Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/BE165720C08911EFBC44AE3CC4F9AE02.roa
File: BE165720C08911EFBC44AE3CC4F9AE02.roa (raw, json)
Hash identifier: JoFfWy6qs/RMoFZ0SaUyUCkPawWW81LZNSMHYly38Pw=
Subject key identifier: E9:44:7A:19:A4:C5:04:4A:82:BB:46:DF:9F:AF:F7:F6:B0:A2:B5:5E
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0BCA
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/BE165720C08911EFBC44AE3CC4F9AE02.roa
Signing time: Wed 01 Jan 2025 05:06:15 +0000
ROA not before: Wed 01 Jan 2025 05:06:15 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133933
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 19:52:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3018 (0xbca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jan 1 05:06:15 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6774cd46-9855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0e:13:11:01:8e:83:b6:71:21:9a:6e:02:25:
07:32:6e:0a:76:eb:fc:a7:f1:df:9b:76:41:e8:a4:
94:a7:8d:d2:8f:87:62:9b:ba:1b:50:3d:b4:fb:4f:
a2:3d:5b:38:41:e6:89:75:d6:d4:ac:c1:44:3d:05:
79:76:41:1e:b3:9f:0b:7f:79:3a:2f:46:95:b0:d0:
c2:6c:08:85:d2:b4:7d:ba:56:5c:b2:a3:74:7b:08:
da:58:e0:6b:de:2c:4b:d6:a9:b3:40:83:b8:48:74:
df:07:bd:4e:27:cc:ca:01:fd:64:69:0c:5e:e5:7d:
09:66:d3:f5:dd:70:fd:20:ea:fc:5e:52:6a:62:4a:
38:47:54:1f:22:7f:96:a3:9d:2d:32:db:6b:af:20:
37:98:c1:15:47:80:0b:09:93:37:52:67:56:38:81:
1a:84:f9:d3:6d:c9:4e:ab:be:55:ee:14:70:39:a1:
da:23:b4:32:92:b2:4e:43:50:34:9c:13:d5:bd:68:
4f:b8:51:94:f5:f9:ea:34:24:9b:8e:fa:87:c3:59:
eb:4d:8c:47:44:a8:8f:c2:1d:66:94:0b:ed:ff:1d:
34:90:59:c8:9d:73:dd:5b:93:02:a8:a1:c4:b1:00:
fa:72:ae:24:73:01:b4:79:3d:98:97:0a:3c:89:28:
da:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:44:7A:19:A4:C5:04:4A:82:BB:46:DF:9F:AF:F7:F6:B0:A2:B5:5E
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/BE165720C08911EFBC44AE3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.133.0/24
14.192.136.0/23
14.192.146.0-14.192.148.255
14.192.156.0/23
14.192.159.0/24
43.247.120.0-43.247.122.255
103.20.134.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:92:9e:be:43:65:11:4b:f9:c9:a2:1d:68:c6:df:fa:6e:93:
48:57:5e:26:7a:65:8e:06:20:b2:38:07:1f:d0:18:81:22:7f:
ec:b0:08:15:53:94:a3:27:b9:dd:03:53:73:e9:9c:dd:87:f6:
38:30:44:9b:c7:03:c5:24:b2:a4:e8:a8:41:f0:87:cd:6a:3a:
02:d9:f5:30:b1:09:b8:20:bc:9f:5e:41:18:f0:cb:28:5b:da:
03:d6:59:ec:6a:44:2d:6f:48:16:d3:11:ab:03:39:5d:0e:66:
b6:5b:d3:76:ee:08:18:0a:7f:68:c5:83:e4:ca:fc:d1:3e:f1:
59:65:f9:67:a7:94:8f:03:ba:d9:7f:12:3c:bc:e9:b0:a5:07:
d2:4e:1d:e6:af:18:7d:52:48:f9:e9:3d:18:65:5a:3f:69:a5:
40:dd:50:d8:04:c0:cf:85:46:bf:f7:02:a5:44:87:82:61:5a:
48:f7:62:7c:c8:44:1c:19:3a:63:64:e3:31:e6:ee:7b:3d:d0:
b0:14:bf:3d:32:f8:40:54:63:e6:c9:15:88:8c:26:f1:ae:01:
04:24:74:a0:41:54:f4:8e:f3:20:de:18:33:88:b7:ed:4e:84:
16:e8:05:c4:7a:b7:be:8c:98:99:e3:8b:e9:5d:36:e3:d4:96:
9b:80:0d:5d
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICC8owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTAxMDUwNjE1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0Y2Q0Ni05ODU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2g4TEQGOg7ZxIZpuAiUHMm4Kduv8p/Hfm3ZB6KSUp43Sj4dim7obUD20+0+i
PVs4QeaJddbUrMFEPQV5dkEes58Lf3k6L0aVsNDCbAiF0rR9ulZcsqN0ewjaWOBr
3ixL1qmzQIO4SHTfB71OJ8zKAf1kaQxe5X0JZtP13XD9IOr8XlJqYko4R1QfIn+W
o50tMttrryA3mMEVR4ALCZM3UmdWOIEahPnTbclOq75V7hRwOaHaI7QykrJOQ1A0
nBPVvWhPuFGU9fnqNCSbjvqHw1nrTYxHRKiPwh1mlAvt/x00kFnInXPdW5MCqKHE
sQD6cq4kcwG0eT2Ylwo8iSjaiwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFOlEehmk
xQRKgrtG35+v9/aworVeMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQkUxNjU3MjBD
MDg5MTFFRkJDNDRBRTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADBAEOwIADBAAOwIUDBAEOwIgwDAMEAQ7AkgMEAA7AlAMEAQ7A
nAMEAA7AnzAMAwQDK/d4AwQAK/d6AwQAZxSGMA0GCSqGSIb3DQEBCwUAA4IBAQBd
kp6+Q2URS/nJoh1oxt/6bpNIV14memWOBiCyOAcf0BiBIn/ssAgVU5SjJ7ndA1Nz
6Zzdh/Y4MESbxwPFJLKk6KhB8IfNajoC2fUwsQm4ILyfXkEY8MsoW9oD1lnsakQt
b0gW0xGrAzldDma2W9N27ggYCn9oxYPkyvzRPvFZZflnp5SPA7rZfxI8vOmwpQfS
Th3mrxh9Ukj56T0YZVo/aaVA3VDYBMDPhUa/9wKlRIeCYVpI92J8yEQcGTpjZOMx
5u57PdCwFL89MvhAVGPmyRWIjCbxrgEEJHSgQVT0jvMg3hgziLftToQW6AXEere+
jJiZ44vpXTbj1JabgA1d
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:02 2025 by rpki-client