Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/FEAFBB444C2D11EF886B5E71C4F9AE02.roa
File: FEAFBB444C2D11EF886B5E71C4F9AE02.roa (raw, json)
Hash identifier: gDwTl4EbSRW9Hw/am+dFfN0aSHiz44sTLSbegiIaVFo=
Subject key identifier: C5:09:8D:9C:DD:F2:29:B3:2D:8A:09:98:B3:45:D4:A7:DF:2C:CF:25
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0A42
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/FEAFBB444C2D11EF886B5E71C4F9AE02.roa
Signing time: Sat 27 Jul 2024 15:36:30 +0000
ROA not before: Sat 27 Jul 2024 15:36:30 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/19 maxlen: 19
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 30 Jul 2024 08:12:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2626 (0xa42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jul 27 15:36:30 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a513fe-0ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ae:c0:9b:84:05:9e:80:e1:0f:68:d7:e5:7b:
af:ec:c2:f8:54:fe:d2:a1:f5:4a:3b:17:eb:c0:66:
81:af:b1:ca:1c:15:f1:0c:4b:e8:25:a4:4b:66:39:
ea:2e:86:7d:4d:7e:15:8a:90:75:a9:e2:30:bd:47:
dd:e8:f5:ad:a1:ea:91:b2:34:0d:ea:75:8a:2e:d9:
ac:cc:67:bb:be:99:33:02:f5:da:4e:fa:fb:5d:09:
cc:04:4f:7d:8a:cf:d7:69:c0:31:d1:3d:c2:a7:d8:
7b:a4:8e:00:92:9d:e5:9a:a0:60:71:20:5f:64:d0:
49:92:1b:4d:a6:92:01:0d:f1:56:c3:c9:95:d4:83:
bb:15:21:7d:cc:2d:d5:a0:a6:12:49:22:69:bf:99:
27:08:5f:68:85:da:14:40:4e:c4:31:d0:ed:f6:de:
0b:9d:9f:37:ab:02:c9:e9:20:47:91:fd:00:7a:f3:
f5:3f:1e:66:e9:84:7c:9b:63:42:83:03:f6:cc:df:
d3:82:63:eb:97:d7:f3:cf:d2:69:a7:0c:3d:d2:ff:
99:39:1f:58:c1:59:5d:40:b0:c2:05:b3:5d:b9:d0:
27:74:de:2d:32:9e:3a:62:f3:8c:ab:1d:0b:a6:49:
81:15:13:34:85:db:00:7c:bd:bd:c6:cc:cd:25:12:
b9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:09:8D:9C:DD:F2:29:B3:2D:8A:09:98:B3:45:D4:A7:DF:2C:CF:25
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/FEAFBB444C2D11EF886B5E71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0-14.192.130.255
14.192.132.0-14.192.155.255
14.192.159.0/24
43.247.120.0/22
103.20.132.0/22
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
9c:21:4e:27:0b:15:e2:7d:0a:dd:cd:db:c3:38:72:46:d3:d4:
dc:71:6a:c8:b7:de:06:a8:e1:6b:65:17:85:43:39:48:0b:8c:
c9:8a:79:5e:9c:6f:f7:7b:79:45:f6:87:ed:37:8f:3b:c3:47:
34:24:e7:95:ec:2a:04:23:d0:9f:af:2d:3d:84:7f:33:81:4c:
e8:bc:72:2b:04:ad:82:c4:2e:a6:9c:24:55:63:43:53:df:9e:
52:77:64:d5:68:92:a4:a1:a2:e3:f1:2e:73:17:e0:81:3d:16:
5d:2e:9c:fa:24:34:c9:93:41:16:77:0f:c6:56:57:4a:aa:f0:
36:a6:b5:4c:eb:3a:16:3e:8c:1e:e2:d4:67:88:96:10:ac:0c:
4c:0b:c2:b0:52:66:0a:ef:bf:42:9b:b2:48:83:a6:0f:39:92:
87:68:7f:6a:20:d5:f3:f6:ff:c0:29:f8:e3:57:48:a2:7c:0c:
d6:ea:67:0f:f7:d6:fc:93:1d:fe:e0:da:74:75:20:29:35:86:
36:2c:8e:20:a6:be:bd:48:ad:bd:45:43:70:0e:8e:00:c7:01:
ba:3a:16:fa:b8:31:8b:24:29:f1:c9:bd:99:c7:56:6b:69:74:
4b:e0:69:2d:55:da:5d:15:97:c8:bf:f3:b8:22:e3:28:54:e6:
80:84:6c:e0
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgICCkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwNzI3MTUzNjMwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE1MTNmZS0wYWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0q7Am4QFnoDhD2jX5Xuv7ML4VP7SofVKOxfrwGaBr7HKHBXxDEvoJaRLZjnq
LoZ9TX4VipB1qeIwvUfd6PWtoeqRsjQN6nWKLtmszGe7vpkzAvXaTvr7XQnMBE99
is/XacAx0T3Cp9h7pI4Akp3lmqBgcSBfZNBJkhtNppIBDfFWw8mV1IO7FSF9zC3V
oKYSSSJpv5knCF9ohdoUQE7EMdDt9t4LnZ83qwLJ6SBHkf0AevP1Px5m6YR8m2NC
gwP2zN/TgmPrl9fzz9Jppww90v+ZOR9YwVldQLDCBbNdudAndN4tMp46YvOMqx0L
pkmBFRM0hdsAfL29xszNJRK5/QIDAQABo4IC0jCCAs4wHQYDVR0OBBYEFMUJjZzd
8imzLYoJmLNF1KffLM8lMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRkVBRkJCNDQ0
QzJEMTFFRjg4NkI1RTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXAYIKwYBBQUHAQcBAf8E
TTBLMDoEAgABMDQwDAMEBw7AgAMEAA7AgjAMAwQCDsCEAwQCDsCYAwQADsCfAwQC
K/d4AwQCZxSEAwQFb1yAMA0EAgACMAcDBQAkA3mAMA0GCSqGSIb3DQEBCwUAA4IB
AQCcIU4nCxXifQrdzdvDOHJG09TccWrIt94GqOFrZReFQzlIC4zJinlenG/3e3lF
9oftN487w0c0JOeV7CoEI9Cfry09hH8zgUzovHIrBK2CxC6mnCRVY0NT355Sd2TV
aJKkoaLj8S5zF+CBPRZdLpz6JDTJk0EWdw/GVldKqvA2prVM6zoWPowe4tRniJYQ
rAxMC8KwUmYK779Cm7JIg6YPOZKHaH9qINXz9v/AKfjjV0iifAzW6mcP99b8kx3+
4Np0dSApNYY2LI4gpr69SK29RUNwDo4AxwG6Ohb6uDGLJCnxyb2Zx1ZraXRL4Gkt
VdpdFZfIv/O4IuMoVOaAhGzg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:28 2025 by rpki-client