Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/BF2DD9E4C08911EFBC44AE3CC4F9AE02.roa
File: BF2DD9E4C08911EFBC44AE3CC4F9AE02.roa (raw, json)
Hash identifier: OBLWC8cUAYmNc6uw7951zjU14vei76AT5isSTr277Cc=
Subject key identifier: C0:76:EC:90:E9:6A:AD:81:3B:FF:AD:C6:17:37:7A:7E:EE:15:20:10
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0BB7
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/BF2DD9E4C08911EFBC44AE3CC4F9AE02.roa
Signing time: Sun 22 Dec 2024 17:25:32 +0000
ROA not before: Sun 22 Dec 2024 17:25:32 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 43260
IP address blocks: 14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Dec 2024 19:15:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2999 (0xbb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Dec 22 17:25:32 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67684b8c-48bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:40:de:b1:7b:5a:32:d7:57:f7:42:3b:b1:dd:
48:10:67:13:57:2c:a0:73:70:33:d3:65:bb:8f:d0:
b5:39:d6:e8:b6:0d:8c:d6:ab:5a:ec:94:ca:7c:8f:
94:31:d7:a5:60:0c:3c:8b:48:26:95:c8:6f:1f:16:
39:fb:5e:1a:ff:6f:8b:9b:b5:3a:e6:51:d8:63:08:
75:0a:57:82:b1:5a:50:f6:d9:98:07:f0:31:fc:d2:
bc:2a:dd:5f:7e:00:e8:e5:6d:43:3b:ff:ab:45:bc:
e1:3a:13:ca:45:38:3f:a5:fa:cc:22:cb:b6:ca:02:
9f:6e:ab:bd:88:88:11:c6:7f:cc:10:a7:5b:bf:fe:
15:dc:ae:3d:1d:28:d7:42:50:00:77:8b:04:0c:ae:
fe:c7:84:9f:bb:40:ea:15:1e:e8:4b:a6:d6:eb:a4:
88:27:d2:7c:8f:42:a5:cb:7a:f6:51:58:f2:77:bc:
a5:94:2c:d3:f3:ca:4a:07:6b:1d:e7:d3:ac:a3:0d:
9b:11:0c:ce:e6:de:55:fb:af:89:52:9b:39:03:f9:
99:f5:1d:23:20:22:4a:27:20:62:37:a6:9b:d1:f0:
8c:d8:13:f4:a3:32:57:c7:24:65:ce:99:0f:46:b2:
f5:89:04:55:77:35:33:b8:d7:39:82:d8:03:f7:29:
9c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:76:EC:90:E9:6A:AD:81:3B:FF:AD:C6:17:37:7A:7E:EE:15:20:10
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/BF2DD9E4C08911EFBC44AE3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.151.0-14.192.152.255
Signature Algorithm: sha256WithRSAEncryption
84:c7:2e:db:f3:57:b8:2f:5a:97:6d:01:4a:de:92:6d:c2:89:
a6:b5:47:1e:03:a2:97:b5:11:30:88:1f:aa:44:8f:e5:7a:1a:
62:50:82:53:1c:c7:5d:0e:55:29:9e:8b:0f:7b:9e:02:84:36:
3f:77:a4:3f:74:cb:c0:e7:63:86:e1:ac:3e:1b:ff:ff:e8:a5:
c2:7f:c8:41:05:a6:eb:cf:17:dd:3d:5b:56:52:12:f4:15:13:
8e:9a:8a:e8:ea:e2:98:54:c0:3a:92:e5:1d:a3:2c:a2:2e:d9:
b7:e6:e4:f9:b3:5c:85:c9:14:0a:5d:32:7d:e4:32:06:ec:16:
9c:2b:46:f1:c4:ef:af:26:e3:5e:dd:fe:62:55:7b:5b:05:25:
27:dd:9b:d8:bc:2f:9c:8c:2a:f2:8f:8f:0f:8d:b2:3a:3b:37:
1f:1a:13:26:26:90:73:19:2d:30:da:cf:51:d3:67:05:b3:c4:
86:5f:7a:2a:3a:3d:17:14:ac:64:01:b0:10:db:bb:17:77:fb:
56:43:4a:6a:cd:7e:6a:ff:52:d8:da:62:e2:8e:a7:1d:ce:49:
d8:bf:bf:b9:56:74:91:5d:c5:45:1e:46:0d:20:02:ee:bb:34:
2b:6c:ae:62:0f:ce:ba:b6:f5:5b:52:96:31:be:cb:93:61:97:
b4:7f:72:73
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICC7cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQxMjIyMTcyNTMyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4NGI4Yy00OGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApkDesXtaMtdX90I7sd1IEGcTVyygc3Az02W7j9C1Odbotg2M1qta7JTKfI+U
MdelYAw8i0gmlchvHxY5+14a/2+Lm7U65lHYYwh1CleCsVpQ9tmYB/Ax/NK8Kt1f
fgDo5W1DO/+rRbzhOhPKRTg/pfrMIsu2ygKfbqu9iIgRxn/MEKdbv/4V3K49HSjX
QlAAd4sEDK7+x4Sfu0DqFR7oS6bW66SIJ9J8j0Kly3r2UVjyd7yllCzT88pKB2sd
59Osow2bEQzO5t5V+6+JUps5A/mZ9R0jICJKJyBiN6ab0fCM2BP0ozJXxyRlzpkP
RrL1iQRVdzUzuNc5gtgD9ymcdwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFMB27JDp
aq2BO/+txhc3en7uFSAQMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQkYyREQ5RTRD
MDg5MTFFRkJDNDRBRTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAA7AlwMEAA7AmDANBgkqhkiG9w0BAQsFAAOCAQEAhMcu
2/NXuC9al20BSt6SbcKJprVHHgOil7URMIgfqkSP5XoaYlCCUxzHXQ5VKZ6LD3ue
AoQ2P3ekP3TLwOdjhuGsPhv//+ilwn/IQQWm688X3T1bVlIS9BUTjpqK6OrimFTA
OpLlHaMsoi7Zt+bk+bNchckUCl0yfeQyBuwWnCtG8cTvrybjXt3+YlV7WwUlJ92b
2LwvnIwq8o+PD42yOjs3HxoTJiaQcxktMNrPUdNnBbPEhl96Kjo9FxSsZAGwENu7
F3f7VkNKas1+av9S2Npi4o6nHc5J2L+/uVZ0kV3FRR5GDSAC7rs0K2yuYg/Ourb1
W1KWMb7Lk2GXtH9ycw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:56 2025 by rpki-client