Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3B1B96CCFA0011EF98922828C4F9AE02.roa
File: 3B1B96CCFA0011EF98922828C4F9AE02.roa (raw, json)
Hash identifier: oBANuYtDqHV99jIGBGTSRxqanU5YTW8BLh/s8PG70mM=
Subject key identifier: 94:91:FA:DB:0F:15:A8:CE:B4:7D:F9:8A:B2:C6:D0:FB:A3:2A:2C:DB
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0CCC
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3B1B96CCFA0011EF98922828C4F9AE02.roa
Signing time: Wed 05 Mar 2025 20:27:17 +0000
ROA not before: Wed 05 Mar 2025 20:27:17 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 55154
IP address blocks: 14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
111.92.128.0/24 maxlen: 24
111.92.140.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 17:39:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3276 (0xccc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Mar 5 20:27:17 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67c8b3a5-e9c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cb:74:e6:00:01:18:cf:9c:63:14:9d:c2:84:
88:80:2c:33:6d:1e:92:65:5c:df:0a:64:3a:5a:2e:
05:83:a9:f4:a8:2d:5d:32:a8:57:35:92:13:0b:a1:
f1:7a:a0:3e:5e:f0:35:3b:e9:de:b3:45:d4:00:35:
d6:7a:ef:c1:3f:11:94:72:ff:1b:d8:0f:8a:79:14:
8e:9f:48:83:6e:6f:bf:7b:a4:ce:13:7b:04:6d:59:
ce:58:52:5b:52:ff:57:37:3a:ef:d9:29:f2:71:de:
79:dd:e8:8e:8b:4c:14:0e:b2:1f:b8:18:f8:6e:15:
41:1a:2e:44:7a:e5:2b:49:73:7e:d7:fd:ff:fa:54:
3f:76:d8:72:b0:fc:df:3c:be:78:ce:40:e7:10:f0:
34:32:66:24:d7:6b:1e:d3:3d:8d:56:d7:c2:9e:f9:
bd:7d:5c:cd:80:fd:23:19:64:ba:f5:f4:59:97:6e:
07:a0:e3:44:21:e8:3a:2a:65:b0:39:5d:a5:a1:dd:
60:32:9c:13:42:1d:7a:0b:8b:64:a6:2b:b7:0e:c0:
10:d5:53:6b:a4:c4:30:09:9f:c0:f6:e0:2a:b7:7c:
56:a5:6b:ce:d5:bf:00:a3:d4:59:7e:5c:3f:e4:a6:
ad:bd:41:65:9b:87:55:62:17:cc:2f:2a:5e:8a:f0:
3e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:91:FA:DB:0F:15:A8:CE:B4:7D:F9:8A:B2:C6:D0:FB:A3:2A:2C:DB
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3B1B96CCFA0011EF98922828C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.152.0/23
111.92.128.0/24
111.92.140.0/24
111.92.150.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:7d:77:5e:c7:60:d9:7a:9d:7c:c5:e9:de:81:b6:48:cd:de:
df:6a:1f:ad:f3:25:aa:2c:20:a9:cb:33:84:de:91:da:ee:b4:
46:9c:0e:e0:5e:6b:1d:a2:2d:20:72:3a:d3:94:17:38:40:49:
70:65:79:72:48:2b:de:71:4c:bc:f2:63:52:b1:d9:30:8e:94:
2c:b7:18:10:20:f4:c5:05:c4:73:dd:3a:c0:4e:25:10:ba:77:
4e:de:55:d7:9e:50:82:92:d7:2b:76:ab:49:4c:97:3f:9d:67:
6b:27:0a:9f:c7:87:cd:fc:f0:b5:e3:a4:c2:2e:7f:cb:77:f4:
ec:03:5e:a3:e0:d0:c1:d0:f4:33:13:8a:04:09:4d:e7:90:47:
8a:45:01:f7:dd:a4:85:9f:93:d4:fb:32:f6:d2:de:4a:8d:20:
34:c3:ec:f2:48:50:62:76:1b:a8:ea:8c:20:aa:fd:98:31:64:
0c:91:7d:00:86:d0:9d:71:0b:98:9d:3f:5a:16:f8:b2:d5:23:
36:31:14:38:dd:b3:db:75:b6:98:d3:43:e5:43:14:03:ce:da:
38:bc:f1:e9:97:d6:80:2e:64:39:54:d3:ef:f4:dc:f6:13:43:
ab:cc:ca:53:43:4d:e5:06:bc:76:bb:3e:41:b2:3c:be:b6:9d:
22:db:7a:53
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMzA1MjAyNzE3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M4YjNhNS1lOWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp8t05gABGM+cYxSdwoSIgCwzbR6SZVzfCmQ6Wi4Fg6n0qC1dMqhXNZITC6Hx
eqA+XvA1O+nes0XUADXWeu/BPxGUcv8b2A+KeRSOn0iDbm+/e6TOE3sEbVnOWFJb
Uv9XNzrv2Snycd553eiOi0wUDrIfuBj4bhVBGi5EeuUrSXN+1/3/+lQ/dthysPzf
PL54zkDnEPA0MmYk12se0z2NVtfCnvm9fVzNgP0jGWS69fRZl24HoONEIeg6KmWw
OV2lod1gMpwTQh16C4tkpiu3DsAQ1VNrpMQwCZ/A9uAqt3xWpWvO1b8Ao9RZflw/
5KatvUFlm4dVYhfMLypeivA+OwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFJSR+tsP
FajOtH35irLG0PujKizbMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvM0IxQjk2Q0NG
QTAwMTFFRjk4OTIyODI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAEOwJgDBABvXIADBABvXIwDBABvXJYwDQYJKoZIhvcNAQEL
BQADggEBAH19d17HYNl6nXzF6d6BtkjN3t9qH63zJaosIKnLM4TekdrutEacDuBe
ax2iLSByOtOUFzhASXBleXJIK95xTLzyY1Kx2TCOlCy3GBAg9MUFxHPdOsBOJRC6
d07eVdeeUIKS1yt2q0lMlz+dZ2snCp/Hh8388LXjpMIuf8t39OwDXqPg0MHQ9DMT
igQJTeeQR4pFAffdpIWfk9T7MvbS3kqNIDTD7PJIUGJ2G6jqjCCq/ZgxZAyRfQCG
0J1xC5idP1oW+LLVIzYxFDjds9t1tpjTQ+VDFAPO2ji88emX1oAuZDlU0+/03PYT
Q6vMylNDTeUGvHa7PkGyPL62nSLbelM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:16:35 2025 by rpki-client