Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EA2ADF8E3CF411EFB109236FC4F9AE02.roa
File: EA2ADF8E3CF411EFB109236FC4F9AE02.roa (raw, json)
Hash identifier: SFFZ98GAmrHCETYZhAx/uGhsUuAWaGuZf69x0wvgGy4=
Subject key identifier: 44:13:D8:13:9D:20:C8:B0:59:B8:E2:27:88:F5:32:A9:1C:C0:90:14
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 95C8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EA2ADF8E3CF411EFB109236FC4F9AE02.roa
Signing time: Thu 01 Aug 2024 09:52:24 +0000
ROA not before: Thu 01 Aug 2024 09:52:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137085
IP address blocks: 27.123.240.0/23 maxlen: 24
43.225.248.0/22 maxlen: 24
43.228.164.0/23 maxlen: 24
103.37.98.0/23 maxlen: 24
103.49.56.0/22 maxlen: 24
103.68.140.0/23 maxlen: 24
103.69.239.0/24 maxlen: 24
103.72.196.0/24 maxlen: 24
103.91.72.0/24 maxlen: 24
103.91.73.0/24 maxlen: 24
103.91.74.0/24 maxlen: 24
103.91.75.0/24 maxlen: 24
103.91.76.0/22 maxlen: 24
103.92.107.0/24 maxlen: 24
103.93.39.0/24 maxlen: 24
103.101.112.0/22 maxlen: 24
103.113.110.0/23 maxlen: 24
103.115.128.0/24 maxlen: 24
103.115.131.0/24 maxlen: 24
103.120.152.0/24 maxlen: 24
103.120.153.0/24 maxlen: 24
103.124.174.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.148.119.0/24 maxlen: 24
103.154.8.0/23 maxlen: 24
103.157.188.0/23 maxlen: 24
103.158.41.0/24 maxlen: 24
103.159.104.0/23 maxlen: 24
103.160.25.0/24 maxlen: 24
103.160.222.0/24 maxlen: 24
103.163.14.0/24 maxlen: 24
103.163.15.0/24 maxlen: 24
103.164.140.0/24 maxlen: 24
103.170.48.0/23 maxlen: 24
103.173.238.0/23 maxlen: 24
103.174.28.0/24 maxlen: 24
103.174.29.0/24 maxlen: 24
103.178.117.0/24 maxlen: 24
103.181.66.0/24 maxlen: 24
103.181.119.0/24 maxlen: 24
103.184.41.0/24 maxlen: 24
103.184.205.0/24 maxlen: 24
103.204.70.0/24 maxlen: 24
103.206.51.0/24 maxlen: 24
103.206.96.0/23 maxlen: 24
103.216.141.0/24 maxlen: 24
103.225.70.0/24 maxlen: 24
103.232.232.0/22 maxlen: 24
202.4.169.0/24 maxlen: 24
2001:df1:d240::/48 maxlen: 48
2001:df1:ed40::/48 maxlen: 48
2001:df2:3ac0::/48 maxlen: 48
2001:df2:3f40::/48 maxlen: 48
2001:df2:9640::/48 maxlen: 48
2001:df3:1340::/48 maxlen: 48
2400:d660::/32 maxlen: 32
2405:e100:a::/48 maxlen: 48
2405:e100:b::/48 maxlen: 48
2405:e100:c::/48 maxlen: 48
2405:e100:d::/48 maxlen: 48
2405:e100:e::/48 maxlen: 48
2405:e100:f::/48 maxlen: 48
2405:e100:1d::/48 maxlen: 48
