Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C005D39EA4FA11EF97825E6AC4F9AE02.roa
File: C005D39EA4FA11EF97825E6AC4F9AE02.roa (raw, json)
Hash identifier: 6ceVz9LSsVwWdTg6Gjaj+LvMsmb5mNWnlkOmRz43LmU=
Subject key identifier: 24:93:6A:58:E5:2B:72:7F:C1:FF:54:99:48:E4:A0:04:79:56:4E:5A
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0B7E
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C005D39EA4FA11EF97825E6AC4F9AE02.roa
Signing time: Sun 17 Nov 2024 15:43:54 +0000
ROA not before: Sun 17 Nov 2024 15:43:54 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 208485
IP address blocks: 14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 07:26:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2942 (0xb7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Nov 17 15:43:54 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=673a0f3a-bc90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9c:54:34:68:41:8b:c4:f9:fc:e5:0e:76:bd:
05:aa:c5:62:c9:29:92:a6:92:28:e1:26:bf:77:25:
79:4e:cc:58:71:f1:81:a4:6a:bb:45:59:80:9b:eb:
a5:7f:38:32:ac:ab:98:44:ea:ce:cd:a9:8d:51:7c:
10:94:ac:c3:3a:0c:7a:55:da:ad:97:3e:d8:73:ac:
7f:e4:03:1b:3c:a2:30:35:ce:81:89:e0:12:15:e2:
e1:6c:62:59:68:82:83:86:23:5a:77:48:9c:b0:b7:
d3:ab:80:1e:7b:58:98:63:9a:eb:bf:ee:7d:1e:1e:
a8:30:cb:92:69:80:24:3f:76:a5:a1:4d:a3:a1:2c:
2e:c4:37:8f:2b:cb:6b:ab:a3:16:38:2c:0e:65:7f:
05:f9:33:b6:35:c6:b0:3d:64:53:cc:57:e9:db:3e:
a6:04:34:8e:f6:af:39:24:27:19:a0:4f:05:62:0e:
e3:1e:f2:a1:a0:fb:3e:08:5b:07:7e:f3:14:a7:f0:
b3:ff:fc:08:6f:7f:fb:90:73:86:4c:3e:59:25:8a:
ea:ee:95:44:22:88:7f:35:18:c7:2e:47:3d:19:1d:
4b:e1:37:78:13:17:c6:45:c8:f4:ae:99:c2:16:1e:
63:17:a6:b5:cd:6f:23:33:84:c5:89:7e:df:00:f7:
26:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:93:6A:58:E5:2B:72:7F:C1:FF:54:99:48:E4:A0:04:79:56:4E:5A
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C005D39EA4FA11EF97825E6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.136.0/22
14.192.143.0/24
14.192.145.0-14.192.146.255
14.192.158.0/23
43.247.120.0/24
43.247.123.0/24
103.20.133.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:00:54:a6:6a:ef:b1:65:b0:7b:76:45:e9:f4:f8:2a:74:7e:
a6:c1:46:c6:a8:6f:e7:d1:62:16:eb:39:4b:97:b7:88:5d:97:
63:96:4b:ce:67:44:42:01:73:91:cd:20:96:c6:a7:49:61:de:
e0:67:49:be:70:72:51:91:1d:87:97:1b:57:e4:e1:17:20:3a:
cc:9b:91:d3:05:78:aa:44:03:7b:04:b2:27:ba:c0:e5:f4:34:
04:d5:63:f3:93:2c:a2:21:a1:c4:f4:06:f3:42:88:b6:56:e4:
dd:de:84:b4:2c:2b:c3:4a:5e:b1:24:c1:9b:ed:0a:a7:03:53:
a4:ee:a3:78:e5:b6:74:e0:e3:f6:d6:62:f0:6e:39:73:a4:23:
7c:52:7a:2b:98:27:12:6f:8e:93:13:b8:76:0c:87:3c:19:59:
c3:01:cc:53:96:24:34:21:83:7b:f4:38:28:fa:1e:c5:d6:22:
78:8c:64:9b:d0:b5:cd:71:d0:ab:fe:cd:7a:42:19:02:3b:8b:
b2:08:34:ca:d2:c1:ec:82:89:e1:a5:16:f2:66:a6:ca:b6:da:
66:3b:7c:81:3f:23:f0:32:9b:78:12:7c:20:e8:a2:d2:b1:8c:
e1:35:bf:71:5c:3e:03:c9:f5:cc:22:1a:ae:ed:ba:ad:e6:93:
20:19:06:f3
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICC34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQxMTE3MTU0MzU0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNhMGYzYS1iYzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAypxUNGhBi8T5/OUOdr0FqsViySmSppIo4Sa/dyV5TsxYcfGBpGq7RVmAm+ul
fzgyrKuYROrOzamNUXwQlKzDOgx6Vdqtlz7Yc6x/5AMbPKIwNc6BieASFeLhbGJZ
aIKDhiNad0icsLfTq4Aee1iYY5rrv+59Hh6oMMuSaYAkP3aloU2joSwuxDePK8tr
q6MWOCwOZX8F+TO2NcawPWRTzFfp2z6mBDSO9q85JCcZoE8FYg7jHvKhoPs+CFsH
fvMUp/Cz//wIb3/7kHOGTD5ZJYrq7pVEIoh/NRjHLkc9GR1L4Td4ExfGRcj0rpnC
Fh5jF6a1zW8jM4TFiX7fAPcmqQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFCSTaljl
K3J/wf9UmUjkoAR5Vk5aMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQzAwNUQzOUVB
NEZBMTFFRjk3ODI1RTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MDgEAgABMDIDBAIOwIgDBAAOwI8wDAMEAA7AkQMEAA7AkgMEAQ7AngMEACv3
eAMEACv3ewMEAGcUhTANBgkqhkiG9w0BAQsFAAOCAQEAegBUpmrvsWWwe3ZF6fT4
KnR+psFGxqhv59FiFus5S5e3iF2XY5ZLzmdEQgFzkc0glsanSWHe4GdJvnByUZEd
h5cbV+ThFyA6zJuR0wV4qkQDewSyJ7rA5fQ0BNVj85MsoiGhxPQG80KItlbk3d6E
tCwrw0pesSTBm+0KpwNTpO6jeOW2dODj9tZi8G45c6QjfFJ6K5gnEm+OkxO4dgyH
PBlZwwHMU5YkNCGDe/Q4KPoexdYieIxkm9C1zXHQq/7NekIZAjuLsgg0ytLB7IKJ
4aUW8mamyrbaZjt8gT8j8DKbeBJ8IOii0rGM4TW/cVw+A8n1zCIaru26reaTIBkG
8w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:14:13 2025 by rpki-client