Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/887B5B004AE411ED8C2F4A49C4F9AE02.roa
File: 887B5B004AE411ED8C2F4A49C4F9AE02.roa (raw, json)
Hash identifier: Lb9Q8N0Kk5nz3/cWBXeU+an5Lxi500TMWe9lnBLNMo4=
Subject key identifier: 79:46:2D:7E:EF:F4:28:B0:12:34:98:7D:2F:0D:06:2B:68:69:FE:45
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 07EF
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/887B5B004AE411ED8C2F4A49C4F9AE02.roa
Signing time: Fri 02 Dec 2022 10:47:56 +0000
ROA not before: Fri 02 Dec 2022 10:47:56 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/24 maxlen: 24
111.92.129.0/24 maxlen: 24
111.92.130.0/24 maxlen: 24
111.92.131.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.133.0/24 maxlen: 24
111.92.134.0/24 maxlen: 24
111.92.135.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.137.0/24 maxlen: 24
111.92.138.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.140.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.144.0/24 maxlen: 24
111.92.145.0/24 maxlen: 24
111.92.146.0/24 maxlen: 24
111.92.147.0/24 maxlen: 24
111.92.148.0/24 maxlen: 24
111.92.149.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
111.92.151.0/24 maxlen: 24
111.92.152.0/24 maxlen: 24
111.92.153.0/24 maxlen: 24
111.92.154.0/24 maxlen: 24
111.92.155.0/24 maxlen: 24
111.92.156.0/24 maxlen: 24
111.92.157.0/24 maxlen: 24
111.92.158.0/24 maxlen: 24
111.92.159.0/24 maxlen: 24
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2031 (0x7ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Dec 2 10:47:56 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=6389d7dc-b28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:61:13:f6:83:bf:67:04:9d:e2:7d:26:8e:db:
28:af:c0:13:7a:2e:64:58:57:e2:98:59:88:0a:a4:
b1:e0:11:d1:13:c0:7f:d5:c4:11:2d:dd:fa:de:4a:
ae:02:46:5e:a6:23:59:ea:ee:36:f3:a3:b7:b8:7f:
f5:b7:b8:0a:3d:f0:48:a7:b0:33:ca:43:dc:f5:3c:
55:b0:02:95:a2:c4:98:40:10:8b:c4:44:6b:f5:9e:
06:f0:61:5d:1a:58:de:fa:8e:72:9c:00:64:71:f1:
66:fd:fd:12:84:cd:23:dc:a8:1b:92:07:fe:69:18:
8f:c9:c0:3b:b9:9e:b1:0d:8f:29:62:12:0e:c3:12:
73:b7:2e:12:f2:e5:b8:6a:f3:83:22:83:21:a5:25:
f3:e1:45:9f:52:8a:01:41:58:3b:51:ee:26:94:14:
13:0b:66:db:09:8c:35:cb:35:a8:66:65:5d:98:1a:
52:61:18:90:c3:a8:58:72:59:54:a2:49:61:a9:a8:
3e:80:65:7e:56:68:cb:79:01:54:1a:f9:c2:eb:c9:
1d:6c:37:d6:8b:b6:c8:37:66:fd:f0:42:2d:30:c1:
7b:51:87:89:2b:03:8b:36:c9:31:2a:29:5f:e5:a9:
f6:19:f5:5d:fd:5a:14:6a:73:2d:6a:3e:6e:2c:45:
eb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:46:2D:7E:EF:F4:28:B0:12:34:98:7D:2F:0D:06:2B:68:69:FE:45
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/887B5B004AE411ED8C2F4A49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/19
43.247.120.0/22
103.20.132.0/22
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
96:75:16:a4:90:71:86:c0:ce:95:d9:6f:81:bd:54:1a:95:6d:
85:4c:79:d4:82:fb:ed:79:4f:74:93:a7:42:7e:0b:10:42:6d:
58:1e:37:64:f6:98:60:f6:0e:e6:f1:59:03:3c:3f:03:1e:1e:
67:34:2d:bd:81:9c:22:dc:e3:94:b6:1f:8d:38:ba:92:5b:19:
f1:0f:ce:91:73:5d:2a:89:c5:7c:11:ee:da:54:fb:1c:d0:0f:
a8:34:8a:23:2c:c5:83:4a:8d:3c:4c:98:4d:db:65:0e:4d:f4:
8c:91:c9:bc:61:1c:a9:69:60:ca:e7:80:54:58:60:26:81:4b:
07:1c:a5:b8:7e:a5:f8:7f:bf:7d:05:98:0b:5e:88:91:8a:1d:
ae:16:dd:ff:12:f9:62:3c:b7:98:fe:c4:f4:5e:37:45:c7:13:
e4:b9:a6:96:e9:98:7f:f9:67:2e:25:f6:1e:be:28:1d:09:18:
9a:d3:6c:e6:52:88:e2:51:f9:a8:14:52:5e:08:85:48:36:98:
c0:e1:5c:c0:c8:06:da:97:fd:01:df:cc:da:5d:e5:96:9f:ce:
83:b3:c4:0b:c9:d0:86:70:d3:04:76:a4:50:8d:6e:47:d4:e4:
5a:6a:1e:96:8e:a5:a1:99:6e:6e:ad:b1:e6:a9:cd:f7:4b:09:
d2:e3:cb:f2
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICB+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjIxMjAyMTA0NzU2WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzg5ZDdkYy1iMjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtWET9oO/ZwSd4n0mjtsor8ATei5kWFfimFmICqSx4BHRE8B/1cQRLd363kqu
AkZepiNZ6u4286O3uH/1t7gKPfBIp7AzykPc9TxVsAKVosSYQBCLxERr9Z4G8GFd
Glje+o5ynABkcfFm/f0ShM0j3Kgbkgf+aRiPycA7uZ6xDY8pYhIOwxJzty4S8uW4
avODIoMhpSXz4UWfUooBQVg7Ue4mlBQTC2bbCYw1yzWoZmVdmBpSYRiQw6hYcllU
oklhqag+gGV+VmjLeQFUGvnC68kdbDfWi7bIN2b98EItMMF7UYeJKwOLNskxKilf
5an2GfVd/VoUanMtaj5uLEXr3QIDAQABo4ICtjCCArIwHQYDVR0OBBYEFHlGLX7v
9CiwEjSYfS8NBitoaf5FMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvODg3QjVCMDA0
QUU0MTFFRDhDMkY0QTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAUOwIADBAIr93gDBAJnFIQDBAVvXIAwDQQCAAIwBwMFACQD
eYAwDQYJKoZIhvcNAQELBQADggEBAJZ1FqSQcYbAzpXZb4G9VBqVbYVMedSC++15
T3STp0J+CxBCbVgeN2T2mGD2DubxWQM8PwMeHmc0Lb2BnCLc45S2H404upJbGfEP
zpFzXSqJxXwR7tpU+xzQD6g0iiMsxYNKjTxMmE3bZQ5N9IyRybxhHKlpYMrngFRY
YCaBSwccpbh+pfh/v30FmAteiJGKHa4W3f8S+WI8t5j+xPReN0XHE+S5ppbpmH/5
Zy4l9h6+KB0JGJrTbOZSiOJR+agUUl4IhUg2mMDhXMDIBtqX/QHfzNpd5ZafzoOz
xAvJ0IZw0wR2pFCNbkfU5FpqHpaOpaGZbm6tseapzfdLCdLjy/I=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:40 2023 by rpki-client on console-ams.rpki-client.org