Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A107591604BA11F08E71CD83C4F9AE02.roa
File: A107591604BA11F08E71CD83C4F9AE02.roa (raw, json)
Hash identifier: AA45+H/ioNobAkwv6z4Z0VSXe0gtpk5DK9T/IbghAq0=
Subject key identifier: 3B:83:32:FA:A8:ED:78:80:B9:9B:9E:83:47:49:EA:A2:6C:16:DD:38
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: ABC3
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A107591604BA11F08E71CD83C4F9AE02.roa
Signing time: Thu 20 Mar 2025 08:48:43 +0000
ROA not before: Thu 20 Mar 2025 08:48:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.229.200.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
43.239.112.0/22 maxlen: 24
43.239.152.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
45.251.32.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.26.169.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.41.40.0/22 maxlen: 24
103.44.104.0/22 maxlen: 24
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.51.152.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.82.44.0/23 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.98.79.0/24 maxlen: 24
103.99.48.0/23 maxlen: 24
103.108.76.0/22 maxlen: 24
103.109.108.0/22 maxlen: 24
103.110.72.0/23 maxlen: 24
103.111.128.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.132.203.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.135.60.0/22 maxlen: 24
103.136.64.0/22 maxlen: 24
103.139.88.0/23 maxlen: 24
103.142.64.0/23 maxlen: 24
103.143.180.0/23 maxlen: 24
103.143.215.0/24 maxlen: 24
103.144.112.0/23 maxlen: 24
103.154.26.0/24 maxlen: 24
103.155.170.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.157.50.0/23 maxlen: 24
103.157.69.0/24 maxlen: 24
103.158.111.0/24 maxlen: 24
103.158.180.0/24 maxlen: 24
103.158.216.0/23 maxlen: 24
103.159.137.0/24 maxlen: 24
103.162.80.0/23 maxlen: 24
103.165.26.0/23 maxlen: 24
103.166.220.0/23 maxlen: 24
103.169.58.0/23 maxlen: 24
103.171.8.0/23 maxlen: 24
103.171.54.0/23 maxlen: 24
103.171.60.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.174.26.0/23 maxlen: 24
103.174.42.0/23 maxlen: 24
103.175.12.0/23 maxlen: 24
103.175.58.0/23 maxlen: 24
103.175.106.0/23 maxlen: 24
103.176.142.0/24 maxlen: 24
103.180.216.0/23 maxlen: 24
103.190.12.0/23 maxlen: 24
103.191.86.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.199.144.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.224.50.0/23 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.228.184.0/22 maxlen: 24
103.234.64.0/22 maxlen: 24
103.236.112.0/22 maxlen: 24
103.245.170.0/23 maxlen: 24
103.254.96.0/22 maxlen: 24
103.254.200.0/22 maxlen: 24
115.166.132.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
202.9.55.0/24 maxlen: 24
203.191.56.0/22 maxlen: 24
2001:df2:7040::/48 maxlen: 48
2001:df7:8980::/48 maxlen: 48
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
2403:c680::/32 maxlen: 40
2407:1340::/32 maxlen: 32
2407:4540::/32 maxlen: 40
