Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F674BD2E384D11EF9EF66D59C4F9AE02.roa
File: F674BD2E384D11EF9EF66D59C4F9AE02.roa (raw, json)
Hash identifier: C96qr8jm/Ah5+LAJCygcRy+yRH3mNmg+BYKEtImYPSA=
Subject key identifier: 25:CC:52:A9:91:88:0A:CA:F2:EA:A9:26:4E:10:82:A3:8E:89:5B:13
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 09E2
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F674BD2E384D11EF9EF66D59C4F9AE02.roa
Signing time: Tue 02 Jul 2024 11:46:36 +0000
ROA not before: Tue 02 Jul 2024 11:46:36 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 40940
IP address blocks: 14.192.132.0/23 maxlen: 23
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Sep 2024 11:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2530 (0x9e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jul 2 11:46:36 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6683e89c-a8f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c3:48:d5:15:79:35:f2:ec:60:a4:97:ab:48:
11:ab:a1:91:f0:a3:3b:a8:e3:c6:0e:42:3c:53:6d:
12:ef:bf:ff:53:73:71:78:0e:3f:4d:f6:2d:68:18:
77:0e:ef:07:54:58:0e:12:b7:48:38:5a:ca:aa:41:
85:ca:72:0e:e2:18:42:1b:f6:6d:95:57:f7:5f:68:
39:68:45:1e:96:2a:59:59:e4:c5:0a:0f:62:6d:2d:
db:d9:a0:1e:ab:33:2d:40:bf:ca:d5:5b:a5:41:cf:
9a:e9:a2:82:dd:1e:f8:08:c1:e4:2d:59:bf:44:5f:
72:a3:83:36:29:74:67:02:8a:98:c8:0e:86:48:48:
f8:12:1e:6e:74:df:95:b5:f0:b4:09:e9:eb:f4:68:
0a:79:13:1a:83:2d:82:64:2c:9f:05:82:b8:05:60:
3e:f3:0a:86:ab:d6:81:cd:9d:aa:ad:11:ac:91:e2:
ad:c7:e2:3a:f0:8d:ec:dd:55:f0:5b:e8:a2:b6:90:
ff:04:7b:41:ef:a4:bf:8f:1d:f8:12:a9:31:68:54:
7c:35:fa:9f:e1:a7:20:58:48:78:d5:b7:9c:31:30:
39:c8:1a:d0:ad:37:d1:1f:37:6b:fc:23:a6:85:c2:
7b:f8:74:d1:4d:81:dd:28:76:da:3e:41:39:aa:50:
ed:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CC:52:A9:91:88:0A:CA:F2:EA:A9:26:4E:10:82:A3:8E:89:5B:13
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F674BD2E384D11EF9EF66D59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.132.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:62:22:bb:37:7a:d4:0f:f9:bc:92:da:e9:0d:27:5f:cb:fb:
bd:3b:c1:6c:ef:9d:ab:6f:74:0d:ea:b1:72:73:a9:a9:1b:8c:
2f:57:82:f8:33:40:0c:cd:3d:2e:ef:07:f5:f5:78:7c:f0:4a:
bd:6d:81:6a:b4:91:a2:89:60:97:53:b7:70:81:54:fe:19:ab:
48:db:4a:e0:f8:49:87:9f:f4:73:48:98:20:22:38:45:d6:c8:
f5:a3:a1:b2:82:25:f7:1f:40:16:6d:67:99:6b:7e:9e:a9:2c:
68:0c:c8:81:c4:d1:1e:39:ad:24:67:99:3e:68:7d:86:fd:d4:
67:7e:c8:0c:68:88:f1:94:bb:54:7f:21:23:87:eb:53:2c:d7:
9f:ae:7d:58:ca:95:db:14:bd:43:1a:c2:3b:56:67:b0:e8:7d:
d9:8d:7e:f5:39:e8:3f:21:4c:5d:fb:83:27:6c:eb:64:4b:2b:
6c:f5:e0:b7:00:81:72:bb:f8:cf:08:6e:a9:de:61:8c:ad:a0:
ea:ec:18:3f:66:fb:2a:ed:1e:d1:0f:9b:bf:f0:1c:7f:d9:03:
50:38:1c:ac:32:16:dd:3b:cd:f8:66:87:41:38:6d:0b:36:7b:
b8:9e:8e:bf:3b:90:d3:26:b0:22:fa:96:1e:f5:a3:a6:53:bf:
a0:3f:53:ec
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCeIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwNzAyMTE0NjM2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjgzZTg5Yy1hOGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz8NI1RV5NfLsYKSXq0gRq6GR8KM7qOPGDkI8U20S77//U3NxeA4/TfYtaBh3
Du8HVFgOErdIOFrKqkGFynIO4hhCG/ZtlVf3X2g5aEUelipZWeTFCg9ibS3b2aAe
qzMtQL/K1VulQc+a6aKC3R74CMHkLVm/RF9yo4M2KXRnAoqYyA6GSEj4Eh5udN+V
tfC0Cenr9GgKeRMagy2CZCyfBYK4BWA+8wqGq9aBzZ2qrRGskeKtx+I68I3s3VXw
W+iitpD/BHtB76S/jx34EqkxaFR8Nfqf4acgWEh41becMTA5yBrQrTfRHzdr/COm
hcJ7+HTRTYHdKHbaPkE5qlDtZQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCXMUqmR
iArK8uqpJk4QgqOOiVsTMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRjY3NEJEMkUz
ODREMTFFRjlFRjY2RDU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEOwIQwDQYJKoZIhvcNAQELBQADggEBAB9iIrs3etQP+byS
2ukNJ1/L+707wWzvnatvdA3qsXJzqakbjC9XgvgzQAzNPS7vB/X1eHzwSr1tgWq0
kaKJYJdTt3CBVP4Zq0jbSuD4SYef9HNImCAiOEXWyPWjobKCJfcfQBZtZ5lrfp6p
LGgMyIHE0R45rSRnmT5ofYb91Gd+yAxoiPGUu1R/ISOH61Ms15+ufVjKldsUvUMa
wjtWZ7DofdmNfvU56D8hTF37gyds62RLK2z14LcAgXK7+M8IbqneYYytoOrsGD9m
+yrtHtEPm7/wHH/ZA1A4HKwyFt07zfhmh0E4bQs2e7iejr87kNMmsCL6lh71o6ZT
v6A/U+w=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:42 2025 by rpki-client