Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C3FB/701782160BA111F08EFED219C4F9AE02/426BCB780BA211F08457541BC4F9AE02.roa
File: 426BCB780BA211F08457541BC4F9AE02.roa (raw, json)
Hash identifier: V4eJk5Y68/lOMV8NNlw8KGJofB4Myocw3zcQyTbM86c=
Subject key identifier: B2:89:0D:EE:9A:DF:A7:3D:91:F3:55:F5:EE:4E:3D:75:68:C2:0B:7E
Certificate issuer: /CN=A914C3FB/serialNumber=4F5F75A6C2988F58B603012A8DB445A1F37D5D72
Certificate serial: 28
Authority key identifier: 4F:5F:75:A6:C2:98:8F:58:B6:03:01:2A:8D:B4:45:A1:F3:7D:5D:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T191psKYj1i2AwEqjbRFofN9XXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C3FB/701782160BA111F08EFED219C4F9AE02/426BCB780BA211F08457541BC4F9AE02.roa
Signing time: Fri 16 May 2025 12:23:47 +0000
ROA not before: Fri 16 May 2025 12:23:46 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 7540
IP address blocks: 117.18.106.0/23 maxlen: 23
117.18.106.0/24 maxlen: 24
117.18.107.0/24 maxlen: 24
117.18.108.0/23 maxlen: 23
117.18.108.0/24 maxlen: 24
117.18.109.0/24 maxlen: 24
117.18.112.0/24 maxlen: 24
117.18.113.0/24 maxlen: 24
117.18.114.0/24 maxlen: 24
117.18.115.0/24 maxlen: 24
117.18.119.0/24 maxlen: 24
117.18.120.0/24 maxlen: 24
117.18.121.0/24 maxlen: 24
117.18.122.0/24 maxlen: 24
202.181.154.0/24 maxlen: 24
202.181.155.0/24 maxlen: 24
202.181.160.0/24 maxlen: 24
202.181.161.0/24 maxlen: 24
202.181.162.0/24 maxlen: 24
202.181.163.0/24 maxlen: 24
202.181.170.0/24 maxlen: 24
202.181.171.0/24 maxlen: 24
202.181.172.0/24 maxlen: 24
202.181.173.0/24 maxlen: 24
202.181.178.0/24 maxlen: 24
202.181.179.0/24 maxlen: 24
202.181.180.0/24 maxlen: 24
202.181.181.0/24 maxlen: 24
202.181.182.0/24 maxlen: 24
202.181.183.0/24 maxlen: 24
202.181.184.0/24 maxlen: 24
202.181.185.0/24 maxlen: 24
202.181.186.0/24 maxlen: 24
202.181.187.0/24 maxlen: 24
202.181.216.0/24 maxlen: 24
202.181.217.0/24 maxlen: 24
202.181.218.0/24 maxlen: 24
202.181.220.0/24 maxlen: 24
202.181.221.0/24 maxlen: 24
202.181.222.0/24 maxlen: 24
202.181.223.0/24 maxlen: 24
202.181.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 May 2025 12:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40 (0x28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C3FB, serialNumber=4F5F75A6C2988F58B603012A8DB445A1F37D5D72
Validity
Not Before: May 16 12:23:46 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=68272e52-36c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:68:25:75:96:aa:9e:f2:13:3f:f4:32:d6:ce:
4b:9e:86:1c:55:94:04:64:aa:ff:42:98:53:bb:16:
5a:6d:97:95:7d:d4:35:4a:2f:97:e7:c9:92:8d:c9:
0e:0d:a8:00:61:83:f1:54:45:21:b9:d2:09:33:04:
62:3b:07:29:d3:01:31:00:f0:09:58:f9:45:45:1a:
dd:84:67:9b:2d:ad:15:b1:c3:50:b4:37:31:0d:a6:
3b:76:cc:96:21:0d:64:7e:98:51:2b:b5:d3:49:92:
a2:2d:1f:97:54:0f:69:56:4f:b1:a6:eb:4a:ab:44:
8a:df:55:88:9c:50:53:a1:46:c3:f0:f5:c2:c6:5a:
96:89:b5:f7:3c:d1:2d:c2:65:70:bf:5c:59:05:ed:
44:00:48:82:f5:da:d2:61:76:40:01:be:7a:0e:37:
e3:c7:0d:b6:18:89:3b:e4:3a:95:06:02:28:a6:58:
6f:ae:62:4f:0a:4a:6d:26:51:5e:79:69:4a:5a:d4:
83:18:f3:01:29:ca:ce:bb:37:d7:b9:21:9a:06:fc:
00:b9:be:91:7a:cc:e3:9a:d8:e5:ab:20:f8:ee:d2:
81:17:e9:33:29:48:40:b7:2e:0d:fe:fb:53:da:60:
ef:06:7b:ed:c4:53:ad:1a:ff:1b:ff:d2:8a:ea:44:
ed:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:89:0D:EE:9A:DF:A7:3D:91:F3:55:F5:EE:4E:3D:75:68:C2:0B:7E
