Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/976183AC7B4711EFA58CA312C4F9AE02.roa
File: 976183AC7B4711EFA58CA312C4F9AE02.roa (raw, json)
Hash identifier: EAQZpxmhZqJv3fWL1ksM00yQBIr76KaQjvNfyQnAhZ4=
Subject key identifier: D6:0D:7D:B5:7B:A5:CD:C8:A6:A4:C4:C9:A7:25:D4:01:BE:4F:0D:74
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0AC4
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/976183AC7B4711EFA58CA312C4F9AE02.roa
Signing time: Wed 25 Sep 2024 14:08:09 +0000
ROA not before: Wed 25 Sep 2024 14:08:09 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133933
IP address blocks: 14.192.129.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 15:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2756 (0xac4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Sep 25 14:08:09 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66f41948-9a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a4:d3:a2:b9:49:66:7b:34:5d:06:be:c1:94:
9d:99:2a:77:34:53:1e:ff:f0:29:48:00:7f:40:68:
2c:a2:24:2f:a3:ff:3a:03:7f:a1:de:f6:2e:7c:99:
6d:e2:75:e3:1c:05:a8:f2:ac:96:e0:5a:f3:e6:99:
b5:42:46:ab:fd:94:ba:e3:c6:73:2d:03:28:6b:f7:
21:b8:18:56:1d:77:d6:53:14:3c:08:9f:f6:b0:d3:
f9:02:d0:aa:cd:9d:9d:ea:f4:44:c6:5c:af:d3:f2:
18:7e:ed:4c:9f:86:40:08:41:5a:54:5b:9f:f2:28:
c2:cc:d3:58:48:6d:a5:3d:62:c5:fc:db:79:a5:ed:
ce:f5:3d:07:99:16:15:c5:fd:24:8d:0b:4d:b1:60:
8d:b4:c6:ec:7c:ab:32:08:37:80:1d:2d:3a:ee:0d:
fe:83:6d:8a:88:0c:b8:eb:82:0e:18:dd:b1:bf:4f:
07:38:5e:0a:cf:5f:68:65:d4:39:71:06:cf:49:44:
d9:6f:31:7e:a4:ee:79:73:6c:b5:10:3c:f0:45:1e:
a7:10:9d:7c:6d:25:dd:7b:3b:54:7b:b5:85:6b:79:
02:66:92:7a:61:10:20:de:2f:52:7e:83:3e:3e:ba:
e3:f6:e9:b9:09:08:a1:fa:0d:8b:a3:7e:9f:08:b0:
01:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0D:7D:B5:7B:A5:CD:C8:A6:A4:C4:C9:A7:25:D4:01:BE:4F:0D:74
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/976183AC7B4711EFA58CA312C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.129.0/24
43.247.120.0/22
103.20.133.0-103.20.135.255
Signature Algorithm: sha256WithRSAEncryption
57:26:8e:9e:ac:f1:89:89:ff:e6:10:7a:eb:e3:2c:48:0f:41:
c9:a6:94:4f:c3:fe:6f:09:23:d9:c6:0a:36:d9:13:2d:08:7b:
41:fc:da:b9:3f:e5:d4:6c:ec:c6:11:30:30:c0:19:8d:d4:d9:
bd:d7:e2:ee:39:92:11:37:a6:ad:c8:c5:69:de:ac:04:07:b5:
57:3b:ac:c7:1b:ef:ad:86:ff:b7:91:a5:57:3a:25:6d:d6:74:
f2:ff:50:61:99:a6:5a:e3:e7:8a:ea:38:88:ea:c2:b6:a2:be:
40:1e:36:91:76:fb:83:22:c8:2f:15:7b:52:db:c3:3f:19:26:
94:36:60:d6:ff:70:f9:17:e0:10:e7:d9:73:66:3b:aa:0d:92:
0c:0c:af:55:76:e7:ec:09:22:a2:30:67:64:3d:99:4a:46:ae:
ae:b2:cb:83:73:f6:a9:66:73:04:e7:9e:e3:20:83:e0:93:39:
44:53:90:76:4a:f6:fc:6e:67:3a:85:9d:0f:45:c0:85:45:bc:
cb:70:80:19:60:c6:f5:e5:c5:5d:91:76:d7:7b:7f:54:80:e6:
07:ab:da:96:2e:1a:27:fa:89:b0:b2:d7:cc:f2:cc:c6:61:7d:
52:50:9e:18:e9:19:1b:f3:57:2f:6c:0f:02:54:40:ad:e7:a7:
e9:db:22:86
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCsQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwOTI1MTQwODA5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY0MTk0OC05YTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz6TTorlJZns0XQa+wZSdmSp3NFMe//ApSAB/QGgsoiQvo/86A3+h3vYufJlt
4nXjHAWo8qyW4Frz5pm1Qkar/ZS648ZzLQMoa/chuBhWHXfWUxQ8CJ/2sNP5AtCq
zZ2d6vRExlyv0/IYfu1Mn4ZACEFaVFuf8ijCzNNYSG2lPWLF/Nt5pe3O9T0HmRYV
xf0kjQtNsWCNtMbsfKsyCDeAHS067g3+g22KiAy464IOGN2xv08HOF4Kz19oZdQ5
cQbPSUTZbzF+pO55c2y1EDzwRR6nEJ18bSXdeztUe7WFa3kCZpJ6YRAg3i9SfoM+
Prrj9um5CQih+g2Lo36fCLAB+QIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFNYNfbV7
pc3IpqTEyacl1AG+Tw10MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvOTc2MTgzQUM3
QjQ3MTFFRkE1OENBMzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAAOwIEDBAIr93gwDAMEAGcUhQMEA2cUgDANBgkqhkiG9w0B
AQsFAAOCAQEAVyaOnqzxiYn/5hB66+MsSA9ByaaUT8P+bwkj2cYKNtkTLQh7Qfza
uT/l1GzsxhEwMMAZjdTZvdfi7jmSETemrcjFad6sBAe1VzusxxvvrYb/t5GlVzol
bdZ08v9QYZmmWuPniuo4iOrCtqK+QB42kXb7gyLILxV7UtvDPxkmlDZg1v9w+Rfg
EOfZc2Y7qg2SDAyvVXbn7AkiojBnZD2ZSkaurrLLg3P2qWZzBOee4yCD4JM5RFOQ
dkr2/G5nOoWdD0XAhUW8y3CAGWDG9eXFXZF213t/VIDmB6vali4aJ/qJsLLXzPLM
xmF9UlCeGOkZG/NXL2wPAlRAreen6dsihg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:12 2025 by rpki-client