Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BB39B3CAF5AF11EF853A7243C4F9AE02.roa
File: BB39B3CAF5AF11EF853A7243C4F9AE02.roa (raw, json)
Hash identifier: F+ZTVgqa8WOKl4Mg2AZkP62fI2PL06F3IHSJrS78JjE=
Subject key identifier: 05:DA:FE:27:1E:5A:78:9F:49:F0:BC:86:7F:42:83:DB:F8:3F:96:19
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A86F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BB39B3CAF5AF11EF853A7243C4F9AE02.roa
Signing time: Fri 28 Feb 2025 08:40:59 +0000
ROA not before: Fri 28 Feb 2025 08:40:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58678
IP address blocks: 43.241.28.0/22 maxlen: 24
43.241.128.0/22 maxlen: 24
43.241.132.0/22 maxlen: 24
43.242.208.0/24 maxlen: 24
43.242.209.0/24 maxlen: 24
43.242.210.0/24 maxlen: 24
43.242.211.0/24 maxlen: 24
43.242.224.0/22 maxlen: 24
43.242.228.0/22 maxlen: 24
45.64.84.0/22 maxlen: 24
45.114.192.0/22 maxlen: 24
45.117.0.0/22 maxlen: 24
45.127.120.0/22 maxlen: 24
45.250.248.0/24 maxlen: 24
45.250.249.0/24 maxlen: 24
45.250.250.0/24 maxlen: 24
45.251.236.0/24 maxlen: 24
45.251.237.0/24 maxlen: 24
45.251.238.0/24 maxlen: 24
45.251.239.0/24 maxlen: 24
103.14.232.0/22 maxlen: 24
103.17.12.0/23 maxlen: 24
103.26.52.0/22 maxlen: 22
103.26.52.0/24 maxlen: 24
103.26.53.0/24 maxlen: 24
103.26.54.0/24 maxlen: 24
103.26.55.0/24 maxlen: 24
103.26.56.0/22 maxlen: 24
103.42.160.0/22 maxlen: 24
103.48.56.0/23 maxlen: 24
103.48.58.0/24 maxlen: 24
103.48.59.0/24 maxlen: 24
103.48.100.0/22 maxlen: 24
103.57.96.0/23 maxlen: 24
103.59.212.0/22 maxlen: 24
103.66.80.0/22 maxlen: 22
103.66.80.0/24 maxlen: 24
103.66.81.0/24 maxlen: 24
103.66.82.0/24 maxlen: 24
103.66.83.0/24 maxlen: 24
103.69.238.0/24 maxlen: 24
103.74.236.0/22 maxlen: 24
103.77.152.0/22 maxlen: 23
103.77.152.0/23 maxlen: 24
103.77.154.0/24 maxlen: 24
103.89.40.0/22 maxlen: 24
103.111.132.0/22 maxlen: 24
103.112.32.0/24 maxlen: 24
103.112.33.0/24 maxlen: 24
103.112.34.0/24 maxlen: 24
103.112.35.0/24 maxlen: 24
103.117.184.0/24 maxlen: 24
103.117.187.0/24 maxlen: 24
103.137.152.0/22 maxlen: 24
103.148.207.0/24 maxlen: 24
103.153.151.0/24 maxlen: 24
103.162.190.0/23 maxlen: 24
103.163.188.0/24 maxlen: 24
103.163.189.0/24 maxlen: 24
103.166.112.0/23 maxlen: 24
103.168.62.0/24 maxlen: 24
103.168.63.0/24 maxlen: 24
103.173.208.0/23 maxlen: 24
103.174.30.0/24 maxlen: 24
103.174.38.0/24 maxlen: 24
103.178.212.0/23 maxlen: 24
103.181.209.0/24 maxlen: 24
103.185.11.0/24 maxlen: 24
103.204.119.0/24 maxlen: 24
103.209.18.0/24 maxlen: 24
103.209.19.0/24 maxlen: 24
103.215.114.0/23 maxlen: 24
103.216.144.0/22 maxlen: 24
103.218.100.0/22 maxlen: 24
103.219.164.0/24 maxlen: 24
103.219.165.0/24 maxlen: 24
103.219.166.0/24 maxlen: 24
103.219.167.0/24 maxlen: 24
103.220.80.0/22 maxlen: 24
103.220.212.0/22 maxlen: 24
