Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F320552EC08911EF80CB743DC4F9AE02.roa
File: F320552EC08911EF80CB743DC4F9AE02.roa (raw, json)
Hash identifier: yBxJ1qg/WLRCtqKpq2vUDsPPp0cxJvHw6kbAwDoj8Mc=
Subject key identifier: CF:E2:0D:32:20:15:61:51:1E:16:EC:FB:C4:81:65:A7:69:EA:35:CE
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0BBA
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F320552EC08911EF80CB743DC4F9AE02.roa
Signing time: Sun 22 Dec 2024 17:26:59 +0000
ROA not before: Sun 22 Dec 2024 17:26:59 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 329007
IP address blocks: 14.192.130.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3002 (0xbba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Dec 22 17:26:59 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67684be3-6988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:60:00:85:c2:7a:07:72:56:b1:18:9f:d0:53:
86:49:34:93:08:f6:fd:2e:8a:c3:b4:c0:46:56:66:
4b:5e:60:75:f0:54:59:87:ea:a4:5d:e6:d7:b1:88:
6a:99:eb:31:83:ee:e1:9e:0f:12:55:d5:25:4a:0f:
59:ee:d0:e8:6d:72:d3:64:97:9a:fb:b9:e1:6b:2c:
34:4f:4c:5b:6c:da:0e:da:aa:90:1a:17:c0:6a:b8:
59:30:81:b1:c6:7b:8c:f8:a1:1e:c8:c9:3a:00:60:
9c:5c:0e:6f:aa:f1:a7:30:05:5e:5e:bd:f1:ee:73:
68:16:bd:f0:d3:fc:78:46:16:ea:c6:1f:a9:3b:64:
80:c5:b1:26:3f:ee:ee:8b:49:b5:01:bb:68:96:6b:
b2:6a:82:33:1f:d0:3c:b7:50:c0:6b:eb:42:bf:56:
63:37:a2:d1:15:7b:fc:77:10:89:63:2d:38:92:ee:
b0:56:9a:8c:8d:ff:59:24:3c:3e:61:29:45:24:a9:
17:c3:6c:4c:7a:d1:81:91:dd:cc:a0:28:0d:35:c6:
5e:f3:7d:b1:ec:ee:79:b3:2b:7f:80:22:e7:6e:47:
ee:6b:84:0a:b6:5b:77:6f:e7:97:51:cd:24:e5:ee:
5c:be:e5:f1:e8:ed:2e:2c:20:f0:c9:97:1c:4d:50:
6c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E2:0D:32:20:15:61:51:1E:16:EC:FB:C4:81:65:A7:69:EA:35:CE
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F320552EC08911EF80CB743DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.130.0/24
14.192.144.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:e3:7e:6e:2b:07:89:6f:a7:bf:22:5b:f1:ca:52:c3:5c:a0:
dd:f6:9f:eb:94:6c:34:df:9d:e3:79:78:79:0e:9a:31:b2:1e:
d0:6d:44:98:c0:72:72:25:10:3e:08:f8:88:37:83:59:0e:43:
ae:2b:96:62:d0:2f:66:82:e5:33:8c:1a:f4:43:46:33:ee:b1:
76:26:eb:3e:f8:ae:5a:c3:fa:1e:f3:f3:e4:13:0e:5e:07:65:
0e:7c:96:60:34:46:a5:bd:24:03:6e:59:f3:25:b2:38:69:e9:
33:ee:07:75:77:21:f7:ee:5b:f6:f1:90:69:a7:ab:8b:81:45:
1b:ae:0d:f5:1e:32:a4:79:4a:67:6d:71:9a:27:74:b6:e0:37:
28:81:fb:f4:6e:69:bb:5b:85:6e:48:8d:4f:dd:65:4c:fc:67:
fe:ce:c2:00:01:2d:0c:da:f3:e7:1b:f5:23:2d:b4:c1:24:bb:
fe:8e:5a:56:c4:82:5d:7a:61:db:eb:1d:d1:df:9d:94:55:2a:
71:4d:fb:a5:8c:63:00:41:9a:4e:2b:27:a1:4c:b2:07:03:c8:
44:2a:67:54:e0:b3:e2:fc:d7:95:4d:61:43:c0:9a:99:69:21:
6f:73:23:5b:b8:e3:30:ae:a8:f9:07:eb:55:b4:f4:cc:ac:1a:
b8:26:4f:8f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC7owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQxMjIyMTcyNjU5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4NGJlMy02OTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtmAAhcJ6B3JWsRif0FOGSTSTCPb9LorDtMBGVmZLXmB18FRZh+qkXebXsYhq
mesxg+7hng8SVdUlSg9Z7tDobXLTZJea+7nhayw0T0xbbNoO2qqQGhfAarhZMIGx
xnuM+KEeyMk6AGCcXA5vqvGnMAVeXr3x7nNoFr3w0/x4Rhbqxh+pO2SAxbEmP+7u
i0m1AbtolmuyaoIzH9A8t1DAa+tCv1ZjN6LRFXv8dxCJYy04ku6wVpqMjf9ZJDw+
YSlFJKkXw2xMetGBkd3MoCgNNcZe832x7O55syt/gCLnbkfua4QKtlt3b+eXUc0k
5e5cvuXx6O0uLCDwyZccTVBsUwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFM/iDTIg
FWFRHhbs+8SBZadp6jXOMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRjMyMDU1MkVD
MDg5MTFFRjgwQ0I3NDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAOwIIDBAAOwJAwDQYJKoZIhvcNAQELBQADggEBALPjfm4r
B4lvp78iW/HKUsNcoN32n+uUbDTfneN5eHkOmjGyHtBtRJjAcnIlED4I+Ig3g1kO
Q64rlmLQL2aC5TOMGvRDRjPusXYm6z74rlrD+h7z8+QTDl4HZQ58lmA0RqW9JANu
WfMlsjhp6TPuB3V3IffuW/bxkGmnq4uBRRuuDfUeMqR5SmdtcZondLbgNyiB+/Ru
abtbhW5IjU/dZUz8Z/7OwgABLQza8+cb9SMttMEku/6OWlbEgl16YdvrHdHfnZRV
KnFN+6WMYwBBmk4rJ6FMsgcDyEQqZ1Tgs+L815VNYUPAmplpIW9zI1u44zCuqPkH
61W09MysGrgmT48=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:42 2025 by rpki-client