Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/EF2B0AA49C4411EFA8A3C05DC4F9AE02.roa
File: EF2B0AA49C4411EFA8A3C05DC4F9AE02.roa (raw, json)
Hash identifier: c2QbUqlDfS1F/HJdRpDcDcCqQJHQHB6bbnCpcfdnYoQ=
Subject key identifier: DA:29:53:8C:7B:15:4D:DA:52:31:41:7A:DE:6B:90:01:B5:B8:F4:F8
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0B94
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/EF2B0AA49C4411EFA8A3C05DC4F9AE02.roa
Signing time: Tue 26 Nov 2024 15:09:48 +0000
ROA not before: Tue 26 Nov 2024 15:09:48 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 55154
IP address blocks: 14.192.132.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 10:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2964 (0xb94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Nov 26 15:09:48 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6745e4bc-1016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:52:9d:78:42:35:08:99:63:d1:1b:9a:f5:6f:
ed:63:58:17:d1:16:33:39:be:a0:98:a9:b5:1c:bb:
a3:4c:07:e7:43:80:49:d2:c7:d8:5e:6e:26:d2:84:
fb:1a:15:04:a1:11:b3:a7:57:3e:c5:d7:09:d3:1c:
1d:6d:b1:c0:2a:65:7b:67:bf:ac:15:b5:9e:75:57:
fe:4b:27:56:59:32:0a:9d:7b:cc:c4:e9:ea:e2:fb:
22:53:dc:a5:b9:41:b8:23:d9:8a:44:8c:42:cc:ec:
0c:30:f9:47:d8:86:ba:d4:1d:22:19:35:bb:6b:5d:
20:25:f1:38:24:50:4c:66:ee:a6:bb:7a:7a:f8:82:
3d:2b:64:25:7a:11:86:af:08:b0:d2:5d:85:e0:80:
63:b4:dc:0d:11:e9:43:7a:ee:e7:49:63:38:6f:b2:
4c:6d:ce:e9:59:1b:ad:82:96:10:0e:14:51:ed:9a:
df:45:77:c7:99:e8:c5:e2:16:d5:85:60:43:25:22:
6b:64:a3:f7:15:e4:20:75:c5:1c:44:8b:c6:71:89:
da:68:97:0f:c7:36:5c:8c:a9:8c:2e:e9:40:52:10:
00:3c:b6:ad:7a:73:1f:9f:dd:3a:bc:e9:ec:af:65:
d0:5a:fb:16:ad:49:31:08:5b:28:ff:e3:73:22:29:
0a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:29:53:8C:7B:15:4D:DA:52:31:41:7A:DE:6B:90:01:B5:B8:F4:F8
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/EF2B0AA49C4411EFA8A3C05DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.132.0/24
14.192.134.0/24
14.192.153.0/24
103.20.132.0/24
103.20.134.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:40:72:3d:12:68:d0:18:a1:bc:00:be:58:f5:6f:57:09:47:
5e:bd:c6:1a:7d:91:b0:53:94:7b:47:35:a1:45:c9:4f:5b:c3:
3a:a9:d6:67:e1:83:ad:ff:df:13:b4:95:59:c2:b3:ae:e3:18:
75:d0:98:5c:5e:22:40:ac:a0:f0:a2:b9:52:40:b7:e0:22:3f:
46:58:c1:a1:39:c3:a8:97:6a:d3:65:50:e7:2a:55:f4:5a:71:
98:73:e1:49:c8:7a:be:ca:1c:0f:16:a6:c8:cd:53:db:99:dd:
2a:62:27:e1:31:e1:9c:ba:f2:2d:cc:28:6b:66:21:da:71:1f:
f1:22:2c:52:a5:14:1b:44:ba:dc:3d:6e:bf:79:70:ea:91:06:
63:e3:a5:bb:94:ef:e5:63:2a:4e:f5:8f:c1:0f:2f:89:df:78:
43:a6:ed:3a:47:8a:48:8a:5c:f8:40:25:d1:b1:a4:25:86:44:
9e:53:2e:3f:71:6a:9b:bf:4d:a2:9d:86:13:08:1c:e2:fa:41:
e2:b2:ab:de:37:8b:26:62:87:60:9c:62:67:b9:1c:5d:3f:c6:
a6:0a:76:ad:d6:d3:8b:28:77:a5:68:58:2b:41:e8:22:26:6e:
a7:41:ef:d1:24:a9:c5:1f:a4:c6:69:87:34:27:30:ca:44:8e:
05:08:3e:03
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICC5QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQxMTI2MTUwOTQ4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ1ZTRiYy0xMDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5VKdeEI1CJlj0Rua9W/tY1gX0RYzOb6gmKm1HLujTAfnQ4BJ0sfYXm4m0oT7
GhUEoRGzp1c+xdcJ0xwdbbHAKmV7Z7+sFbWedVf+SydWWTIKnXvMxOnq4vsiU9yl
uUG4I9mKRIxCzOwMMPlH2Ia61B0iGTW7a10gJfE4JFBMZu6mu3p6+II9K2QlehGG
rwiw0l2F4IBjtNwNEelDeu7nSWM4b7JMbc7pWRutgpYQDhRR7ZrfRXfHmejF4hbV
hWBDJSJrZKP3FeQgdcUcRIvGcYnaaJcPxzZcjKmMLulAUhAAPLatenMfn906vOns
r2XQWvsWrUkxCFso/+NzIikKtQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFNopU4x7
FU3aUjFBet5rkAG1uPT4MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRUYyQjBBQTQ5
QzQ0MTFFRkE4QTNDMDVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAAOwIQDBAAOwIYDBAAOwJkDBABnFIQDBAFnFIYwDQYJKoZI
hvcNAQELBQADggEBAGpAcj0SaNAYobwAvlj1b1cJR169xhp9kbBTlHtHNaFFyU9b
wzqp1mfhg63/3xO0lVnCs67jGHXQmFxeIkCsoPCiuVJAt+AiP0ZYwaE5w6iXatNl
UOcqVfRacZhz4UnIer7KHA8WpsjNU9uZ3SpiJ+Ex4Zy68i3MKGtmIdpxH/EiLFKl
FBtEutw9br95cOqRBmPjpbuU7+VjKk71j8EPL4nfeEOm7TpHikiKXPhAJdGxpCWG
RJ5TLj9xapu/TaKdhhMIHOL6QeKyq943iyZih2CcYme5HF0/xqYKdq3W04sod6Vo
WCtB6CImbqdB79EkqcUfpMZphzQnMMpEjgUIPgM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:05:55 2025 by rpki-client