Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/04F8F4A6270311F093DD3853C4F9AE02.roa
File: 04F8F4A6270311F093DD3853C4F9AE02.roa (raw, json)
Hash identifier: Lc3PKTKLo8+rkOKL2fsmwOvolz7kj76fnE6g5yaY+R8=
Subject key identifier: 71:C6:6A:EC:74:46:CF:DC:BE:AB:4E:49:BC:FE:72:12:C9:C2:56:77
Certificate issuer: /CN=A913E8F3/serialNumber=F9BB29B0ABE849E7FE180E339E4B1C282368C521
Certificate serial: 0FE6
Authority key identifier: F9:BB:29:B0:AB:E8:49:E7:FE:18:0E:33:9E:4B:1C:28:23:68:C5:21
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-bspsKvoSef-GA4znkscKCNoxSE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/04F8F4A6270311F093DD3853C4F9AE02.roa
Signing time: Fri 02 May 2025 03:10:37 +0000
ROA not before: Fri 02 May 2025 03:10:37 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 58521
IP address blocks: 143.92.112.0/21 maxlen: 21
143.92.112.0/22 maxlen: 22
143.92.112.0/23 maxlen: 23
143.92.112.0/24 maxlen: 24
143.92.113.0/24 maxlen: 24
143.92.114.0/24 maxlen: 24
143.92.115.0/24 maxlen: 24
143.92.116.0/24 maxlen: 24
143.92.117.0/24 maxlen: 24
143.92.118.0/24 maxlen: 24
143.92.119.0/24 maxlen: 24
143.92.120.0/22 maxlen: 22
143.92.120.0/24 maxlen: 24
143.92.121.0/24 maxlen: 24
143.92.122.0/24 maxlen: 24
143.92.123.0/24 maxlen: 24
143.92.124.0/22 maxlen: 24
148.222.64.0/19 maxlen: 19
148.222.64.0/22 maxlen: 22
148.222.64.0/24 maxlen: 24
148.222.65.0/24 maxlen: 24
148.222.66.0/23 maxlen: 23
148.222.66.0/24 maxlen: 24
148.222.67.0/24 maxlen: 24
148.222.68.0/22 maxlen: 22
148.222.68.0/24 maxlen: 24
148.222.69.0/24 maxlen: 24
148.222.70.0/24 maxlen: 24
148.222.71.0/24 maxlen: 24
148.222.72.0/22 maxlen: 22
148.222.72.0/24 maxlen: 24
148.222.73.0/24 maxlen: 24
148.222.74.0/24 maxlen: 24
148.222.75.0/24 maxlen: 24
148.222.76.0/22 maxlen: 22
148.222.76.0/24 maxlen: 24
148.222.77.0/24 maxlen: 24
148.222.78.0/24 maxlen: 24
148.222.79.0/24 maxlen: 24
148.222.80.0/22 maxlen: 22
148.222.80.0/24 maxlen: 24
148.222.81.0/24 maxlen: 24
148.222.82.0/24 maxlen: 24
148.222.83.0/24 maxlen: 24
148.222.84.0/22 maxlen: 22
148.222.84.0/24 maxlen: 24
148.222.85.0/24 maxlen: 24
148.222.86.0/24 maxlen: 24
148.222.87.0/24 maxlen: 24
148.222.88.0/22 maxlen: 22
148.222.92.0/22 maxlen: 22
148.222.92.0/24 maxlen: 24
148.222.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 May 2025 00:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4070 (0xfe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913E8F3, serialNumber=F9BB29B0ABE849E7FE180E339E4B1C282368C521
Validity
Not Before: May 2 03:10:37 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=681437ad-abca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:23:bd:90:5e:9c:00:0c:69:60:ed:c7:5d:f4:
87:d0:a0:c4:2a:5d:a4:3b:2a:b4:12:b2:ab:f3:63:
10:f6:a9:2a:68:51:af:e2:bc:e9:f2:57:64:37:d2:
b7:f5:3a:ca:1c:02:34:a9:09:15:40:de:ef:4a:84:
0c:67:d2:f7:ff:6d:c1:00:db:3f:14:90:ca:2b:76:
7e:0c:0b:a2:1d:1d:30:5f:69:61:ec:5e:1f:dc:84:
0e:8c:0b:39:f8:50:54:98:d0:6a:bf:71:f6:99:bc:
5d:e4:41:5b:be:35:b5:15:3d:8e:77:15:3e:bf:ea:
64:d5:b1:7b:98:fe:6e:e1:25:e3:0f:75:0f:55:65:
ef:c0:64:e9:7e:d9:ba:3a:16:d1:80:76:70:7e:4a:
4b:d1:98:e8:b6:25:98:4c:48:a8:2f:aa:21:d4:b9:
96:5d:31:a1:ab:4b:2f:5a:4d:22:63:55:78:09:cb:
a8:0d:cf:65:68:50:d3:fa:7b:a4:0a:a3:17:e9:5c:
e1:01:16:3a:49:17:64:27:6a:86:1f:5f:ac:f8:68:
c9:c5:ff:71:50:38:20:fd:4f:53:5e:93:04:dc:83:
4a:c3:ec:53:3d:e8:c3:82:be:a1:79:5a:61:18:50:
37:6b:a7:24:ea:49:25:ef:4b:05:7c:9e:c6:c5:db:
fa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C6:6A:EC:74:46:CF:DC:BE:AB:4E:49:BC:FE:72:12:C9:C2:56:77
X509v3 Authority Key Identifier:
keyid:F9:BB:29:B0:AB:E8:49:E7:FE:18:0E:33:9E:4B:1C:28:23:68:C5:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/-bspsKvoSef-GA4znkscKCNoxSE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-bspsKvoSef-GA4znkscKCNoxSE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/04F8F4A6270311F093DD3853C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
143.92.112.0/20
148.222.64.0/19
Signature Algorithm: sha256WithRSAEncryption
66:86:10:12:24:bf:c8:7f:74:93:97:5c:a6:17:9c:be:a5:ba:
f2:97:9e:e3:4f:d6:13:4c:a8:fa:b2:76:0e:fb:64:3c:a0:8a:
50:ca:2b:dc:36:82:a9:f8:11:d4:d1:a1:53:31:e0:c1:15:55:
67:b0:dc:5b:e2:5a:57:18:cb:fe:d4:54:bd:4b:9f:20:ff:85:
db:96:6d:c8:d5:d9:68:59:80:90:e8:b4:20:4a:44:de:03:72:
da:08:a8:31:34:eb:f6:5b:cc:00:c8:94:43:c0:a4:3c:87:0b:
57:c8:3e:15:e6:ed:25:90:0b:ae:98:ad:c0:94:6a:a3:86:05:
0d:48:fd:a1:6b:e2:75:14:f8:b3:6e:6e:21:ce:8f:91:b0:ce:
df:56:ee:5a:12:47:48:62:5f:97:19:4b:55:dc:3d:af:a0:43:
a0:d1:28:a6:e0:af:f0:c4:bc:65:78:3a:de:a0:7b:75:af:48:
9e:80:ab:81:ca:f9:65:86:32:85:41:93:58:83:82:e5:53:38:
c0:29:ae:f3:c7:95:39:05:45:c8:7a:ae:1a:a4:da:e5:b2:af:
58:51:14:46:65:f8:26:14:31:b5:7d:d5:19:e3:87:ab:0a:4f:
d5:9f:e6:2f:44:63:72:38:a5:47:00:a6:b5:ee:36:3e:2b:ea:
42:54:48:1a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICD+YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0U4RjMxMTAvBgNVBAUTKEY5QkIyOUIwQUJFODQ5RTdGRTE4MEUzMzlFNEIxQzI4
MjM2OEM1MjEwHhcNMjUwNTAyMDMxMDM3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODE0MzdhZC1hYmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5iO9kF6cAAxpYO3HXfSH0KDEKl2kOyq0ErKr82MQ9qkqaFGv4rzp8ldkN9K3
9TrKHAI0qQkVQN7vSoQMZ9L3/23BANs/FJDKK3Z+DAuiHR0wX2lh7F4f3IQOjAs5
+FBUmNBqv3H2mbxd5EFbvjW1FT2OdxU+v+pk1bF7mP5u4SXjD3UPVWXvwGTpftm6
OhbRgHZwfkpL0ZjotiWYTEioL6oh1LmWXTGhq0svWk0iY1V4CcuoDc9laFDT+nuk
CqMX6VzhARY6SRdkJ2qGH1+s+GjJxf9xUDgg/U9TXpME3INKw+xTPejDgr6heVph
GFA3a6ck6kkl70sFfJ7Gxdv63wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHHGaux0
Rs/cvqtOSbz+chLJwlZ3MB8GA1UdIwQYMBaAFPm7KbCr6Enn/hgOM55LHCgjaMUh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRThGMy8wQTA0RjRFMjU0
OTQxMUU5QjU5N0U1NzFDNEY5QUUwMi8tYnNwc0t2b1NlZi1HQTR6bmtzY0tDTm94
U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLy1ic3BzS3ZvU2VmLUdBNHpua3NjS0NOb3hTRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0U4RjMvMEEwNEY0RTI1NDk0MTFFOUI1OTdFNTcxQzRGOUFFMDIvMDRGOEY0QTYy
NzAzMTFGMDkzREQzODUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBASPXHADBAWU3kAwDQYJKoZIhvcNAQELBQADggEBAGaGEBIk
v8h/dJOXXKYXnL6luvKXnuNP1hNMqPqydg77ZDygilDKK9w2gqn4EdTRoVMx4MEV
VWew3FviWlcYy/7UVL1LnyD/hduWbcjV2WhZgJDotCBKRN4DctoIqDE06/ZbzADI
lEPApDyHC1fIPhXm7SWQC66YrcCUaqOGBQ1I/aFr4nUU+LNubiHOj5Gwzt9W7loS
R0hiX5cZS1XcPa+gQ6DRKKbgr/DEvGV4Ot6ge3WvSJ6Aq4HK+WWGMoVBk1iDguVT
OMAprvPHlTkFRch6rhqk2uWyr1hRFEZl+CYUMbV91Rnjh6sKT9Wf5i9EY3I4pUcA
prXuNj4r6kJUSBo=
-----END CERTIFICATE-----
Generated at Sun May 18 14:14:30 2025 by rpki-client