Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/D53345C4CDAB11EF82FEE40DC4F9AE02.roa
File: D53345C4CDAB11EF82FEE40DC4F9AE02.roa (raw, json)
Hash identifier: ZpbxyyWrEWJnp2cxOPi6TcI0xw1Yz6z4FGkdMbWfh8k=
Subject key identifier: 31:F2:16:B2:4A:C6:73:45:CB:C8:9D:EB:5C:91:71:F1:19:40:E6:3E
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0BDB
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/D53345C4CDAB11EF82FEE40DC4F9AE02.roa
Signing time: Wed 08 Jan 2025 10:32:17 +0000
ROA not before: Wed 08 Jan 2025 10:32:17 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 55154
IP address blocks: 14.192.132.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 09:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3035 (0xbdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jan 8 10:32:17 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=677e5431-a787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d7:0a:60:f1:c2:69:24:e0:9d:be:db:85:ce:
4d:20:85:5b:3f:19:66:b2:10:2f:3b:ce:e0:a6:26:
63:24:13:2d:34:a8:fa:76:b6:df:7e:31:a0:a6:71:
7b:f8:06:92:d0:72:cd:08:72:cb:d0:c0:f4:dd:2f:
f2:e7:a9:03:d2:81:7f:7a:6c:fd:fc:a4:9b:59:54:
01:40:89:6b:ac:33:51:2d:a6:86:f6:87:e3:0e:0a:
0d:4f:c7:79:45:30:f7:21:58:66:49:95:af:0b:46:
2e:b6:a5:0a:ab:9a:e1:db:51:d0:23:00:1c:d5:64:
47:a0:0e:70:92:f6:ab:36:72:d4:47:a4:83:16:7b:
e3:93:a7:bf:0d:db:42:e9:8f:4b:55:68:c7:9b:0d:
ab:07:54:aa:df:23:03:eb:20:07:09:3c:89:04:ff:
36:cf:48:fb:a2:26:2b:d5:cb:3b:6e:a8:31:54:70:
26:1b:c4:87:a2:48:03:5d:6e:4e:db:d4:c4:ad:82:
61:b7:c1:ed:1f:e7:dc:37:7c:ea:03:1d:6b:da:73:
79:82:55:d2:54:cc:65:cd:a4:96:5d:2a:85:0d:dc:
86:82:91:c4:be:89:d4:8b:7c:a5:4e:c4:0d:d5:5b:
5d:b2:63:57:18:1a:63:f2:37:69:9f:ad:27:55:f4:
94:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F2:16:B2:4A:C6:73:45:CB:C8:9D:EB:5C:91:71:F1:19:40:E6:3E
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/D53345C4CDAB11EF82FEE40DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.132.0/24
14.192.153.0/24
103.20.132.0/24
103.20.134.0/23
Signature Algorithm: sha256WithRSAEncryption
33:1e:d4:e3:07:fc:43:46:28:b7:d7:2a:ad:d0:46:f1:20:f5:
fc:24:41:fe:d9:6b:90:52:be:26:a0:38:07:42:64:be:b7:03:
ec:c3:b3:f4:df:80:85:08:58:bb:62:63:d5:f6:1e:00:01:14:
8f:08:d2:bb:9a:40:16:f9:ef:55:38:01:f3:62:be:93:2f:84:
bb:bf:28:ab:f7:0c:2c:9a:df:38:55:18:95:f9:57:c2:74:ad:
ef:80:43:54:28:9c:44:fe:15:95:23:bf:3c:e8:3d:27:ad:35:
82:29:41:c3:70:07:e2:0e:fd:07:76:0f:8d:51:c5:14:2f:ca:
c8:4c:2b:b7:5e:25:97:ac:f0:52:8a:08:b3:42:d7:82:cb:bc:
02:b1:59:bb:1c:81:46:71:4f:c1:a3:a6:92:3c:d2:cb:42:b8:
07:9d:6c:03:49:84:65:ec:5e:06:6a:f8:61:6f:b3:3c:5e:0d:
20:7d:ca:cb:98:52:a6:63:0d:e6:d5:24:7d:ba:81:a3:67:de:
cf:6e:05:4e:9d:46:0b:10:66:79:b5:6d:f1:25:74:9a:dd:db:
39:24:de:f7:68:30:33:0c:a0:e4:28:6f:a4:51:5c:09:cd:4a:
bd:31:ec:c5:74:af:df:d2:08:a2:c1:aa:d8:df:46:a3:a8:02:
2a:3b:ce:8e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC9swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTA4MTAzMjE3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdlNTQzMS1hNzg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA69cKYPHCaSTgnb7bhc5NIIVbPxlmshAvO87gpiZjJBMtNKj6drbffjGgpnF7
+AaS0HLNCHLL0MD03S/y56kD0oF/emz9/KSbWVQBQIlrrDNRLaaG9ofjDgoNT8d5
RTD3IVhmSZWvC0YutqUKq5rh21HQIwAc1WRHoA5wkvarNnLUR6SDFnvjk6e/DdtC
6Y9LVWjHmw2rB1Sq3yMD6yAHCTyJBP82z0j7oiYr1cs7bqgxVHAmG8SHokgDXW5O
29TErYJht8HtH+fcN3zqAx1r2nN5glXSVMxlzaSWXSqFDdyGgpHEvonUi3ylTsQN
1VtdsmNXGBpj8jdpn60nVfSU8wIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFDHyFrJK
xnNFy8id61yRcfEZQOY+MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRDUzMzQ1QzRD
REFCMTFFRjgyRkVFNDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAAOwIQDBAAOwJkDBABnFIQDBAFnFIYwDQYJKoZIhvcNAQEL
BQADggEBADMe1OMH/ENGKLfXKq3QRvEg9fwkQf7Za5BSviagOAdCZL63A+zDs/Tf
gIUIWLtiY9X2HgABFI8I0ruaQBb571U4AfNivpMvhLu/KKv3DCya3zhVGJX5V8J0
re+AQ1QonET+FZUjvzzoPSetNYIpQcNwB+IO/Qd2D41RxRQvyshMK7deJZes8FKK
CLNC14LLvAKxWbscgUZxT8GjppI80stCuAedbANJhGXsXgZq+GFvszxeDSB9ysuY
UqZjDebVJH26gaNn3s9uBU6dRgsQZnm1bfEldJrd2zkk3vdoMDMMoOQob6RRXAnN
Sr0x7MV0r9/SCKLBqtjfRqOoAio7zo4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:05 2025 by rpki-client