Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ED1AAB2AF98C11EF9A775A26C4F9AE02.roa
File: ED1AAB2AF98C11EF9A775A26C4F9AE02.roa (raw, json)
Hash identifier: YQN2nxQgQ5+7rC/eF7DMaDXZ0pORE/aMPgDotGRXf2c=
Subject key identifier: 2E:09:BC:2A:E3:2E:4D:EA:98:D8:0A:D9:F1:B1:B8:7C:AB:AE:DA:B1
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A923
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ED1AAB2AF98C11EF9A775A26C4F9AE02.roa
Signing time: Wed 05 Mar 2025 06:41:54 +0000
ROA not before: Wed 05 Mar 2025 06:41:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.229.200.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
43.239.112.0/22 maxlen: 24
43.239.152.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.26.169.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.41.40.0/22 maxlen: 24
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.132.203.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.139.88.0/23 maxlen: 24
103.142.64.0/23 maxlen: 24
103.143.180.0/23 maxlen: 24
103.143.215.0/24 maxlen: 24
103.144.112.0/23 maxlen: 24
103.154.26.0/24 maxlen: 24
103.155.170.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.157.50.0/23 maxlen: 24
103.157.69.0/24 maxlen: 24
103.158.111.0/24 maxlen: 24
103.158.180.0/24 maxlen: 24
103.159.137.0/24 maxlen: 24
103.167.157.0/24 maxlen: 24
103.169.58.0/23 maxlen: 24
103.171.8.0/23 maxlen: 24
103.171.54.0/23 maxlen: 24
103.171.60.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.174.42.0/23 maxlen: 24
103.175.58.0/23 maxlen: 24
103.175.106.0/23 maxlen: 24
103.176.142.0/24 maxlen: 24
103.176.208.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.190.12.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.199.144.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.224.50.0/23 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.228.184.0/22 maxlen: 24
103.236.112.0/22 maxlen: 24
103.245.170.0/23 maxlen: 24
103.254.96.0/22 maxlen: 24
103.254.200.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Mar 2025 09:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43299 (0xa923)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 5 06:41:54 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c7f232-4bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:96:e3:07:0f:c4:79:30:74:47:2f:4f:4c:a3:
26:c8:89:6d:e8:bc:ac:49:e2:e3:a1:df:02:3e:d8:
9f:33:d4:d4:31:e6:46:44:46:bd:40:71:d5:22:cf:
a3:bb:e4:c1:af:8c:4b:8d:3c:87:12:06:93:6e:67:
17:c3:d0:27:a2:6a:a5:1f:80:88:e4:a9:11:8d:76:
eb:54:9a:30:70:bd:a6:1b:be:1c:a5:18:7d:e4:1e:
d4:49:9d:fa:36:b2:a4:f0:d4:82:30:49:21:28:e2:
38:27:16:b9:83:4b:ca:49:7f:fc:b1:b4:62:02:fc:
90:91:be:0e:42:af:75:43:68:0e:50:0c:16:b9:d9:
8b:92:23:e8:5b:17:10:96:ec:35:83:0c:3d:cf:db:
03:d2:17:96:39:e2:ed:be:2b:8c:98:f1:ea:39:66:
57:90:5d:31:43:44:42:c3:26:bc:95:87:c9:a2:78:
a2:ed:18:04:26:52:f3:1d:7c:ac:ff:5e:6f:a9:b3:
8e:99:a8:ab:87:98:49:fd:08:9e:ad:35:04:85:b4:
1a:62:e1:33:4b:7d:a6:95:f3:69:62:94:f7:0b:60:
3a:96:b6:58:40:71:ad:36:1a:fe:0b:e5:b3:6d:67:
d4:58:1b:6f:b8:26:2c:51:bc:0a:d0:bb:71:00:98:
73:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:09:BC:2A:E3:2E:4D:EA:98:D8:0A:D9:F1:B1:B8:7C:AB:AE:DA:B1
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ED1AAB2AF98C11EF9A775A26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.200.0/22
43.231.116.0/22
43.239.112.0/22
43.239.152.0/22
45.114.156.0/22
103.14.196.0/22
103.16.140.0/22
103.26.169.0/24
103.27.168.0/24
103.27.170.0/23
103.41.40.0/22
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.82.144.0/22
103.86.20.0/22
103.88.124.0/22
