Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/388E2D9EFB4411EF8FEEEA7EC4F9AE02.roa
File: 388E2D9EFB4411EF8FEEEA7EC4F9AE02.roa (raw, json)
Hash identifier: 07+sz+EVxT6UKIX8SWvxNK8MeDz7Pj3DZx4bmzyBXxQ=
Subject key identifier: 2C:DC:FA:00:5E:E1:12:63:43:0F:10:29:0D:3D:C0:45:0B:49:2F:22
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A977
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/388E2D9EFB4411EF8FEEEA7EC4F9AE02.roa
Signing time: Fri 07 Mar 2025 11:16:11 +0000
ROA not before: Fri 07 Mar 2025 11:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133594
IP address blocks: 14.102.0.0/22 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.22.0/23 maxlen: 24
14.102.24.0/22 maxlen: 24
14.102.32.0/22 maxlen: 24
14.102.36.0/23 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.40.0/22 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.56.0/23 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/22 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.68.0/22 maxlen: 24
14.102.72.0/22 maxlen: 24
14.102.76.0/23 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.80.0/23 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.92.0/23 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/23 maxlen: 24
14.102.100.0/23 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/22 maxlen: 24
14.102.108.0/22 maxlen: 24
14.102.112.0/22 maxlen: 24
14.102.116.0/22 maxlen: 24
14.102.120.0/22 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/23 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.168.0/24 maxlen: 24
111.235.64.0/22 maxlen: 24
118.91.176.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 05:32:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43383 (0xa977)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 7 11:16:11 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67cad57b-d9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:56:aa:18:75:e0:73:60:64:20:12:1e:92:04:
2e:cf:6a:66:75:c1:fb:81:bb:ef:37:9e:72:0d:e8:
9d:30:e1:cf:a0:cc:1e:a6:63:17:53:b4:10:d5:25:
35:4c:35:35:4f:d6:e5:90:a3:50:00:82:3b:f8:a5:
34:9f:3a:ac:c7:a4:3e:16:59:75:5d:ae:31:1b:18:
ae:ef:83:1b:6a:18:46:6d:ba:b2:95:2f:a4:a2:45:
c7:ba:1f:6b:f7:59:1e:2e:cf:4c:71:c9:90:61:9a:
7a:31:cd:f5:c3:30:ac:39:bd:af:06:93:96:20:d1:
50:55:42:cc:a8:8e:bf:1f:09:ec:9a:ba:8e:82:3b:
48:a0:08:6f:84:3f:c1:4e:50:7e:13:d1:41:92:86:
0f:16:04:e3:fa:9a:e9:24:aa:e6:72:e7:8d:65:f9:
42:28:df:84:84:f5:08:35:ab:0d:1c:5d:cd:ee:d4:
c9:d5:12:a7:60:42:0c:d5:e9:9c:7f:b8:5a:aa:55:
d6:f1:44:e1:a7:bf:91:0d:67:52:7b:16:12:c3:88:
c8:16:52:ca:3f:1f:43:28:7c:d9:03:a3:ce:58:c6:
cb:70:83:ef:e4:e4:cf:e3:b4:04:f4:aa:bd:10:69:
ab:24:b3:25:8c:68:db:bd:aa:b1:27:af:18:5e:8c:
5c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DC:FA:00:5E:E1:12:63:43:0F:10:29:0D:3D:C0:45:0B:49:2F:22
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/388E2D9EFB4411EF8FEEEA7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.0.0/22
