Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0B68ABF8CF1D11EFBE028886C4F9AE02.roa
File: 0B68ABF8CF1D11EFBE028886C4F9AE02.roa (raw, json)
Hash identifier: WjDokQXYrRXLvLeYnPzv6p/ZazfGBad2PLMnI8B7a08=
Subject key identifier: CA:37:BF:4B:5F:5F:DC:C7:1C:D1:48:9B:A7:F1:F6:24:86:F9:6B:95
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BC19
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0B68ABF8CF1D11EFBE028886C4F9AE02.roa
Signing time: Tue 27 May 2025 09:16:05 +0000
ROA not before: Tue 27 May 2025 09:16:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45804
IP address blocks: 43.251.168.0/22 maxlen: 24
43.251.172.0/22 maxlen: 24
43.251.176.0/22 maxlen: 24
45.114.176.0/22 maxlen: 24
45.116.188.0/22 maxlen: 24
45.248.56.0/22 maxlen: 24
103.27.140.0/22 maxlen: 24
103.43.80.0/24 maxlen: 24
103.43.81.0/24 maxlen: 24
103.43.82.0/24 maxlen: 24
103.43.83.0/24 maxlen: 24
103.56.236.0/22 maxlen: 24
103.76.80.0/22 maxlen: 24
103.93.100.0/22 maxlen: 24
103.100.20.0/24 maxlen: 24
103.100.21.0/24 maxlen: 24
103.100.22.0/24 maxlen: 24
103.100.23.0/24 maxlen: 24
103.147.238.0/24 maxlen: 24
103.147.239.0/24 maxlen: 24
103.168.78.0/23 maxlen: 24
103.176.138.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.193.88.0/22 maxlen: 24
103.216.204.0/22 maxlen: 24
103.244.240.0/22 maxlen: 24
103.244.244.0/24 maxlen: 24
103.245.2.0/24 maxlen: 24
103.245.20.0/24 maxlen: 24
103.251.80.0/22 maxlen: 24
114.29.224.0/22 maxlen: 24
150.129.108.0/22 maxlen: 24
150.129.132.0/22 maxlen: 24
2001:df0:9fc0::/48 maxlen: 48
2001:df4:4240::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 28 May 2025 06:27:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48153 (0xbc19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 27 09:16:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=683582d5-7f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:65:80:0e:81:05:ed:1f:1e:30:57:e9:74:47:
95:fa:61:80:d4:ba:44:1a:00:4e:73:75:51:11:d7:
4d:33:f4:7a:1e:81:08:7c:f1:50:0e:7f:b4:f0:06:
2f:a2:93:3e:14:fd:50:da:45:79:a8:c7:76:31:ab:
6d:3f:36:30:34:36:da:93:41:62:a0:ca:8b:ad:2f:
b6:34:ef:d4:00:ad:21:a3:06:24:4b:9b:7b:69:50:
2e:a6:d8:bb:74:63:32:c4:5e:cc:23:ea:98:db:ed:
e0:6a:fe:d2:be:f8:5e:93:58:69:f8:14:c9:2c:ed:
5c:54:76:67:1f:a9:6e:7c:c8:dd:90:51:dc:b1:96:
a6:0c:93:0a:fa:21:69:75:07:69:1e:bf:78:7c:b9:
39:11:4a:0b:6d:4a:31:4d:b0:7a:90:2d:39:4c:30:
15:b5:08:bd:a2:b5:99:52:fb:f6:ff:8a:7a:e4:30:
7c:d7:48:76:29:62:0b:62:8a:87:da:c0:28:a4:d2:
c6:38:f2:a8:9e:84:fb:21:20:56:cc:44:5d:ee:ff:
62:ad:20:5f:dd:4d:b4:d6:ca:61:f2:cf:23:86:33:
bc:0b:22:4c:e3:46:f1:70:31:03:8d:9c:80:97:20:
e3:12:3f:e4:9b:00:e3:ae:6e:58:f7:23:cb:11:54:
3d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:37:BF:4B:5F:5F:DC:C7:1C:D1:48:9B:A7:F1:F6:24:86:F9:6B:95
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0B68ABF8CF1D11EFBE028886C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.168.0-43.251.179.255
