Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/AAA4E1D8A7CB11EF9A4A1B27C4F9AE02.roa
File: AAA4E1D8A7CB11EF9A4A1B27C4F9AE02.roa (raw, json)
Hash identifier: sFrO+dqzV6cMvppkHblsJvNSzFZ50S63sNZzTYcfag4=
Subject key identifier: C6:92:F6:26:2F:41:74:B6:59:78:08:AA:3C:46:49:CA:D7:71:96:BC
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0B85
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/AAA4E1D8A7CB11EF9A4A1B27C4F9AE02.roa
Signing time: Thu 21 Nov 2024 05:44:26 +0000
ROA not before: Thu 21 Nov 2024 05:44:26 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133933
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 14:33:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2949 (0xb85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Nov 21 05:44:26 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=673ec8b9-510b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:cd:58:90:2e:cf:07:b4:2b:b8:69:00:48:10:
5e:0e:98:1a:b4:72:a3:89:1f:6d:fc:ac:33:8e:d4:
47:60:06:18:e3:1a:13:9e:ed:e1:39:fb:22:8d:4f:
30:ba:da:f2:86:fa:5e:cc:57:96:a1:46:9c:6b:0d:
87:69:e5:18:57:62:13:2b:20:dc:77:01:fd:87:4c:
94:a4:e1:87:30:75:f1:3c:7f:0e:2c:4b:f3:12:74:
99:9a:23:54:27:e7:6e:c1:f6:b1:58:45:e3:c5:5b:
01:07:e5:5c:d0:10:44:50:88:3d:32:08:94:8b:a1:
ce:44:e4:a7:bb:37:ab:41:4a:d1:60:94:e7:e2:30:
77:21:ad:8e:b7:08:8b:8c:bb:a5:2b:ee:f5:cd:5a:
85:ef:eb:f3:e6:c2:5e:a8:4c:36:73:c3:3a:76:b7:
4c:20:33:79:59:02:b6:d0:77:14:67:df:9a:01:8b:
33:4d:51:7e:fa:1c:8b:fb:e4:e0:87:50:52:8e:d7:
7b:fc:9d:03:65:ac:94:bb:e4:cf:16:40:bc:29:4e:
ed:23:57:08:e1:34:53:d4:80:1c:f3:73:22:24:26:
2e:e5:db:4a:f5:f0:ca:81:e7:93:f2:ff:e0:33:31:
52:83:91:f3:42:44:f8:5a:00:47:4d:91:a5:98:b4:
5f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:92:F6:26:2F:41:74:B6:59:78:08:AA:3C:46:49:CA:D7:71:96:BC
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/AAA4E1D8A7CB11EF9A4A1B27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0/24
14.192.133.0/24
14.192.136.0/24
14.192.144.0/24
14.192.147.0-14.192.148.255
14.192.153.0/24
14.192.156.0/24
14.192.159.0/24
43.247.120.0-43.247.122.255
103.20.134.0/24
Signature Algorithm: sha256WithRSAEncryption
65:5b:01:3a:a6:f3:c6:7c:ad:8e:50:88:ab:01:2d:8d:f4:0d:
d5:fd:89:f2:cf:ba:ec:f8:3a:0c:37:1c:75:74:da:d5:04:ec:
93:f9:2c:5a:78:ec:20:f2:9c:ce:a4:61:a1:18:a3:10:f1:ef:
3e:f3:74:5d:1f:36:d5:7e:5b:60:5b:71:b7:10:d1:f9:df:a6:
fc:23:2a:72:21:54:8e:0c:27:da:8c:98:1f:72:d0:56:e3:3a:
73:c0:01:58:5d:18:a8:12:32:4a:eb:01:d4:fb:63:70:14:69:
0c:5e:ce:d9:92:77:5b:3d:b7:4f:6d:8b:e5:e4:ea:d9:ee:75:
3f:b3:51:9e:88:3b:74:dd:39:82:c8:20:ad:bf:fc:3c:fd:1c:
bb:51:ad:25:09:eb:22:1c:0a:be:6c:57:0e:11:b1:5b:97:c5:
d8:b0:0f:4f:51:42:8c:c3:18:bd:00:98:76:57:23:8e:32:be:
ca:de:4c:56:0e:6d:85:32:82:09:44:0c:76:e5:41:cb:53:be:
c3:d8:1e:86:7c:91:ec:68:79:8a:3b:f9:58:5f:9c:5d:a9:c7:
fc:f1:3b:7c:de:c3:32:a2:8b:86:07:b8:0b:96:6c:9b:8b:d4:
a3:17:47:22:58:b3:bc:20:96:1f:fb:c1:1a:e4:4a:98:c9:38:
ac:48:11:cf
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICC4UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQxMTIxMDU0NDI2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNlYzhiOS01MTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2M1YkC7PB7QruGkASBBeDpgatHKjiR9t/KwzjtRHYAYY4xoTnu3hOfsijU8w
utryhvpezFeWoUacaw2HaeUYV2ITKyDcdwH9h0yUpOGHMHXxPH8OLEvzEnSZmiNU
J+duwfaxWEXjxVsBB+Vc0BBEUIg9MgiUi6HOROSnuzerQUrRYJTn4jB3Ia2OtwiL
jLulK+71zVqF7+vz5sJeqEw2c8M6drdMIDN5WQK20HcUZ9+aAYszTVF++hyL++Tg
h1BSjtd7/J0DZayUu+TPFkC8KU7tI1cI4TRT1IAc83MiJCYu5dtK9fDKgeeT8v/g
MzFSg5HzQkT4WgBHTZGlmLRfPwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFMaS9iYv
QXS2WXgIqjxGScrXcZa8MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQUFBNEUxRDhB
N0NCMTFFRjlBNEExQjI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMFgEAgABMFIDBAEOwIADBAAOwIMDBAAOwIUDBAAOwIgDBAAOwJAwDAMEAA7A
kwMEAA7AlAMEAA7AmQMEAA7AnAMEAA7AnzAMAwQDK/d4AwQAK/d6AwQAZxSGMA0G
CSqGSIb3DQEBCwUAA4IBAQBlWwE6pvPGfK2OUIirAS2N9A3V/Ynyz7rs+DoMNxx1
dNrVBOyT+SxaeOwg8pzOpGGhGKMQ8e8+83RdHzbVfltgW3G3ENH536b8IypyIVSO
DCfajJgfctBW4zpzwAFYXRioEjJK6wHU+2NwFGkMXs7ZkndbPbdPbYvl5OrZ7nU/
s1GeiDt03TmCyCCtv/w8/Ry7Ua0lCesiHAq+bFcOEbFbl8XYsA9PUUKMwxi9AJh2
VyOOMr7K3kxWDm2FMoIJRAx25UHLU77D2B6GfJHsaHmKO/lYX5xdqcf88Tt83sMy
oouGB7gLlmybi9SjF0ciWLO8IJYf+8Ea5EqYyTisSBHP
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:31:36 2025 by rpki-client