Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/E5856BB4ECF111EE869C1110C4F9AE02.roa
File: E5856BB4ECF111EE869C1110C4F9AE02.roa (raw, json)
Hash identifier: AsriqrnaFkPvEFMK/gmFcRdEgU8foDnYEhhOb9hFavI=
Subject key identifier: 41:87:00:72:11:FD:F3:5F:6E:50:B7:B3:93:36:50:78:E5:85:62:DA
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 09CF
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/E5856BB4ECF111EE869C1110C4F9AE02.roa
Signing time: Wed 26 Jun 2024 21:14:03 +0000
ROA not before: Wed 26 Jun 2024 21:14:03 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 150750
IP address blocks: 14.192.130.0/23 maxlen: 23
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/22 maxlen: 22
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/22 maxlen: 22
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 08:32:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2511 (0x9cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jun 26 21:14:03 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=667c849b-64cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:af:f4:15:14:18:3a:89:fd:01:0b:f5:65:
9f:25:3c:c2:67:1d:42:90:0d:d1:7d:05:1a:82:2e:
24:39:a6:1b:a6:ac:d3:90:4c:63:61:f9:5e:61:69:
94:1a:97:8a:61:f3:c9:67:cd:a8:97:db:1e:a5:af:
46:ad:f2:4d:d9:7f:0e:04:b0:4a:64:41:07:c0:df:
c1:26:82:1e:ae:2d:8a:94:56:df:dc:b9:53:ec:8c:
89:0e:3c:94:a7:6d:c1:57:e1:5d:67:18:2d:3b:51:
23:c8:13:2e:6c:a9:00:2d:54:3c:c0:ce:e7:02:81:
fd:1c:2e:e8:ce:2f:ad:b9:e9:d3:70:19:ec:ff:76:
a3:96:43:74:14:ac:94:70:60:c9:88:9d:26:be:d0:
26:82:a7:36:b2:0a:06:88:19:e1:a7:91:a2:c8:7e:
18:c7:46:c8:9e:92:81:85:77:9b:46:aa:4f:36:33:
25:88:30:25:e8:45:38:0f:70:7e:80:92:30:24:5b:
07:12:1b:ba:da:52:45:7f:78:4f:20:91:32:b9:2b:
a0:47:44:6c:1a:e8:6d:56:bb:db:b5:86:99:ff:91:
ca:f9:dd:cc:95:a5:8b:77:01:a0:34:22:06:96:c4:
5b:30:28:3d:c0:f4:8b:34:b8:c9:f1:39:49:ae:72:
da:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:87:00:72:11:FD:F3:5F:6E:50:B7:B3:93:36:50:78:E5:85:62:DA
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/E5856BB4ECF111EE869C1110C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.130.0-14.192.139.255
Signature Algorithm: sha256WithRSAEncryption
86:b1:16:12:1b:a3:2d:c8:c7:c5:31:98:60:97:47:b5:54:a7:
92:cd:af:18:8c:a4:76:5e:b5:9f:95:a6:79:5b:09:58:cd:06:
6c:5b:64:ac:76:ac:dd:51:a2:44:cd:8e:ae:11:44:1c:05:4c:
2e:47:38:41:cc:3e:95:d8:4a:8a:53:da:fa:a1:5b:1f:cf:2e:
8d:f8:08:62:49:1b:03:f2:6a:8e:e8:46:4c:df:9d:86:c2:92:
4d:a7:82:4b:94:ff:bf:43:74:51:a9:68:10:31:c8:78:a7:5b:
5f:31:2e:62:b3:9b:75:a1:78:c4:21:8d:9c:a3:f1:87:fa:6b:
47:46:ff:17:28:b5:93:be:4c:de:96:c1:01:a0:81:4b:4e:36:
48:c8:c1:91:cb:59:09:fd:e1:20:4c:dd:e9:41:2b:cb:35:0e:
30:25:52:74:d3:63:2f:1e:32:b1:a7:c7:a4:55:c9:9f:58:98:
a7:52:8d:f2:fa:ba:d9:b6:a4:5e:29:c3:74:32:d1:f1:c0:78:
c8:e1:94:19:c8:a6:b0:06:6f:ca:34:59:d9:81:6b:57:4f:ff:
26:e6:c7:c5:aa:a2:25:a7:59:68:d2:d9:10:7f:5f:2d:12:ba:
7d:41:9a:3e:1f:26:49:0d:12:f8:95:1f:7e:12:b7:6a:81:8c:
76:77:97:94
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwNjI2MjExNDAzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdjODQ5Yi02NGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs6+v9BUUGDqJ/QEL9WWfJTzCZx1CkA3RfQUagi4kOaYbpqzTkExjYfleYWmU
GpeKYfPJZ82ol9sepa9GrfJN2X8OBLBKZEEHwN/BJoIeri2KlFbf3LlT7IyJDjyU
p23BV+FdZxgtO1EjyBMubKkALVQ8wM7nAoH9HC7ozi+tuenTcBns/3ajlkN0FKyU
cGDJiJ0mvtAmgqc2sgoGiBnhp5GiyH4Yx0bInpKBhXebRqpPNjMliDAl6EU4D3B+
gJIwJFsHEhu62lJFf3hPIJEyuSugR0RsGuhtVrvbtYaZ/5HK+d3MlaWLdwGgNCIG
lsRbMCg9wPSLNLjJ8TlJrnLaiQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFEGHAHIR
/fNfblC3s5M2UHjlhWLaMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRTU4NTZCQjRF
Q0YxMTFFRTg2OUMxMTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAQ7AggMEAg7AiDANBgkqhkiG9w0BAQsFAAOCAQEAhrEW
EhujLcjHxTGYYJdHtVSnks2vGIykdl61n5WmeVsJWM0GbFtkrHas3VGiRM2OrhFE
HAVMLkc4Qcw+ldhKilPa+qFbH88ujfgIYkkbA/JqjuhGTN+dhsKSTaeCS5T/v0N0
UaloEDHIeKdbXzEuYrObdaF4xCGNnKPxh/prR0b/Fyi1k75M3pbBAaCBS042SMjB
kctZCf3hIEzd6UEryzUOMCVSdNNjLx4ysafHpFXJn1iYp1KN8vq62bakXinDdDLR
8cB4yOGUGcimsAZvyjRZ2YFrV0//JubHxaqiJadZaNLZEH9fLRK6fUGaPh8mSQ0S
+JUffhK3aoGMdneXlA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:08 2025 by rpki-client