Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/975A0050392A11EFAD08EA5FC4F9AE02.roa
File: 975A0050392A11EFAD08EA5FC4F9AE02.roa (raw, json)
Hash identifier: TgKfSMGKEkp+n9wqKV6ZRICqt/kTZhb2uZVObnNqIKc=
Subject key identifier: 28:36:41:61:2F:C2:5A:4E:1B:F7:09:1D:63:11:AB:F2:7D:48:73:C7
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 09F0
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/975A0050392A11EFAD08EA5FC4F9AE02.roa
Signing time: Wed 03 Jul 2024 10:54:17 +0000
ROA not before: Wed 03 Jul 2024 10:54:16 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 141421
IP address blocks: 14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jul 2024 10:56:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2544 (0x9f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jul 3 10:54:16 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66852dd8-196b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c0:3c:e1:b0:ff:b7:37:a2:ba:c9:dc:ba:bb:
8b:e1:af:d5:f2:c1:20:5a:a6:8a:a1:46:09:b1:00:
28:e9:8b:41:26:89:12:ff:72:d8:e1:dc:d7:61:28:
e3:87:ea:a5:a2:eb:5f:59:90:60:3e:b7:01:bd:0b:
8d:11:d6:7e:35:1a:da:64:d1:8c:92:0f:6c:b2:37:
ac:23:71:1a:ea:e2:f4:46:7b:8e:f9:67:c0:94:49:
03:92:4e:7b:da:00:1c:40:91:0b:dc:00:50:a2:a2:
f9:15:e7:ba:54:05:67:be:dd:41:b2:42:21:94:89:
3c:02:be:98:bf:bc:b8:1b:38:e9:76:d9:19:a7:58:
fd:25:c1:5b:50:54:d7:96:ef:e3:d1:b7:3f:c9:c8:
d8:c4:f2:fd:83:e0:d5:16:de:92:33:30:7b:b3:74:
27:4d:ad:77:63:aa:c5:b3:a1:d0:e9:4a:c4:e5:94:
cd:d5:7b:bf:65:11:eb:a8:40:25:60:16:d2:ce:6c:
d8:ea:df:3c:44:a0:00:c1:cc:d5:2c:fe:e2:c0:7d:
8b:6e:51:14:f9:85:f5:ed:21:2a:ea:23:af:7b:e3:
af:a2:80:27:01:35:b7:c4:2e:e3:1a:5b:bb:0d:f6:
b8:8e:84:fe:33:7f:43:7c:57:13:e5:1f:3f:55:c9:
26:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:36:41:61:2F:C2:5A:4E:1B:F7:09:1D:63:11:AB:F2:7D:48:73:C7
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/975A0050392A11EFAD08EA5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.130.0/23
Signature Algorithm: sha256WithRSAEncryption
58:ed:90:9d:22:f3:2f:e8:99:83:2f:f7:92:90:5c:1d:94:94:
94:4b:7a:0f:e3:af:d3:2f:9d:72:90:5a:c1:09:d5:7a:83:fb:
bc:91:84:f6:7a:86:b5:fc:0d:2a:e5:37:06:62:73:9c:11:56:
dc:59:71:1a:b9:45:a9:b3:ea:68:c8:c9:ba:b6:97:03:5e:21:
c9:5b:6d:7b:8f:6e:4a:40:46:3a:53:58:2c:52:de:3b:90:c3:
1f:96:58:0f:b9:3c:d9:97:f1:07:59:15:7a:52:82:d5:17:42:
c8:da:29:1d:7e:d0:48:96:ae:1d:65:04:b1:5a:ac:76:04:a8:
47:fb:96:c1:c0:0a:90:92:90:c6:70:65:9f:1d:50:1c:26:60:
62:aa:9f:05:0e:fb:f5:6b:a9:43:5b:4c:50:90:56:db:5a:80:
5b:1b:84:bc:92:f5:f3:71:4a:8d:ec:94:7e:74:90:49:46:34:
37:90:43:ac:a1:49:11:05:cd:fd:e0:20:15:a6:6b:44:e4:56:
1d:dc:a3:f8:20:f7:c5:a5:ef:7c:ee:fd:73:59:a7:7e:62:89:
ab:92:33:6a:d8:f5:1d:13:41:c9:29:41:b0:d1:f4:fb:08:9e:
9f:79:a6:13:11:a1:18:00:9b:d2:c9:eb:f1:85:76:9c:cd:c5:
4a:f0:85:4f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCfAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwNzAzMTA1NDE2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg1MmRkOC0xOTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzMA84bD/tzeiusncuruL4a/V8sEgWqaKoUYJsQAo6YtBJokS/3LY4dzXYSjj
h+qloutfWZBgPrcBvQuNEdZ+NRraZNGMkg9ssjesI3Ea6uL0RnuO+WfAlEkDkk57
2gAcQJEL3ABQoqL5Fee6VAVnvt1BskIhlIk8Ar6Yv7y4GzjpdtkZp1j9JcFbUFTX
lu/j0bc/ycjYxPL9g+DVFt6SMzB7s3QnTa13Y6rFs6HQ6UrE5ZTN1Xu/ZRHrqEAl
YBbSzmzY6t88RKAAwczVLP7iwH2LblEU+YX17SEq6iOve+OvooAnATW3xC7jGlu7
Dfa4joT+M39DfFcT5R8/VckmqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCg2QWEv
wlpOG/cJHWMRq/J9SHPHMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvOTc1QTAwNTAz
OTJBMTFFRkFEMDhFQTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEOwIIwDQYJKoZIhvcNAQELBQADggEBAFjtkJ0i8y/omYMv
95KQXB2UlJRLeg/jr9MvnXKQWsEJ1XqD+7yRhPZ6hrX8DSrlNwZic5wRVtxZcRq5
Ramz6mjIybq2lwNeIclbbXuPbkpARjpTWCxS3juQwx+WWA+5PNmX8QdZFXpSgtUX
QsjaKR1+0EiWrh1lBLFarHYEqEf7lsHACpCSkMZwZZ8dUBwmYGKqnwUO+/VrqUNb
TFCQVttagFsbhLyS9fNxSo3slH50kElGNDeQQ6yhSREFzf3gIBWma0TkVh3co/gg
98Wl73zu/XNZp35iiauSM2rY9R0TQckpQbDR9PsInp95phMRoRgAm9LJ6/GFdpzN
xUrwhU8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:51 2025 by rpki-client