Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/9A9CB7E65A7011EFBD46321FC4F9AE02.roa
File: 9A9CB7E65A7011EFBD46321FC4F9AE02.roa (raw, json)
Hash identifier: 8iDOM7+eCsV+nv5Ph8J1gSPtnLiOzhILMKkRFnT/JlQ=
Subject key identifier: 23:7A:E0:C2:20:25:CA:E0:4E:85:4A:13:4B:42:1D:AA:5D:EB:CC:17
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0A7A
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/9A9CB7E65A7011EFBD46321FC4F9AE02.roa
Signing time: Wed 14 Aug 2024 19:08:35 +0000
ROA not before: Wed 14 Aug 2024 19:08:35 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/19 maxlen: 19
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 16 Aug 2024 06:57:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2682 (0xa7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Aug 14 19:08:35 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66bd00b3-ac25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0c:22:b2:40:e4:8a:62:ea:d6:c4:31:76:c7:
20:b0:4f:78:15:bd:8e:52:81:a6:0a:a0:3f:4b:66:
6b:70:e7:21:24:84:d1:fb:31:81:cc:e9:ad:84:c4:
d6:62:5a:3f:44:5c:e8:f0:bc:87:1b:29:7d:ca:25:
4f:e2:aa:65:dd:40:15:98:96:ce:47:e3:73:23:12:
4f:b4:f7:2a:b1:69:13:6e:b3:e6:d9:d5:51:19:94:
4c:b7:99:94:19:d2:78:bd:29:81:7a:17:a5:da:90:
99:df:bb:51:dc:8f:c2:ef:8d:33:0d:dd:2e:a0:0a:
ed:4d:ec:e2:ae:0a:bd:7f:73:c4:d5:22:1e:65:ec:
c6:3b:5d:8c:ec:3f:2f:22:1c:42:02:12:9b:97:9a:
e8:78:73:ce:85:93:b9:b8:49:24:74:5f:2f:7b:84:
2a:30:45:bb:03:dd:bf:da:e6:0e:d1:a9:7b:90:4a:
29:45:e8:08:67:9d:37:f2:c1:f9:51:68:15:13:1e:
47:9f:ba:f7:a0:da:b5:66:df:2a:ac:b1:8a:bd:8a:
ed:2f:a2:5f:21:6a:f4:0f:10:76:9e:d7:dd:ae:f8:
3b:1e:aa:9a:0a:4d:e8:98:b7:39:ec:d1:0d:fe:f3:
7e:93:36:72:f1:3c:9f:f1:20:1e:84:bc:ac:19:89:
cc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7A:E0:C2:20:25:CA:E0:4E:85:4A:13:4B:42:1D:AA:5D:EB:CC:17
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/9A9CB7E65A7011EFBD46321FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.129.0/24
14.192.131.0-14.192.133.255
14.192.135.0-14.192.136.255
14.192.139.0/24
14.192.145.0-14.192.147.255
14.192.149.0-14.192.150.255
14.192.155.0/24
14.192.159.0/24
43.247.120.0/22
103.20.132.0/22
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
22:06:db:3b:85:85:73:3d:8f:7e:31:31:d2:77:c4:a0:b8:19:
c2:de:58:e3:a8:6d:9b:bc:d3:09:f7:93:ea:d2:1f:56:20:36:
7d:81:84:d7:d0:4d:39:3f:22:22:35:c5:5f:32:71:2a:58:e4:
68:9c:30:3d:67:c9:64:c1:8b:fb:6d:2a:e8:28:f4:1f:09:bf:
c3:50:2e:4e:06:f6:c3:71:7a:3a:6c:9e:1b:fa:79:78:b8:0b:
63:af:0b:cb:ba:38:ee:7b:49:9c:92:fa:fa:4e:21:d6:33:e4:
81:a7:61:a0:ed:e0:1a:64:88:4c:a9:f6:48:e8:a2:48:60:06:
59:ed:01:6f:1c:7e:52:5d:c7:57:38:23:df:e1:4a:c3:d9:e9:
45:51:1c:1f:16:7e:03:91:e5:fc:92:60:c5:ce:1f:56:2b:11:
56:1c:e0:38:d3:21:f8:87:9d:1e:dc:77:10:94:2e:3b:f4:76:
fe:d8:47:3b:d7:e3:b7:26:09:00:27:36:5c:ea:93:63:4c:d8:
41:98:63:3b:67:8b:75:a9:61:8c:de:bf:04:9b:9f:5d:4b:62:
9c:90:70:c5:8f:7a:d2:af:24:93:63:59:d7:37:50:46:5a:37:
34:a2:cf:d4:cd:4e:6e:52:de:05:ba:33:57:05:6d:92:2d:14:
c9:92:75:e3
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgICCnowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwODE0MTkwODM1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJkMDBiMy1hYzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvwwiskDkimLq1sQxdscgsE94Fb2OUoGmCqA/S2ZrcOchJITR+zGBzOmthMTW
Ylo/RFzo8LyHGyl9yiVP4qpl3UAVmJbOR+NzIxJPtPcqsWkTbrPm2dVRGZRMt5mU
GdJ4vSmBehel2pCZ37tR3I/C740zDd0uoArtTezirgq9f3PE1SIeZezGO12M7D8v
IhxCAhKbl5roeHPOhZO5uEkkdF8ve4QqMEW7A92/2uYO0al7kEopRegIZ5038sH5
UWgVEx5Hn7r3oNq1Zt8qrLGKvYrtL6JfIWr0DxB2ntfdrvg7HqqaCk3omLc57NEN
/vN+kzZy8Tyf8SAehLysGYnMbQIDAQABo4IDATCCAv0wHQYDVR0OBBYEFCN64MIg
JcrgToVKE0tCHapd68wXMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvOUE5Q0I3RTY1
QTcwMTFFRkJENDYzMjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYoGCCsGAQUFBwEHAQH/
BHsweTBoBAIAATBiAwQADsCBMAwDBAAOwIMDBAEOwIQwDAMEAA7AhwMEAA7AiAME
AA7AizAMAwQADsCRAwQCDsCQMAwDBAAOwJUDBAAOwJYDBAAOwJsDBAAOwJ8DBAIr
93gDBAJnFIQDBAVvXIAwDQQCAAIwBwMFACQDeYAwDQYJKoZIhvcNAQELBQADggEB
ACIG2zuFhXM9j34xMdJ3xKC4GcLeWOOobZu80wn3k+rSH1YgNn2BhNfQTTk/IiI1
xV8ycSpY5GicMD1nyWTBi/ttKugo9B8Jv8NQLk4G9sNxejpsnhv6eXi4C2OvC8u6
OO57SZyS+vpOIdYz5IGnYaDt4BpkiEyp9kjookhgBlntAW8cflJdx1c4I9/hSsPZ
6UVRHB8WfgOR5fySYMXOH1YrEVYc4DjTIfiHnR7cdxCULjv0dv7YRzvX47cmCQAn
Nlzqk2NM2EGYYztni3WpYYzevwSbn11LYpyQcMWPetKvJJNjWdc3UEZaNzSiz9TN
Tm5S3gW6M1cFbZItFMmSdeM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:52 2025 by rpki-client