Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/623792B69DD411EF81BA4A6DC4F9AE02.roa
File: 623792B69DD411EF81BA4A6DC4F9AE02.roa (raw, json)
Hash identifier: tCvSK/D+VOqg5hDr68r5gJ3/yr6YP3+kjJXDlXu1vmk=
Subject key identifier: E8:31:74:AC:66:66:61:03:97:25:F3:5D:D6:38:2C:51:FB:00:ED:85
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0C81
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/623792B69DD411EF81BA4A6DC4F9AE02.roa
Signing time: Thu 20 Feb 2025 09:45:15 +0000
ROA not before: Thu 20 Feb 2025 09:45:15 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 205220
IP address blocks: 14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
111.92.131.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.133.0/24 maxlen: 24
111.92.134.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.137.0/24 maxlen: 24
111.92.138.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.145.0/24 maxlen: 24
111.92.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Feb 2025 11:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3201 (0xc81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Feb 20 09:45:15 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67b6f9ab-e7b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5f:3d:d8:db:2c:18:a6:6f:1e:a1:33:f3:f4:
a1:2a:f5:fb:22:e3:6a:1c:24:57:ad:95:c4:1e:44:
3a:e9:d3:08:b8:38:29:2a:0f:d4:86:bd:dd:ff:e2:
eb:fc:2c:6d:78:7f:c8:f8:5d:b6:4e:0c:cf:8c:81:
da:d0:6c:ef:12:7d:40:e3:51:32:ba:21:86:42:c9:
26:82:db:d4:43:c1:f5:3c:de:f9:51:cd:b2:d0:0b:
99:a0:a8:f6:5f:39:7d:d7:28:6c:00:56:d2:40:c3:
f8:14:89:a4:55:5e:88:40:3b:98:dc:f1:3d:a8:f8:
83:c3:41:41:99:c7:f5:d3:63:7a:1c:22:c5:9a:4a:
e3:fe:f5:2b:1a:a0:27:bd:01:66:9e:06:3f:c5:60:
8b:6a:60:d2:13:35:d5:37:3c:aa:23:2c:e4:8a:9f:
e0:48:fd:ad:cb:e7:9b:d5:58:e5:64:3c:60:f9:d4:
6f:be:3b:c7:24:d2:45:67:cc:14:4f:7c:db:45:34:
42:57:d0:10:c5:e4:f4:30:6b:a0:bf:f9:9f:2b:b4:
ad:a6:bd:fa:ba:a1:2c:01:17:29:3c:1a:f8:d8:05:
77:64:57:84:d1:ff:af:42:3d:d5:65:b1:74:1f:e6:
f8:76:e3:22:b9:12:b2:3d:4e:84:04:49:ab:6d:ca:
22:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:31:74:AC:66:66:61:03:97:25:F3:5D:D6:38:2C:51:FB:00:ED:85
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/623792B69DD411EF81BA4A6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.140.0/23
14.192.154.0/23
111.92.131.0-111.92.134.255
111.92.136.0-111.92.138.255
111.92.141.0/24
111.92.143.0/24
111.92.145.0/24
111.92.147.0/24
Signature Algorithm: sha256WithRSAEncryption
68:f1:f3:64:6c:61:e4:07:12:77:e8:1d:32:86:6d:4a:ec:05:
52:82:a9:9d:a8:bc:aa:7b:99:b6:f1:67:e9:5a:3b:71:e1:0e:
39:cb:3f:78:a0:22:27:00:f8:5e:08:75:53:03:bb:a7:a8:3a:
5a:3b:1d:c9:c5:4c:9b:c7:86:b7:72:f9:d1:fd:dc:b4:d3:46:
80:d9:73:92:93:22:bf:85:4d:14:e9:f5:14:5d:96:88:3a:98:
cf:19:5f:75:e0:f6:ab:e6:7e:24:c8:92:d5:af:5c:45:79:6a:
56:7b:cb:5e:52:b2:5b:78:6d:79:66:1a:17:e0:bd:a0:fd:0a:
f3:bd:b5:5b:99:96:54:ab:e3:a8:8b:db:47:2c:0d:39:6a:e9:
9b:ab:62:56:98:80:6e:4c:0c:a6:5d:d3:36:fa:57:e5:2f:5e:
15:11:4c:d7:d0:90:5f:64:83:f7:87:0c:dc:83:26:b9:29:80:
63:cb:84:e6:14:6a:62:8f:4c:ba:d7:aa:73:5b:e1:a3:27:a8:
9b:59:10:93:cd:f2:b9:23:53:1f:89:8e:27:d0:1b:89:61:2f:
ad:ba:cc:9a:60:7d:db:f8:69:3f:d2:1a:55:52:24:7c:16:d2:
99:d8:a2:28:78:35:3e:5e:67:6c:2d:da:91:ee:97:df:cc:b6:
19:ec:4b:8a
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICDIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMjIwMDk0NTE1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I2ZjlhYi1lN2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq1892NssGKZvHqEz8/ShKvX7IuNqHCRXrZXEHkQ66dMIuDgpKg/Uhr3d/+Lr
/CxteH/I+F22TgzPjIHa0GzvEn1A41EyuiGGQskmgtvUQ8H1PN75Uc2y0AuZoKj2
Xzl91yhsAFbSQMP4FImkVV6IQDuY3PE9qPiDw0FBmcf102N6HCLFmkrj/vUrGqAn
vQFmngY/xWCLamDSEzXVNzyqIyzkip/gSP2ty+eb1VjlZDxg+dRvvjvHJNJFZ8wU
T3zbRTRCV9AQxeT0MGugv/mfK7Stpr36uqEsARcpPBr42AV3ZFeE0f+vQj3VZbF0
H+b4duMiuRKyPU6EBEmrbcoiGwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFOgxdKxm
ZmEDlyXzXdY4LFH7AO2FMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNjIzNzkyQjY5
REQ0MTFFRjgxQkE0QTZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADBAEOwIwDBAEOwJowDAMEAG9cgwMEAG9chjAMAwQDb1yIAwQA
b1yKAwQAb1yNAwQAb1yPAwQAb1yRAwQAb1yTMA0GCSqGSIb3DQEBCwUAA4IBAQBo
8fNkbGHkBxJ36B0yhm1K7AVSgqmdqLyqe5m28WfpWjtx4Q45yz94oCInAPheCHVT
A7unqDpaOx3JxUybx4a3cvnR/dy000aA2XOSkyK/hU0U6fUUXZaIOpjPGV914Par
5n4kyJLVr1xFeWpWe8teUrJbeG15ZhoX4L2g/QrzvbVbmZZUq+Ooi9tHLA05aumb
q2JWmIBuTAymXdM2+lflL14VEUzX0JBfZIP3hwzcgya5KYBjy4TmFGpij0y616pz
W+GjJ6ibWRCTzfK5I1MfiY4n0BuJYS+tusyaYH3b+Gk/0hpVUiR8FtKZ2KIoeDU+
XmdsLdqR7pffzLYZ7EuK
-----END CERTIFICATE-----
Generated at Wed May 14 11:24:13 2025 by rpki-client