14.102.22.0-14.102.27.255
14.102.32.0-14.102.38.255
14.102.40.0-14.102.45.255
14.102.48.0/24
14.102.50.0/24
14.102.56.0/23
14.102.59.0/24
14.102.64.0-14.102.78.255
14.102.80.0-14.102.82.255
14.102.88.0/24
14.102.92.0/23
14.102.95.0-14.102.97.255
14.102.100.0/23
14.102.103.0-14.102.123.255
14.102.125.0-14.102.127.255
110.172.136.0/24
110.172.150.0/24
110.172.168.0/24
111.235.64.0/22
118.91.176.0/24
202.89.70.0/24
Signature Algorithm: sha256WithRSAEncryption
25:69:87:b1:56:87:f6:7c:16:c5:12:34:b9:ca:8b:97:b4:c9:
37:a5:ee:e9:e4:67:b5:55:1c:dc:43:3a:27:bb:c0:ce:14:9c:
e1:6f:1c:d9:8b:a6:50:99:2c:a6:ca:a2:e3:4f:1e:6d:34:34:
f6:4e:6a:8e:8a:c3:bc:ec:4d:39:d8:5b:a2:a5:87:e7:6b:b9:
83:a9:ab:6c:18:80:11:d5:fc:7d:74:72:86:7d:09:70:b6:38:
95:08:6a:93:a5:31:36:b0:73:7e:0b:86:f2:38:5e:d2:74:4b:
90:42:d0:ee:c6:cd:d0:45:10:42:b4:fa:7e:64:02:46:03:cc:
92:8a:2b:a7:f7:c1:c3:ca:90:83:b8:fb:d1:bc:cc:85:49:7d:
5f:0c:cc:6b:24:f7:bb:10:e8:ce:b3:21:20:3d:98:b2:40:f3:
4a:11:8d:13:02:46:5e:20:c2:ba:4e:c4:d2:8b:7d:d2:fa:5b:
b5:06:7e:be:b7:40:d4:93:06:1a:ab:69:67:1b:2c:17:72:0c:
e3:46:5f:12:98:65:ba:9d:cc:08:be:be:2a:27:a5:27:3e:19:
b0:41:cd:ce:79:71:84:d7:58:34:6c:e1:df:62:1e:d0:80:11:
a4:f6:a9:c1:c0:ad:08:ab:c5:7b:47:d6:9c:8b:e4:e9:61:0b:
28:6e:0d:47
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIDAKl3MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMwNzExMTYxMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjYWQ1N2ItZDlmMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhWqhh14HNgZCASHpIELs9qZnXB+4G77zeecg3onTDhz6DMHqZjF1O0ENUl
NUw1NU/W5ZCjUACCO/ilNJ86rMekPhZZdV2uMRsYru+DG2oYRm26spUvpKJFx7of
a/dZHi7PTHHJkGGaejHN9cMwrDm9rwaTliDRUFVCzKiOvx8J7Jq6joI7SKAIb4Q/
wU5QfhPRQZKGDxYE4/qa6SSq5nLnjWX5QijfhIT1CDWrDRxdze7UydUSp2BCDNXp
nH+4WqpV1vFE4ae/kQ1nUnsWEsOIyBZSyj8fQyh82QOjzljGy3CD7+Tkz+O0BPSq
vRBpqySzJYxo272qsSevGF6MXAsCAwEAAaOCA1gwggNUMB0GA1UdDgQWBBQs3PoA
XuESY0MPECkNPcBFC0kvIjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM4OEUyRDlF
RkI0NDExRUY4RkVFRUE3RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHhBggrBgEFBQcBBwEB
/wSB0TCBzjCBywQCAAEwgcQDBAIOZgAwDAMEAQ5mFgMEAg5mGDAMAwQFDmYgAwQA
DmYmMAwDBAMOZigDBAEOZiwDBAAOZjADBAAOZjIDBAEOZjgDBAAOZjswDAMEBg5m
QAMEAA5mTjAMAwQEDmZQAwQADmZSAwQADmZYAwQBDmZcMAwDBAAOZl8DBAEOZmAD
BAEOZmQwDAMEAA5mZwMEAg5meDAMAwQADmZ9AwQHDmYAAwQAbqyIAwQAbqyWAwQA
bqyoAwQCb+tAAwQAdluwAwQAyllGMA0GCSqGSIb3DQEBCwUAA4IBAQAlaYexVof2
fBbFEjS5youXtMk3pe7p5Ge1VRzcQzonu8DOFJzhbxzZi6ZQmSymyqLjTx5tNDT2
TmqOisO87E052FuipYfna7mDqatsGIAR1fx9dHKGfQlwtjiVCGqTpTE2sHN+C4by
OF7SdEuQQtDuxs3QRRBCtPp+ZAJGA8ySiiun98HDypCDuPvRvMyFSX1fDMxrJPe7
EOjOsyEgPZiyQPNKEY0TAkZeIMK6TsTSi33S+lu1Bn6+t0DUkwYaq2lnGywXcgzj
Rl8SmGW6ncwIvr4qJ6UnPhmwQc3OeXGE11g0bOHfYh7QgBGk9qnBwK0Iq8V7R9ac
i+TpYQsobg1H
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:21:42 2025 by rpki-client