Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3E1326083EAB11EF81DA322BC4F9AE02.roa
File: 3E1326083EAB11EF81DA322BC4F9AE02.roa (raw, json)
Hash identifier: vd08BLBVSReuOzFeONUCkaXLbgnIt3CAvKvf0sHwLIM=
Subject key identifier: CA:F2:14:7F:84:91:31:BB:9F:7E:95:E3:C0:9D:84:5F:D4:87:A9:46
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0A0C
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3E1326083EAB11EF81DA322BC4F9AE02.roa
Signing time: Wed 10 Jul 2024 10:57:48 +0000
ROA not before: Wed 10 Jul 2024 10:57:48 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 47585
IP address blocks: 14.192.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 19:11:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2572 (0xa0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Jul 10 10:57:48 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=668e692b-e70a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:45:50:69:85:53:c9:4e:07:54:e1:ef:2f:3a:
00:c5:8d:86:a4:d7:80:70:16:0c:f5:fb:01:40:36:
2a:ed:1a:1f:cd:e5:64:c4:b7:91:57:b0:d1:58:63:
36:9d:43:8d:23:1b:1a:b5:d0:26:e7:ca:8c:3f:39:
0f:2b:f9:e3:39:e6:4d:da:4a:c0:58:3f:ac:c6:ba:
2a:31:ca:29:92:f1:52:16:8e:ed:2d:dc:17:df:c8:
66:4f:a8:5a:de:ef:68:85:8b:80:96:7c:17:3d:c6:
e6:02:ed:a5:88:4b:e3:3e:05:72:39:3c:8d:bc:f4:
37:a7:6c:f4:ec:b9:fd:af:c7:ea:3e:b8:c6:d1:e2:
0f:7f:f8:3f:1a:c9:5d:fe:81:57:c4:2e:2a:1d:56:
83:fe:e6:65:a4:36:56:ff:26:1e:f8:62:e2:f6:d9:
f2:b6:a3:db:c3:22:d5:31:de:0e:fe:37:9b:10:d5:
db:91:a9:2b:88:1f:12:d3:7f:1d:7f:da:76:ca:de:
cb:41:30:88:99:88:86:6b:e7:32:9a:3a:83:8a:c0:
72:24:87:19:f7:7c:b4:03:c8:b6:1b:86:6f:0d:28:
60:3e:c0:78:ef:0f:d4:fb:22:42:ee:a3:7c:0c:d0:
d5:64:ca:b4:80:4f:d5:33:d7:16:7a:be:56:3f:2f:
48:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F2:14:7F:84:91:31:BB:9F:7E:95:E3:C0:9D:84:5F:D4:87:A9:46
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/3E1326083EAB11EF81DA322BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.136.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:40:ab:f1:4c:93:fe:b3:bc:b9:d2:29:4f:fa:3c:84:c4:17:
eb:da:f7:ef:1b:65:54:f7:f8:89:78:c5:d6:54:fe:1c:04:d6:
c7:ed:60:b9:c7:3a:25:42:5a:e3:5a:c0:56:27:5e:68:48:ca:
4d:cf:58:97:ef:59:59:91:85:5a:90:a6:48:1e:df:e8:90:6f:
2f:1e:e9:09:4b:02:7d:47:38:d8:fa:5c:07:d1:cb:0c:11:67:
f3:d4:65:05:be:f3:b5:fd:c9:1b:b8:46:db:0c:b3:d1:dd:a2:
8e:dd:84:68:a1:0f:1a:e7:78:46:55:5a:a5:dc:70:58:98:87:
5e:0b:38:02:db:cc:3b:aa:0c:c3:c8:8f:f7:f0:e3:c6:6e:5b:
bb:db:8b:c9:3c:5d:c5:b0:92:04:77:1d:ed:7e:86:5d:db:ba:
0c:81:01:88:de:8c:16:f9:a7:28:52:5b:8b:28:e5:51:97:65:
2e:89:da:b7:2a:23:43:f5:12:ff:71:e1:f3:18:ea:40:e3:93:
cb:30:88:2a:14:87:20:27:0a:cb:c6:15:d0:bf:3f:a3:b2:a0:
c2:25:ec:0e:50:f8:34:5b:17:85:42:f5:4b:49:f3:ff:22:10:
8a:b5:65:ca:9b:2d:42:b6:e1:f3:2b:0a:0f:99:c0:e5:9d:8f:
40:b6:f2:e1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwNzEwMTA1NzQ4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhlNjkyYi1lNzBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtUVQaYVTyU4HVOHvLzoAxY2GpNeAcBYM9fsBQDYq7RofzeVkxLeRV7DRWGM2
nUONIxsatdAm58qMPzkPK/njOeZN2krAWD+sxroqMcopkvFSFo7tLdwX38hmT6ha
3u9ohYuAlnwXPcbmAu2liEvjPgVyOTyNvPQ3p2z07Ln9r8fqPrjG0eIPf/g/Gsld
/oFXxC4qHVaD/uZlpDZW/yYe+GLi9tnytqPbwyLVMd4O/jebENXbkakriB8S038d
f9p2yt7LQTCImYiGa+cymjqDisByJIcZ93y0A8i2G4ZvDShgPsB47w/U+yJC7qN8
DNDVZMq0gE/VM9cWer5WPy9IowIDAQABo4IClTCCApEwHQYDVR0OBBYEFMryFH+E
kTG7n36V48CdhF/Uh6lGMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvM0UxMzI2MDgz
RUFCMTFFRjgxREEzMjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAOwIgwDQYJKoZIhvcNAQELBQADggEBAI1Aq/FMk/6zvLnS
KU/6PITEF+va9+8bZVT3+Il4xdZU/hwE1sftYLnHOiVCWuNawFYnXmhIyk3PWJfv
WVmRhVqQpkge3+iQby8e6QlLAn1HONj6XAfRywwRZ/PUZQW+87X9yRu4RtsMs9Hd
oo7dhGihDxrneEZVWqXccFiYh14LOALbzDuqDMPIj/fw48ZuW7vbi8k8XcWwkgR3
He1+hl3bugyBAYjejBb5pyhSW4so5VGXZS6J2rcqI0P1Ev9x4fMY6kDjk8swiCoU
hyAnCsvGFdC/P6OyoMIl7A5Q+DRbF4VC9UtJ8/8iEIq1ZcqbLUK24fMrCg+ZwOWd
j0C28uE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:08:48 2025 by rpki-client