Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1ADDEF70D25C11EFB20F5434C4F9AE02.roa
File: 1ADDEF70D25C11EFB20F5434C4F9AE02.roa (raw, json)
Hash identifier: M33I3UHkx0rbVZmps4wBKO/5tL+8l3sEMyaPokLg608=
Subject key identifier: D7:DD:D9:82:97:78:07:DF:7E:C6:2B:6F:18:49:0F:EC:C9:CB:43:7D
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0C8C
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1ADDEF70D25C11EFB20F5434C4F9AE02.roa
Signing time: Mon 24 Feb 2025 12:38:01 +0000
ROA not before: Mon 24 Feb 2025 12:38:01 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 43260
IP address blocks: 14.192.134.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
111.92.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 09:39:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3212 (0xc8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Feb 24 12:38:01 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67bc6828-bb00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bc:84:7b:93:0b:5c:80:79:b8:7e:42:1a:42:
df:b6:4b:89:d9:9a:10:30:dc:e5:d9:3b:d3:e0:f7:
66:82:cc:06:c1:fe:3f:0e:0c:96:ce:bf:b0:53:68:
81:1a:ce:e5:75:a1:60:44:e3:57:d6:69:4e:08:66:
26:d4:63:18:5d:a9:24:a2:69:54:2b:d9:cc:82:44:
38:1b:f7:bf:a5:da:eb:b5:28:e4:6c:1a:78:1a:1c:
9b:fe:ef:ce:ed:76:e6:ca:c6:a1:10:e8:1d:7e:87:
4f:a0:8b:fa:89:b1:ee:fe:be:35:50:b6:74:03:9d:
aa:8d:fd:c5:73:19:7c:0a:6e:c1:2a:03:b4:c9:7e:
b2:25:42:5d:2c:94:a5:b0:7a:92:8e:e9:fb:89:f5:
e8:9a:3e:b6:b0:82:7c:a7:03:c6:22:99:b3:90:dc:
62:fc:64:e5:c7:c2:f2:12:b5:c0:9a:8b:30:0b:28:
8b:4b:67:a5:a5:8e:10:cd:4c:3c:b4:ac:27:37:31:
32:ea:46:17:a5:eb:2a:6e:2b:3a:02:36:f9:be:86:
91:74:4b:01:7e:4f:b4:38:25:6f:b5:53:57:e2:45:
5d:d5:f4:cf:09:ca:5e:b6:5d:d4:d1:1d:a4:f7:b2:
48:c7:b0:a9:e6:dc:51:1b:3c:ba:d4:9e:d4:a8:8a:
cc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:DD:D9:82:97:78:07:DF:7E:C6:2B:6F:18:49:0F:EC:C9:CB:43:7D
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/1ADDEF70D25C11EFB20F5434C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.134.0/24
14.192.142.0/24
111.92.138.0/24
Signature Algorithm: sha256WithRSAEncryption
24:af:70:84:cb:c5:5e:0d:30:e5:c7:79:d0:5c:e6:ac:02:05:
04:b8:3e:3d:26:3c:40:81:88:a5:13:98:9a:0f:52:bb:c0:ea:
95:9b:ce:e8:86:b6:97:79:42:14:db:99:ec:c1:09:ed:79:6f:
6e:fb:fc:b8:97:c5:ed:70:bc:fb:bc:4c:f3:9e:10:58:b5:ce:
a7:8e:10:a1:b3:a1:f2:e3:23:64:3f:c7:1b:08:36:7c:62:c5:
0b:78:1e:6d:39:23:43:bc:5c:3b:51:46:17:4f:fc:37:a7:f6:
05:3b:1f:16:c9:5e:0d:0b:a0:16:0f:85:ee:7e:cd:a8:d6:da:
59:d9:7c:e9:df:db:ca:0f:8b:7a:7e:da:a4:59:7b:97:fe:7e:
a6:d4:7d:dd:17:00:b8:b5:4d:d7:ac:03:35:91:09:97:b6:f6:
a5:c4:6e:aa:ff:dd:28:92:18:35:94:84:92:15:55:7d:e2:93:
85:41:3a:38:2f:a8:cd:f2:a2:86:a1:bc:2a:d5:c7:98:eb:c1:
40:8b:07:aa:d9:87:03:82:c0:ae:b0:e1:62:bd:fc:38:0e:84:
de:ad:bf:39:29:1e:da:63:5f:3f:cb:9f:5a:35:3c:0e:35:63:
b7:cd:74:b6:7d:63:7c:4d:70:31:40:c7:46:38:a0:5b:c7:51:
a8:f1:d4:27
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMjI0MTIzODAxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JjNjgyOC1iYjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAubyEe5MLXIB5uH5CGkLftkuJ2ZoQMNzl2TvT4PdmgswGwf4/DgyWzr+wU2iB
Gs7ldaFgRONX1mlOCGYm1GMYXakkomlUK9nMgkQ4G/e/pdrrtSjkbBp4Ghyb/u/O
7XbmysahEOgdfodPoIv6ibHu/r41ULZ0A52qjf3Fcxl8Cm7BKgO0yX6yJUJdLJSl
sHqSjun7ifXomj62sIJ8pwPGIpmzkNxi/GTlx8LyErXAmoswCyiLS2elpY4QzUw8
tKwnNzEy6kYXpesqbis6Ajb5voaRdEsBfk+0OCVvtVNX4kVd1fTPCcpetl3U0R2k
97JIx7Cp5txRGzy61J7UqIrM4QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNfd2YKX
eAfffsYrbxhJD+zJy0N9MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMUFEREVGNzBE
MjVDMTFFRkIyMEY1NDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAOwIYDBAAOwI4DBABvXIowDQYJKoZIhvcNAQELBQADggEB
ACSvcITLxV4NMOXHedBc5qwCBQS4Pj0mPECBiKUTmJoPUrvA6pWbzuiGtpd5QhTb
mezBCe15b277/LiXxe1wvPu8TPOeEFi1zqeOEKGzofLjI2Q/xxsINnxixQt4Hm05
I0O8XDtRRhdP/Den9gU7HxbJXg0LoBYPhe5+zajW2lnZfOnf28oPi3p+2qRZe5f+
fqbUfd0XALi1TdesAzWRCZe29qXEbqr/3SiSGDWUhJIVVX3ik4VBOjgvqM3yooah
vCrVx5jrwUCLB6rZhwOCwK6w4WK9/DgOhN6tvzkpHtpjXz/Ln1o1PA41Y7fNdLZ9
Y3xNcDFAx0Y4oFvHUajx1Cc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:10:35 2025 by rpki-client