:aa:fa:03:
4f:4a:46:50
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICC1swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQxMTA1MDgwMTMxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI5ZDBkYS00N2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6uiT0JUG9wQe6Y6z3H9DcK/yidTsS8esjX6r9UTP9UBI3pZQNPKbAHPUEqj1
GwOYTffEK7Yh3mP/Io8b/wrOGPVNH8JJKGO6IFCxGWtBHTX/u6CMqvCfJfYsCEn9
03TE5qICU/muuoe1oO6+ipBrxmlzMGqv4fW+knd/dhZugZUGpI84Pl8ZoW8NhkE5
TeD4x9H5qKZrrax5/Z34/4FrlOPrZjsqoSeGliB9+cTjW2qNEaKTkRtjWhcPWX/i
0MreYhcHLzEuln5lFzizG2FFzpiVbLpQcZ8CHb9VCg4bkBz1pg0mH5chQJQjWvbg
mQjVeqva+yCpfI+hzdiLjAPgPQIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFEAmD0qi
19AHZp846fNlopTQ3gocMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvODY1QUYzQzI4
NjBGMTFFRkIyMjcwRjM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMFgEAgABMFIDBAEOwIADBAAOwIMDBAAOwIUDBAAOwIgDBAAOwJAwDAMEAA7A
kwMEAA7AlAMEAA7AmQMEAQ7AnAMEAA7AnzAMAwQDK/d4AwQAK/d6AwQAZxSGMA0G
CSqGSIb3DQEBCwUAA4IBAQAqhbg75whnkh+0EG3zAL4XLpqJrovmjl/XHy/Frb+I
TpS1mI6N8sUx6dFu/BmOVe/NLLrDn1ZW6Jv4igIufT/1NVItnGGMKdmMbC2UE9Yk
/GpieKqdPxGwUuuJ/I/cbLDMhkQkSzb7t0IXF26ZsXlZewIqXvVZukczel6rvg4a
MOtFs9Bl15capbUj7UivuiFS+qzzSuxAqlRw2bbcAiMHVsICwZN/MPWmR/s9Oqz9
y2raansVgjZsPhalrzJOc4nJgOc3oCVFHbCp1E3vXjynfL6+n8mRp2YHctuKb95/
8wnjZ+vSK/N4nkwsh8bv4mOG6rSgl5fytO+q+gNPSkZQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:02 2025 by rpki-client