Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/A899EE5EF41711EFA1BEBF5DC4F9AE02.roa
File: A899EE5EF41711EFA1BEBF5DC4F9AE02.roa (raw, json)
Hash identifier: d3JXjpj9NzLfIgQ+i/JrCCA3QrNGVwLdR6aV+INu40c=
Subject key identifier: 0B:75:3F:82:1E:CF:4E:BA:D2:20:F4:B0:A3:CF:9C:1C:EB:EC:4C:09
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0CA5
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/A899EE5EF41711EFA1BEBF5DC4F9AE02.roa
Signing time: Sat 01 Mar 2025 17:53:23 +0000
ROA not before: Sat 01 Mar 2025 17:53:23 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.131.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.133.0/24 maxlen: 24
111.92.134.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.137.0/24 maxlen: 24
111.92.138.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.144.0/24 maxlen: 24
111.92.145.0/24 maxlen: 24
111.92.146.0/24 maxlen: 24
111.92.147.0/24 maxlen: 24
111.92.148.0/24 maxlen: 24
111.92.149.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
111.92.151.0/24 maxlen: 24
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 05 Mar 2025 04:31:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3237 (0xca5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Mar 1 17:53:23 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67c34992-fe31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4e:4b:b7:d7:b1:4b:8e:60:de:ba:1c:18:71:
55:42:69:c6:29:63:b0:6b:18:79:7b:2c:45:be:72:
04:00:83:18:5d:e3:26:ff:5c:2f:8e:8e:15:b6:51:
b8:0a:25:2e:ee:48:20:6d:4a:3d:54:aa:4e:5f:97:
cb:06:46:bc:df:3e:94:12:64:68:bc:ce:34:62:7e:
71:ea:69:cc:a2:88:49:03:0c:e4:1b:56:7f:6f:2b:
e2:a6:e9:b2:d7:67:d2:19:c8:57:f2:d4:2b:54:a5:
5b:28:ea:1c:b7:7f:c9:72:45:e3:00:a0:3f:02:82:
03:f5:9a:f1:ad:64:49:6c:32:3e:03:8e:1c:53:08:
8c:54:c8:21:40:b6:f3:ad:68:f9:2c:2f:41:a1:aa:
38:10:15:25:ac:28:99:08:44:4e:44:b9:6f:4d:24:
d3:2e:34:00:54:0f:9e:22:11:c0:2f:2a:ec:51:29:
70:e3:3e:e8:5f:dd:08:e8:1b:17:f9:1f:43:4d:ca:
cc:92:31:f9:53:57:fb:6d:b9:79:39:68:a5:29:aa:
bf:6b:f0:d6:a3:77:ac:5a:3b:09:3d:53:ce:be:f2:
af:e5:cb:21:e5:e7:82:f5:ba:e3:a2:b7:cd:ec:4b:
98:7b:9a:01:1c:8f:56:43:f8:53:e5:da:70:d0:ed:
e8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:75:3F:82:1E:CF:4E:BA:D2:20:F4:B0:A3:CF:9C:1C:EB:EC:4C:09
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/A899EE5EF41711EFA1BEBF5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0-14.192.133.255
14.192.136.0/24
14.192.139.0/24
14.192.143.0/24
14.192.145.0-14.192.151.255
14.192.155.0-14.192.159.255
43.247.120.0/22
103.20.132.0/22
111.92.131.0-111.92.134.255
111.92.136.0/22
111.92.141.0-111.92.151.255
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
39:68:6b:8f:22:7c:61:16:a3:41:6e:3d:6a:eb:28:8c:78:11:
14:41:f3:91:f0:c8:06:42:e6:31:29:61:53:29:b6:53:cb:86:
03:c0:2d:6c:43:22:f1:87:5e:a5:35:5a:47:80:3f:09:91:50:
e1:bb:1b:99:dd:bb:57:7c:9b:01:49:a7:80:7a:fc:96:27:a5:
27:e5:86:c5:8e:a4:02:a0:fa:09:6e:f0:a5:1f:10:c6:e3:2c:
c4:dd:d2:4c:88:68:8b:bf:ba:2f:f7:52:a8:94:52:21:ce:fc:
83:da:ef:89:ac:e7:a3:83:6f:db:4c:e8:59:1f:57:9a:d2:6a:
2f:ba:e1:c9:da:d2:59:6b:0f:52:06:2d:5e:7d:fa:90:f9:6e:
a4:b9:51:6f:ec:e1:45:50:8c:08:e1:90:4c:ab:df:25:e3:d3:
ee:2e:b2:90:16:ee:1c:96:55:77:5c:9f:64:29:e1:2b:6a:fd:
5a:47:b4:98:3d:f2:e6:a9:bb:a7:9c:d5:39:d3:ea:f8:aa:64:
96:0f:6c:5c:59:4f:ce:78:68:98:6f:5f:22:81:28:47:18:4f:
5e:6e:d6:7b:21:9f:fe:9b:c6:30:88:90:cb:c4:e5:a9:c3:9f:
40:42:84:8f:9d:84:53:49:01:59:79:4f:31:54:94:1e:e9:97:
58:37:d3:8f
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMzAxMTc1MzIzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MzNDk5Mi1mZTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtE5Lt9exS45g3rocGHFVQmnGKWOwaxh5eyxFvnIEAIMYXeMm/1wvjo4VtlG4
CiUu7kggbUo9VKpOX5fLBka83z6UEmRovM40Yn5x6mnMoohJAwzkG1Z/byvipumy
12fSGchX8tQrVKVbKOoct3/JckXjAKA/AoID9ZrxrWRJbDI+A44cUwiMVMghQLbz
rWj5LC9Boao4EBUlrCiZCERORLlvTSTTLjQAVA+eIhHALyrsUSlw4z7oX90I6BsX
+R9DTcrMkjH5U1f7bbl5OWilKaq/a/DWo3esWjsJPVPOvvKv5csh5eeC9brjorfN
7EuYe5oBHI9WQ/hT5dpw0O3oIQIDAQABo4IDETCCAw0wHQYDVR0OBBYEFAt1P4Ie
z0660iD0sKPPnBzr7EwJMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQTg5OUVFNUVG
NDE3MTFFRkExQkVCRjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZoGCCsGAQUFBwEHAQH/
BIGKMIGHMHYEAgABMHADBAEOwIAwDAMEAA7AgwMEAQ7AhAMEAA7AiAMEAA7AiwME
AA7AjzAMAwQADsCRAwQDDsCQMAwDBAAOwJsDBAUOwIADBAIr93gDBAJnFIQwDAME
AG9cgwMEAG9chgMEAm9ciDAMAwQAb1yNAwQDb1yQMA0EAgACMAcDBQAkA3mAMA0G
CSqGSIb3DQEBCwUAA4IBAQA5aGuPInxhFqNBbj1q6yiMeBEUQfOR8MgGQuYxKWFT
KbZTy4YDwC1sQyLxh16lNVpHgD8JkVDhuxuZ3btXfJsBSaeAevyWJ6Un5YbFjqQC
oPoJbvClHxDG4yzE3dJMiGiLv7ov91KolFIhzvyD2u+JrOejg2/bTOhZH1ea0mov
uuHJ2tJZaw9SBi1effqQ+W6kuVFv7OFFUIwI4ZBMq98l49PuLrKQFu4cllV3XJ9k
KeErav1aR7SYPfLmqbunnNU50+r4qmSWD2xcWU/OeGiYb18igShHGE9ebtZ7IZ/+
m8YwiJDLxOWpw59AQoSPnYRTSQFZeU8xVJQe6ZdYN9OP
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:11:19 2025 by rpki-client