Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B7257B30E2E411EFADD3551CC4F9AE02.roa
File: B7257B30E2E411EFADD3551CC4F9AE02.roa (raw, json)
Hash identifier: hjhuPAw2fcplYa9IXelc6THizcgIX/KmiDI1CKeekn4=
Subject key identifier: D5:37:44:22:99:A2:21:F5:B1:AA:F9:E1:A9:FB:C8:09:1B:FB:B8:B4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A4EA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B7257B30E2E411EFADD3551CC4F9AE02.roa
Signing time: Thu 06 Feb 2025 09:13:15 +0000
ROA not before: Thu 06 Feb 2025 09:13:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
43.239.112.0/22 maxlen: 24
43.248.58.0/23 maxlen: 24
45.114.156.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.26.169.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.102.64.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.132.203.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.142.64.0/23 maxlen: 24
103.143.109.0/24 maxlen: 24
103.144.112.0/23 maxlen: 24
103.144.193.0/24 maxlen: 24
103.151.38.0/24 maxlen: 24
103.153.208.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.157.162.0/23 maxlen: 24
103.157.176.0/23 maxlen: 24
103.164.0.0/23 maxlen: 24
103.167.157.0/24 maxlen: 24
103.171.8.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.174.38.0/23 maxlen: 24
103.174.42.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.224.50.0/23 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.236.112.0/22 maxlen: 24
103.241.140.0/22 maxlen: 24
103.242.236.0/22 maxlen: 24
103.254.200.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
220.158.140.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Feb 2025 09:58:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42218 (0xa4ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 6 09:13:15 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a47d2a-24a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:28:67:92:96:9b:e6:29:7b:86:f9:1d:44:e4:
1e:2a:ab:6b:1b:cc:39:e4:c4:e2:8f:23:7f:51:f3:
2f:ef:e2:25:2e:51:d8:32:89:ea:40:4e:e6:91:ef:
58:e7:27:14:5c:32:be:de:d9:19:ca:b1:db:5b:f5:
e6:fd:62:e9:08:4e:fa:0b:e5:e4:6b:08:b1:5f:1b:
03:88:ec:ae:eb:33:b9:cf:26:1e:ca:78:2d:41:35:
50:26:2c:9e:b2:63:c2:c1:57:69:0f:f5:c7:39:91:
24:20:3a:32:5b:78:44:dc:1c:9b:4a:34:5e:6a:64:
c8:8c:c4:93:2a:d1:55:42:28:d7:0b:a6:87:54:93:
d8:d4:a8:a1:49:96:41:4e:79:62:5d:75:4b:88:ca:
e8:01:a9:5f:7f:5b:b4:f3:cc:f9:ab:8b:77:f7:fb:
39:ed:28:89:1c:1a:1f:af:9f:5f:d4:7b:7b:67:b3:
df:74:a9:d6:1d:e7:12:b0:8a:48:fc:00:4b:1f:58:
5c:29:a7:1c:e5:e9:a8:44:e9:d1:d1:5d:ce:cc:b0:
79:e7:2d:f1:f9:2f:7f:c2:97:79:7c:4c:65:6d:60:
79:37:8f:7d:09:d1:73:2a:e5:be:7d:21:74:13:ba:
d0:c2:eb:07:bc:ac:e4:b8:58:bb:e8:22:3a:ea:16:
f7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:37:44:22:99:A2:21:F5:B1:AA:F9:E1:A9:FB:C8:09:1B:FB:B8:B4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B7257B30E2E411EFADD3551CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
43.231.116.0/22
43.239.112.0/22
43.248.58.0/23
45.114.156.0/22
103.14.196.0/22
103.16.140.0/22
103.26.169.0/24
103.27.168.0/24
103.27.170.0/23
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.82.144.0/22
103.86.20.0/22
103.88.124.0/22
103.102.64.0/22
103.108.76.0/22
103.111.128.0/22
103.118.8.0/22
103.132.203.0/24