X509v3 Authority Key Identifier:
keyid:4F:5F:75:A6:C2:98:8F:58:B6:03:01:2A:8D:B4:45:A1:F3:7D:5D:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C3FB/701782160BA111F08EFED219C4F9AE02/T191psKYj1i2AwEqjbRFofN9XXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T191psKYj1i2AwEqjbRFofN9XXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C3FB/701782160BA111F08EFED219C4F9AE02/426BCB780BA211F08457541BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.18.106.0-117.18.109.255
117.18.112.0/22
117.18.119.0-117.18.122.255
202.181.154.0/23
202.181.160.0/22
202.181.170.0-202.181.173.255
202.181.178.0-202.181.187.255
202.181.216.0-202.181.218.255
202.181.220.0-202.181.224.255
Signature Algorithm: sha256WithRSAEncryption
1e:4a:e1:e2:e2:88:58:69:5e:2f:df:ae:c4:84:34:f5:03:33:
c9:86:a6:40:87:a7:3d:25:e9:4e:14:ba:59:59:4c:42:4e:0b:
5f:aa:86:dc:c7:9d:8f:27:29:fb:72:48:41:10:df:9b:1e:1c:
64:a7:ec:9e:d4:f6:f1:45:e8:e7:23:39:49:2a:b3:f3:47:29:
ae:da:c0:11:f0:7b:c7:cb:06:c9:dc:7c:ad:6c:39:75:e4:d7:
5d:c1:d2:d9:14:3d:dc:85:41:a2:ae:3d:65:5f:93:46:72:7e:
5f:34:fa:3b:7a:b9:15:ae:22:cc:e5:d0:87:d7:cd:37:10:78:
5d:e2:cd:fe:16:df:ed:26:5a:74:c8:7e:c2:6c:4a:f2:54:f6:
78:8a:29:dc:ba:17:5e:38:88:73:3d:78:b9:6e:fb:40:12:34:
4f:a2:17:85:eb:46:dc:ec:01:ae:96:70:9d:1c:64:61:b2:57:
79:bb:43:da:5a:2e:fb:66:03:d3:2f:fe:be:12:ef:81:82:09:
98:49:d8:e4:22:54:25:03:95:4c:82:de:0a:cf:6d:90:7f:2d:
ff:0c:60:76:8b:0f:27:b8:77:40:27:d7:bb:56:ae:41:dd:c7:
e0:12:29:49:4b:59:eb:bd:a4:38:64:ec:91:c0:de:64:32:3d:
94:38:ac:69
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QzNGQjExMC8GA1UEBRMoNEY1Rjc1QTZDMjk4OEY1OEI2MDMwMTJBOERCNDQ1QTFG
MzdENUQ3MjAeFw0yNTA1MTYxMjIzNDZaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MjcyZTUyLTM2YzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/aCV1lqqe8hM/9DLWzkuehhxVlARkqv9CmFO7Flptl5V91DVKL5fnyZKNyQ4N
qABhg/FURSG50gkzBGI7BynTATEA8AlY+UVFGt2EZ5strRWxw1C0NzENpjt2zJYh
DWR+mFErtdNJkqItH5dUD2lWT7Gm60qrRIrfVYicUFOhRsPw9cLGWpaJtfc80S3C
ZXC/XFkF7UQASIL12tJhdkABvnoON+PHDbYYiTvkOpUGAiimWG+uYk8KSm0mUV55
aUpa1IMY8wEpys67N9e5IZoG/AC5vpF6zOOa2OWrIPju0oEX6TMpSEC3Lg3++1Pa
YO8Ge+3EU60a/xv/0orqRO2HAgMBAAGjggL1MIIC8TAdBgNVHQ4EFgQUsokN7prf
pz2R81X17k49dWjCC34wHwYDVR0jBBgwFoAUT191psKYj1i2AwEqjbRFofN9XXIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRDM0ZCLzcwMTc4MjE2MEJB
MTExRjA4RUZFRDIxOUM0RjlBRTAyL1QxOTFwc0tZajFpMkF3RXFqYlJGb2ZOOVhY
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVDE5MXBzS1lqMWkyQXdFcWpiUkZvZk45WFhJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QzNGQi83MDE3ODIxNjBCQTExMUYwOEVGRUQyMTlDNEY5QUUwMi80MjZCQ0I3ODBC
QTIxMUYwODQ1NzU0MUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDB/BggrBgEFBQcBBwEB/wRw
MG4wbAQCAAEwZjAMAwQBdRJqAwQBdRJsAwQCdRJwMAwDBAB1EncDBAB1EnoDBAHK
tZoDBALKtaAwDAMEAcq1qgMEAcq1rDAMAwQByrWyAwQCyrW4MAwDBAPKtdgDBADK
tdowDAMEAsq13AMEAMq14DANBgkqhkiG9w0BAQsFAAOCAQEAHkrh4uKIWGleL9+u
xIQ09QMzyYamQIenPSXpThS6WVlMQk4LX6qG3Medjycp+3JIQRDfmx4cZKfsntT2
8UXo5yM5SSqz80cprtrAEfB7x8sGydx8rWw5deTXXcHS2RQ93IVBoq49ZV+TRnJ+
XzT6O3q5Fa4izOXQh9fNNxB4XeLN/hbf7SZadMh+wmxK8lT2eIop3LoXXjiIcz14
uW77QBI0T6IXhetG3OwBrpZwnRxkYbJXebtD2lou+2YD0y/+vhLvgYIJmEnY5CJU
JQOVTILeCs9tkH8t/wxgdosPJ7h3QCfXu1auQd3H4BIpSUtZ672kOGTskcDeZDI9
lDisaQ==
-----END CERTIFICATE-----
Generated at Sun Jul 20 07:49:43 2025 by rpki-client