Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C834F686848311EF9F5FD24DC4F9AE02.roa
File: C834F686848311EF9F5FD24DC4F9AE02.roa (raw, json)
Hash identifier: VcjUMvoiUQvTbi5v3kmdRNVt7C2eUQUE63rasRSMWYw=
Subject key identifier: 6D:9C:7C:46:E7:5B:83:F8:C5:47:22:46:CB:78:69:B1:78:BC:06:8F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9F13
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C834F686848311EF9F5FD24DC4F9AE02.roa
Signing time: Fri 13 Dec 2024 10:43:14 +0000
ROA not before: Fri 13 Dec 2024 10:43:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137085
IP address blocks: 27.123.240.0/23 maxlen: 24
43.225.248.0/22 maxlen: 24
43.228.164.0/23 maxlen: 24
103.37.98.0/23 maxlen: 24
103.68.140.0/23 maxlen: 24
103.69.239.0/24 maxlen: 24
103.72.196.0/24 maxlen: 24
103.88.59.0/24 maxlen: 24
103.91.72.0/24 maxlen: 24
103.91.73.0/24 maxlen: 24
103.91.74.0/24 maxlen: 24
103.91.75.0/24 maxlen: 24
103.91.76.0/22 maxlen: 24
103.92.107.0/24 maxlen: 24
103.93.39.0/24 maxlen: 24
103.101.112.0/22 maxlen: 24
103.113.110.0/23 maxlen: 24
103.115.128.0/24 maxlen: 24
103.115.131.0/24 maxlen: 24
103.120.152.0/24 maxlen: 24
103.120.153.0/24 maxlen: 24
103.124.174.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.148.119.0/24 maxlen: 24
103.154.8.0/23 maxlen: 24
103.154.56.0/23 maxlen: 24
103.156.121.0/24 maxlen: 24
103.157.188.0/23 maxlen: 24
103.158.41.0/24 maxlen: 24
103.159.104.0/23 maxlen: 24
103.160.25.0/24 maxlen: 24
103.160.222.0/24 maxlen: 24
103.163.14.0/23 maxlen: 24
103.164.140.0/24 maxlen: 24
103.165.88.0/23 maxlen: 24
103.167.154.0/23 maxlen: 24
103.167.182.0/23 maxlen: 24
103.167.224.0/23 maxlen: 24
103.167.238.0/23 maxlen: 24
103.168.60.0/23 maxlen: 24
103.169.242.0/23 maxlen: 24
103.170.0.0/24 maxlen: 24
103.170.36.0/23 maxlen: 24
103.170.38.0/23 maxlen: 24
103.170.48.0/23 maxlen: 24
103.170.84.0/23 maxlen: 24
103.174.28.0/24 maxlen: 24
103.174.29.0/24 maxlen: 24
103.178.24.0/23 maxlen: 24
103.178.117.0/24 maxlen: 24
103.179.50.0/23 maxlen: 24
103.181.66.0/24 maxlen: 24
103.181.119.0/24 maxlen: 24
103.184.41.0/24 maxlen: 24
103.184.205.0/24 maxlen: 24
103.191.202.0/23 maxlen: 24
103.204.70.0/24 maxlen: 24
103.206.51.0/24 maxlen: 24
103.206.96.0/23 maxlen: 24
103.216.141.0/24 maxlen: 24
103.225.70.0/24 maxlen: 24
103.232.232.0/22 maxlen: 24
202.4.169.0/24 maxlen: 24
2001:df0:47c0::/48 maxlen: 48
2001:df1:d240::/48 maxlen: 48
2001:df1:ed40::/48 maxlen: 48
2001:df2:3ac0::/48 maxlen: 48
2001:df2:3f40::/48 maxlen: 48
2001:df2:9640::/48 maxlen: 48
2001:df3:1340::/48 maxlen: 48
2400:d660::/32 maxlen: 32
2401:bba0::/32 maxlen: 32
2405:e100:a::/48 maxlen: 48
2405:e100:b::/48 maxlen: 48
2405:e100:c::/48 maxlen: 48
