Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9EC9B62AF84511EFB67BC128C4F9AE02.roa
File: 9EC9B62AF84511EFB67BC128C4F9AE02.roa (raw, json)
Hash identifier: Ll/XQ4lEjbIit5c8dZxiz/XR/j8T0xOT8tqW8GT+i+I=
Subject key identifier: 42:AC:63:34:6B:6E:7E:AD:ED:78:DA:BD:E3:95:15:E7:62:C8:30:89
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A8E6
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9EC9B62AF84511EFB67BC128C4F9AE02.roa
Signing time: Mon 03 Mar 2025 15:38:58 +0000
ROA not before: Mon 03 Mar 2025 15:38:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.229.200.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
43.239.112.0/22 maxlen: 24
43.239.152.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.26.169.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.41.40.0/22 maxlen: 24
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.65.24.0/22 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.87.128.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.124.10.0/23 maxlen: 24
103.132.203.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.139.88.0/23 maxlen: 24
103.142.64.0/23 maxlen: 24
103.143.180.0/23 maxlen: 24
103.143.215.0/24 maxlen: 24
103.144.112.0/23 maxlen: 24
103.154.26.0/24 maxlen: 24
103.155.170.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.157.50.0/23 maxlen: 24
103.157.69.0/24 maxlen: 24
103.158.111.0/24 maxlen: 24
103.158.180.0/24 maxlen: 24
103.159.137.0/24 maxlen: 24
103.167.157.0/24 maxlen: 24
103.169.58.0/23 maxlen: 24
103.171.8.0/23 maxlen: 24
103.171.54.0/23 maxlen: 24
103.171.60.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.174.42.0/23 maxlen: 24
103.175.58.0/23 maxlen: 24
103.175.106.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.190.12.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.199.144.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.209.154.0/23 maxlen: 24
103.212.132.0/22 maxlen: 24
103.224.50.0/23 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.228.184.0/22 maxlen: 24
103.236.112.0/22 maxlen: 24
103.245.170.0/23 maxlen: 24
103.252.192.0/23 maxlen: 24
103.254.96.0/22 maxlen: 24
103.254.200.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Mar 2025 05:26:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43238 (0xa8e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 3 15:38:58 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c5cd11-6b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fa:8a:3b:7e:b5:ec:dd:15:d7:97:47:d3:86:
9f:a1:68:0c:ce:ff:7b:4a:0c:14:05:03:5c:40:b6:
b9:04:49:98:1e:35:db:d6:f9:28:0f:d2:4b:f2:b8:
ca:2d:5c:d6:88:55:ed:67:16:96:c1:c2:69:e5:2b:
8c:02:2f:c1:b6:80:27:c8:91:68:9f:ec:0f:e2:41:
aa:48:b3:08:52:27:f5:2d:77:2d:cc:1d:7b:e4:51:
d2:18:57:4d:d1:e6:f5:d7:91:76:74:17:f3:61:60:
e9:83:38:f8:b2:49:99:69:15:46:c4:91:1b:4b:40:
0c:d5:57:85:f7:45:a0:12:d9:34:b4:e2:bd:14:20:
e2:96:a9:18:06:3b:26:50:51:2d:70:be:7c:6c:3c:
9f:41:69:10:4e:46:80:da:0a:ca:10:8a:d7:c8:62:
d6:85:29:e5:74:91:9f:54:5e:ef:54:0c:3c:65:e0:
c1:7a:a9:97:a0:df:53:32:e1:e6:0d:aa:1e:a3:c5:
f7:ae:2f:06:20:8e:d5:7b:1a:fb:fc:a3:43:1b:f1:
a3:eb:ce:cb:f9:b5:b3:b6:91:69:8b:4a:1f:4a:38:
f7:25:85:c2:46:2e:5d:f3:94:1b:38:a4:61:22:5e:
d6:ba:4d:53:c8:bf:70:2f:15:24:71:bd:04:93:7f:
a3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:AC:63:34:6B:6E:7E:AD:ED:78:DA:BD:E3:95:15:E7:62:C8:30:89
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9EC9B62AF84511EFB67BC128C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.200.0/22
43.231.116.0/22
43.239.112.0/22
43.239.152.0/22
45.114.156.0/22
103.14.196.0/22
103.16.140.0/22
103.26.169.0/24
103.27.168.0/24
103.27.170.0/23
103.41.40.0/22
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.65.24.0/22
