Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C7F1A22CCC2311EF910BED49C4F9AE02.roa
File: C7F1A22CCC2311EF910BED49C4F9AE02.roa (raw, json)
Hash identifier: XjxVYxNCI45GkwmD1q7ozMNkpJQm7zEcr8rFYmkTp8A=
Subject key identifier: 08:51:0E:4A:47:06:42:31:99:A7:1A:97:F7:36:56:B6:90:B5:84:D7
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0BD8
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C7F1A22CCC2311EF910BED49C4F9AE02.roa
Signing time: Mon 06 Jan 2025 11:45:52 +0000
ROA not before: Mon 06 Jan 2025 11:45:52 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 213990
IP address blocks: 14.192.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 10:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3032 (0xbd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jan 6 11:45:52 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=677bc270-66aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5b:02:09:c2:17:4d:69:39:d7:ad:99:d9:92:
78:86:f9:8d:a5:e2:83:42:08:24:92:5d:65:5f:ac:
92:7f:f5:82:24:c7:46:e1:28:66:e3:01:3e:62:5f:
23:62:6c:be:34:32:27:6e:28:c7:67:5d:c3:5f:46:
cf:e6:49:d8:3a:27:c5:e5:cb:66:ef:14:01:32:4f:
3f:47:b9:f4:de:02:e8:13:f7:6d:de:2c:6a:52:75:
db:f3:61:f9:b0:4e:ce:f2:b1:e7:d9:73:b1:b9:e9:
f2:1e:10:b3:56:64:e8:74:9f:b1:7e:3d:28:e7:ac:
c2:20:c6:af:59:e1:ff:58:36:be:68:71:78:6c:43:
9d:90:46:5d:6b:31:1e:75:36:b6:7a:71:41:87:28:
b3:2a:26:b5:29:8f:c4:e6:88:fb:ef:bf:fd:86:cb:
8e:41:9c:7b:2e:6b:bb:bc:b6:f2:56:c0:4b:dd:6d:
d7:21:c5:a5:4d:a8:1a:cb:02:d8:d4:d9:88:b5:c9:
09:ee:96:d8:24:81:f6:7a:21:ef:01:94:d0:d8:16:
79:be:2b:11:f9:e2:dc:46:ff:00:f4:52:59:af:84:
40:e3:be:0c:06:04:03:05:3e:d8:2b:4d:85:18:25:
24:b9:3a:20:d5:87:56:47:e2:6a:14:a4:75:61:5f:
16:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:51:0E:4A:47:06:42:31:99:A7:1A:97:F7:36:56:B6:90:B5:84:D7
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/C7F1A22CCC2311EF910BED49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.144.0/24
Signature Algorithm: sha256WithRSAEncryption
65:5c:25:a0:d6:a8:d2:0a:89:65:8c:be:12:67:13:39:06:53:
21:6c:10:49:d6:ed:aa:94:d5:61:cd:3d:57:45:1d:5e:a4:f0:
42:a8:4f:a7:64:3b:b3:11:cc:f5:28:e8:b3:e8:2c:a3:81:41:
ac:9b:e4:ed:e3:70:42:c5:d1:1b:c0:91:3a:26:0b:c8:18:a5:
98:92:16:0a:68:bc:42:6b:94:8d:d8:89:17:3f:b1:de:f5:e4:
6d:b1:98:47:aa:d0:48:dc:37:12:bc:76:d2:4c:ba:66:6c:b9:
a0:39:1c:d8:17:11:65:df:3b:d0:ff:1e:b5:39:fe:15:75:b0:
7f:b4:b3:53:4b:9e:e3:27:e7:d8:2e:d9:72:8b:93:67:a2:36:
c6:48:67:ff:d7:60:ae:64:47:5f:df:25:e0:77:79:dc:91:1a:
dd:c9:b9:af:f2:e3:9a:2c:77:01:01:fe:32:b5:39:1e:f6:f0:
9f:81:9d:49:65:bb:7c:b8:b8:b4:d1:49:f3:a2:63:fa:c8:64:
c4:0d:ae:e9:58:3e:0d:b5:83:33:7f:34:f9:43:cb:ea:3c:c2:
6a:d0:1e:4f:80:9b:fa:37:c5:b9:a3:26:e1:ce:04:43:f0:07:
84:60:cb:d4:8d:7c:27:de:d5:71:38:ab:47:54:a9:02:95:48:
aa:c1:88:a3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTA2MTE0NTUyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdiYzI3MC02NmFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4lsCCcIXTWk5162Z2ZJ4hvmNpeKDQggkkl1lX6ySf/WCJMdG4Shm4wE+Yl8j
Ymy+NDInbijHZ13DX0bP5knYOifF5ctm7xQBMk8/R7n03gLoE/dt3ixqUnXb82H5
sE7O8rHn2XOxuenyHhCzVmTodJ+xfj0o56zCIMavWeH/WDa+aHF4bEOdkEZdazEe
dTa2enFBhyizKia1KY/E5oj777/9hsuOQZx7Lmu7vLbyVsBL3W3XIcWlTagaywLY
1NmItckJ7pbYJIH2eiHvAZTQ2BZ5visR+eLcRv8A9FJZr4RA474MBgQDBT7YK02F
GCUkuTog1YdWR+JqFKR1YV8WRwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAhRDkpH
BkIxmacal/c2VraQtYTXMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQzdGMUEyMkND
QzIzMTFFRjkxMEJFRDQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAOwJAwDQYJKoZIhvcNAQELBQADggEBAGVcJaDWqNIKiWWM
vhJnEzkGUyFsEEnW7aqU1WHNPVdFHV6k8EKoT6dkO7MRzPUo6LPoLKOBQayb5O3j
cELF0RvAkTomC8gYpZiSFgpovEJrlI3YiRc/sd715G2xmEeq0EjcNxK8dtJMumZs
uaA5HNgXEWXfO9D/HrU5/hV1sH+0s1NLnuMn59gu2XKLk2eiNsZIZ//XYK5kR1/f
JeB3edyRGt3Jua/y45osdwEB/jK1OR728J+BnUllu3y4uLTRSfOiY/rIZMQNrulY
Pg21gzN/NPlDy+o8wmrQHk+Am/o3xbmjJuHOBEPwB4Rgy9SNfCfe1XE4q0dUqQKV
SKrBiKM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:28 2025 by rpki-client