Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C025D266C08911EFBC44AE3CC4F9AE02.roa
File: C025D266C08911EFBC44AE3CC4F9AE02.roa (raw, json)
Hash identifier: N6PYfMLA1Sq2clYUUsQ3D/k4OWOgKQe3NQeL7YRV+14=
Subject key identifier: 19:53:5C:33:3F:72:BA:C8:22:BF:13:F6:C6:5F:7D:43:3D:0C:75:2D
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0BCB
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C025D266C08911EFBC44AE3CC4F9AE02.roa
Signing time: Wed 01 Jan 2025 05:06:16 +0000
ROA not before: Wed 01 Jan 2025 05:06:16 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
111.92.128.0/19 maxlen: 19
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 08 Jan 2025 19:53:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3019 (0xbcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jan 1 05:06:16 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6774cd47-ee28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e9:1e:29:4a:f5:9c:78:7b:88:02:a1:80:8e:
b3:0c:58:bd:57:82:fc:b6:f2:94:aa:7d:77:d7:80:
12:d7:06:ec:dd:7b:9b:7e:1a:e1:e3:92:bb:16:37:
22:4c:5c:dc:8d:f7:ab:1d:a3:c7:d2:f4:2a:0c:fd:
e8:2f:14:86:2e:05:46:3e:11:7b:8f:c2:37:d6:23:
eb:16:72:b8:88:ec:1c:6f:b9:65:3d:6b:17:8e:57:
55:4f:75:fe:26:43:a2:e2:71:86:4d:3f:61:a7:e4:
1d:ec:65:c0:7a:2b:ee:1b:ad:35:a2:2a:30:a2:89:
2b:b4:12:79:1f:6c:4b:54:9d:ff:b7:ed:c9:d8:72:
52:a2:b4:57:7c:5d:5b:b1:27:b5:8f:fe:f8:d8:1e:
26:25:76:e2:e4:4d:bb:d6:e4:b2:dc:2d:05:18:d3:
47:d8:89:d9:64:87:37:04:c5:76:1f:c4:73:e3:41:
f6:d7:ff:20:72:f3:bf:4b:cf:14:4c:88:8c:5e:5f:
1c:d2:be:f5:8c:76:30:22:05:f0:93:e0:b7:ab:f8:
95:54:5e:d3:ed:72:9d:c0:ca:67:e8:ea:57:3c:7d:
9f:88:f2:0e:6e:9b:cb:ae:16:6e:fa:19:89:cb:2a:
98:95:57:f2:9b:5b:d4:71:04:37:05:7c:62:ec:90:
d5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:53:5C:33:3F:72:BA:C8:22:BF:13:F6:C6:5F:7D:43:3D:0C:75:2D
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C025D266C08911EFBC44AE3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0/24
14.192.133.0/24
14.192.136.0/23
14.192.143.0/24
14.192.146.0-14.192.150.255
14.192.155.0-14.192.159.255
43.247.120.0-43.247.122.255
103.20.132.0/24
103.20.134.0/24
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
8a:56:b8:0f:cc:09:80:51:9a:3f:a2:71:3e:8f:41:8f:32:55:
9e:39:53:97:c4:12:b9:24:b5:b7:c0:be:eb:5a:9b:dd:99:8d:
d7:6b:d1:16:6b:27:7d:e7:99:28:86:c3:5e:b2:66:28:dd:e7:
83:c0:29:a2:50:15:c5:25:c6:69:3e:52:f0:f0:bc:be:a6:13:
16:aa:fd:ee:46:17:92:d4:6a:6c:5e:35:40:9e:c3:c9:09:c8:
46:5d:09:15:41:ba:a0:5d:1f:fe:23:a4:66:97:74:e5:60:03:
35:e8:cf:72:a9:cb:50:e9:98:0b:4a:44:44:7c:4c:b5:d6:59:
f6:74:91:f9:e9:72:68:4c:24:df:64:01:44:20:fb:92:03:89:
44:43:c0:df:55:af:31:c3:57:55:89:b9:c5:cd:2a:88:75:45:
4f:db:ab:bc:85:ef:94:c2:47:98:86:40:be:e2:72:6e:35:e2:
f1:90:50:fe:f7:2f:66:78:fb:91:e6:04:33:0f:ed:54:3b:19:
b3:4d:76:64:25:da:1d:94:68:04:7e:57:8a:c8:14:fb:e8:71:
e4:a2:e0:cf:2c:4d:80:2a:3c:e9:53:68:ec:44:79:90:43:6f:
2c:2b:59:da:96:a2:bd:6d:ca:26:b2:3e:c4:c1:af:73:97:92:
b0:25:89:ce
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgICC8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTAxMDUwNjE2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0Y2Q0Ny1lZTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvekeKUr1nHh7iAKhgI6zDFi9V4L8tvKUqn1314AS1wbs3Xubfhrh45K7Fjci
TFzcjferHaPH0vQqDP3oLxSGLgVGPhF7j8I31iPrFnK4iOwcb7llPWsXjldVT3X+
JkOi4nGGTT9hp+Qd7GXAeivuG601oiowookrtBJ5H2xLVJ3/t+3J2HJSorRXfF1b
sSe1j/742B4mJXbi5E271uSy3C0FGNNH2InZZIc3BMV2H8Rz40H21/8gcvO/S88U
TIiMXl8c0r71jHYwIgXwk+C3q/iVVF7T7XKdwMpn6OpXPH2fiPIObpvLrhZu+hmJ
yyqYlVfym1vUcQQ3BXxi7JDVowIDAQABo4IC+TCCAvUwHQYDVR0OBBYEFBlTXDM/
crrIIr8T9sZffUM9DHUtMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQzAyNUQyNjZD
MDg5MTFFRkJDNDRBRTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYIGCCsGAQUFBwEHAQH/
BHMwcTBgBAIAATBaAwQBDsCAAwQADsCDAwQADsCFAwQBDsCIAwQADsCPMAwDBAEO
wJIDBAAOwJYwDAMEAA7AmwMEBQ7AgDAMAwQDK/d4AwQAK/d6AwQAZxSEAwQAZxSG
AwQFb1yAMA0EAgACMAcDBQAkA3mAMA0GCSqGSIb3DQEBCwUAA4IBAQCKVrgPzAmA
UZo/onE+j0GPMlWeOVOXxBK5JLW3wL7rWpvdmY3Xa9EWayd955kohsNesmYo3eeD
wCmiUBXFJcZpPlLw8Ly+phMWqv3uRheS1GpsXjVAnsPJCchGXQkVQbqgXR/+I6Rm
l3TlYAM16M9yqctQ6ZgLSkREfEy11ln2dJH56XJoTCTfZAFEIPuSA4lEQ8DfVa8x
w1dVibnFzSqIdUVP26u8he+UwkeYhkC+4nJuNeLxkFD+9y9mePuR5gQzD+1UOxmz
TXZkJdodlGgEfleKyBT76HHkouDPLE2AKjzpU2jsRHmQQ28sK1nalqK9bcomsj7E
wa9zl5KwJYnO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:49 2025 by rpki-client