2405:e100:1e::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Aug 2024 05:02:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38344 (0x95c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Aug 1 09:52:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ab5ad8-78ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:00:ec:5e:e5:5b:17:37:6b:4a:8a:5f:d6:37:
21:54:74:db:60:4e:9a:d6:1d:fa:cd:49:c8:74:5c:
e5:41:2c:0b:8d:74:da:9e:3c:a7:17:3e:af:05:ee:
0b:59:d5:e4:e8:5b:09:a5:61:0a:8f:77:1f:81:ac:
c5:e9:9a:1b:7a:31:6b:78:77:d2:ed:03:58:7d:5e:
00:d4:e8:af:98:cd:37:b2:a8:33:ba:c6:49:ce:e9:
8a:38:69:6d:f2:79:75:1f:e0:89:61:61:2f:5b:96:
16:77:b7:3b:07:f0:97:38:61:8c:a9:a7:5b:90:29:
5b:0c:53:a4:b8:a7:3e:de:71:6f:a2:4d:37:fb:c5:
33:da:52:23:18:d0:f0:fe:09:c0:8c:b7:23:0d:39:
63:b7:9b:bd:fc:9b:5e:e2:86:34:1a:c3:15:80:d2:
e8:6b:aa:bf:93:d1:73:92:af:a7:19:ec:e6:28:d7:
8e:2e:0c:5b:01:76:f0:67:d4:4f:12:b1:10:07:39:
6f:f2:4e:e3:ed:a8:94:8f:5e:e6:ac:b6:fc:f7:eb:
e8:51:ee:f7:28:49:38:e3:7a:6d:27:78:31:47:d1:
42:85:99:e6:3f:54:7a:b8:82:2d:fd:8b:a4:b7:2e:
d1:4f:09:cc:3f:52:17:e7:42:b0:ee:5d:5b:7e:5b:
bb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:13:D8:13:9D:20:C8:B0:59:B8:E2:27:88:F5:32:A9:1C:C0:90:14
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EA2ADF8E3CF411EFB109236FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/23
43.225.248.0/22
43.228.164.0/23
103.37.98.0/23
103.49.56.0/22
103.68.140.0/23
103.69.239.0/24
103.72.196.0/24
103.91.72.0/21
103.92.107.0/24
103.93.39.0/24
103.101.112.0/22
103.113.110.0/23
103.115.128.0/24
103.115.131.0/24
103.120.152.0/23
103.124.174.0/24
103.138.9.0/24
103.148.119.0/24
103.154.8.0/23
103.157.188.0/23
103.158.41.0/24
103.159.104.0/23
103.160.25.0/24
103.160.222.0/24
103.163.14.0/23
103.164.140.0/24
103.170.48.0/23
103.173.238.0/23
103.174.28.0/23
103.178.117.0/24
103.181.66.0/24
103.181.119.0/24
103.184.41.0/24
103.184.205.0/24
103.204.70.0/24
103.206.51.0/24
103.206.96.0/23
103.216.141.0/24
103.225.70.0/24
103.232.232.0/22
202.4.169.0/24
IPv6:
2001:df1:d240::/48
2001:df1:ed40::/48
2001:df2:3ac0::/48
2001:df2:3f40::/48
2001:df2:9640::/48
2001:df3:1340::/48
2400:d660::/32
2405:e100:a::-2405:e100:f:ffff:ffff:ffff:ffff:ffff
2405:e100:1d::-2405:e100:1e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:d9:85:8a:d0:71:87:12:62:1e:7c:b2:da:40:b1:cb:8b:b2:
f5:3b:fa:90:3d:21:55:34:08:fb:4b:ff:3a:d9:1f:4c:50:cf:
3e:ac:10:61:a4:4a:d4:9d:5c:ce:24:59:0f:d9:e9:bf:e0:2f:
6e:90:c6:a7:a6:f5:14:23:9a:92:fe:4f:b5:64:13:5c:34:ce:
1e:a8:50:9c:02:12:d2:b7:7d:72:20:9d:b0:31:7d:42:64:31:
60:50:3a:31:c0:7b:fa:8b:99:7b:b2:d9:7a:e6:00:9b:70:ca:
fa:de:52:f6:8d:da:0a:63:0a:7a:59:9c:23:a1:2f:5e:82:ed:
4f:a1:fc:8c:70:73:70:08:e1:40:88:c0:31:c1:1e:e7:a6:6c:
b1:55:89:66:ce:41:6a:24:66:7d:eb:3f:ff:2e:ce:cc:de:55:
ff:c2:81:f5:df:e2:e4:e6:25:cb:8c:98:60:44:ae:81:e6:af:
1f:3a:a8:82:49:06:4e:04:4d:c7:fe:f6:ba:80:65:81:1d:84:
90:76:64:1e:d4:75:44:4f:76:04:df:8c:b2:25:68:31:f9:5e:
27:77:70:82:0c:b2:93:d3:23:d0:25:63:11:d3:1b:56:0c:98:
37:31:e9:0b:ac:2a:93:4b:c5:55:bb:4d:11:40:b4:6a:c9:d5:
9b:82:dc:e4
-----BEGIN CERTIFICATE-----
MIIG3jCCBcagAwIBAgIDAJXIMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDgwMTA5NTIyNFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZhYjVhZDgtNzhhZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgA7F7lWxc3a0qKX9Y3IVR022BOmtYd+s1JyHRc5UEsC4102p48pxc+rwXu
C1nV5OhbCaVhCo93H4GsxemaG3oxa3h30u0DWH1eANTor5jNN7KoM7rGSc7pijhp
bfJ5dR/giWFhL1uWFne3OwfwlzhhjKmnW5ApWwxTpLinPt5xb6JNN/vFM9pSIxjQ
8P4JwIy3Iw05Y7ebvfybXuKGNBrDFYDS6Guqv5PRc5Kvpxns5ijXji4MWwF28GfU
TxKxEAc5b/JO4+2olI9e5qy2/Pfr6FHu9yhJOON6bSd4MUfRQoWZ5j9UeriCLf2L
pLcu0U8JzD9SF+dCsO5dW35bu2UCAwEAAaOCBAEwggP9MB0GA1UdDgQWBBREE9gT
nSDIsFm44ieI9TKpHMCQFDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VBMkFERjhF
M0NGNDExRUZCMTA5MjM2RkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBiQYIKwYBBQUHAQcB
Af8EggF4MIIBdDCCAQMEAgABMIH8AwQBG3vwAwQCK+H4AwQBK+SkAwQBZyViAwQC
ZzE4AwQBZ0SMAwQAZ0XvAwQAZ0jEAwQDZ1tIAwQAZ1xrAwQAZ10nAwQCZ2VwAwQB
Z3FuAwQAZ3OAAwQAZ3ODAwQBZ3iYAwQAZ3yuAwQAZ4oJAwQAZ5R3AwQBZ5oIAwQB
Z528AwQAZ54pAwQBZ59oAwQAZ6AZAwQAZ6DeAwQBZ6MOAwQAZ6SMAwQBZ6owAwQB
Z63uAwQBZ64cAwQAZ7J1AwQAZ7VCAwQAZ7V3AwQAZ7gpAwQAZ7jNAwQAZ8xGAwQA
Z84zAwQBZ85gAwQAZ9iNAwQAZ+FGAwQCZ+joAwQAygSpMGsEAgACMGUDBwAgAQ3x
0kADBwAgAQ3x7UADBwAgAQ3yOsADBwAgAQ3yP0ADBwAgAQ3ylkADBwAgAQ3zE0AD
BQAkANZgMBIDBwEkBeEAAAoDBwQkBeEAAAAwEgMHACQF4QAAHQMHACQF4QAAHjAN
BgkqhkiG9w0BAQsFAAOCAQEAQ9mFitBxhxJiHnyy2kCxy4uy9Tv6kD0hVTQI+0v/
OtkfTFDPPqwQYaRK1J1cziRZD9npv+AvbpDGp6b1FCOakv5PtWQTXDTOHqhQnAIS
0rd9ciCdsDF9QmQxYFA6McB7+ouZe7LZeuYAm3DK+t5S9o3aCmMKelmcI6EvXoLt
T6H8jHBzcAjhQIjAMcEe56ZssVWJZs5BaiRmfes//y7OzN5V/8KB9d/i5OYly4yY
YESugeavHzqogkkGTgRNx/72uoBlgR2EkHZkHtR1RE92BN+MsiVoMfleJ3dwggyy
k9Mj0CVjEdMbVgyYNzHpC6wqk0vFVbtNEUC0asnVm4Lc5A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:56 2025 by rpki-client