Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/3B84FE56A8DD11EF95A59966C4F9AE02.roa
File: 3B84FE56A8DD11EF95A59966C4F9AE02.roa (raw, json)
Hash identifier: W9bTcgSaHY6vPOP+dwcFKCGjnNiL5vnb0GKvsqfrNyA=
Subject key identifier: 0D:DB:2F:E8:E7:B0:72:7C:00:25:9A:45:56:F6:90:94:57:21:98:D1
Certificate issuer: /CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Certificate serial: 0C4D
Authority key identifier: 34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/3B84FE56A8DD11EF95A59966C4F9AE02.roa
Signing time: Fri 14 Mar 2025 19:19:04 +0000
ROA not before: Fri 14 Mar 2025 19:19:04 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 19324
IP address blocks: 101.99.64.0/24 maxlen: 24
101.99.65.0/24 maxlen: 24
101.99.66.0/24 maxlen: 24
101.99.67.0/24 maxlen: 24
101.99.68.0/24 maxlen: 24
101.99.69.0/24 maxlen: 24
101.99.70.0/24 maxlen: 24
101.99.71.0/24 maxlen: 24
101.99.72.0/24 maxlen: 24
101.99.73.0/24 maxlen: 24
101.99.74.0/24 maxlen: 24
101.99.75.0/24 maxlen: 24
101.99.77.0/24 maxlen: 24
101.99.78.0/24 maxlen: 24
101.99.79.0/24 maxlen: 24
101.99.80.0/24 maxlen: 24
101.99.81.0/24 maxlen: 24
101.99.82.0/24 maxlen: 24
101.99.83.0/24 maxlen: 24
101.99.84.0/24 maxlen: 24
101.99.85.0/24 maxlen: 24
101.99.86.0/24 maxlen: 24
101.99.87.0/24 maxlen: 24
101.99.88.0/24 maxlen: 24
101.99.89.0/24 maxlen: 24
101.99.90.0/24 maxlen: 24
101.99.91.0/24 maxlen: 24
111.90.128.0/24 maxlen: 24
111.90.129.0/24 maxlen: 24
111.90.130.0/24 maxlen: 24
111.90.131.0/24 maxlen: 24
111.90.132.0/24 maxlen: 24
111.90.133.0/24 maxlen: 24
111.90.134.0/24 maxlen: 24
111.90.135.0/24 maxlen: 24
111.90.136.0/24 maxlen: 24
111.90.137.0/24 maxlen: 24
111.90.138.0/24 maxlen: 24
111.90.139.0/24 maxlen: 24
111.90.140.0/24 maxlen: 24
111.90.141.0/24 maxlen: 24
111.90.142.0/24 maxlen: 24
111.90.143.0/24 maxlen: 24
111.90.144.0/24 maxlen: 24
111.90.145.0/24 maxlen: 24
111.90.146.0/24 maxlen: 24
111.90.147.0/24 maxlen: 24
111.90.148.0/24 maxlen: 24
111.90.149.0/24 maxlen: 24
111.90.150.0/24 maxlen: 24
111.90.151.0/24 maxlen: 24
111.90.152.0/24 maxlen: 24
111.90.153.0/24 maxlen: 24
111.90.154.0/24 maxlen: 24
111.90.155.0/24 maxlen: 24
111.90.158.0/24 maxlen: 24
111.90.159.0/24 maxlen: 24
124.217.224.0/24 maxlen: 24
124.217.225.0/24 maxlen: 24
124.217.226.0/24 maxlen: 24
124.217.227.0/24 maxlen: 24
124.217.228.0/24 maxlen: 24
124.217.229.0/24 maxlen: 24
124.217.230.0/24 maxlen: 24
124.217.231.0/24 maxlen: 24
