Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8838E2F6ACA411EFBC02C455C4F9AE02.roa
File: 8838E2F6ACA411EFBC02C455C4F9AE02.roa (raw, json)
Hash identifier: 3O1EKBR77Qp1byrbRfEj+O6AvY8daHalvE1/vpBJx5g=
Subject key identifier: 67:EC:BD:35:D4:3E:D2:85:36:97:D3:45:B0:EE:CD:7D:8B:21:75:94
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A204
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8838E2F6ACA411EFBC02C455C4F9AE02.roa
Signing time: Fri 10 Jan 2025 06:57:06 +0000
ROA not before: Fri 10 Jan 2025 06:57:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133647
IP address blocks: 43.229.162.0/24 maxlen: 24
43.230.156.0/22 maxlen: 24
45.115.252.0/22 maxlen: 24
45.116.68.0/22 maxlen: 24
103.38.70.0/24 maxlen: 24
103.43.4.0/22 maxlen: 24
103.50.4.0/22 maxlen: 24
103.55.6.0/23 maxlen: 24
103.61.102.0/23 maxlen: 24
103.69.216.0/22 maxlen: 24
103.70.144.0/22 maxlen: 24
103.70.176.0/23 maxlen: 24
103.79.112.0/22 maxlen: 24
103.87.48.0/24 maxlen: 24
103.87.49.0/24 maxlen: 24
103.91.68.0/22 maxlen: 24
103.93.176.0/22 maxlen: 24
103.109.72.0/23 maxlen: 24
103.122.84.0/24 maxlen: 24
103.122.85.0/24 maxlen: 24
103.129.194.0/24 maxlen: 24
103.129.195.0/24 maxlen: 24
103.144.37.0/24 maxlen: 24
103.156.168.0/23 maxlen: 24
103.157.160.0/23 maxlen: 24
103.159.154.0/23 maxlen: 24
103.161.230.0/23 maxlen: 24
103.161.232.0/24 maxlen: 24
103.161.233.0/24 maxlen: 24
103.174.105.0/24 maxlen: 24
103.175.76.0/24 maxlen: 24
103.175.77.0/24 maxlen: 24
103.176.71.0/24 maxlen: 24
103.177.61.0/24 maxlen: 24
103.214.97.0/24 maxlen: 24
103.220.28.0/24 maxlen: 24
103.220.29.0/24 maxlen: 24
103.220.30.0/24 maxlen: 24
103.220.31.0/24 maxlen: 24
103.237.172.0/24 maxlen: 24
103.237.173.0/24 maxlen: 24
103.237.174.0/24 maxlen: 24
103.237.175.0/24 maxlen: 24
110.172.163.0/24 maxlen: 24
175.111.180.0/24 maxlen: 24
175.111.182.0/24 maxlen: 24
175.111.183.0/24 maxlen: 24
2001:df0:dc80::/48 maxlen: 48
2001:df1:b280::/48 maxlen: 48
2001:df1:f440::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Jan 2025 11:38:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41476 (0xa204)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 10 06:57:06 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6780c4c1-6e1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:78:4c:5d:9b:83:47:49:a5:d7:b8:c0:42:bb:
d4:6b:2d:ab:a7:ef:d3:12:b0:50:d8:6d:26:95:01:
88:5c:a0:c4:75:2c:b8:ba:46:38:51:86:1a:aa:0e:
8d:11:dc:30:b1:32:ca:d5:a8:0d:df:34:b8:7d:18:
2a:a8:17:01:bb:e7:c2:e2:0e:e9:50:3e:16:d3:3c:
b6:ad:5f:29:e8:98:a4:c2:bd:63:91:6d:dc:d5:7d:
4a:c4:fb:5e:da:52:21:7f:04:ab:83:be:26:20:eb:
31:86:95:e7:86:68:83:46:e8:92:e3:e2:05:55:90:
16:25:66:36:0a:f7:6e:20:35:f5:4e:db:66:a7:c3:
5e:df:f4:92:eb:0b:10:4f:00:1e:a6:37:9e:05:67:
6d:37:a9:37:7e:46:27:04:de:11:b9:ec:cf:2e:f8:
81:2c:3c:29:2a:f9:dd:b6:97:4a:6f:24:cd:61:74:
1a:8d:89:27:1e:69:4f:cd:c5:fe:da:b6:82:fc:37:
de:c2:03:cb:32:1f:00:dc:80:c1:a6:4b:43:04:41:
3a:d3:3d:fc:df:fe:13:89:c9:3b:88:c9:00:34:2a:
03:db:80:18:12:36:ac:a4:a9:6d:31:71:f1:1c:e7:
d4:5f:28:4a:61:d5:48:32:f3:d9:02:63:d3:79:b4:
7a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EC:BD:35:D4:3E:D2:85:36:97:D3:45:B0:EE:CD:7D:8B:21:75:94