Validation: Failed, certificate revoked on Thu 20 Mar 2025 11:09:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43971 (0xabc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 20 08:48:43 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67dbd66b-8c7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8f:95:67:26:a5:ac:fd:63:73:d4:87:f4:46:
43:16:04:5a:4d:d3:e9:60:4b:ac:24:8c:ce:82:12:
7f:e0:05:31:54:60:72:30:77:28:b9:8a:72:36:ad:
2a:2d:f3:a0:10:43:2d:e1:2f:23:04:cc:b2:49:94:
5e:99:6b:38:fe:a5:ed:44:7d:b5:29:a7:15:10:fb:
d8:71:42:3c:2a:0b:d1:16:74:66:3f:ac:66:0e:40:
b6:3c:3a:e4:da:af:3b:ec:a0:46:ac:b2:f6:2c:40:
c6:ad:c6:38:91:de:3a:94:76:c6:0c:43:b5:8c:76:
a0:b0:5c:d0:86:69:7c:35:dd:e7:83:56:41:ef:3a:
65:08:e6:93:ad:e8:0b:cf:7e:f5:bd:e4:14:c9:8b:
13:77:b2:4a:c5:49:64:b4:06:68:bc:13:9e:c3:0e:
41:da:49:89:3d:90:35:98:a9:67:24:9a:d6:26:6c:
a9:8a:74:bf:15:8a:ed:cf:a5:ea:81:51:e6:0e:b1:
ef:46:bd:28:5f:d8:9e:61:6f:62:f1:13:9c:87:dd:
53:15:6b:f8:01:b5:9e:d5:83:cf:24:a0:3d:e2:4b:
2a:df:7a:30:d5:2b:28:4a:e8:16:8f:16:76:fa:60:
b5:99:ba:73:fd:69:b5:f3:2e:a8:4f:4e:64:ad:20:
17:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:83:32:FA:A8:ED:78:80:B9:9B:9E:83:47:49:EA:A2:6C:16:DD:38
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A107591604BA11F08E71CD83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.200.0/22
43.231.116.0/22
43.239.112.0/22
43.239.152.0/22
45.114.156.0/22
45.251.32.0/22
103.14.196.0/22
103.16.140.0/22
103.26.169.0/24
103.27.168.0/24
103.27.170.0/23
103.41.40.0/22
103.44.104.0/22
103.47.152.0/24
103.51.92.0/22
103.51.152.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.82.44.0/23
103.82.144.0/22
103.86.20.0/22
103.88.124.0/22
103.98.79.0/24
103.99.48.0/23
103.108.76.0/22
103.109.108.0/22
103.110.72.0/23
103.111.128.0/22
103.118.8.0/22
103.132.203.0/24
103.133.116.0/24
103.135.60.0/22
103.136.64.0/22
103.139.88.0/23
103.142.64.0/23
103.143.180.0/23
103.143.215.0/24
103.144.112.0/23
103.154.26.0/24
103.155.170.0/23
103.155.194.0/23
103.157.50.0/23
103.157.69.0/24
103.158.111.0/24
103.158.180.0/24
103.158.216.0/23
103.159.137.0/24
103.162.80.0/23
103.165.26.0/23
103.166.220.0/23
103.169.58.0/23
103.171.8.0/23
103.171.54.0/23
103.171.60.0/23
103.171.236.0/23
103.173.41.0/24
103.174.26.0/23
103.174.42.0/23
103.175.12.0/23
103.175.58.0/23
103.175.106.0/23
103.176.142.0/24
103.180.216.0/23
103.190.12.0/23
103.191.86.0/23
103.192.72.0/22
103.199.92.0/22
103.199.144.0/22
103.200.48.0/22
103.206.64.0/22
103.212.132.0/22
103.224.50.0/23
103.226.224.0/22
103.228.172.0/22
103.228.184.0/22
103.234.64.0/22
103.236.112.0/22
103.245.170.0/23
103.254.96.0/22
103.254.200.0/22
115.166.132.0/22
137.59.204.0/22
139.5.96.0/22
202.9.55.0/24
203.191.56.0/22
IPv6:
2001:df2:7040::/48
2001:df7:8980::/48
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
2403:c680::/32
2407:1340::/32
2407:4540::/32
Signature Algorithm: sha256WithRSAEncryption
