Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/D5F601FECDAB11EF82FEE40DC4F9AE02.roa
File: D5F601FECDAB11EF82FEE40DC4F9AE02.roa (raw, json)
Hash identifier: 3S+7f1a1rEotKFlbKBrL4BPoPppWHzD3PnyddWO0Ras=
Subject key identifier: F8:2C:BA:88:22:24:36:EE:2F:96:49:1A:CA:55:B4:1F:3B:67:F8:75
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0C2E
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/D5F601FECDAB11EF82FEE40DC4F9AE02.roa
Signing time: Tue 28 Jan 2025 14:57:22 +0000
ROA not before: Tue 28 Jan 2025 14:57:22 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 62425
IP address blocks: 14.192.132.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 06:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3118 (0xc2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jan 28 14:57:22 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6798f052-8a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5d:7f:67:23:be:94:3b:c8:95:cb:fd:31:48:
80:5a:14:f6:ac:b5:6d:5e:45:13:d9:bf:55:23:0b:
f4:b2:e0:0b:79:f6:9b:9f:cb:db:81:4c:82:59:f6:
9b:22:93:18:0f:4e:a9:a2:93:3e:96:ad:a9:ed:9f:
83:79:83:57:73:05:ab:63:d2:b4:06:f9:20:b8:42:
89:5c:5d:55:68:08:3c:ba:c5:39:1b:1a:25:fb:f5:
34:f0:c4:b0:05:f5:fd:bf:65:fc:80:ed:42:ab:5c:
02:53:7b:3a:3e:7e:23:19:e2:a3:42:80:17:65:5c:
c9:ad:05:9c:c5:19:b0:d3:1f:97:7b:1a:5a:2b:98:
63:69:f6:36:d9:9c:1d:6f:71:33:10:e7:d8:48:ac:
ec:a6:3f:21:5a:73:b7:20:31:85:be:12:a8:4b:f1:
7b:59:29:5c:22:b0:61:77:3b:23:e0:59:e1:40:8b:
86:54:d7:78:32:01:76:9b:9b:b6:31:24:35:73:c3:
4b:f5:10:ed:2d:49:2b:9e:40:a2:26:84:66:85:87:
00:4b:59:fb:10:86:4b:2e:bd:bd:a7:e5:bc:1f:65:
06:5d:b7:99:20:97:89:4b:55:5f:85:96:12:41:28:
68:00:da:cb:d9:13:d5:0a:e4:a9:36:24:cc:a9:ef:
e3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2C:BA:88:22:24:36:EE:2F:96:49:1A:CA:55:B4:1F:3B:67:F8:75
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/D5F601FECDAB11EF82FEE40DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.132.0/24
14.192.142.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:0d:bb:cf:e1:3c:6c:d3:63:80:ba:76:5a:cf:e6:76:b6:67:
aa:e6:c8:75:9d:97:b6:ec:c7:03:f7:19:2a:78:6d:c8:af:0a:
8e:fa:fd:c2:b8:33:d3:4d:66:64:eb:18:76:4c:ea:52:b8:b2:
04:ba:38:ab:7a:e7:c9:55:f2:e0:f5:bf:ca:5d:b6:d2:7e:4c:
b0:57:67:11:1a:4e:88:e7:64:1e:c9:de:59:27:ed:d8:4c:4d:
3f:87:91:f4:03:4a:35:4d:11:16:d2:61:56:84:92:e7:be:e4:
c9:a2:d8:ac:04:60:5a:ad:8e:d5:7e:13:70:95:28:d5:2b:53:
ee:a5:34:ea:b2:e4:4a:b1:89:30:5b:28:79:62:14:04:87:7c:
fe:cf:a8:1d:68:0c:a3:70:08:6a:e4:e8:57:71:86:ce:f5:b6:
05:80:75:05:2c:87:cf:8e:ec:3c:55:9f:96:06:54:4f:19:14:
0e:72:88:bb:d8:46:01:c9:d9:25:c0:53:30:a9:66:af:0b:1e:
30:e4:ca:b6:36:55:76:37:70:00:e7:70:91:97:05:6e:ae:ed:
2a:41:b0:e7:7b:d6:e3:40:4a:6c:32:2e:10:c7:cd:d0:d3:a9:
14:64:c4:f4:b9:f9:6a:d4:f7:51:2c:e8:3b:80:d8:4d:26:df:
8a:93:67:62
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDC4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTI4MTQ1NzIyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk4ZjA1Mi04YTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvF1/ZyO+lDvIlcv9MUiAWhT2rLVtXkUT2b9VIwv0suALefabn8vbgUyCWfab
IpMYD06popM+lq2p7Z+DeYNXcwWrY9K0BvkguEKJXF1VaAg8usU5Gxol+/U08MSw
BfX9v2X8gO1Cq1wCU3s6Pn4jGeKjQoAXZVzJrQWcxRmw0x+XexpaK5hjafY22Zwd
b3EzEOfYSKzspj8hWnO3IDGFvhKoS/F7WSlcIrBhdzsj4FnhQIuGVNd4MgF2m5u2
MSQ1c8NL9RDtLUkrnkCiJoRmhYcAS1n7EIZLLr29p+W8H2UGXbeZIJeJS1VfhZYS
QShoANrL2RPVCuSpNiTMqe/jAwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPgsuogi
JDbuL5ZJGspVtB87Z/h1MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRDVGNjAxRkVD
REFCMTFFRjgyRkVFNDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAOwIQDBAAOwI4wDQYJKoZIhvcNAQELBQADggEBAK0Nu8/h
PGzTY4C6dlrP5na2Z6rmyHWdl7bsxwP3GSp4bcivCo76/cK4M9NNZmTrGHZM6lK4
sgS6OKt658lV8uD1v8pdttJ+TLBXZxEaTojnZB7J3lkn7dhMTT+HkfQDSjVNERbS
YVaEkue+5Mmi2KwEYFqtjtV+E3CVKNUrU+6lNOqy5EqxiTBbKHliFASHfP7PqB1o
DKNwCGrk6Fdxhs71tgWAdQUsh8+O7DxVn5YGVE8ZFA5yiLvYRgHJ2SXAUzCpZq8L
HjDkyrY2VXY3cADncJGXBW6u7SpBsOd71uNASmwyLhDHzdDTqRRkxPS5+WrU91Es
6DuA2E0m34qTZ2I=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:19 2025 by rpki-client