103.226.0.0/22 maxlen: 24
103.226.4.0/22 maxlen: 24
103.226.28.0/22 maxlen: 24
103.232.24.0/22 maxlen: 24
124.108.16.0/22 maxlen: 24
2001:df6:f180::/48 maxlen: 48
2404:bd00::/48 maxlen: 48
2404:bd00:1::/48 maxlen: 48
2404:bd00:2::/48 maxlen: 48
2404:bd00:3::/48 maxlen: 48
2404:bd00:4::/48 maxlen: 48
2404:bd00:5::/48 maxlen: 48
2404:bd00:6::/48 maxlen: 48
2404:bd00:7::/48 maxlen: 48
2404:bd00:8::/48 maxlen: 48
2404:bd00:a::/48 maxlen: 48
2404:bd00:b::/48 maxlen: 48
2404:bd00:c::/48 maxlen: 48
2404:bd00:d::/48 maxlen: 48
2404:bd00:e::/48 maxlen: 48
2404:bd00:f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Mar 2025 09:55:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43119 (0xa86f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 28 08:40:58 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c1769a-a50d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c9:94:c9:b8:03:da:e5:3d:88:bc:92:d8:8a:
a3:ca:6a:91:f1:ea:69:3c:45:34:f2:86:1b:b7:74:
68:3d:c3:54:34:5e:2f:61:d8:12:f0:ef:34:5b:00:
f4:15:85:0a:be:89:fb:14:85:d4:fd:d2:2f:4c:0e:
a2:fe:74:33:ee:5e:98:8b:7d:10:54:ee:9c:69:33:
c3:1a:15:13:61:08:5f:87:a7:1b:b9:d2:51:c0:33:
e3:df:be:10:fe:2d:19:82:6c:3b:be:65:d2:8f:85:
a8:73:d2:93:bf:7f:6c:37:03:3d:18:13:23:70:e6:
1b:d8:f2:cc:e2:74:0b:aa:07:bc:5b:1b:c3:29:76:
49:6d:c6:d5:24:16:cb:07:32:15:14:d7:5b:a4:7c:
1e:66:2a:66:6e:ae:ea:67:db:ef:c2:c7:ce:d9:e5:
b2:ee:a5:dc:68:de:9b:5f:93:8c:06:fa:12:ad:24:
19:64:6d:57:f4:5d:98:99:d0:0e:e4:e1:b9:77:a9:
89:20:07:35:7c:48:b5:37:59:e1:64:67:93:37:b1:
df:3a:7d:05:7e:e1:9a:59:23:6b:68:bb:c9:35:22:
98:8b:f2:74:ff:19:e9:cf:48:2a:41:c0:a7:af:28:
74:ad:5d:3c:bf:2c:4e:c8:4f:c7:b1:ef:9d:12:ae:
82:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DA:FE:27:1E:5A:78:9F:49:F0:BC:86:7F:42:83:DB:F8:3F:96:19
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BB39B3CAF5AF11EF853A7243C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.28.0/22
43.241.128.0/21
43.242.208.0/22
43.242.224.0/21
45.64.84.0/22
45.114.192.0/22
45.117.0.0/22
45.127.120.0/22
45.250.248.0-45.250.250.255
45.251.236.0/22
103.14.232.0/22
103.17.12.0/23
103.26.52.0-103.26.59.255
103.42.160.0/22
103.48.56.0/22
103.48.100.0/22
103.57.96.0/23
103.59.212.0/22
103.66.80.0/22
103.69.238.0/24
103.74.236.0/22
103.77.152.0/22
103.89.40.0/22
103.111.132.0/22
103.112.32.0/22
103.117.184.0/24
103.117.187.0/24
103.137.152.0/22
103.148.207.0/24
103.153.151.0/24
103.162.190.0/23
103.163.188.0/23
103.166.112.0/23
103.168.62.0/23
103.173.208.0/23
103.174.30.0/24
103.174.38.0/24
103.178.212.0/23
103.181.209.0/24
103.185.11.0/24
103.204.119.0/24
103.209.18.0/23
103.215.114.0/23
103.216.144.0/22
103.218.100.0/22
103.219.164.0/22
103.220.80.0/22
103.220.212.0/22
103.226.0.0/21
103.226.28.0/22
103.232.24.0/22
