Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F3AFC0CE993D11EF82800B84C4F9AE02.roa
File: F3AFC0CE993D11EF82800B84C4F9AE02.roa (raw, json)
Hash identifier: DWchHvbGpoVqrNoiCQ5fXSjlu/D4T9XWaFde3EPf6hk=
Subject key identifier: 1A:49:1E:26:17:C8:1C:2C:57:6D:95:AF:3F:7E:7B:45:E5:F0:61:9A
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0B80
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F3AFC0CE993D11EF82800B84C4F9AE02.roa
Signing time: Sun 17 Nov 2024 15:44:28 +0000
ROA not before: Sun 17 Nov 2024 15:44:28 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
111.92.128.0/19 maxlen: 19
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 21 Nov 2024 05:44:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2944 (0xb80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Nov 17 15:44:28 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=673a0f5b-4551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7f:34:6d:8e:97:b2:97:e1:9a:2f:2a:da:31:
77:6b:c6:97:2e:b5:5e:0e:2a:60:a9:da:01:97:89:
ad:19:bb:a3:ec:ce:24:0a:85:28:7c:9b:97:f1:d3:
9b:64:ac:13:2c:db:c0:a3:56:29:9e:2f:73:02:05:
31:b2:d6:66:e9:6a:e1:56:2a:73:b8:f0:65:9e:c5:
52:dd:9d:19:66:f6:89:32:ad:ca:89:e3:d1:e5:b8:
92:89:56:98:88:d5:29:95:77:b5:54:cf:11:d0:92:
46:7e:e2:13:c8:01:2b:3c:bb:22:67:b4:85:37:96:
06:0d:55:5e:cb:5b:1e:ce:3c:57:9a:14:be:9b:91:
46:81:f6:97:2e:17:10:5e:fc:71:10:0e:41:55:7f:
52:a6:b2:08:72:ae:64:cc:16:d2:5e:ca:e2:4d:f8:
32:f8:f1:7c:85:a6:86:11:b2:eb:e0:ee:58:53:11:
6a:11:26:cc:26:43:23:d9:e1:5a:d9:14:0e:cb:05:
2a:4c:98:f0:01:ca:a5:4a:58:d4:e4:84:11:4c:b4:
36:3b:44:6c:9b:d7:6f:aa:75:35:0b:71:b7:ef:5e:
4e:d6:e3:91:5b:73:b8:df:a2:0a:e5:fc:06:d0:66:
f9:44:4b:90:1b:8b:29:49:fd:c3:15:68:35:d3:43:
65:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:49:1E:26:17:C8:1C:2C:57:6D:95:AF:3F:7E:7B:45:E5:F0:61:9A
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F3AFC0CE993D11EF82800B84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0/24
14.192.133.0/24
14.192.136.0/24
14.192.143.0-14.192.144.255
14.192.147.0-14.192.150.255
14.192.153.0/24
14.192.155.0-14.192.159.255
43.247.120.0-43.247.122.255
103.20.132.0/24
103.20.134.0/24
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
24:6a:0f:71:f0:71:14:30:51:e6:09:cd:f9:9b:e8:25:48:87:
84:a7:72:4d:8c:7d:a9:4a:77:63:d7:74:c0:32:3e:f8:d6:ec:
c3:16:46:b0:cf:3f:b4:b7:9f:00:ca:3d:04:49:b3:a3:9e:37:
f6:e3:c6:d6:f7:88:94:6b:fd:05:aa:a8:ab:f2:f7:72:94:f2:
6f:b4:aa:7a:68:b5:d2:2f:08:7b:35:7e:20:b1:f0:50:45:d7:
b2:06:d8:de:5e:b2:5f:b4:1d:0c:86:3a:af:53:b3:10:3f:69:
1f:26:c2:e6:8c:21:37:b6:16:06:ac:fb:93:6e:9a:79:e4:54:
77:1f:43:3a:d9:9c:9f:ef:74:39:a4:35:a1:1c:fd:9c:54:38:
2d:8b:9b:1e:c3:98:83:2c:a3:02:60:9d:2a:80:b9:94:ee:8a:
5d:10:7c:64:da:f8:3d:b2:70:a1:84:f2:97:33:28:d1:24:23:
4c:a6:5d:57:aa:99:1c:b1:b6:d0:32:1f:2b:ad:46:58:bb:a3:
9d:84:65:8b:33:ac:d2:42:7e:bd:1b:5d:f0:02:69:c7:c7:69:
33:1c:5f:6b:db:e6:82:87:c3:1d:76:d7:4e:7d:12:f0:24:29:
fc:83:da:89:2f:d2:50:f3:bd:34:7e:64:1b:44:50:72:69:1f:
c7:3e:97:1a
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgICC4AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQxMTE3MTU0NDI4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNhMGY1Yi00NTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvn80bY6Xspfhmi8q2jF3a8aXLrVeDipgqdoBl4mtGbuj7M4kCoUofJuX8dOb
ZKwTLNvAo1Ypni9zAgUxstZm6WrhVipzuPBlnsVS3Z0ZZvaJMq3KiePR5biSiVaY
iNUplXe1VM8R0JJGfuITyAErPLsiZ7SFN5YGDVVey1sezjxXmhS+m5FGgfaXLhcQ
XvxxEA5BVX9SprIIcq5kzBbSXsriTfgy+PF8haaGEbLr4O5YUxFqESbMJkMj2eFa
2RQOywUqTJjwAcqlSljU5IQRTLQ2O0Rsm9dvqnU1C3G3715O1uORW3O436IK5fwG
0Gb5REuQG4spSf3DFWg100NluQIDAQABo4IDCDCCAwQwHQYDVR0OBBYEFBpJHiYX
yBwsV22Vrz9+e0Xl8GGaMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRjNBRkMwQ0U5
OTNEMTFFRjgyODAwQjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZEGCCsGAQUFBwEHAQH/
BIGBMH8wbgQCAAEwaAMEAQ7AgAMEAA7AgwMEAA7AhQMEAA7AiDAMAwQADsCPAwQA
DsCQMAwDBAAOwJMDBAAOwJYDBAAOwJkwDAMEAA7AmwMEBQ7AgDAMAwQDK/d4AwQA
K/d6AwQAZxSEAwQAZxSGAwQFb1yAMA0EAgACMAcDBQAkA3mAMA0GCSqGSIb3DQEB
CwUAA4IBAQAkag9x8HEUMFHmCc35m+glSIeEp3JNjH2pSndj13TAMj741uzDFkaw
zz+0t58Ayj0ESbOjnjf248bW94iUa/0Fqqir8vdylPJvtKp6aLXSLwh7NX4gsfBQ
RdeyBtjeXrJftB0MhjqvU7MQP2kfJsLmjCE3thYGrPuTbpp55FR3H0M62Zyf73Q5
pDWhHP2cVDgti5sew5iDLKMCYJ0qgLmU7opdEHxk2vg9snChhPKXMyjRJCNMpl1X
qpkcsbbQMh8rrUZYu6OdhGWLM6zSQn69G13wAmnHx2kzHF9r2+aCh8MddtdOfRLw
JCn8g9qJL9JQ8700fmQbRFByaR/HPpca
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:17 2025 by rpki-client