Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1F0875E0D26411EF8D5CD83DC4F9AE02.roa
File: 1F0875E0D26411EF8D5CD83DC4F9AE02.roa (raw, json)
Hash identifier: Kb0ef+g/y0/9BmEuxVEGCCHcGlrp3YIhvn+aqLsBEw0=
Subject key identifier: C6:DD:B7:1C:E5:A1:91:3B:24:6B:4A:49:8D:DA:A2:33:FC:CC:27:B8
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A2B9
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1F0875E0D26411EF8D5CD83DC4F9AE02.roa
Signing time: Tue 14 Jan 2025 10:41:33 +0000
ROA not before: Tue 14 Jan 2025 10:41:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.70.90.0/23 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.116.60.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.118.34.0/23 maxlen: 24
103.124.38.0/23 maxlen: 24
103.142.64.0/23 maxlen: 24
103.153.208.0/23 maxlen: 24
103.155.130.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.167.157.0/24 maxlen: 24
103.170.156.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.180.216.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.195.196.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.254.200.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Jan 2025 12:18:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41657 (0xa2b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 14 10:41:33 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67863f5d-9c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:37:a2:2c:6f:f4:f2:89:62:bf:64:c9:ad:19:
41:60:c4:11:2e:3a:a6:ec:5b:ff:26:90:08:7d:63:
48:63:f4:44:12:e7:33:a0:63:89:95:93:a0:f2:e9:
fb:b4:da:d2:c4:b9:8e:5c:9b:c5:b4:fd:09:b2:2c:
a9:74:1e:81:e2:c7:0d:78:3d:a9:96:b0:4c:cb:a0:
fd:4d:f1:c8:c0:65:bd:57:55:ee:f0:a2:d1:e9:08:
99:48:67:27:39:35:55:42:1f:6c:b2:24:79:67:f0:
2a:75:3e:6d:73:2b:cc:7d:11:f0:1a:0e:9b:7b:07:
be:02:c5:e8:3b:26:f7:93:d9:9b:98:60:3d:f2:15:
be:e0:4b:62:bc:9e:b4:f8:26:51:9b:32:f6:fe:10:
53:1a:31:79:7c:e8:92:6a:2a:bc:00:63:14:c1:11:
91:9f:83:31:ad:43:a9:35:eb:cd:b4:47:4b:85:d8:
3f:ae:e5:84:1a:20:78:90:f0:c6:b6:1d:69:98:70:
ad:fe:7f:6b:ad:09:1b:2d:bf:74:bf:50:78:ca:63:
f4:d4:ab:bc:a3:ce:ac:62:1b:18:94:39:1b:34:90:
76:54:e5:e9:56:fe:78:74:17:ac:cd:2d:f5:61:96:
fe:e9:52:ca:89:84:bc:4d:92:a9:ac:49:97:10:25:
c9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DD:B7:1C:E5:A1:91:3B:24:6B:4A:49:8D:DA:A2:33:FC:CC:27:B8
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1F0875E0D26411EF8D5CD83DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
43.231.116.0/22
45.114.156.0/22
103.14.196.0/22
103.16.140.0/22
103.27.168.0/24
103.27.170.0/23
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.70.90.0/23
103.82.144.0/22
103.86.20.0/22
103.88.124.0/22
103.108.76.0/22
103.111.128.0/22
103.116.60.0/22
103.118.8.0/22
103.118.34.0/23
103.124.38.0/23
103.142.64.0/23
103.153.208.0/23
103.155.130.0/23
103.155.194.0/23
