Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A813A6C2F82811EFBF509C11C4F9AE02.roa
File: A813A6C2F82811EFBF509C11C4F9AE02.roa (raw, json)
Hash identifier: sGNmHFFkTrtSLIGbu/nXcBegSC2GAbtAPAdjEzsen5k=
Subject key identifier: AF:73:87:3C:F6:71:75:E6:6F:96:42:D4:3A:1C:FF:B1:EC:41:A4:25
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A8E1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A813A6C2F82811EFBF509C11C4F9AE02.roa
Signing time: Mon 03 Mar 2025 12:11:38 +0000
ROA not before: Mon 03 Mar 2025 12:11:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.229.200.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
43.239.112.0/22 maxlen: 24
43.239.152.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.26.169.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.41.40.0/22 maxlen: 24
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.65.24.0/22 maxlen: 24
103.68.20.0/22 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.87.128.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.124.10.0/23 maxlen: 24
103.132.203.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.139.88.0/23 maxlen: 24
103.142.64.0/23 maxlen: 24
103.143.180.0/23 maxlen: 24
103.143.215.0/24 maxlen: 24
103.144.112.0/23 maxlen: 24
103.154.26.0/24 maxlen: 24
103.155.170.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.157.50.0/23 maxlen: 24
103.157.69.0/24 maxlen: 24
103.158.111.0/24 maxlen: 24
103.158.180.0/24 maxlen: 24
103.159.137.0/24 maxlen: 24
103.167.157.0/24 maxlen: 24
103.169.58.0/23 maxlen: 24
103.171.8.0/23 maxlen: 24
103.171.54.0/23 maxlen: 24
103.171.60.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.174.42.0/23 maxlen: 24
103.175.58.0/23 maxlen: 24
103.175.106.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.190.12.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.199.144.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.209.154.0/23 maxlen: 24
103.212.132.0/22 maxlen: 24
103.224.50.0/23 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.228.184.0/22 maxlen: 24
103.236.112.0/22 maxlen: 24
103.245.170.0/23 maxlen: 24
103.252.192.0/23 maxlen: 24
103.254.96.0/22 maxlen: 24
103.254.200.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Mar 2025 15:38:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43233 (0xa8e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 3 12:11:38 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c59c79-2730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f4:79:ab:fc:a8:bc:92:01:84:4e:cb:fc:8f:
2e:6c:b2:34:89:40:65:de:92:91:60:c0:de:70:ab:
4c:37:50:02:cd:92:55:06:4b:a2:12:68:86:71:c9:
1e:81:2d:a4:6f:25:42:55:ce:57:7d:00:77:31:00:
62:a5:26:d8:6a:8c:32:9e:3b:5a:08:f2:e1:5f:05:
4d:81:d6:45:a3:00:5e:ff:43:44:ed:77:00:54:9f:
4b:2c:e5:ad:b7:fd:d4:25:f9:02:c3:b8:88:8f:42:
87:99:ec:b5:7b:05:57:d4:ae:68:09:1e:cf:20:4d:
0f:e5:1f:80:aa:cd:be:9e:11:51:9b:7d:99:3f:5c:
20:04:7c:a9:79:96:30:58:a8:05:7a:fa:1b:81:a7:
3f:1c:98:86:50:80:7e:e0:85:3b:36:f5:f3:3b:30:
63:26:21:ed:87:0a:50:5d:41:f1:fd:09:33:7d:bf:
37:60:80:4e:14:51:c0:de:59:03:6a:ea:9b:de:2d:
3a:de:4e:79:f3:87:5b:07:52:d3:2d:58:6a:2e:b3:
42:ac:ef:f9:0e:f4:4c:fb:6e:e0:bc:5d:5d:2a:db:
32:9f:94:b6:70:21:25:9d:fd:87:70:fc:8f:15:f9:
ab:0c:92:d5:e6:6b:51:7d:77:68:e2:4a:0e:17:b1:
c6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:73:87:3C:F6:71:75:E6:6F:96:42:D4:3A:1C:FF:B1:EC:41:A4:25
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A813A6C2F82811EFBF509C11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.200.0/22
43.231.116.0/22
43.239.112.0/22
43.239.152.0/22
45.114.156.0/22
103.14.196.0/22
103.16.140.0/22
103.26.169.0/24
103.27.168.0/24
103.27.170.0/23
103.41.40.0/22
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.65.24.0/22