103.82.144.0/22
103.86.20.0/22
103.87.128.0/22
103.88.124.0/22
103.108.76.0/22
103.111.128.0/22
103.118.8.0/22
103.124.10.0/23
103.132.203.0/24
103.133.116.0/24
103.139.88.0/23
103.142.64.0/23
103.143.180.0/23
103.143.215.0/24
103.144.112.0/23
103.154.26.0/24
103.155.170.0/23
103.155.194.0/23
103.157.50.0/23
103.157.69.0/24
103.158.111.0/24
103.158.180.0/24
103.159.137.0/24
103.167.157.0/24
103.169.58.0/23
103.171.8.0/23
103.171.54.0/23
103.171.60.0/23
103.171.236.0/23
103.173.14.0/23
103.173.41.0/24
103.174.42.0/23
103.175.58.0/23
103.175.106.0/23
103.180.216.0/23
103.190.12.0/23
103.192.72.0/22
103.199.92.0/22
103.199.144.0/22
103.200.48.0/22
103.206.64.0/22
103.209.154.0/23
103.212.132.0/22
103.224.50.0/23
103.226.224.0/22
103.228.172.0/22
103.228.184.0/22
103.236.112.0/22
103.245.170.0/23
103.252.192.0/23
103.254.96.0/22
103.254.200.0/22
137.59.204.0/22
139.5.96.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
0d:34:c3:19:89:b1:36:9b:1b:37:90:ac:38:65:98:78:63:2e:
03:42:00:75:30:24:df:e7:4c:be:8d:20:6e:64:56:06:a2:e0:
9a:57:43:cf:1d:f4:76:1d:28:38:c7:ad:8a:94:36:31:ec:e8:
9c:0f:fd:29:05:2d:69:dc:2f:e0:a9:3a:35:2b:a1:62:18:21:
26:d7:52:3f:01:1b:7c:83:a6:8b:3a:c1:23:cb:d7:61:4c:f4:
d3:45:6f:3c:67:09:07:3e:a7:33:23:e7:80:e2:f5:0e:90:f2:
6c:5d:1b:52:ef:b3:2f:0c:c6:af:47:f8:d2:8e:ba:4d:b3:83:
3f:ae:4b:72:ee:93:bb:6a:99:2e:94:ba:46:ef:9f:cb:d7:38:
1a:b8:07:96:6d:b9:97:00:4b:67:61:4b:8a:de:f1:20:58:c5:
3c:2b:9b:fe:2f:1d:a6:e0:59:6c:70:a5:bf:dc:57:93:24:28:
bc:7d:d7:43:fa:fc:4c:44:3b:1b:1c:0a:49:69:a2:76:3a:b6:
74:f1:52:4d:e0:08:ef:a4:4e:ec:fe:69:a9:e6:2a:83:50:e9:
ba:16:bc:20:4a:e2:1e:ce:f7:5c:e4:aa:92:cc:97:bd:ec:c7:
80:59:f6:cc:f8:5d:f3:78:03:9f:e9:5d:ab:b7:66:c6:d4:7e:
93:8c:f7:5f
-----BEGIN CERTIFICATE-----
MIIHSzCCBjOgAwIBAgIDAKjmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMwMzE1Mzg1OFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjNWNkMTEtNmIwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK76ijt+tezdFdeXR9OGn6FoDM7/e0oMFAUDXEC2uQRJmB4129b5KA/SS/K4
yi1c1ohV7WcWlsHCaeUrjAIvwbaAJ8iRaJ/sD+JBqkizCFIn9S13Lcwde+RR0hhX
TdHm9deRdnQX82Fg6YM4+LJJmWkVRsSRG0tADNVXhfdFoBLZNLTivRQg4papGAY7
JlBRLXC+fGw8n0FpEE5GgNoKyhCK18hi1oUp5XSRn1Re71QMPGXgwXqpl6DfUzLh
5g2qHqPF964vBiCO1Xsa+/yjQxvxo+vOy/m1s7aRaYtKH0o49yWFwkYuXfOUGzik
YSJe1rpNU8i/cC8VJHG9BJN/o3kCAwEAAaOCBG4wggRqMB0GA1UdDgQWBBRCrGM0
a25+re142r3jlRXnYsgwiTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzlFQzlCNjJB
Rjg0NTExRUZCNjdCQzEyOEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIB9gYIKwYBBQUHAQcB
Af8EggHlMIIB4TCCAbgEAgABMIIBsAMEAivlyAMEAivndAMEAivvcAMEAivvmAME
Ai1ynAMEAmcOxAMEAmcQjAMEAGcaqQMEAGcbqAMEAWcbqgMEAmcpKAMEAGcvmAME
AmczXAMEAmc0MAMEAmc2YAMEAmc3VAMEAmdBGAMEAmdSkAMEAmdWFAMEAmdXgAME
AmdYfAMEAmdsTAMEAmdvgAMEAmd2CAMEAWd8CgMEAGeEywMEAGeFdAMEAWeLWAME
AWeOQAMEAWePtAMEAGeP1wMEAWeQcAMEAGeaGgMEAWebqgMEAWebwgMEAWedMgME
AGedRQMEAGeebwMEAGeetAMEAGefiQMEAGennQMEAWepOgMEAWerCAMEAWerNgME
AWerPAMEAWer7AMEAWetDgMEAGetKQMEAWeuKgMEAWevOgMEAWevagMEAWe02AME
AWe+DAMEAmfASAMEAmfHXAMEAmfHkAMEAmfIMAMEAmfOQAMEAWfRmgMEAmfUhAME
AWfgMgMEAmfi4AMEAmfkrAMEAmfkuAMEAmfscAMEAWf1qgMEAWf8wAMEAmf+YAME
Amf+yAMEAok7zAMEAosFYAMEAsu/ODAjBAIAAjAdMBIDBwEkANGAAGYDBwEkANGA
AGgDBwEkANGAAHAwDQYJKoZIhvcNAQELBQADggEBAA00wxmJsTabGzeQrDhlmHhj
LgNCAHUwJN/nTL6NIG5kVgai4JpXQ88d9HYdKDjHrYqUNjHs6JwP/SkFLWncL+Cp
OjUroWIYISbXUj8BG3yDpos6wSPL12FM9NNFbzxnCQc+pzMj54Di9Q6Q8mxdG1Lv
sy8Mxq9H+NKOuk2zgz+uS3Luk7tqmS6Uukbvn8vXOBq4B5ZtuZcAS2dhS4re8SBY
xTwrm/4vHabgWWxwpb/cV5MkKLx910P6/ExEOxscCklponY6tnTxUk3gCO+kTuz+
aanmKoNQ6boWvCBK4h7O91zkqpLMl73sx4BZ9sz4XfN4A5/pXau3ZsbUfpOM918=
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:52:37 2025 by rpki-client