103.133.116.0/24
103.142.64.0/23
103.143.109.0/24
103.144.112.0/23
103.144.193.0/24
103.151.38.0/24
103.153.208.0/23
103.155.194.0/23
103.157.162.0/23
103.157.176.0/23
103.164.0.0/23
103.167.157.0/24
103.171.8.0/23
103.171.236.0/23
103.173.14.0/23
103.173.41.0/24
103.174.38.0/23
103.174.42.0/23
103.180.216.0/23
103.192.72.0/22
103.199.92.0/22
103.200.48.0/22
103.206.64.0/22
103.212.132.0/22
103.224.50.0/23
103.226.224.0/22
103.228.172.0/22
103.236.112.0/22
103.241.140.0/22
103.242.236.0/22
103.254.200.0/22
137.59.204.0/22
139.5.96.0/22
203.191.56.0/22
220.158.140.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
14:60:b1:b6:d0:08:da:98:6d:0d:44:87:83:1f:b2:48:67:52:
2a:f6:b3:0e:9b:a9:d4:85:7b:fa:17:6e:56:81:91:ba:57:9f:
ca:ba:4a:a2:ab:e3:e8:d1:b6:99:c6:46:09:b9:6e:2b:7a:3b:
52:28:d3:71:a1:b1:42:60:0c:27:6e:58:a5:b3:ff:33:4c:52:
c9:a4:f5:4a:74:2e:46:c7:06:35:1b:63:03:cb:31:5b:1d:f8:
75:e6:31:26:73:69:f3:64:9e:37:e2:3c:61:75:d9:5e:28:6f:
81:2f:ca:a1:89:1a:87:d2:81:da:da:d4:77:a9:58:fd:34:3b:
d4:c5:7a:35:55:1b:a7:7f:d0:2f:12:2b:74:ef:89:77:03:46:
9d:ba:3e:53:c3:2b:41:9d:01:c3:90:43:3a:91:9b:64:f1:ad:
e3:73:36:14:71:bd:bc:ae:45:45:eb:9f:64:a1:9e:17:6a:5d:
e0:a2:24:24:97:44:f7:d8:77:c7:92:5b:ef:6d:14:62:3f:bd:
83:ec:77:9b:e9:14:10:ad:2c:26:9c:a2:12:d1:89:f5:8d:75:
e2:e1:aa:99:c0:d8:c9:99:eb:8e:6a:b7:b1:8e:7c:42:3e:1e:
57:f2:41:bf:4e:43:6d:90:08:a7:bd:35:79:4e:9b:18:ce:0e:
1c:d6:ae:12
-----BEGIN CERTIFICATE-----
MIIG9zCCBd+gAwIBAgIDAKTqMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIwNjA5MTMxNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdhNDdkMmEtMjRhNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcoZ5KWm+Ype4b5HUTkHiqraxvMOeTE4o8jf1HzL+/iJS5R2DKJ6kBO5pHv
WOcnFFwyvt7ZGcqx21v15v1i6QhO+gvl5GsIsV8bA4jsruszuc8mHsp4LUE1UCYs
nrJjwsFXaQ/1xzmRJCA6Mlt4RNwcm0o0XmpkyIzEkyrRVUIo1wumh1ST2NSooUmW
QU55Yl11S4jK6AGpX39btPPM+auLd/f7Oe0oiRwaH6+fX9R7e2ez33Sp1h3nErCK
SPwASx9YXCmnHOXpqETp0dFdzsyweect8fkvf8KXeXxMZW1geTePfQnRcyrlvn0h
dBO60MLrB7ys5LhYu+giOuoW9+MCAwEAAaOCBBowggQWMB0GA1UdDgQWBBTVN0Qi
maIh9bGq+eGp+8gJG/u4tDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0I3MjU3QjMw
RTJFNDExRUZBREQzNTUxQ0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBogYIKwYBBQUHAQcB
Af8EggGRMIIBjTCCAWQEAgABMIIBXAMEAivhAAMEAivndAMEAivvcAMEASv4OgME
Ai1ynAMEAmcOxAMEAmcQjAMEAGcaqQMEAGcbqAMEAWcbqgMEAGcvmAMEAmczXAME
Amc0MAMEAmc2YAMEAmc3VAMEAmdSkAMEAmdWFAMEAmdYfAMEAmdmQAMEAmdsTAME
AmdvgAMEAmd2CAMEAGeEywMEAGeFdAMEAWeOQAMEAGePbQMEAWeQcAMEAGeQwQME
AGeXJgMEAWeZ0AMEAWebwgMEAWedogMEAWedsAMEAWekAAMEAGennQMEAWerCAME
AWer7AMEAWetDgMEAGetKQMEAWeuJgMEAWeuKgMEAWe02AMEAmfASAMEAmfHXAME
AmfIMAMEAmfOQAMEAmfUhAMEAWfgMgMEAmfi4AMEAmfkrAMEAmfscAMEAmfxjAME
Amfy7AMEAmf+yAMEAok7zAMEAosFYAMEAsu/OAMEAtyejDAjBAIAAjAdMBIDBwEk
ANGAAGYDBwEkANGAAGgDBwEkANGAAHAwDQYJKoZIhvcNAQELBQADggEBABRgsbbQ
CNqYbQ1Eh4MfskhnUir2sw6bqdSFe/oXblaBkbpXn8q6SqKr4+jRtpnGRgm5bit6
O1Io03GhsUJgDCduWKWz/zNMUsmk9Up0LkbHBjUbYwPLMVsd+HXmMSZzafNknjfi
PGF12V4ob4EvyqGJGofSgdra1HepWP00O9TFejVVG6d/0C8SK3TviXcDRp26PlPD
K0GdAcOQQzqRm2TxreNzNhRxvbyuRUXrn2ShnhdqXeCiJCSXRPfYd8eSW+9tFGI/
vYPsd5vpFBCtLCacohLRifWNdeLhqpnA2MmZ645qt7GOfEI+HlfyQb9OQ22QCKe9
NXlOmxjODhzWrhI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:55:46 2025 by rpki-client