103.68.20.0/22
103.82.144.0/22
103.86.20.0/22
103.87.128.0/22
103.88.124.0/22
103.108.76.0/22
103.111.128.0/22
103.118.8.0/22
103.124.10.0/23
103.132.203.0/24
103.133.116.0/24
103.139.88.0/23
103.142.64.0/23
103.143.180.0/23
103.143.215.0/24
103.144.112.0/23
103.154.26.0/24
103.155.170.0/23
103.155.194.0/23
103.157.50.0/23
103.157.69.0/24
103.158.111.0/24
103.158.180.0/24
103.159.137.0/24
103.167.157.0/24
103.169.58.0/23
103.171.8.0/23
103.171.54.0/23
103.171.60.0/23
103.171.236.0/23
103.173.14.0/23
103.173.41.0/24
103.174.42.0/23
103.175.58.0/23
103.175.106.0/23
103.180.216.0/23
103.190.12.0/23
103.192.72.0/22
103.199.92.0/22
103.199.144.0/22
103.200.48.0/22
103.206.64.0/22
103.209.154.0/23
103.212.132.0/22
103.224.50.0/23
103.226.224.0/22
103.228.172.0/22
103.228.184.0/22
103.236.112.0/22
103.245.170.0/23
103.252.192.0/23
103.254.96.0/22
103.254.200.0/22
137.59.204.0/22
139.5.96.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
a6:db:e3:c8:3b:65:0c:fa:8c:bd:0a:5e:2f:4a:cf:d6:1c:f1:
cd:e0:b8:72:f2:c3:7a:26:05:db:b5:69:99:52:47:3f:1c:c0:
5b:4b:c0:da:61:de:21:63:0b:65:9e:75:db:7c:33:de:6a:cb:
32:4b:8e:0a:51:da:ef:99:39:57:99:cf:a1:aa:73:b5:3b:58:
66:64:8e:4f:c7:b3:c2:e2:4f:f8:f8:6e:55:90:ca:10:56:0f:
30:75:da:bb:fa:0d:65:2f:7c:32:5a:0b:2f:6d:78:fd:6c:df:
a3:b5:b4:17:71:de:5c:4d:fe:85:fe:d4:a7:79:38:89:67:47:
e4:7c:87:10:09:ab:0f:e3:9c:57:f7:af:75:8e:a0:02:23:d4:
52:a3:7e:45:d5:7a:de:d7:21:c2:f3:a6:c6:75:4e:8b:73:b9:
50:95:cd:30:e2:80:62:2f:d5:31:5d:1a:9a:5e:ac:ce:e7:47:
c6:89:f1:0e:9d:5c:18:b1:0d:e9:dc:8c:8e:fe:14:2e:4c:77:
0f:37:ec:90:21:77:28:76:a8:20:ce:bd:6d:5e:89:ed:99:36:
f9:c3:7d:fe:c5:b6:96:e5:b3:77:13:7c:97:c0:8e:f9:f1:2a:
46:d4:7d:e4:66:a3:75:df:ff:05:9b:a7:f0:d9:a5:d4:e5:04:
c0:5c:fc:4e
-----BEGIN CERTIFICATE-----
MIIHUTCCBjmgAwIBAgIDAKjhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMwMzEyMTEzOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjNTljNzktMjczMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKn0eav8qLySAYROy/yPLmyyNIlAZd6SkWDA3nCrTDdQAs2SVQZLohJohnHJ
HoEtpG8lQlXOV30AdzEAYqUm2GqMMp47Wgjy4V8FTYHWRaMAXv9DRO13AFSfSyzl
rbf91CX5AsO4iI9Ch5nstXsFV9SuaAkezyBND+UfgKrNvp4RUZt9mT9cIAR8qXmW
MFioBXr6G4GnPxyYhlCAfuCFOzb18zswYyYh7YcKUF1B8f0JM32/N2CAThRRwN5Z
A2rqm94tOt5OefOHWwdS0y1Yai6zQqzv+Q70TPtu4LxdXSrbMp+UtnAhJZ39h3D8
jxX5qwyS1eZrUX13aOJKDhexxusCAwEAAaOCBHQwggRwMB0GA1UdDgQWBBSvc4c8
9nF15m+WQtQ6HP+x7EGkJTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0E4MTNBNkMy
RjgyODExRUZCRjUwOUMxMUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIB/AYIKwYBBQUHAQcB
Af8EggHrMIIB5zCCAb4EAgABMIIBtgMEAivlyAMEAivndAMEAivvcAMEAivvmAME
Ai1ynAMEAmcOxAMEAmcQjAMEAGcaqQMEAGcbqAMEAWcbqgMEAmcpKAMEAGcvmAME
AmczXAMEAmc0MAMEAmc2YAMEAmc3VAMEAmdBGAMEAmdEFAMEAmdSkAMEAmdWFAME
AmdXgAMEAmdYfAMEAmdsTAMEAmdvgAMEAmd2CAMEAWd8CgMEAGeEywMEAGeFdAME
AWeLWAMEAWeOQAMEAWePtAMEAGeP1wMEAWeQcAMEAGeaGgMEAWebqgMEAWebwgME
AWedMgMEAGedRQMEAGeebwMEAGeetAMEAGefiQMEAGennQMEAWepOgMEAWerCAME
AWerNgMEAWerPAMEAWer7AMEAWetDgMEAGetKQMEAWeuKgMEAWevOgMEAWevagME
AWe02AMEAWe+DAMEAmfASAMEAmfHXAMEAmfHkAMEAmfIMAMEAmfOQAMEAWfRmgME
AmfUhAMEAWfgMgMEAmfi4AMEAmfkrAMEAmfkuAMEAmfscAMEAWf1qgMEAWf8wAME
Amf+YAMEAmf+yAMEAok7zAMEAosFYAMEAsu/ODAjBAIAAjAdMBIDBwEkANGAAGYD
BwEkANGAAGgDBwEkANGAAHAwDQYJKoZIhvcNAQELBQADggEBAKbb48g7ZQz6jL0K
Xi9Kz9Yc8c3guHLyw3omBdu1aZlSRz8cwFtLwNph3iFjC2Weddt8M95qyzJLjgpR
2u+ZOVeZz6Gqc7U7WGZkjk/Hs8LiT/j4blWQyhBWDzB12rv6DWUvfDJaCy9teP1s
36O1tBdx3lxN/oX+1Kd5OIlnR+R8hxAJqw/jnFf3r3WOoAIj1FKjfkXVet7XIcLz
psZ1TotzuVCVzTDigGIv1TFdGpperM7nR8aJ8Q6dXBixDencjI7+FC5Mdw837JAh
dyh2qCDOvW1eie2ZNvnDff7Ftpbls3cTfJfAjvnxKkbUfeRmo3Xf/wWbp/DZpdTl
BMBc/E4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:55 2025 by rpki-client