103.108.76.0/22
103.111.128.0/22
103.118.8.0/22
103.132.203.0/24
103.133.116.0/24
103.139.88.0/23
103.142.64.0/23
103.143.180.0/23
103.143.215.0/24
103.144.112.0/23
103.154.26.0/24
103.155.170.0/23
103.155.194.0/23
103.157.50.0/23
103.157.69.0/24
103.158.111.0/24
103.158.180.0/24
103.159.137.0/24
103.167.157.0/24
103.169.58.0/23
103.171.8.0/23
103.171.54.0/23
103.171.60.0/23
103.171.236.0/23
103.173.14.0/23
103.173.41.0/24
103.174.42.0/23
103.175.58.0/23
103.175.106.0/23
103.176.142.0/24
103.176.208.0/23
103.180.216.0/23
103.190.12.0/23
103.192.72.0/22
103.199.92.0/22
103.199.144.0/22
103.200.48.0/22
103.206.64.0/22
103.212.132.0/22
103.224.50.0/23
103.226.224.0/22
103.228.172.0/22
103.228.184.0/22
103.236.112.0/22
103.245.170.0/23
103.254.96.0/22
103.254.200.0/22
137.59.204.0/22
139.5.96.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
24:8d:85:bd:5a:3e:31:40:0f:cd:3b:6a:fb:c0:33:d1:6a:49:
9f:a1:97:75:46:7a:f9:62:34:9c:76:eb:63:b9:e9:b4:6b:f6:
db:af:7c:52:68:80:e5:dd:41:83:32:79:f9:7c:cc:65:cc:52:
99:79:ec:30:64:c3:03:9b:a1:48:65:07:44:51:62:d6:79:ae:
fc:5d:e1:5b:db:f6:cc:74:b7:35:7b:d0:55:ec:b8:75:41:65:
68:93:91:bd:6c:51:c7:36:6c:cf:cb:22:c8:6b:2f:44:ef:d1:
13:d6:f8:f3:37:00:01:b6:26:c3:d5:9b:e3:05:70:a9:61:43:
6e:1b:85:ee:43:e3:bc:eb:b3:d1:5c:21:76:f6:09:0b:cd:c9:
0f:36:dd:df:62:56:8e:63:68:fe:04:1c:3b:7e:75:38:0e:a5:
98:0d:d4:78:d8:78:46:03:46:70:08:3d:7c:aa:54:82:7f:54:
69:5a:ef:ea:cd:af:2e:c4:fe:61:90:dd:ad:37:7e:b0:24:5b:
a4:65:19:f5:c6:c0:87:ae:4c:b7:f5:ad:29:3e:14:94:96:a5:
d9:31:a4:ad:a6:43:ab:b1:36:51:95:83:07:2e:ac:ae:6b:9a:
10:b1:2e:19:44:17:ca:3f:79:7d:e2:16:82:c2:f3:4a:b8:bc:
ea:3c:3e:6f
-----BEGIN CERTIFICATE-----
MIIHOTCCBiGgAwIBAgIDAKkjMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMwNTA2NDE1NFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjN2YyMzItNGJmZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCW4wcPxHkwdEcvT0yjJsiJbei8rEni46HfAj7YnzPU1DHmRkRGvUBx1SLP
o7vkwa+MS408hxIGk25nF8PQJ6JqpR+AiOSpEY1261SaMHC9phu+HKUYfeQe1Emd
+jaypPDUgjBJISjiOCcWuYNLykl//LG0YgL8kJG+DkKvdUNoDlAMFrnZi5Ij6FsX
EJbsNYMMPc/bA9IXljni7b4rjJjx6jlmV5BdMUNEQsMmvJWHyaJ4ou0YBCZS8x18
rP9eb6mzjpmoq4eYSf0Inq01BIW0GmLhM0t9ppXzaWKU9wtgOpa2WEBxrTYa/gvl
s21n1Fgbb7gmLFG8CtC7cQCYc7MCAwEAAaOCBFwwggRYMB0GA1UdDgQWBBQuCbwq
4y5N6pjYCtnxsbh8q67asTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VEMUFBQjJB
Rjk4QzExRUY5QTc3NUEyNkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIB5AYIKwYBBQUHAQcB
Af8EggHTMIIBzzCCAaYEAgABMIIBngMEAivlyAMEAivndAMEAivvcAMEAivvmAME
Ai1ynAMEAmcOxAMEAmcQjAMEAGcaqQMEAGcbqAMEAWcbqgMEAmcpKAMEAGcvmAME
AmczXAMEAmc0MAMEAmc2YAMEAmc3VAMEAmdSkAMEAmdWFAMEAmdYfAMEAmdsTAME
AmdvgAMEAmd2CAMEAGeEywMEAGeFdAMEAWeLWAMEAWeOQAMEAWePtAMEAGeP1wME
AWeQcAMEAGeaGgMEAWebqgMEAWebwgMEAWedMgMEAGedRQMEAGeebwMEAGeetAME
AGefiQMEAGennQMEAWepOgMEAWerCAMEAWerNgMEAWerPAMEAWer7AMEAWetDgME
AGetKQMEAWeuKgMEAWevOgMEAWevagMEAGewjgMEAWew0AMEAWe02AMEAWe+DAME
AmfASAMEAmfHXAMEAmfHkAMEAmfIMAMEAmfOQAMEAmfUhAMEAWfgMgMEAmfi4AME
AmfkrAMEAmfkuAMEAmfscAMEAWf1qgMEAmf+YAMEAmf+yAMEAok7zAMEAosFYAME
Asu/ODAjBAIAAjAdMBIDBwEkANGAAGYDBwEkANGAAGgDBwEkANGAAHAwDQYJKoZI
hvcNAQELBQADggEBACSNhb1aPjFAD807avvAM9FqSZ+hl3VGevliNJx262O56bRr
9tuvfFJogOXdQYMyefl8zGXMUpl57DBkwwOboUhlB0RRYtZ5rvxd4Vvb9sx0tzV7
0FXsuHVBZWiTkb1sUcc2bM/LIshrL0Tv0RPW+PM3AAG2JsPVm+MFcKlhQ24bhe5D
47zrs9FcIXb2CQvNyQ823d9iVo5jaP4EHDt+dTgOpZgN1HjYeEYDRnAIPXyqVIJ/
VGla7+rNry7E/mGQ3a03frAkW6RlGfXGwIeuTLf1rSk+FJSWpdkxpK2mQ6uxNlGV
gwcurK5rmhCxLhlEF8o/eX3iFoLC80q4vOo8Pm8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:52 2025 by rpki-client