Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/665BEFB0F97B11EFBE411535C4F9AE02.roa
File: 665BEFB0F97B11EFBE411535C4F9AE02.roa (raw, json)
Hash identifier: +qJKb3j6d+ogpXS1ftY8ZDpSDxCXWtnFClyqT6gVQ2k=
Subject key identifier: 1B:D9:3A:72:F8:EA:B6:93:C2:EA:41:4B:32:01:E6:DB:56:6E:29:DA
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0741
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/665BEFB0F97B11EFBE411535C4F9AE02.roa
Signing time: Wed 05 Mar 2025 04:37:37 +0000
ROA not before: Wed 05 Mar 2025 04:37:37 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 137451
IP address blocks: 43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.20.220.0/24 maxlen: 24
103.20.221.0/24 maxlen: 24
103.225.198.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 03:57:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1857 (0x741)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Mar 5 04:37:37 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67c7d511-2fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c5:8b:8c:f9:f5:1d:70:71:45:51:c3:57:ae:
86:1d:de:02:ff:bf:1c:f4:30:ec:94:cd:73:be:cf:
9f:d3:0d:2b:af:ad:76:ab:a0:3e:a6:ea:c1:f2:6f:
03:a6:21:21:67:da:80:0a:66:78:f3:b4:a8:7f:35:
94:94:3d:03:8e:da:5c:33:34:22:c8:c8:1c:ba:13:
ac:58:2a:7e:ec:84:0e:60:9d:0c:e5:da:fe:ec:a7:
e2:d0:e3:3b:69:e9:7c:da:e8:42:21:e4:eb:6e:ea:
ae:33:0a:47:05:d1:a2:57:47:0e:3c:ec:56:0a:56:
2f:17:dc:9e:a2:52:47:dc:8c:70:2a:4f:a7:58:5f:
41:1c:20:d5:8a:ca:e0:57:a2:6d:fb:01:86:e1:59:
9e:f6:89:d3:86:a3:d2:39:9a:7a:b2:2f:89:53:f5:
a0:f4:70:7c:90:80:4c:b8:b8:6c:a1:24:54:72:6e:
bf:9c:a7:2f:78:33:a9:00:a6:80:cd:2a:7d:97:e4:
7f:dd:1c:6f:47:26:9e:6b:9b:d1:fd:c2:46:f7:65:
1d:9f:be:9a:44:17:0c:b1:52:65:8f:df:0c:01:2e:
dd:77:25:9b:c7:b4:a5:c6:66:67:78:73:2a:4d:4f:
48:5b:53:3f:dc:db:ba:ad:f3:36:58:14:01:71:56:
14:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D9:3A:72:F8:EA:B6:93:C2:EA:41:4B:32:01:E6:DB:56:6E:29:DA
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/665BEFB0F97B11EFBE411535C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.209.0-43.252.210.255
103.20.220.0/23
103.225.198.0/24
103.228.64.0/24
103.234.54.0/24
150.107.1.0-150.107.3.255
Signature Algorithm: sha256WithRSAEncryption
77:ea:f8:33:0f:99:94:18:a8:6a:33:30:78:4d:c5:2b:ef:cf:
d6:88:71:a4:6a:f3:99:37:25:7c:d2:dc:44:32:8f:a8:13:48:
25:b6:5d:f2:05:8d:82:2f:7f:dd:ef:4f:6f:a6:2f:60:15:5e:
c6:05:59:35:88:93:1f:53:91:b7:20:11:97:26:67:58:45:1e:
e3:21:83:2f:2a:39:26:69:3b:cb:3d:e0:ec:dc:1d:95:2d:e7:
1a:b7:6a:43:ec:c9:07:c2:16:20:4e:61:c3:93:5a:f3:41:1c:
5f:be:cf:93:95:59:c5:8f:40:04:63:68:a9:e5:c1:12:5d:82:
86:a3:45:c9:be:26:8d:c1:e1:3c:72:44:66:e2:97:8b:7d:f4:
1e:bd:03:48:27:3b:6a:0b:b6:b7:c7:d0:0e:d2:e2:64:95:8b:
cf:a2:6b:62:60:55:90:14:1d:99:52:7e:a2:ff:5c:0c:b5:bf:
2b:07:98:c9:58:34:c0:2e:70:c8:40:d8:a7:ac:41:51:2b:c9:
db:90:47:a2:96:5a:4b:8d:12:51:78:f3:c5:45:60:46:1a:9f:
20:94:23:3c:b2:a2:6e:e7:68:85:d5:3c:45:fa:bf:1b:14:df:
46:61:2b:42:32:36:ad:21:dc:4e:90:a9:f7:b5:12:35:e5:27:
01:00:6e:50
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICB0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwMzA1MDQzNzM3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3ZDUxMS0yZmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtMWLjPn1HXBxRVHDV66GHd4C/78c9DDslM1zvs+f0w0rr612q6A+purB8m8D
piEhZ9qACmZ487SofzWUlD0DjtpcMzQiyMgcuhOsWCp+7IQOYJ0M5dr+7Kfi0OM7
ael82uhCIeTrbuquMwpHBdGiV0cOPOxWClYvF9yeolJH3IxwKk+nWF9BHCDVisrg
V6Jt+wGG4Vme9onThqPSOZp6si+JU/Wg9HB8kIBMuLhsoSRUcm6/nKcveDOpAKaA
zSp9l+R/3RxvRyaea5vR/cJG92Udn76aRBcMsVJlj98MAS7ddyWbx7SlxmZneHMq
TU9IW1M/3Nu6rfM2WBQBcVYUgQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFBvZOnL4
6raTwupBSzIB5ttWbinaMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvNjY1QkVGQjBG
OTdCMTFFRkJFNDExNTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MDoEAgABMDQwDAMEACv80QMEACv80gMEAWcU3AMEAGfhxgMEAGfkQAMEAGfq
NjAMAwQAlmsBAwQClmsAMA0GCSqGSIb3DQEBCwUAA4IBAQB36vgzD5mUGKhqMzB4
TcUr78/WiHGkavOZNyV80txEMo+oE0gltl3yBY2CL3/d709vpi9gFV7GBVk1iJMf
U5G3IBGXJmdYRR7jIYMvKjkmaTvLPeDs3B2VLecat2pD7MkHwhYgTmHDk1rzQRxf
vs+TlVnFj0AEY2ip5cESXYKGo0XJviaNweE8ckRm4peLffQevQNIJztqC7a3x9AO
0uJklYvPomtiYFWQFB2ZUn6i/1wMtb8rB5jJWDTALnDIQNinrEFRK8nbkEeillpL
jRJRePPFRWBGGp8glCM8sqJu52iF1TxF+r8bFN9GYStCMjatIdxOkKn3tRI15ScB
AG5Q
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:23:00 2025 by rpki-client