Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/CB7265EA9A2611EBA0D24E4AC4F9AE02.roa
File: CB7265EA9A2611EBA0D24E4AC4F9AE02.roa (raw, json)
Hash identifier: v+8jxQo82K3QCMxK0rtPynb0FPvOLNAofuOPi3g4KHA=
Subject key identifier: 96:79:EC:51:93:62:94:97:19:E5:01:02:6F:73:29:A5:C9:77:AF:12
Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Certificate serial: 052A
Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/CB7265EA9A2611EBA0D24E4AC4F9AE02.roa
Signing time: Thu 07 Sep 2023 00:11:29 +0000
ROA not before: Thu 07 Sep 2023 00:11:29 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 134540
IP address blocks: 14.96.64.0/20 maxlen: 24
14.96.80.0/20 maxlen: 24
14.96.96.0/20 maxlen: 20
14.96.112.0/20 maxlen: 24
2406:e00::/48 maxlen: 51
2406:e00:1::/48 maxlen: 51
2406:e00:2::/48 maxlen: 51
2406:e00:3::/48 maxlen: 51
2406:e00:4::/48 maxlen: 51
2406:e00:5::/48 maxlen: 51
Validation: Failed, certificate revoked on Mon 15 Jul 2024 17:03:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1322 (0x52a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Validity
Not Before: Sep 7 00:11:29 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64f91530-0d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:37:58:9e:56:81:85:14:38:e0:4a:3e:93:c1:
bf:ed:fa:44:89:66:27:cf:a3:4a:77:87:bf:61:10:
db:cc:5c:54:97:81:3e:64:49:e3:9f:24:f9:51:68:
e9:82:ac:bd:d1:56:95:1c:30:5e:12:2d:2d:32:5e:
2f:7a:05:84:12:c2:f9:d6:0b:f3:a4:c3:4b:f6:7c:
12:37:d7:95:41:4d:26:c5:b5:2a:c0:f2:94:3c:52:
54:c4:bd:dd:b3:6b:f9:27:96:55:aa:89:4b:d9:07:
b0:88:2d:69:4e:68:a2:75:2d:9e:fc:24:e0:d7:48:
98:db:61:20:74:aa:6c:5c:83:39:08:a8:ca:6b:23:
7b:d2:28:b0:9f:ba:eb:11:94:d4:95:3d:91:9b:bf:
93:7c:7c:68:25:2e:0e:9b:bb:b9:7a:89:22:c3:ea:
3e:2b:e1:cc:29:de:ea:1d:24:21:c6:88:bb:a4:28:
06:a0:1e:cd:39:01:13:56:c1:be:7d:92:49:b4:b2:
e0:d2:53:c1:96:e6:e3:1e:44:4b:1a:7e:63:f8:b0:
e7:77:b1:90:7d:20:7f:e5:a3:e2:46:7d:a7:0d:74:
33:c0:bd:30:2a:e4:41:ad:bf:17:b4:4a:e1:fe:ea:
a6:3a:a9:73:12:44:96:59:9a:fc:ee:2c:a8:0f:d5:
64:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:79:EC:51:93:62:94:97:19:E5:01:02:6F:73:29:A5:C9:77:AF:12
X509v3 Authority Key Identifier:
keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/CB7265EA9A2611EBA0D24E4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.96.64.0/18
IPv6:
2406:e00::-2406:e00:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
31:db:0a:b9:bc:70:ea:dd:7e:92:73:6c:a9:85:17:84:8b:6c:
2f:c5:78:05:5e:97:ed:73:5a:d6:31:0e:9c:fa:62:0c:ce:b1:
19:54:4e:30:ce:1b:cc:1b:25:a7:c4:45:1d:ee:6a:3d:ee:dc:
c5:84:1a:5a:df:a2:12:7d:db:41:7e:f1:f4:54:5f:eb:d5:80:
cc:b6:43:24:71:a6:77:67:15:92:cd:12:3e:b2:dd:56:4e:af:
39:49:ac:40:00:de:5e:80:8c:1d:d0:bf:04:0a:ab:1b:a1:80:
bd:3b:88:53:e9:ab:42:11:c2:3d:51:5c:a1:95:ac:fe:45:3a:
a5:43:d1:ad:a0:2e:27:7a:fa:9b:42:8f:86:6e:48:57:7c:ef:
2a:20:3e:3e:0c:40:23:cc:70:49:63:70:9a:85:49:ac:c8:30:
60:a7:d0:22:98:50:80:cc:00:5f:d9:d7:ac:b2:aa:57:be:96:
27:2e:4f:a4:82:dc:2d:71:bf:00:d3:3c:2f:1f:ce:04:54:49:
bc:97:8b:17:a4:9d:dc:64:22:d7:41:85:38:4c:7a:ff:a8:43:
be:11:1c:ee:c3:16:eb:51:a3:68:ef:00:d2:95:18:38:05:bc:
48:1d:ae:6e:60:af:37:fe:0f:62:95:53:34:62:24:0e:ba:9a:
91:68:6d:12
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICBSowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw
OTQ5NERCQzgwHhcNMjMwOTA3MDAxMTI5WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY5MTUzMC0wZDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnzdYnlaBhRQ44Eo+k8G/7fpEiWYnz6NKd4e/YRDbzFxUl4E+ZEnjnyT5UWjp
gqy90VaVHDBeEi0tMl4vegWEEsL51gvzpMNL9nwSN9eVQU0mxbUqwPKUPFJUxL3d
s2v5J5ZVqolL2QewiC1pTmiidS2e/CTg10iY22EgdKpsXIM5CKjKayN70iiwn7rr
EZTUlT2Rm7+TfHxoJS4Om7u5eokiw+o+K+HMKd7qHSQhxoi7pCgGoB7NOQETVsG+
fZJJtLLg0lPBlubjHkRLGn5j+LDnd7GQfSB/5aPiRn2nDXQzwL0wKuRBrb8XtErh
/uqmOqlzEkSWWZr87iyoD9VkGQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFJZ57FGT
YpSXGeUBAm9zKaXJd68SMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4
MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvQ0I3MjY1RUE5
QTI2MTFFQkEwRDI0RTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMAwEAgABMAYDBAYOYEAwFwQCAAIwETAPAwQBJAYOAwcBJAYOAAAEMA0GCSqG
SIb3DQEBCwUAA4IBAQAx2wq5vHDq3X6Sc2yphReEi2wvxXgFXpftc1rWMQ6c+mIM
zrEZVE4wzhvMGyWnxEUd7mo97tzFhBpa36ISfdtBfvH0VF/r1YDMtkMkcaZ3ZxWS
zRI+st1WTq85SaxAAN5egIwd0L8ECqsboYC9O4hT6atCEcI9UVyhlaz+RTqlQ9Gt
oC4nevqbQo+GbkhXfO8qID4+DEAjzHBJY3CahUmsyDBgp9AimFCAzABf2dessqpX
vpYnLk+kgtwtcb8A0zwvH84EVEm8l4sXpJ3cZCLXQYU4THr/qEO+ERzuwxbrUaNo
7wDSlRg4BbxIHa5uYK83/g9ilVM0YiQOupqRaG0S
-----END CERTIFICATE-----
Generated at Mon Jul 15 21:32:10 2024 by rpki-client on console-ams.rpki-client.org