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8838E2F6ACA411EFBC02C455C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.162.0/24
43.230.156.0/22
45.115.252.0/22
45.116.68.0/22
103.38.70.0/24
103.43.4.0/22
103.50.4.0/22
103.55.6.0/23
103.61.102.0/23
103.69.216.0/22
103.70.144.0/22
103.70.176.0/23
103.79.112.0/22
103.87.48.0/23
103.91.68.0/22
103.93.176.0/22
103.109.72.0/23
103.122.84.0/23
103.129.194.0/23
103.144.37.0/24
103.156.168.0/23
103.157.160.0/23
103.159.154.0/23
103.161.230.0-103.161.233.255
103.174.105.0/24
103.175.76.0/23
103.176.71.0/24
103.177.61.0/24
103.214.97.0/24
103.220.28.0/22
103.237.172.0/22
110.172.163.0/24
175.111.180.0/24
175.111.182.0/23
IPv6:
2001:df0:dc80::/48
2001:df1:b280::/48
2001:df1:f440::/48
Signature Algorithm: sha256WithRSAEncryption
55:60:4a:3b:e6:6a:42:b3:26:a3:46:60:20:f2:76:44:f1:29:
c3:55:1d:89:6b:3e:6c:ab:7a:6f:5a:2d:33:0f:8b:96:4b:6c:
90:64:46:9f:e5:7a:22:fc:86:4c:83:12:4b:40:cf:1f:bf:5f:
b3:3c:ab:3d:fe:d3:ed:45:fa:3e:fd:20:7f:63:6b:cc:45:23:
ba:fc:df:27:04:da:6a:9f:0a:b2:3b:b6:52:2c:44:09:23:45:
fe:4c:9e:3d:d4:ed:15:a5:9c:25:1b:0f:2b:3f:bc:61:fa:44:
c9:76:ba:27:d2:cf:b9:79:fa:9a:07:b7:46:f5:8f:5d:0f:7d:
38:cd:93:3a:ff:fb:50:96:3f:25:1b:50:b3:7a:4f:b8:87:a3:
7e:f0:5c:ed:1d:ac:5c:3c:bb:36:15:b0:3a:56:44:fd:8d:7c:
32:45:96:c1:ae:82:35:1a:af:d5:6d:b5:cd:7f:7c:b2:21:bf:
ee:16:fc:bc:de:8b:47:0e:83:12:9d:e9:26:7c:47:0e:b6:7e:
d0:dd:9f:55:8a:0b:08:1b:32:c8:fc:11:28:99:70:b8:fb:d8:
82:cf:a3:ba:53:c3:9d:3a:ba:b9:3c:24:ce:a0:32:ab:de:bf:
6c:60:5d:52:c6:8c:0a:f3:8b:93:df:05:5d:66:e7:24:b9:82:
ae:37:61:3f
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgIDAKIEMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDExMDA2NTcwNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc4MGM0YzEtNmUxYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANd4TF2bg0dJpde4wEK71Gstq6fv0xKwUNhtJpUBiFygxHUsuLpGOFGGGqoO
jRHcMLEyytWoDd80uH0YKqgXAbvnwuIO6VA+FtM8tq1fKeiYpMK9Y5Ft3NV9SsT7
XtpSIX8Eq4O+JiDrMYaV54Zog0bokuPiBVWQFiVmNgr3biA19U7bZqfDXt/0kusL
EE8AHqY3ngVnbTepN35GJwTeEbnszy74gSw8KSr53baXSm8kzWF0Go2JJx5pT83F
/tq2gvw33sIDyzIfANyAwaZLQwRBOtM9/N/+E4nJO4jJADQqA9uAGBI2rKSpbTFx
8Rzn1F8oSmHVSDLz2QJj03m0elUCAwEAAaOCA44wggOKMB0GA1UdDgQWBBRn7L01
1D7ShTaX00Ww7s19iyF1lDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzg4MzhFMkY2
QUNBNDExRUZCQzAyQzQ1NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBFgYIKwYBBQUHAQcB
Af8EggEFMIIBATCB2wQCAAEwgdQDBAAr5aIDBAIr5pwDBAItc/wDBAItdEQDBABn
JkYDBAJnKwQDBAJnMgQDBAFnNwYDBAFnPWYDBAJnRdgDBAJnRpADBAFnRrADBAJn
T3ADBAFnVzADBAJnW0QDBAJnXbADBAFnbUgDBAFnelQDBAFngcIDBABnkCUDBAFn
nKgDBAFnnaADBAFnn5owDAMEAWeh5gMEAWeh6AMEAGeuaQMEAWevTAMEAGewRwME
AGexPQMEAGfWYQMEAmfcHAMEAmftrAMEAG6sowMEAK9vtAMEAa9vtjAhBAIAAjAb
AwcAIAEN8NyAAwcAIAEN8bKAAwcAIAEN8fRAMA0GCSqGSIb3DQEBCwUAA4IBAQBV
YEo75mpCsyajRmAg8nZE8SnDVR2Jaz5sq3pvWi0zD4uWS2yQZEaf5Xoi/IZMgxJL
QM8fv1+zPKs9/tPtRfo+/SB/Y2vMRSO6/N8nBNpqnwqyO7ZSLEQJI0X+TJ491O0V
pZwlGw8rP7xh+kTJdron0s+5efqaB7dG9Y9dD304zZM6//tQlj8lG1Czek+4h6N+
8FztHaxcPLs2FbA6VkT9jXwyRZbBroI1Gq/VbbXNf3yyIb/uFvy83otHDoMSnekm
fEcOtn7Q3Z9VigsIGzLI/BEomXC4+9iCz6O6U8OdOrq5PCTOoDKr3r9sYF1SxowK
84uT3wVdZuckuYKuN2E/
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:22:15 2025 by rpki-client