Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/22998FF4F01F11EF8A7F3F0BC4F9AE02.roa
File: 22998FF4F01F11EF8A7F3F0BC4F9AE02.roa (raw, json)
Hash identifier: Qap3YfI+8sQ6+xrWJrwSilklmcFOa59EIynlwBuesxE=
Subject key identifier: 85:D3:81:06:C2:FE:76:0A:0D:3F:8A:71:01:E9:B1:CB:6E:9E:9B:DA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A73D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/22998FF4F01F11EF8A7F3F0BC4F9AE02.roa
Signing time: Fri 21 Feb 2025 06:43:19 +0000
ROA not before: Fri 21 Feb 2025 06:43:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
43.229.200.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
43.239.112.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
103.10.188.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.26.169.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.36.104.0/22 maxlen: 24
103.41.40.0/22 maxlen: 24
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.132.203.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.139.88.0/23 maxlen: 24
103.142.64.0/23 maxlen: 24
103.143.109.0/24 maxlen: 24
103.143.215.0/24 maxlen: 24
103.144.112.0/23 maxlen: 24
103.154.26.0/24 maxlen: 24
103.155.194.0/23 maxlen: 24
103.157.69.0/24 maxlen: 24
103.158.111.0/24 maxlen: 24
103.158.180.0/24 maxlen: 24
103.159.137.0/24 maxlen: 24
103.167.157.0/24 maxlen: 24
103.169.58.0/23 maxlen: 24
103.171.8.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.174.42.0/23 maxlen: 24
103.175.106.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.224.50.0/23 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.228.184.0/22 maxlen: 24
103.236.112.0/22 maxlen: 24
103.254.200.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Feb 2025 11:28:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42813 (0xa73d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 21 06:43:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67b82087-286a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c8:23:9b:63:de:30:db:24:35:dd:05:ba:b2:
3f:df:3f:1b:2a:68:fe:41:a6:04:93:9d:9b:13:8f:
dc:34:33:a1:fd:e7:71:14:b7:1c:29:04:ef:5e:14:
a1:f8:bc:98:6e:be:c7:e7:29:0e:2a:91:fb:02:67:
d3:a7:af:93:c8:50:65:dc:d1:df:27:e5:18:03:7e:
a2:51:09:98:b5:a0:8e:50:d1:62:ea:21:07:46:03:
7a:eb:02:fa:d0:c9:03:36:43:75:c1:6f:1e:9a:23:
98:19:b2:21:df:28:66:6f:cc:fc:3e:34:88:d7:88:
96:96:5d:8a:97:ca:b3:ba:d4:51:ed:2d:5d:c1:cf:
c2:0f:4e:6f:84:1e:47:e4:59:98:69:b1:88:7b:24:
dd:e2:85:70:40:86:c3:1d:d9:e6:2f:e5:6e:d5:c7:
50:9d:04:ab:88:30:88:43:60:8d:77:c5:ef:22:d0:
2b:cd:94:fb:d1:48:3d:f2:2e:1c:34:17:49:9e:6e:
d4:fb:73:d1:9d:0d:73:68:e7:13:e4:d5:7e:07:16:
5b:d1:f3:79:a7:39:9e:eb:44:8a:ba:40:ae:c5:48:
a8:52:77:c6:ca:56:e2:70:9e:fe:6c:f8:80:22:f5:
1e:6d:cb:4d:a8:d8:6b:22:95:b3:ce:f8:64:33:d8:
39:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D3:81:06:C2:FE:76:0A:0D:3F:8A:71:01:E9:B1:CB:6E:9E:9B:DA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/22998FF4F01F11EF8A7F3F0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
43.229.200.0/22
43.231.116.0/22
43.239.112.0/22
45.114.156.0/22
103.10.188.0/22
103.14.196.0/22
103.16.140.0/22
103.26.169.0/24
103.27.168.0/24
103.27.170.0/23
103.36.104.0/22
103.41.40.0/22
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.82.144.0/22
103.86.20.0/22
103.88.124.0/22
103.108.76.0/22
