Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/B1DCE1067BF411EF8C595218C4F9AE02.roa
File: B1DCE1067BF411EF8C595218C4F9AE02.roa (raw, json)
Hash identifier: ee+bXgHLydgIyCoAbsdk2HeNTjx41+4hhwRawXZQrbU=
Subject key identifier: 16:4B:57:46:5E:A5:5D:9A:92:B2:20:79:D6:8A:1C:11:31:06:F8:96
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0AC9
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/B1DCE1067BF411EF8C595218C4F9AE02.roa
Signing time: Thu 26 Sep 2024 10:47:16 +0000
ROA not before: Thu 26 Sep 2024 10:47:16 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/19 maxlen: 19
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 26 Sep 2024 15:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2761 (0xac9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Sep 26 10:47:16 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66f53bb4-4267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:28:87:66:0b:e0:c4:0a:e2:dc:4d:a3:47:19:
c1:6e:54:6d:ca:2d:74:80:ba:a0:ce:74:e9:0c:29:
ca:a7:78:69:b9:4e:ff:7f:4f:85:e0:3b:2c:9f:25:
54:02:b3:97:5c:79:2c:f7:d3:12:e3:e4:03:a2:af:
f9:37:4b:13:f3:c7:83:45:6f:65:dc:0a:13:08:f4:
9e:1e:82:7c:2f:d8:3f:b1:f6:7f:ac:29:09:0b:05:
b0:d6:4c:92:85:2b:88:7b:ca:eb:fa:f0:98:37:ac:
4b:ed:0b:88:75:e0:33:61:34:bf:d4:d4:16:a9:72:
c5:8e:58:8b:7e:2e:d5:a7:b1:b6:f4:39:38:c9:cf:
14:e9:56:9d:12:11:90:2b:41:54:9a:92:28:b0:a8:
87:35:3c:77:b7:2c:c0:27:36:4d:00:05:05:55:73:
1a:aa:93:56:d0:5c:c6:37:32:7d:81:fc:3e:4b:8f:
dd:ed:e9:7f:03:7e:ce:18:d4:e3:e7:12:90:d3:d0:
f0:1a:3e:50:14:49:eb:02:22:20:8d:a6:7a:03:9e:
8e:c4:9a:a2:9b:e0:57:9f:cb:62:43:aa:3c:5d:7c:
c9:21:36:27:b6:21:80:1b:46:a3:cd:69:05:17:4a:
41:8c:74:99:8c:b0:89:41:ff:ab:a8:fa:7e:cc:ed:
94:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:4B:57:46:5E:A5:5D:9A:92:B2:20:79:D6:8A:1C:11:31:06:F8:96
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/B1DCE1067BF411EF8C595218C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0/24
14.192.135.0-14.192.136.255
14.192.143.0/24
14.192.146.0/23
14.192.149.0-14.192.150.255
14.192.155.0/24
14.192.159.0/24
43.247.120.0/22
103.20.133.0-103.20.135.255
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
55:2d:f2:33:d4:9e:77:50:12:52:0b:2e:e6:4b:25:78:64:bd:
b6:d4:34:cc:f6:1f:f7:7d:6f:5a:7d:35:5c:9e:18:92:c2:b6:
a2:9b:2a:86:65:9b:28:0f:71:a0:9e:cf:e6:e3:53:58:1a:1c:
1a:c6:bc:89:2e:15:67:ba:2f:7c:73:52:93:40:a7:be:bd:1c:
ef:81:e0:47:07:4f:2d:de:12:51:80:ac:cf:85:99:f4:21:20:
76:f0:20:62:98:c8:60:68:af:fe:51:6b:64:dc:d2:a4:f8:30:
3e:3f:4e:4b:28:35:57:e9:ed:23:3a:39:f2:97:56:e8:3d:a7:
4b:a1:28:3c:05:78:88:95:16:90:ab:4a:01:f3:dc:af:90:cb:
4a:e7:0b:aa:1e:7d:a6:35:47:35:c8:be:3e:00:8e:ca:29:52:
a1:a9:09:40:92:e0:30:98:26:c1:79:c2:c2:7e:46:dd:c0:ab:
ab:b6:df:f5:bb:0f:80:61:40:28:01:03:97:84:c2:d9:25:18:
a5:04:f4:6f:11:7a:53:6b:8c:23:f4:e1:96:15:72:37:e2:f5:
ba:d6:cc:af:86:e0:1a:30:0b:37:81:c5:9b:41:44:1b:7e:60:
15:89:a4:20:db:01:ff:f8:cb:4c:38:81:b2:fe:06:44:ef:5e:
ed:fc:45:a9
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgICCskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwOTI2MTA0NzE2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY1M2JiNC00MjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxCiHZgvgxAri3E2jRxnBblRtyi10gLqgznTpDCnKp3hpuU7/f0+F4DssnyVU
ArOXXHks99MS4+QDoq/5N0sT88eDRW9l3AoTCPSeHoJ8L9g/sfZ/rCkJCwWw1kyS
hSuIe8rr+vCYN6xL7QuIdeAzYTS/1NQWqXLFjliLfi7Vp7G29Dk4yc8U6VadEhGQ
K0FUmpIosKiHNTx3tyzAJzZNAAUFVXMaqpNW0FzGNzJ9gfw+S4/d7el/A37OGNTj
5xKQ09DwGj5QFEnrAiIgjaZ6A56OxJqim+BXn8tiQ6o8XXzJITYntiGAG0ajzWkF
F0pBjHSZjLCJQf+rqPp+zO2UmQIDAQABo4IC+TCCAvUwHQYDVR0OBBYEFBZLV0Ze
pV2akrIgedaKHBExBviWMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQjFEQ0UxMDY3
QkY0MTFFRjhDNTk1MjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYIGCCsGAQUFBwEHAQH/
BHMwcTBgBAIAATBaAwQBDsCAAwQADsCDMAwDBAAOwIcDBAAOwIgDBAAOwI8DBAEO
wJIwDAMEAA7AlQMEAA7AlgMEAA7AmwMEAA7AnwMEAiv3eDAMAwQAZxSFAwQDZxSA
AwQFb1yAMA0EAgACMAcDBQAkA3mAMA0GCSqGSIb3DQEBCwUAA4IBAQBVLfIz1J53
UBJSCy7mSyV4ZL221DTM9h/3fW9afTVcnhiSwraimyqGZZsoD3Ggns/m41NYGhwa
xryJLhVnui98c1KTQKe+vRzvgeBHB08t3hJRgKzPhZn0ISB28CBimMhgaK/+UWtk
3NKk+DA+P05LKDVX6e0jOjnyl1boPadLoSg8BXiIlRaQq0oB89yvkMtK5wuqHn2m
NUc1yL4+AI7KKVKhqQlAkuAwmCbBecLCfkbdwKurtt/1uw+AYUAoAQOXhMLZJRil
BPRvEXpTa4wj9OGWFXI34vW61syvhuAaMAs3gcWbQUQbfmAViaQg2wH/+MtMOIGy
/gZE717t/EWp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:01 2025 by rpki-client