124.217.232.0/24 maxlen: 24
124.217.233.0/24 maxlen: 24
124.217.234.0/24 maxlen: 24
124.217.235.0/24 maxlen: 24
124.217.236.0/24 maxlen: 24
124.217.237.0/24 maxlen: 24
124.217.238.0/24 maxlen: 24
124.217.239.0/24 maxlen: 24
124.217.240.0/24 maxlen: 24
124.217.241.0/24 maxlen: 24
124.217.242.0/24 maxlen: 24
124.217.243.0/24 maxlen: 24
124.217.244.0/24 maxlen: 24
124.217.245.0/24 maxlen: 24
124.217.246.0/24 maxlen: 24
124.217.247.0/24 maxlen: 24
124.217.248.0/24 maxlen: 24
124.217.249.0/24 maxlen: 24
124.217.250.0/24 maxlen: 24
124.217.251.0/24 maxlen: 24
124.217.252.0/24 maxlen: 24
124.217.253.0/24 maxlen: 24
124.217.254.0/24 maxlen: 24
124.217.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 03:36:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3149 (0xc4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152D08, serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Validity
Not Before: Mar 14 19:19:04 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d48127-c545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:74:5d:ef:8f:7b:48:0a:12:e1:f1:bb:af:24:
42:5a:7a:ab:cf:37:80:c0:e2:d8:7a:1d:51:cb:1d:
9a:6a:5d:86:0f:be:18:1e:c9:16:83:30:51:c2:3f:
58:84:b6:81:9f:31:02:ac:3f:27:ff:1f:63:d5:4e:
15:93:f2:ac:40:cd:0f:5d:cb:e3:05:14:cc:f4:41:
f0:fb:95:79:f2:9c:37:e6:08:80:7c:7f:5d:cc:47:
ec:a7:d1:cf:c6:6a:1c:a4:3a:15:cc:e0:18:41:cd:
e0:ea:34:06:02:97:26:ac:ba:17:f0:2e:d6:44:e7:
18:e6:b8:19:57:02:a2:23:1c:cb:8b:47:3a:e1:2d:
90:11:1b:88:63:98:63:c5:e9:52:9c:f2:7c:75:2f:
6d:9c:37:21:89:95:c6:19:d9:a4:c6:0f:13:6e:52:
93:78:b8:6a:e7:3d:05:e4:4b:65:2f:4d:61:8c:5b:
1e:9c:fb:12:ec:a5:be:28:28:74:f0:3b:18:10:28:
ce:d6:79:10:27:ca:dc:ad:9e:ae:13:a5:43:28:05:
49:d6:36:c4:52:c0:6b:a1:31:01:82:d8:e6:61:14:
61:1c:26:2f:33:03:60:9b:be:bd:b7:90:ea:32:5f:
af:69:9c:69:9d:1e:89:55:b5:86:ae:c5:57:94:9c:
f5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:DB:2F:E8:E7:B0:72:7C:00:25:9A:45:56:F6:90:94:57:21:98:D1
X509v3 Authority Key Identifier:
keyid:34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/3B84FE56A8DD11EF95A59966C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.99.64.0-101.99.75.255
101.99.77.0-101.99.91.255
111.90.128.0-111.90.155.255
111.90.158.0/23
124.217.224.0/19
Signature Algorithm: sha256WithRSAEncryption
6c:22:8f:3d:4a:d4:fd:09:eb:76:57:16:c9:07:d8:58:7f:98:
11:c6:13:ae:51:db:27:d8:a5:d0:49:d0:10:1f:4e:66:42:30:
cc:ae:65:70:3a:4d:c2:71:a6:e1:9f:d5:41:e2:8a:ff:8f:9f:
b8:6b:15:e4:23:2e:0c:e0:d3:7d:37:87:50:5c:74:e7:5b:af:
f1:fd:58:39:ad:fb:d4:ac:ac:ea:0e:89:37:4f:8f:aa:50:b6:
ce:71:1b:20:4b:61:0f:b9:6c:c4:81:20:e5:f2:1f:e0:4b:40:
aa:c4:3c:42:4d:d6:49:4e:1b:69:47:d4:ff:fc:0a:71:7f:88:
b1:ae:bc:07:12:d4:94:2b:26:94:32:25:44:da:72:77:d8:6a:
5e:2f:e6:b8:cc:49:8c:f2:8a:80:df:f4:07:13:81:0a:6e:1e:
18:25:99:83:55:48:83:e4:bf:b8:30:25:83:24:0c:f5:0f:3b:
61:a4:b7:74:a3:f7:01:cb:7e:24:8f:02:0e:52:73:20:af:30:
2a:3b:7e:aa:a7:dc:6a:20:c1:14:1f:8c:26:b9:7f:5d:c9:f5:
f5:88:e7:c1:6c:7d:15:39:49:83:a9:7b:73:0b:5f:82:89:31:
a5:9f:7b:a2:72:3d:2c:e7:b4:9c:4f:e3:5a:e3:b5:54:89:cf:
f1:70:93:5e
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICDE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJEMDgxMTAvBgNVBAUTKDM0REMyMDEyOUVBRDZGNDFBN0NBMkQ5OUM5QkQzRTdF
NjAzM0NCODgwHhcNMjUwMzE0MTkxOTA0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q0ODEyNy1jNTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArHRd7497SAoS4fG7ryRCWnqrzzeAwOLYeh1Ryx2aal2GD74YHskWgzBRwj9Y
hLaBnzECrD8n/x9j1U4Vk/KsQM0PXcvjBRTM9EHw+5V58pw35giAfH9dzEfsp9HP
xmocpDoVzOAYQc3g6jQGApcmrLoX8C7WROcY5rgZVwKiIxzLi0c64S2QERuIY5hj
xelSnPJ8dS9tnDchiZXGGdmkxg8TblKTeLhq5z0F5EtlL01hjFsenPsS7KW+KCh0
8DsYECjO1nkQJ8rcrZ6uE6VDKAVJ1jbEUsBroTEBgtjmYRRhHCYvMwNgm769t5Dq
Ml+vaZxpnR6JVbWGrsVXlJz1AwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFA3bL+jn
sHJ8ACWaRVb2kJRXIZjRMB8GA1UdIwQYMBaAFDTcIBKerW9Bp8otmcm9Pn5gM8uI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkQwOC9GOUMzMzM5MjFE
ODcxMUVBQTlDNUIxNzBDNEY5QUUwMi9OTndnRXA2dGIwR255aTJaeWIwLWZtQXp5
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Od2dFcDZ0YjBHbnlpMlp5YjAtZm1Benk0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTJEMDgvRjlDMzMzOTIxRDg3MTFFQUE5QzVCMTcwQzRGOUFFMDIvM0I4NEZFNTZB
OEREMTFFRjk1QTU5OTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYwDAMEBmVjQAMEAmVjSDAMAwQAZWNNAwQCZWNYMAwDBAdvWoAD
BAJvWpgDBAFvWp4DBAV82eAwDQYJKoZIhvcNAQELBQADggEBAGwijz1K1P0J63ZX
FskH2Fh/mBHGE65R2yfYpdBJ0BAfTmZCMMyuZXA6TcJxpuGf1UHiiv+Pn7hrFeQj
Lgzg0303h1BcdOdbr/H9WDmt+9SsrOoOiTdPj6pQts5xGyBLYQ+5bMSBIOXyH+BL
QKrEPEJN1klOG2lH1P/8CnF/iLGuvAcS1JQrJpQyJUTacnfYal4v5rjMSYzyioDf
9AcTgQpuHhglmYNVSIPkv7gwJYMkDPUPO2Gkt3Sj9wHLfiSPAg5ScyCvMCo7fqqn
3GogwRQfjCa5f13J9fWI58FsfRU5SYOpe3MLX4KJMaWfe6JyPSzntJxP41rjtVSJ
z/Fwk14=
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:24:19 2025 by rpki-client