6e:5d:0f:cb:87:7e:d2:e2:fc:26:7f:8c:96:a7:5f:54:8e:5c:
df:60:d1:8d:7b:ed:a5:10:64:65:55:b9:a6:6d:28:c0:43:f5:
85:f4:fa:63:1d:de:2f:3e:fb:15:ff:45:5d:cb:0a:60:56:8f:
97:ae:4c:30:b4:ff:3c:15:6b:50:b7:49:13:9a:76:7c:d0:21:
16:53:29:7f:f9:9b:48:a0:49:82:d5:14:ce:08:12:bd:b6:4a:
06:cb:bd:0b:f6:0a:aa:89:05:16:7e:e7:e8:e5:ef:22:f3:b7:
df:9b:ab:aa:ba:a0:9f:25:3d:f5:07:30:35:31:6c:9a:63:62:
d7:71:cb:5e:66:04:83:5f:65:b1:a5:22:33:03:86:7c:b9:15:
0b:af:da:37:17:a4:df:d8:4d:45:55:e5:9e:26:b9:9e:8b:6a:
15:8d:04:3e:b4:1c:3e:96:a9:42:4f:f4:82:28:80:52:17:f3:
0b:70:ea:47:61:78:45:c2:48:20:25:bb:e0:a7:ab:e9:a7:70:
5b:38:79:b9:c6:ae:d6:2d:29:8e:af:7d:a1:f0:b9:29:42:a4:
c5:0c:1b:c1:85:e3:6a:10:de:a2:08:0f:d2:50:91:14:12:cb:
49:8e:33:ad:e8:26:65:3c:01:e7:56:2b:70:ff:9f:1b:40:9f:
c8:23:a9:9d
-----BEGIN CERTIFICATE-----
MIIHxjCCBq6gAwIBAgIDAKvDMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMyMDA4NDg0M1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdkYmQ2NmItOGM3ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaPlWcmpaz9Y3PUh/RGQxYEWk3T6WBLrCSMzoISf+AFMVRgcjB3KLmKcjat
Ki3zoBBDLeEvIwTMskmUXplrOP6l7UR9tSmnFRD72HFCPCoL0RZ0Zj+sZg5Atjw6
5NqvO+ygRqyy9ixAxq3GOJHeOpR2xgxDtYx2oLBc0IZpfDXd54NWQe86ZQjmk63o
C89+9b3kFMmLE3eySsVJZLQGaLwTnsMOQdpJiT2QNZipZySa1iZsqYp0vxWK7c+l
6oFR5g6x70a9KF/YnmFvYvETnIfdUxVr+AG1ntWDzySgPeJLKt96MNUrKEroFo8W
dvpgtZm6c/1ptfMuqE9OZK0gFycCAwEAAaOCBOkwggTlMB0GA1UdDgQWBBQ7gzL6
qO14gLmbnoNHSeqibBbdODAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0ExMDc1OTE2
MDRCQTExRjA4RTcxQ0Q4M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIICcQYIKwYBBQUHAQcB
Af8EggJgMIICXDCCAgwEAgABMIICBAMEAivlyAMEAivndAMEAivvcAMEAivvmAME
Ai1ynAMEAi37IAMEAmcOxAMEAmcQjAMEAGcaqQMEAGcbqAMEAWcbqgMEAmcpKAME
AmcsaAMEAGcvmAMEAmczXAMEAmczmAMEAmc0MAMEAmc2YAMEAmc3VAMEAWdSLAME
AmdSkAMEAmdWFAMEAmdYfAMEAGdiTwMEAWdjMAMEAmdsTAMEAmdtbAMEAWduSAME
AmdvgAMEAmd2CAMEAGeEywMEAGeFdAMEAmeHPAMEAmeIQAMEAWeLWAMEAWeOQAME
AWePtAMEAGeP1wMEAWeQcAMEAGeaGgMEAWebqgMEAWebwgMEAWedMgMEAGedRQME
AGeebwMEAGeetAMEAWee2AMEAGefiQMEAWeiUAMEAWelGgMEAWem3AMEAWepOgME
AWerCAMEAWerNgMEAWerPAMEAWer7AMEAGetKQMEAWeuGgMEAWeuKgMEAWevDAME
AWevOgMEAWevagMEAGewjgMEAWe02AMEAWe+DAMEAWe/VgMEAmfASAMEAmfHXAME
AmfHkAMEAmfIMAMEAmfOQAMEAmfUhAMEAWfgMgMEAmfi4AMEAmfkrAMEAmfkuAME
AmfqQAMEAmfscAMEAWf1qgMEAmf+YAMEAmf+yAMEAnOmhAMEAok7zAMEAosFYAME
AMoJNwMEAsu/ODBKBAIAAjBEAwcAIAEN8nBAAwcAIAEN94mAMBIDBwEkANGAAGYD
BwEkANGAAGgDBwEkANGAAHADBQAkA8aAAwUAJAcTQAMFACQHRUAwDQYJKoZIhvcN
AQELBQADggEBAG5dD8uHftLi/CZ/jJanX1SOXN9g0Y177aUQZGVVuaZtKMBD9YX0
+mMd3i8++xX/RV3LCmBWj5euTDC0/zwVa1C3SROadnzQIRZTKX/5m0igSYLVFM4I
Er22SgbLvQv2CqqJBRZ+5+jl7yLzt9+bq6q6oJ8lPfUHMDUxbJpjYtdxy15mBINf
ZbGlIjMDhny5FQuv2jcXpN/YTUVV5Z4muZ6LahWNBD60HD6WqUJP9IIogFIX8wtw
6kdheEXCSCAlu+Cnq+mncFs4ebnGrtYtKY6vfaHwuSlCpMUMG8GF42oQ3qIID9JQ
kRQSy0mOM63oJmU8AedWK3D/nxtAn8gjqZ0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:02 2025 by rpki-client