2405:e100:d::/48 maxlen: 48
2405:e100:e::/48 maxlen: 48
2405:e100:f::/48 maxlen: 48
2405:e100:1d::/48 maxlen: 48
2405:e100:1e::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:41:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40723 (0x9f13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 13 10:43:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=675c0fc1-59a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:00:1b:ae:78:a6:e4:c5:d1:ad:2a:ef:6c:7f:
cb:3a:7b:70:0e:81:ff:a0:06:65:f5:90:ef:ec:bb:
98:25:4a:ae:72:1e:b0:c1:80:67:a5:3f:65:e6:c1:
1f:de:b3:87:1b:6d:3f:0c:6d:17:9e:5b:0b:87:e3:
93:4c:37:77:fc:6f:2a:93:e3:fc:18:cb:a2:33:9d:
bb:5d:b7:18:34:c7:30:62:92:20:12:89:5d:7b:86:
92:75:6b:03:4d:ac:1c:cc:30:be:b2:da:80:31:24:
38:11:5f:0c:36:06:a3:4a:46:ff:dc:b6:4b:69:26:
1c:ab:d9:69:a0:c0:61:e2:7f:f0:e3:e4:c7:19:ab:
dd:87:0c:b2:cc:5e:40:3b:ed:7f:d0:c9:7d:ef:c7:
f4:ba:06:38:b8:6b:a9:1c:25:47:38:38:88:ed:51:
f7:50:b2:0c:37:56:75:8f:13:1e:53:e2:b1:51:01:
a3:78:5d:ca:a0:08:d2:d1:ff:11:2c:fc:31:9f:8a:
5a:4e:5f:3a:f9:5c:3f:7e:1c:cc:66:87:0e:db:df:
d1:31:63:a4:f2:7c:9e:6e:95:23:af:ab:50:68:92:
bc:3d:a2:49:6e:b2:70:91:88:64:98:d4:27:94:0b:
c6:38:8e:37:7e:dd:ff:33:65:68:e4:cd:83:eb:72:
6e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:9C:7C:46:E7:5B:83:F8:C5:47:22:46:CB:78:69:B1:78:BC:06:8F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C834F686848311EF9F5FD24DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/23
43.225.248.0/22
43.228.164.0/23
103.37.98.0/23
103.68.140.0/23
103.69.239.0/24
103.72.196.0/24
103.88.59.0/24
103.91.72.0/21
103.92.107.0/24
103.93.39.0/24
103.101.112.0/22
103.113.110.0/23
103.115.128.0/24
103.115.131.0/24
103.120.152.0/23
103.124.174.0/24
103.138.9.0/24
103.148.119.0/24
103.154.8.0/23
103.154.56.0/23
103.156.121.0/24
103.157.188.0/23
103.158.41.0/24
103.159.104.0/23
103.160.25.0/24
103.160.222.0/24
103.163.14.0/23
103.164.140.0/24
103.165.88.0/23
103.167.154.0/23
103.167.182.0/23
103.167.224.0/23
103.167.238.0/23
103.168.60.0/23
103.169.242.0/23
103.170.0.0/24
103.170.36.0/22
103.170.48.0/23
103.170.84.0/23
103.174.28.0/23
103.178.24.0/23
103.178.117.0/24
103.179.50.0/23
103.181.66.0/24
103.181.119.0/24
103.184.41.0/24
103.184.205.0/24
103.191.202.0/23
103.204.70.0/24
103.206.51.0/24
103.206.96.0/23
103.216.141.0/24
103.225.70.0/24
103.232.232.0/22
202.4.169.0/24
IPv6:
2001:df0:47c0::/48
2001:df1:d240::/48
2001:df1:ed40::/48
2001:df2:3ac0::/48
2001:df2:3f40::/48
2001:df2:9640::/48
2001:df3:1340::/48
2400:d660::/32
2401:bba0::/32
2405:e100:a::-2405:e100:f:ffff:ffff:ffff:ffff:ffff
2405:e100:1d::-2405:e100:1e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a2:80:d6:f7:eb:70:e2:f1:a1:19:92:cc:47:2e:29:ad:8c:ac:
b6:15:73:d9:cf:5a:d4:3d:15:2d:8e:53:75:75:d3:36:8c:98:
15:78:f0:fb:84:11:2c:b9:28:68:07:ca:6b:f2:57:ba:e4:ee:
1d:e0:15:53:a3:5c:6c:58:d5:a1:ca:f3:8b:db:5b:a2:25:69:
3b:4e:82:3d:61:bc:8d:21:4f:6c:d9:7f:29:b2:47:cd:b9:f3:
9d:31:99:f5:5d:2f:02:c5:56:31:03:9d:2b:e7:4a:58:80:e4:
68:0e:e1:18:00:36:bd:d3:4a:dd:05:fd:1b:29:30:b7:3e:eb:
63:ac:8c:63:89:72:2c:7a:97:21:2d:8d:17:8f:0f:6a:79:10:
85:cd:91:3b:e7:27:6a:2b:62:c0:6b:da:33:5b:59:12:b1:cf:
95:2b:84:9c:a9:6f:e0:0c:14:79:66:88:a1:fb:43:4d:2c:95:
6e:e1:b4:73:b1:f4:0b:11:73:92:ef:5d:fe:3f:95:28:45:10:
1d:5b:c5:48:33:62:a6:f5:cd:43:45:27:b3:1a:94:b4:bb:45:
5e:5e:4c:4a:11:48:84:8c:f7:db:34:a3:0e:d8:3a:ff:8f:07:
1b:f3:5e:6d:b4:96:89:46:cf:1e:af:9a:44:63:0c:9d:e5:71:
1f:6c:0d:e5
-----BEGIN CERTIFICATE-----
MIIHQzCCBiugAwIBAgIDAJ8TMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIxMzEwNDMxNFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc1YzBmYzEtNTlhNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoAG654puTF0a0q72x/yzp7cA6B/6AGZfWQ7+y7mCVKrnIesMGAZ6U/ZebB
H96zhxttPwxtF55bC4fjk0w3d/xvKpPj/BjLojOdu123GDTHMGKSIBKJXXuGknVr
A02sHMwwvrLagDEkOBFfDDYGo0pG/9y2S2kmHKvZaaDAYeJ/8OPkxxmr3YcMssxe
QDvtf9DJfe/H9LoGOLhrqRwlRzg4iO1R91CyDDdWdY8THlPisVEBo3hdyqAI0tH/
ESz8MZ+KWk5fOvlcP34czGaHDtvf0TFjpPJ8nm6VI6+rUGiSvD2iSW6ycJGIZJjU
J5QLxjiON37d/zNlaOTNg+tybgECAwEAAaOCBGYwggRiMB0GA1UdDgQWBBRtnHxG
51uD+MVHIkbLeGmxeLwGjzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0M4MzRGNjg2
ODQ4MzExRUY5RjVGRDI0REM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIB7gYIKwYBBQUHAQcB
Af8EggHdMIIB2TCCAVgEAgABMIIBUAMEARt78AMEAivh+AMEASvkpAMEAWclYgME
AWdEjAMEAGdF7wMEAGdIxAMEAGdYOwMEA2dbSAMEAGdcawMEAGddJwMEAmdlcAME
AWdxbgMEAGdzgAMEAGdzgwMEAWd4mAMEAGd8rgMEAGeKCQMEAGeUdwMEAWeaCAME
AWeaOAMEAGeceQMEAWedvAMEAGeeKQMEAWefaAMEAGegGQMEAGeg3gMEAWejDgME
AGekjAMEAWelWAMEAWenmgMEAWentgMEAWen4AMEAWen7gMEAWeoPAMEAWep8gME
AGeqAAMEAmeqJAMEAWeqMAMEAWeqVAMEAWeuHAMEAWeyGAMEAGeydQMEAWezMgME
AGe1QgMEAGe1dwMEAGe4KQMEAGe4zQMEAWe/ygMEAGfMRgMEAGfOMwMEAWfOYAME
AGfYjQMEAGfhRgMEAmfo6AMEAMoEqTB7BAIAAjB1AwcAIAEN8EfAAwcAIAEN8dJA
AwcAIAEN8e1AAwcAIAEN8jrAAwcAIAEN8j9AAwcAIAEN8pZAAwcAIAEN8xNAAwUA
JADWYAMFACQBu6AwEgMHASQF4QAACgMHBCQF4QAAADASAwcAJAXhAAAdAwcAJAXh
AAAeMA0GCSqGSIb3DQEBCwUAA4IBAQCigNb363Di8aEZksxHLimtjKy2FXPZz1rU
PRUtjlN1ddM2jJgVePD7hBEsuShoB8pr8le65O4d4BVTo1xsWNWhyvOL21uiJWk7
ToI9YbyNIU9s2X8pskfNufOdMZn1XS8CxVYxA50r50pYgORoDuEYADa900rdBf0b
KTC3PutjrIxjiXIsepchLY0Xjw9qeRCFzZE75ydqK2LAa9ozW1kSsc+VK4ScqW/g
DBR5Zoih+0NNLJVu4bRzsfQLEXOS713+P5UoRRAdW8VIM2Km9c1DRSezGpS0u0Ve
XkxKEUiEjPfbNKMO2Dr/jwcb815ttJaJRs8er5pEYwyd5XEfbA3l
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:14:58 2025 by rpki-client