Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/3FD2226AF97B11EFB8712532C4F9AE02.roa
File: 3FD2226AF97B11EFB8712532C4F9AE02.roa (raw, json)
Hash identifier: TgzaLfbwDirRWDyUu9veY2AfswCx4jkZAadxtKJHhyM=
Subject key identifier: FA:EA:86:E0:61:3A:20:D8:8B:A4:60:F6:9E:77:6C:62:7A:F1:0F:5A
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 073B
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/3FD2226AF97B11EFB8712532C4F9AE02.roa
Signing time: Wed 05 Mar 2025 04:35:22 +0000
ROA not before: Wed 05 Mar 2025 04:35:22 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132422
IP address blocks: 43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 03:57:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1851 (0x73b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Mar 5 04:35:22 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67c7d48a-3b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ee:4c:47:7d:5a:cb:82:31:f0:41:dd:73:ab:
ea:1e:1f:86:4c:ac:96:48:df:b6:db:9a:7c:5b:68:
25:98:a1:8e:cd:f9:5c:0b:37:c7:4f:04:a6:03:56:
8b:45:63:99:d6:6e:1e:e8:1d:4d:fa:56:18:72:97:
3b:1d:b3:42:ff:01:5c:b6:e0:c3:53:44:07:62:9c:
ee:17:9f:63:be:e6:65:4a:65:40:d1:25:06:26:4a:
7f:e7:37:2f:db:2d:f6:df:ba:9a:b6:7a:1c:0c:cf:
e3:42:8d:e5:21:ca:67:4a:7a:1f:b4:c3:cb:0f:60:
89:a3:10:27:bf:d6:84:b2:93:20:6b:7f:d2:fe:a6:
c7:fc:79:54:d5:80:d4:00:6f:b0:8f:79:62:c6:14:
8c:5f:53:4b:48:a5:06:da:f0:5b:1d:11:e4:61:64:
99:7f:33:30:93:10:7c:5c:12:27:ce:9b:20:64:c0:
61:80:76:b2:9a:43:ab:21:e0:c9:cd:5e:a2:b1:57:
d8:95:a8:9c:c2:3b:6b:69:70:47:9c:81:ad:a7:93:
25:11:dc:52:13:e3:15:66:16:58:da:7d:ae:82:e3:
08:4f:1c:1d:6b:63:42:47:6e:59:0a:72:61:ef:07:
09:cf:a5:36:71:41:43:76:63:74:4b:5e:45:49:1c:
89:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EA:86:E0:61:3A:20:D8:8B:A4:60:F6:9E:77:6C:62:7A:F1:0F:5A
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/3FD2226AF97B11EFB8712532C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.209.0-43.252.210.255
103.228.64.0/24
150.107.1.0-150.107.3.255
Signature Algorithm: sha256WithRSAEncryption
5b:c9:ba:11:2f:a6:b6:cf:6b:e3:b8:40:8f:c9:59:33:68:94:
a5:da:42:3d:9d:2c:9d:4f:b4:00:bd:11:0c:fe:9d:7a:56:97:
9d:59:b5:89:fb:b8:65:73:2d:79:57:c7:f7:6a:17:d5:e9:3a:
e0:8e:5e:40:be:40:0a:a0:a9:ae:b6:4a:a6:bd:f7:79:68:c0:
b5:0f:2f:30:31:6b:8d:41:8f:b6:27:9b:5d:d6:33:49:17:73:
ac:42:ca:52:0c:16:db:20:bc:7b:1c:61:4a:62:63:55:93:05:
3d:ef:ed:94:21:42:a8:1e:43:38:ae:a0:60:94:92:2b:d5:6c:
f3:fa:8f:06:71:52:bc:97:55:1b:41:af:2e:7e:43:ee:5e:14:
1f:7b:75:ba:4e:7b:9a:dc:8f:0c:4e:8b:e9:e5:fc:22:f0:97:
c7:c0:61:6a:79:46:fc:ab:ff:ea:bc:6c:69:0c:77:fc:1b:ab:
1b:1c:9c:a6:8d:f4:a7:9d:b0:d1:63:8c:b0:6f:89:7f:75:6e:
27:5d:27:8f:31:1d:72:f8:fb:73:14:b1:53:c2:08:7c:65:8f:
5d:fe:a7:4f:b1:fd:96:fd:52:bd:22:a5:37:ae:3f:b7:6e:a3:
65:8c:41:54:45:5a:9b:ad:cf:18:7d:1c:88:24:23:89:a1:16:
e2:7f:8a:18
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICBzswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwMzA1MDQzNTIyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3ZDQ4YS0zYjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAku5MR31ay4Ix8EHdc6vqHh+GTKyWSN+225p8W2glmKGOzflcCzfHTwSmA1aL
RWOZ1m4e6B1N+lYYcpc7HbNC/wFctuDDU0QHYpzuF59jvuZlSmVA0SUGJkp/5zcv
2y3237qatnocDM/jQo3lIcpnSnoftMPLD2CJoxAnv9aEspMga3/S/qbH/HlU1YDU
AG+wj3lixhSMX1NLSKUG2vBbHRHkYWSZfzMwkxB8XBInzpsgZMBhgHaymkOrIeDJ
zV6isVfYlaicwjtraXBHnIGtp5MlEdxSE+MVZhZY2n2uguMITxwda2NCR25ZCnJh
7wcJz6U2cUFDdmN0S15FSRyJZQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFPrqhuBh
OiDYi6Rg9p53bGJ68Q9aMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvM0ZEMjIyNkFG
OTdCMTFFRkI4NzEyNTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEACv80QMEACv80gMEAGfkQDAMAwQAlmsBAwQClmsAMA0G
CSqGSIb3DQEBCwUAA4IBAQBbyboRL6a2z2vjuECPyVkzaJSl2kI9nSydT7QAvREM
/p16VpedWbWJ+7hlcy15V8f3ahfV6Trgjl5AvkAKoKmutkqmvfd5aMC1Dy8wMWuN
QY+2J5td1jNJF3OsQspSDBbbILx7HGFKYmNVkwU97+2UIUKoHkM4rqBglJIr1Wzz
+o8GcVK8l1UbQa8ufkPuXhQfe3W6Tnua3I8MTovp5fwi8JfHwGFqeUb8q//qvGxp
DHf8G6sbHJymjfSnnbDRY4ywb4l/dW4nXSePMR1y+PtzFLFTwgh8ZY9d/qdPsf2W
/VK9IqU3rj+3bqNljEFURVqbrc8YfRyIJCOJoRbif4oY
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:13:16 2025 by rpki-client