103.111.128.0/22
103.118.8.0/22
103.132.203.0/24
103.133.116.0/24
103.139.88.0/23
103.142.64.0/23
103.143.109.0/24
103.143.215.0/24
103.144.112.0/23
103.154.26.0/24
103.155.194.0/23
103.157.69.0/24
103.158.111.0/24
103.158.180.0/24
103.159.137.0/24
103.167.157.0/24
103.169.58.0/23
103.171.8.0/23
103.171.236.0/23
103.173.14.0/23
103.173.41.0/24
103.174.42.0/23
103.175.106.0/23
103.180.216.0/23
103.192.72.0/22
103.199.92.0/22
103.200.48.0/22
103.206.64.0/22
103.212.132.0/22
103.224.50.0/23
103.226.224.0/22
103.228.172.0/22
103.228.184.0/22
103.236.112.0/22
103.254.200.0/22
137.59.204.0/22
139.5.96.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
37:02:2b:74:08:45:c1:4e:6c:ac:ba:f8:13:62:e0:ff:28:11:
61:1c:73:b4:b4:f6:72:60:c7:c8:a8:bc:aa:74:c6:32:c9:a3:
11:50:aa:be:a0:89:72:12:2f:f7:c2:77:b8:76:c3:a3:53:c2:
1a:1f:58:59:43:35:09:6b:1b:3a:cc:5c:59:07:e7:f6:6c:83:
46:2e:2a:5f:cf:91:c8:cd:e5:76:e7:0d:fe:c7:3b:3a:eb:25:
55:5c:f1:8d:6f:2d:7e:f4:22:ef:0e:28:93:7e:f1:e3:a2:d7:
6f:78:6f:d1:1d:cf:5a:bc:68:93:23:2e:e3:58:66:26:bc:af:
d5:cd:b1:45:f9:e8:cb:1e:ed:09:49:77:fe:27:03:71:f7:ae:
71:16:d5:94:55:2c:8c:ab:21:b7:98:54:fe:14:62:f8:73:79:
5a:bc:69:27:0a:d7:31:31:56:fd:f2:aa:8a:a7:ba:0d:07:56:
b6:15:2e:3b:79:82:75:52:35:c8:90:cd:fb:8e:ed:5b:49:6e:
22:ea:2c:9d:fd:d9:80:2a:c2:9f:2e:21:c2:18:37:14:06:a2:
5a:3b:6e:11:0d:9d:ed:52:21:5e:aa:b0:f8:bc:d4:2b:0a:1a:
c5:54:12:59:2f:ec:99:f2:f6:a9:78:97:42:33:3e:9f:75:0b:
7e:09:34:38
-----BEGIN CERTIFICATE-----
MIIHAzCCBeugAwIBAgIDAKc9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIyMTA2NDMxOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdiODIwODctMjg2YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3II5tj3jDbJDXdBbqyP98/Gypo/kGmBJOdmxOP3DQzof3ncRS3HCkE714U
ofi8mG6+x+cpDiqR+wJn06evk8hQZdzR3yflGAN+olEJmLWgjlDRYuohB0YDeusC
+tDJAzZDdcFvHpojmBmyId8oZm/M/D40iNeIlpZdipfKs7rUUe0tXcHPwg9Ob4Qe
R+RZmGmxiHsk3eKFcECGwx3Z5i/lbtXHUJ0Eq4gwiENgjXfF7yLQK82U+9FIPfIu
HDQXSZ5u1Ptz0Z0Nc2jnE+TVfgcWW9Hzeac5nutEirpArsVIqFJ3xspW4nCe/mz4
gCL1Hm3LTajYayKVs874ZDPYOUkCAwEAAaOCBCYwggQiMB0GA1UdDgQWBBSF04EG
wv52Cg0/inEB6bHLbp6b2jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIyOTk4RkY0
RjAxRjExRUY4QTdGM0YwQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBrgYIKwYBBQUHAQcB
Af8EggGdMIIBmTCCAXAEAgABMIIBaAMEAivhAAMEAivlyAMEAivndAMEAivvcAME
Ai1ynAMEAmcKvAMEAmcOxAMEAmcQjAMEAGcaqQMEAGcbqAMEAWcbqgMEAmckaAME
AmcpKAMEAGcvmAMEAmczXAMEAmc0MAMEAmc2YAMEAmc3VAMEAmdSkAMEAmdWFAME
AmdYfAMEAmdsTAMEAmdvgAMEAmd2CAMEAGeEywMEAGeFdAMEAWeLWAMEAWeOQAME
AGePbQMEAGeP1wMEAWeQcAMEAGeaGgMEAWebwgMEAGedRQMEAGeebwMEAGeetAME
AGefiQMEAGennQMEAWepOgMEAWerCAMEAWer7AMEAWetDgMEAGetKQMEAWeuKgME
AWevagMEAWe02AMEAmfASAMEAmfHXAMEAmfIMAMEAmfOQAMEAmfUhAMEAWfgMgME
Amfi4AMEAmfkrAMEAmfkuAMEAmfscAMEAmf+yAMEAok7zAMEAosFYAMEAsu/ODAj
BAIAAjAdMBIDBwEkANGAAGYDBwEkANGAAGgDBwEkANGAAHAwDQYJKoZIhvcNAQEL
BQADggEBADcCK3QIRcFObKy6+BNi4P8oEWEcc7S09nJgx8iovKp0xjLJoxFQqr6g
iXISL/fCd7h2w6NTwhofWFlDNQlrGzrMXFkH5/Zsg0YuKl/PkcjN5XbnDf7HOzrr
JVVc8Y1vLX70Iu8OKJN+8eOi1294b9Edz1q8aJMjLuNYZia8r9XNsUX56Mse7QlJ
d/4nA3H3rnEW1ZRVLIyrIbeYVP4UYvhzeVq8aScK1zExVv3yqoqnug0HVrYVLjt5
gnVSNciQzfuO7VtJbiLqLJ392YAqwp8uIcIYNxQGolo7bhENne1SIV6qsPi81CsK
GsVUElkv7Jny9ql4l0IzPp91C34JNDg=
-----END CERTIFICATE-----
Generated at Tue May 13 22:48:31 2025 by rpki-client