124.108.16.0/22
IPv6:
2001:df6:f180::/48
2404:bd00::-2404:bd00:8:ffff:ffff:ffff:ffff:ffff
2404:bd00:a::-2404:bd00:f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
91:ad:06:d3:63:5e:03:a8:f4:75:a8:69:bc:24:02:a9:0a:b6:
a4:41:71:ed:1d:c3:29:78:0a:40:a2:ab:8d:a2:ec:75:ba:34:
e8:a9:18:d2:93:d0:87:4b:95:bd:af:1d:d9:0f:12:d1:a3:e2:
29:9b:d2:38:76:4f:0f:ff:09:52:60:36:5d:bb:6c:d4:39:a8:
4f:ec:10:69:7b:e6:fe:85:68:ff:49:2d:0f:33:23:22:59:0b:
cf:8e:58:85:06:ae:e4:62:73:a7:10:bc:ea:19:3e:d6:e5:a4:
35:20:62:b6:7e:30:d2:39:36:7b:35:67:af:33:65:a0:93:d1:
d4:a7:56:a0:b1:4d:54:09:ab:5e:64:11:47:59:72:36:6c:af:
d0:5e:7f:36:1f:e4:f4:6d:e0:0c:e7:9a:db:ce:08:27:b8:ad:
b6:11:d7:10:2e:3f:d9:e0:41:b2:f2:52:d9:77:90:1b:6b:74:
da:04:d4:2d:72:11:d9:7d:60:f8:f4:a6:cd:55:65:7c:91:db:
16:c5:fa:e9:8a:3b:bd:04:d3:5d:8a:28:13:1d:be:70:32:ca:
ea:cb:2f:b1:85:d8:f8:b7:46:65:0c:ef:cc:31:21:2b:43:23:
b3:9c:54:ba:ee:46:c3:a9:e7:66:4b:9b:28:be:81:e8:b0:c7:
a4:9f:03:41
-----BEGIN CERTIFICATE-----
MIIG9DCCBdygAwIBAgIDAKhvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIyODA4NDA1OFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjMTc2OWEtYTUwZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOHJlMm4A9rlPYi8ktiKo8pqkfHqaTxFNPKGG7d0aD3DVDReL2HYEvDvNFsA
9BWFCr6J+xSF1P3SL0wOov50M+5emIt9EFTunGkzwxoVE2EIX4enG7nSUcAz49++
EP4tGYJsO75l0o+FqHPSk79/bDcDPRgTI3DmG9jyzOJ0C6oHvFsbwyl2SW3G1SQW
ywcyFRTXW6R8HmYqZm6u6mfb78LHztnlsu6l3Gjem1+TjAb6Eq0kGWRtV/RdmJnQ
DuThuXepiSAHNXxItTdZ4WRnkzex3zp9BX7hmlkja2i7yTUimIvydP8Z6c9IKkHA
p68odK1dPL8sTshPx7HvnRKugn8CAwEAAaOCBBcwggQTMB0GA1UdDgQWBBQF2v4n
Hlp4n0nwvIZ/QoPb+D+WGTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0JCMzlCM0NB
RjVBRjExRUY4NTNBNzI0M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBnwYIKwYBBQUHAQcB
Af8EggGOMIIBijCCAVAEAgABMIIBSAMEAivxHAMEAyvxgAMEAivy0AMEAyvy4AME
Ai1AVAMEAi1ywAMEAi11AAMEAi1/eDAMAwQDLfr4AwQALfr6AwQCLfvsAwQCZw7o
AwQBZxEMMAwDBAJnGjQDBAJnGjgDBAJnKqADBAJnMDgDBAJnMGQDBAFnOWADBAJn
O9QDBAJnQlADBABnRe4DBAJnSuwDBAJnTZgDBAJnWSgDBAJnb4QDBAJncCADBABn
dbgDBABndbsDBAJniZgDBABnlM8DBABnmZcDBAFnor4DBAFno7wDBAFnpnADBAFn
qD4DBAFnrdADBABnrh4DBABnriYDBAFnstQDBABntdEDBABnuQsDBABnzHcDBAFn
0RIDBAFn13IDBAJn2JADBAJn2mQDBAJn26QDBAJn3FADBAJn3NQDBANn4gADBAJn
4hwDBAJn6BgDBAJ8bBAwNAQCAAIwLgMHACABDfbxgDAPAwQAJAS9AwcAJAS9AAAI
MBIDBwEkBL0AAAoDBwQkBL0AAAAwDQYJKoZIhvcNAQELBQADggEBAJGtBtNjXgOo
9HWoabwkAqkKtqRBce0dwyl4CkCiq42i7HW6NOipGNKT0IdLlb2vHdkPEtGj4imb
0jh2Tw//CVJgNl27bNQ5qE/sEGl75v6FaP9JLQ8zIyJZC8+OWIUGruRic6cQvOoZ
PtblpDUgYrZ+MNI5Nns1Z68zZaCT0dSnVqCxTVQJq15kEUdZcjZsr9BefzYf5PRt
4AznmtvOCCe4rbYR1xAuP9ngQbLyUtl3kBtrdNoE1C1yEdl9YPj0ps1VZXyR2xbF
+umKO70E012KKBMdvnAyyurLL7GF2Pi3RmUM78wxIStDI7OcVLruRsOp52ZLmyi+
geiwx6SfA0E=
-----END CERTIFICATE-----
Generated at Fri Apr 11 20:59:46 2025 by rpki-client