103.167.157.0/24
103.170.156.0/23
103.171.236.0/23
103.173.14.0/23
103.173.41.0/24
103.180.216.0/23
103.192.72.0/22
103.195.196.0/22
103.199.92.0/22
103.200.48.0/22
103.206.64.0/22
103.212.132.0/22
103.226.224.0/22
103.228.172.0/22
103.254.200.0/22
137.59.204.0/22
139.5.96.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
73:34:e9:25:db:5a:1f:c0:7c:ba:2c:77:a2:cd:e2:94:04:b8:
23:a8:f5:0a:95:7b:b3:5e:36:1a:f9:73:7d:59:92:8a:5a:92:
47:89:b5:59:8f:26:a6:5e:88:18:19:ba:b5:ea:56:e6:69:fc:
ea:45:89:66:70:da:d3:2e:ed:75:80:69:25:59:6f:9f:04:35:
26:9b:b4:e9:47:a1:0e:0a:5e:df:12:53:84:7f:50:43:ba:cc:
c8:ec:e3:e2:3e:54:a4:17:0d:c1:11:6e:f6:14:d2:27:2c:c7:
2e:b6:6d:92:b9:19:78:0c:97:51:88:8f:5b:bd:31:e9:54:0f:
3f:1a:9b:8e:80:38:8f:bd:b4:9c:b6:d8:ed:be:26:46:b2:21:
ac:fa:84:f9:ef:7e:e4:9b:22:f3:f4:99:68:66:03:59:cd:5e:
46:00:e1:5c:fa:48:9a:8d:b7:62:6f:e6:53:d2:9c:a0:34:4b:
7a:88:a0:a8:5d:d3:51:90:5e:9f:0f:4b:4a:7e:2d:9d:40:7c:
a3:27:a7:bb:75:d8:46:f2:af:3f:c8:ea:13:4b:fc:b2:b2:79:
d4:3f:26:d0:89:62:4f:ee:36:e6:45:67:97:9e:b7:fa:8e:29:
e2:de:23:55:41:1c:75:47:3b:9c:60:ae:8f:40:71:3e:b4:f5:
76:e4:28:ed
-----BEGIN CERTIFICATE-----
MIIGozCCBYugAwIBAgIDAKK5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDExNDEwNDEzM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc4NjNmNWQtOWMwZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMM3oixv9PKJYr9kya0ZQWDEES46puxb/yaQCH1jSGP0RBLnM6BjiZWToPLp
+7Ta0sS5jlybxbT9CbIsqXQegeLHDXg9qZawTMug/U3xyMBlvVdV7vCi0ekImUhn
Jzk1VUIfbLIkeWfwKnU+bXMrzH0R8BoOm3sHvgLF6Dsm95PZm5hgPfIVvuBLYrye
tPgmUZsy9v4QUxoxeXzokmoqvABjFMERkZ+DMa1DqTXrzbRHS4XYP67lhBogeJDw
xrYdaZhwrf5/a60JGy2/dL9QeMpj9NSrvKPOrGIbGJQ5GzSQdlTl6Vb+eHQXrM0t
9WGW/ulSyomEvE2SqaxJlxAlyQ0CAwEAAaOCA8YwggPCMB0GA1UdDgQWBBTG3bcc
5aGROyRrSkmN2qIz/MwnuDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzFGMDg3NUUw
RDI2NDExRUY4RDVDRDgzREM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBTgYIKwYBBQUHAQcB
Af8EggE9MIIBOTCCARAEAgABMIIBCAMEAivhAAMEAivndAMEAi1ynAMEAmcOxAME
AmcQjAMEAGcbqAMEAWcbqgMEAGcvmAMEAmczXAMEAmc0MAMEAmc2YAMEAmc3VAME
AWdGWgMEAmdSkAMEAmdWFAMEAmdYfAMEAmdsTAMEAmdvgAMEAmd0PAMEAmd2CAME
AWd2IgMEAWd8JgMEAWeOQAMEAWeZ0AMEAWebggMEAWebwgMEAGennQMEAWeqnAME
AWer7AMEAWetDgMEAGetKQMEAWe02AMEAmfASAMEAmfDxAMEAmfHXAMEAmfIMAME
AmfOQAMEAmfUhAMEAmfi4AMEAmfkrAMEAmf+yAMEAok7zAMEAosFYAMEAsu/ODAj
BAIAAjAdMBIDBwEkANGAAGYDBwEkANGAAGgDBwEkANGAAHAwDQYJKoZIhvcNAQEL
BQADggEBAHM06SXbWh/AfLosd6LN4pQEuCOo9QqVe7NeNhr5c31ZkopakkeJtVmP
JqZeiBgZurXqVuZp/OpFiWZw2tMu7XWAaSVZb58ENSabtOlHoQ4KXt8SU4R/UEO6
zMjs4+I+VKQXDcERbvYU0icsxy62bZK5GXgMl1GIj1u9MelUDz8am46AOI+9tJy2
2O2+JkayIaz6hPnvfuSbIvP0mWhmA1nNXkYA4Vz6SJqNt2Jv5lPSnKA0S3qIoKhd
01GQXp8PS0p+LZ1AfKMnp7t12Ebyrz/I6hNL/LKyedQ/JtCJYk/uNuZFZ5eet/qO
KeLeI1VBHHVHO5xgro9AcT609XbkKO0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:00:52 2025 by rpki-client