45.114.176.0/22
45.116.188.0/22
45.248.56.0/22
103.27.140.0/22
103.43.80.0/22
103.56.236.0/22
103.76.80.0/22
103.93.100.0/22
103.100.20.0/22
103.147.238.0/23
103.168.78.0/23
103.176.138.0/23
103.180.216.0/23
103.193.88.0/22
103.216.204.0/22
103.244.240.0-103.244.244.255
103.245.2.0/24
103.245.20.0/24
103.251.80.0/22
114.29.224.0/22
150.129.108.0/22
150.129.132.0/22
IPv6:
2001:df0:9fc0::/48
2001:df4:4240::/48
Signature Algorithm: sha256WithRSAEncryption
9c:ed:03:7b:07:10:c1:e0:49:76:79:12:4a:e8:bb:8e:66:fb:
58:32:09:b8:79:95:6d:2d:ba:23:11:92:0a:8a:03:6e:8d:79:
51:bc:b3:eb:46:d6:7b:7d:d6:3f:84:e2:d6:31:b7:5e:52:f5:
6d:9a:2a:c1:6f:c7:9a:72:2d:02:7c:de:82:27:b3:60:88:c2:
14:19:14:d7:53:a3:64:68:23:f4:31:f0:14:8a:29:08:5a:d5:
76:bb:b6:12:e6:f1:fb:3c:9c:97:94:38:51:14:7f:4e:78:56:
4e:57:00:32:d0:93:8d:09:b4:10:36:90:42:46:20:cb:b6:c3:
5f:75:4e:d1:29:de:41:36:dd:ba:83:55:49:b1:73:50:57:b7:
41:c5:67:85:29:99:95:3c:91:9e:2e:13:4a:de:6a:b1:8e:13:
90:22:4f:7e:0e:0a:4a:80:10:ba:6c:f9:2c:95:a0:7a:ed:9e:
e5:f8:4e:30:9e:02:7a:56:03:a5:22:42:70:7d:f3:c7:f8:0a:
07:4b:5d:6d:d1:83:6e:49:24:f7:bb:64:3b:bf:14:72:e7:b4:
f2:44:27:1f:eb:39:1f:b4:b9:2d:fe:ff:db:9f:f5:fe:ad:68:
5f:f7:96:f3:d2:77:ae:16:5c:c1:81:40:de:de:dd:4b:85:4d:
80:b6:fd:2c
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIDALwZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUyNzA5MTYwNVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgzNTgyZDUtN2Y3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMplgA6BBe0fHjBX6XRHlfphgNS6RBoATnN1URHXTTP0eh6BCHzxUA5/tPAG
L6KTPhT9UNpFeajHdjGrbT82MDQ22pNBYqDKi60vtjTv1ACtIaMGJEube2lQLqbY
u3RjMsRezCPqmNvt4Gr+0r74XpNYafgUySztXFR2Zx+pbnzI3ZBR3LGWpgyTCvoh
aXUHaR6/eHy5ORFKC21KMU2wepAtOUwwFbUIvaK1mVL79v+KeuQwfNdIdiliC2KK
h9rAKKTSxjjyqJ6E+yEgVsxEXe7/Yq0gX91NtNbKYfLPI4YzvAsiTONG8XAxA42c
gJcg4xI/5JsA465uWPcjyxFUPScCAwEAAaOCA0gwggNEMB0GA1UdDgQWBBTKN79L
X1/cxxzRSJun8fYkhvlrlTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzBCNjhBQkY4
Q0YxRDExRUZCRTAyODg4NkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHRBggrBgEFBQcBBwEB
/wSBwTCBvjCBoQQCAAEwgZowDAMEAyv7qAMEAiv7sAMEAi1ysAMEAi10vAMEAi34
OAMEAmcbjAMEAmcrUAMEAmc47AMEAmdMUAMEAmddZAMEAmdkFAMEAWeT7gMEAWeo
TgMEAWewigMEAWe02AMEAmfBWAMEAmfYzDAMAwQEZ/TwAwQAZ/T0AwQAZ/UCAwQA
Z/UUAwQCZ/tQAwQCch3gAwQCloFsAwQCloGEMBgEAgACMBIDBwAgAQ3wn8ADBwAg
AQ30QkAwDQYJKoZIhvcNAQELBQADggEBAJztA3sHEMHgSXZ5Ekrou45m+1gyCbh5
lW0tuiMRkgqKA26NeVG8s+tG1nt91j+E4tYxt15S9W2aKsFvx5pyLQJ83oIns2CI
whQZFNdTo2RoI/Qx8BSKKQha1Xa7thLm8fs8nJeUOFEUf054Vk5XADLQk40JtBA2
kEJGIMu2w191TtEp3kE23bqDVUmxc1BXt0HFZ4UpmZU8kZ4uE0rearGOE5AiT34O
CkqAELps+SyVoHrtnuX4TjCeAnpWA6UiQnB988f4CgdLXW3Rg25JJPe7ZDu/FHLn
tPJEJx/rOR+0uS3+/9uf9f6taF/3lvPSd64WXMGBQN7e3UuFTYC2/Sw=
-----END CERTIFICATE-----
Generated at Thu Jun 12 10:45:23 2025 by rpki-client