Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/98FAEFDC7B4711EFA58CA312C4F9AE02.roa
File: 98FAEFDC7B4711EFA58CA312C4F9AE02.roa (raw, json)
Hash identifier: /EGruNWXe8DN6oGufznBJ6Om5ygeOUoMBof1dsCZFLM=
Subject key identifier: 78:3E:9F:FD:AD:7C:3A:94:2F:DB:A3:8C:50:57:83:D5:18:AB:6E:31
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0AC6
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/98FAEFDC7B4711EFA58CA312C4F9AE02.roa
Signing time: Wed 25 Sep 2024 14:08:11 +0000
ROA not before: Wed 25 Sep 2024 14:08:11 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/19 maxlen: 19
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 26 Sep 2024 10:47:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2758 (0xac6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Sep 25 14:08:11 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66f4194b-3bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:68:ee:1f:1b:c5:7d:66:b8:36:56:a3:8d:6c:
02:41:6c:3b:af:ca:63:6c:13:30:41:67:a3:a1:ea:
b1:2d:a9:d2:eb:01:19:44:81:b5:54:8c:28:59:b9:
20:09:ed:4d:fa:0f:cf:04:29:6d:5e:3a:17:ec:bc:
d8:e7:38:4f:dc:2f:d8:71:9d:88:79:a0:42:19:a9:
b1:2b:49:43:5e:66:02:ed:45:0d:46:14:db:7d:0b:
61:94:e6:1f:b7:36:e3:25:93:98:f5:64:fd:95:05:
65:8c:9a:c8:85:7e:fd:e9:24:c6:60:31:7e:ec:1d:
f0:be:7f:6a:f4:88:57:31:2e:f1:1b:d8:33:ae:cd:
f2:c3:6a:5e:f3:81:ed:50:4e:49:03:b9:e6:35:4b:
cf:43:48:48:e5:81:f8:05:27:3d:49:40:ea:06:53:
cf:14:dc:23:25:2c:c1:a3:85:e5:e2:c8:91:ac:ba:
cb:b0:e8:b4:f3:86:5c:d5:9f:ef:34:a8:72:02:d9:
be:b3:4b:0b:26:ba:6e:bd:50:8a:8b:a4:50:9e:60:
60:7b:4a:86:71:e5:3f:26:7a:69:92:7c:28:b0:95:
01:2d:44:0c:14:03:ef:f4:44:41:42:06:f7:c9:ec:
f5:de:94:70:7d:6d:f8:1a:e9:4d:9f:c2:93:be:cf:
ec:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3E:9F:FD:AD:7C:3A:94:2F:DB:A3:8C:50:57:83:D5:18:AB:6E:31
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/98FAEFDC7B4711EFA58CA312C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0/24
14.192.135.0-14.192.136.255
14.192.139.0/24
14.192.143.0/24
14.192.146.0/23
14.192.149.0-14.192.150.255
14.192.155.0/24
14.192.159.0/24
43.247.120.0/22
103.20.133.0-103.20.135.255
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
1c:79:e3:c7:31:73:10:0b:0b:d7:ba:bc:83:25:e0:b2:8a:95:
6d:17:d7:b9:b2:9e:0c:3d:b3:82:ab:85:a6:40:03:73:4d:ea:
89:5e:04:46:f2:ee:e6:9c:a7:12:d4:bf:68:d4:17:d9:bb:9b:
fd:cc:bb:40:d6:ca:33:74:9a:46:1f:18:26:08:0a:38:0f:25:
b3:fc:27:f0:cc:f9:e0:3a:22:4a:a9:25:22:d3:e2:fa:c0:23:
65:80:8b:a7:e3:7e:ee:2d:2d:70:21:cd:9b:7f:c1:24:3b:f4:
c1:1e:fa:e6:7f:1b:34:58:f6:96:99:2f:96:1b:d4:52:be:28:
12:50:b1:65:60:d7:6c:1a:67:73:40:3f:fe:15:6e:0a:3f:9d:
49:63:5e:4e:1c:89:82:4b:ea:b1:9d:57:69:66:42:81:2a:be:
b0:fa:12:58:70:ec:31:2e:ad:f8:d5:55:a2:02:cd:71:e1:a1:
ae:3c:bf:82:0c:b0:41:08:61:f6:1d:7f:f8:72:33:aa:12:39:
98:98:c7:c7:5a:e7:81:6e:40:f6:4f:87:a6:a0:b9:6f:f1:c5:
5e:ea:bb:be:a5:d3:9a:d9:2c:ce:2f:2d:60:ac:1f:51:91:0e:
28:e0:9f:d8:57:1a:c5:d5:b4:c5:48:36:f0:fd:7c:7f:a2:4c:
dd:8e:bd:a3
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgICCsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwOTI1MTQwODExWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY0MTk0Yi0zYmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyGjuHxvFfWa4NlajjWwCQWw7r8pjbBMwQWejoeqxLanS6wEZRIG1VIwoWbkg
Ce1N+g/PBCltXjoX7LzY5zhP3C/YcZ2IeaBCGamxK0lDXmYC7UUNRhTbfQthlOYf
tzbjJZOY9WT9lQVljJrIhX796STGYDF+7B3wvn9q9IhXMS7xG9gzrs3yw2pe84Ht
UE5JA7nmNUvPQ0hI5YH4BSc9SUDqBlPPFNwjJSzBo4Xl4siRrLrLsOi084Zc1Z/v
NKhyAtm+s0sLJrpuvVCKi6RQnmBge0qGceU/JnppknwosJUBLUQMFAPv9ERBQgb3
yez13pRwfW34GulNn8KTvs/sqwIDAQABo4IC/zCCAvswHQYDVR0OBBYEFHg+n/2t
fDqUL9ujjFBXg9UYq24xMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvOThGQUVGREM3
QjQ3MTFFRkE1OENBMzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYgGCCsGAQUFBwEHAQH/
BHkwdzBmBAIAATBgAwQBDsCAAwQADsCDMAwDBAAOwIcDBAAOwIgDBAAOwIsDBAAO
wI8DBAEOwJIwDAMEAA7AlQMEAA7AlgMEAA7AmwMEAA7AnwMEAiv3eDAMAwQAZxSF
AwQDZxSAAwQFb1yAMA0EAgACMAcDBQAkA3mAMA0GCSqGSIb3DQEBCwUAA4IBAQAc
eePHMXMQCwvXuryDJeCyipVtF9e5sp4MPbOCq4WmQANzTeqJXgRG8u7mnKcS1L9o
1BfZu5v9zLtA1sozdJpGHxgmCAo4DyWz/CfwzPngOiJKqSUi0+L6wCNlgIun437u
LS1wIc2bf8EkO/TBHvrmfxs0WPaWmS+WG9RSvigSULFlYNdsGmdzQD/+FW4KP51J
Y15OHImCS+qxnVdpZkKBKr6w+hJYcOwxLq341VWiAs1x4aGuPL+CDLBBCGH2HX/4
cjOqEjmYmMfHWueBbkD2T4emoLlv8cVe6ru+pdOa2SzOLy1grB9RkQ4o4J/YVxrF
1bTFSDbw/Xx/okzdjr2j
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:10 2025 by rpki-client