Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/84104062EF7411EF835A954EC4F9AE02.roa
File: 84104062EF7411EF835A954EC4F9AE02.roa (raw, json)
Hash identifier: dTAUGzyleLDpZKjSGv7Op5yVPAVSQrl5+qLLexxc3/s=
Subject key identifier: 09:37:C8:B0:F1:FE:54:59:AB:4E:55:FA:2C:60:9E:E3:36:E9:32:DB
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0C84
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/84104062EF7411EF835A954EC4F9AE02.roa
Signing time: Thu 20 Feb 2025 10:21:59 +0000
ROA not before: Thu 20 Feb 2025 10:21:58 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 26 Feb 2025 07:59:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3204 (0xc84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Feb 20 10:21:58 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67b70246-d9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c6:08:dc:39:f7:d7:59:9f:95:05:a0:48:e2:
5c:85:b2:fb:c4:8e:32:a2:77:fe:47:d1:4b:61:be:
dc:d7:66:0e:98:73:da:bf:88:a3:4a:b9:14:cc:dc:
83:04:aa:b5:a7:26:b2:0b:87:4f:73:78:7c:5f:aa:
6e:a8:32:f1:91:c5:10:1a:45:7c:da:46:57:85:26:
4f:3e:36:8a:e8:f2:26:6b:7e:d0:25:f0:e1:c1:a1:
7b:5c:61:c2:54:b3:80:0f:6e:08:a4:71:83:81:1e:
d9:0c:5d:ec:aa:b8:91:0c:57:82:a2:45:c4:58:92:
cb:99:d2:f5:d6:f3:c6:a6:d3:e3:c7:6a:dc:85:9a:
ff:22:22:fd:68:3f:ec:b7:4b:b8:48:da:78:bf:1a:
21:55:88:92:c9:97:07:32:f4:fd:c6:73:db:92:18:
7b:8b:0b:8a:14:73:23:4e:4c:54:4a:57:77:6c:6d:
f3:11:44:4c:5c:47:a1:32:40:c8:60:9c:59:e7:c4:
87:00:14:4b:ee:c6:0c:12:71:6b:f9:3b:a0:1e:9f:
d4:53:21:ed:df:14:ee:0a:81:b2:92:f7:af:21:1a:
3f:a8:67:a9:a4:84:34:fe:5e:bc:b6:97:ab:54:ae:
0a:0a:0c:6a:f7:d7:8d:04:3b:62:9b:91:30:04:27:
b4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:37:C8:B0:F1:FE:54:59:AB:4E:55:FA:2C:60:9E:E3:36:E9:32:DB
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/84104062EF7411EF835A954EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0-14.192.133.255
14.192.136.0/24
14.192.143.0-14.192.151.255
14.192.155.0-14.192.159.255
43.247.120.0/22
103.20.132.0/22
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
60:a8:5a:92:48:a4:c6:37:6a:9f:db:b1:bb:5a:8c:63:25:45:
60:fc:16:8e:d6:98:a5:44:60:9b:8e:ef:f9:bd:7d:82:d7:1e:
38:77:da:a7:0f:9d:79:21:84:5c:33:c1:d1:f4:d3:e5:99:f5:
dd:1d:c6:fa:34:bc:cf:96:fa:a5:af:ae:86:1d:43:5d:56:6d:
c5:9f:43:18:7f:04:dd:07:48:f5:cf:76:8c:3f:66:00:6e:7b:
03:8a:86:75:39:35:ff:f9:02:a4:4a:15:65:00:e6:33:97:57:
6d:7f:dc:f7:cc:0f:53:96:2e:5d:6b:d9:be:2c:40:43:2e:53:
62:56:1d:ce:70:fe:0f:d6:92:20:73:f0:34:37:79:2a:36:3b:
2f:a0:fb:23:72:96:88:8c:66:61:b4:e3:0c:a4:76:9d:9e:54:
31:2b:8f:4d:cd:d4:5c:41:0e:19:15:b4:f2:c5:34:a4:17:07:
d2:4a:d7:49:7c:b0:4d:bc:36:b1:7b:87:c8:c4:f2:eb:df:62:
13:99:73:fe:db:78:66:e4:fa:ca:05:2c:0a:37:81:f8:12:cb:
2d:a7:64:f2:0a:b5:38:03:b4:e8:18:44:a0:6e:01:97:21:58:
0d:65:9a:6d:9b:fa:e2:0f:a3:9a:2e:d7:f9:26:dc:52:34:38:
49:96:ef:1e
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICDIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMjIwMTAyMTU4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3MDI0Ni1kOWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA38YI3Dn311mflQWgSOJchbL7xI4yonf+R9FLYb7c12YOmHPav4ijSrkUzNyD
BKq1pyayC4dPc3h8X6puqDLxkcUQGkV82kZXhSZPPjaK6PIma37QJfDhwaF7XGHC
VLOAD24IpHGDgR7ZDF3sqriRDFeCokXEWJLLmdL11vPGptPjx2rchZr/IiL9aD/s
t0u4SNp4vxohVYiSyZcHMvT9xnPbkhh7iwuKFHMjTkxUSld3bG3zEURMXEehMkDI
YJxZ58SHABRL7sYMEnFr+TugHp/UUyHt3xTuCoGykvevIRo/qGeppIQ0/l68tper
VK4KCgxq99eNBDtim5EwBCe0SwIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFAk3yLDx
/lRZq05V+ixgnuM26TLbMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvODQxMDQwNjJF
Rjc0MTFFRjgzNUE5NTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMEgEAgABMEIDBAEOwIAwDAMEAA7AgwMEAQ7AhAMEAA7AiDAMAwQADsCPAwQD
DsCQMAwDBAAOwJsDBAUOwIADBAIr93gDBAJnFIQwDQQCAAIwBwMFACQDeYAwDQYJ
KoZIhvcNAQELBQADggEBAGCoWpJIpMY3ap/bsbtajGMlRWD8Fo7WmKVEYJuO7/m9
fYLXHjh32qcPnXkhhFwzwdH00+WZ9d0dxvo0vM+W+qWvroYdQ11WbcWfQxh/BN0H
SPXPdow/ZgBuewOKhnU5Nf/5AqRKFWUA5jOXV21/3PfMD1OWLl1r2b4sQEMuU2JW
Hc5w/g/WkiBz8DQ3eSo2Oy+g+yNyloiMZmG04wykdp2eVDErj03N1FxBDhkVtPLF
NKQXB9JK10l8sE28NrF7h8jE8uvfYhOZc/7beGbk+soFLAo3gfgSyy2nZPIKtTgD
tOgYRKBuAZchWA1lmm2b+uIPo5ou1/km3FI0OEmW7x4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:13:33 2025 by rpki-client