Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3AAE9B02FF1A11EFBAB37034C4F9AE02.roa
File: 3AAE9B02FF1A11EFBAB37034C4F9AE02.roa (raw, json)
Hash identifier: UeInZgHrdXCDAt5sRrFR7Wz7Ka4zXbxh9hWExUYHa6I=
Subject key identifier: 8E:C7:0A:74:38:78:9E:B6:00:56:F1:DC:6F:F2:1B:34:20:1F:34:BB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AAA1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3AAE9B02FF1A11EFBAB37034C4F9AE02.roa
Signing time: Wed 12 Mar 2025 08:15:59 +0000
ROA not before: Wed 12 Mar 2025 08:15:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45916
IP address blocks: 14.192.28.0/22 maxlen: 24
27.116.48.0/21 maxlen: 24
27.121.100.0/22 maxlen: 24
43.224.0.0/22 maxlen: 24
43.224.8.0/22 maxlen: 24
43.230.212.0/22 maxlen: 24
43.231.56.0/23 maxlen: 24
43.231.58.0/24 maxlen: 24
43.231.59.0/24 maxlen: 24
43.239.200.0/22 maxlen: 22
43.239.200.0/24 maxlen: 24
43.239.201.0/24 maxlen: 24
43.239.202.0/24 maxlen: 24
43.239.203.0/24 maxlen: 24
43.241.140.0/22 maxlen: 24
43.241.144.0/22 maxlen: 24
43.241.192.0/22 maxlen: 24
43.242.116.0/22 maxlen: 24
43.242.120.0/22 maxlen: 24
43.243.36.0/22 maxlen: 24
43.248.32.0/22 maxlen: 24
43.249.216.0/22 maxlen: 24
43.249.228.0/22 maxlen: 24
43.249.232.0/22 maxlen: 24
43.250.156.0/22 maxlen: 24
43.250.164.0/22 maxlen: 24
43.251.72.0/22 maxlen: 24
43.251.220.0/22 maxlen: 24
43.252.196.0/24 maxlen: 24
43.252.197.0/24 maxlen: 24
43.252.198.0/24 maxlen: 24
43.252.199.0/24 maxlen: 24
103.1.100.0/22 maxlen: 24
103.15.60.0/22 maxlen: 24
103.21.160.0/22 maxlen: 24
103.36.80.0/22 maxlen: 24
103.38.204.0/22 maxlen: 24
103.39.128.0/22 maxlen: 24
103.50.148.0/24 maxlen: 24
103.50.150.0/24 maxlen: 24
103.50.151.0/24 maxlen: 24
103.81.92.0/22 maxlen: 24
103.84.104.0/23 maxlen: 24
103.84.198.0/23 maxlen: 24
103.85.8.0/22 maxlen: 24
103.86.16.0/22 maxlen: 24
103.94.192.0/22 maxlen: 22
103.94.192.0/24 maxlen: 24
103.94.193.0/24 maxlen: 24
103.94.194.0/24 maxlen: 24
103.94.195.0/24 maxlen: 24
103.95.164.0/22 maxlen: 24
103.161.98.0/23 maxlen: 24
103.175.182.0/23 maxlen: 24
103.176.10.0/23 maxlen: 24
103.182.162.0/24 maxlen: 24
103.206.136.0/22 maxlen: 24
103.209.64.0/22 maxlen: 24
103.216.80.0/22 maxlen: 24
103.226.184.0/22 maxlen: 24
103.228.144.0/22 maxlen: 24
103.232.128.0/22 maxlen: 22
103.232.128.0/24 maxlen: 24
103.232.129.0/24 maxlen: 24
103.232.130.0/24 maxlen: 24
103.232.131.0/24 maxlen: 24
103.238.104.0/22 maxlen: 24
103.238.108.0/22 maxlen: 24
103.240.76.0/22 maxlen: 24
103.240.160.0/22 maxlen: 24
103.240.168.0/22 maxlen: 24
103.240.204.0/22 maxlen: 24
103.240.208.0/22 maxlen: 24
103.241.44.0/22 maxlen: 24
103.241.224.0/22 maxlen: 24
103.245.196.0/22 maxlen: 24
103.246.84.0/24 maxlen: 24
103.246.85.0/24 maxlen: 24
103.246.86.0/24 maxlen: 24
103.246.87.0/24 maxlen: 24
103.249.232.0/22 maxlen: 24
103.250.136.0/22 maxlen: 24
103.250.144.0/22 maxlen: 24
103.250.148.0/22 maxlen: 24
103.250.152.0/22 maxlen: 24
103.250.156.0/22 maxlen: 24
103.250.160.0/22 maxlen: 24
103.250.164.0/22 maxlen: 24
103.250.188.0/22 maxlen: 24
103.251.16.0/22 maxlen: 24
103.251.56.0/22 maxlen: 24
103.251.212.0/22 maxlen: 24
103.251.216.0/22 maxlen: 24
103.251.224.0/22 maxlen: 24
113.20.16.0/22 maxlen: 24
150.107.188.0/22 maxlen: 24
150.107.232.0/22 maxlen: 24
150.107.240.0/22 maxlen: 24
150.107.252.0/22 maxlen: 24
150.129.52.0/23 maxlen: 24
150.129.54.0/23 maxlen: 24
150.129.104.0/22 maxlen: 24
150.129.112.0/22 maxlen: 24
150.129.148.0/22 maxlen: 24
150.129.164.0/22 maxlen: 24
150.129.168.0/22 maxlen: 24
150.129.200.0/22 maxlen: 24
150.129.204.0/22 maxlen: 24
157.119.204.0/22 maxlen: 24
163.53.176.0/22 maxlen: 24
163.53.208.0/22 maxlen: 24
182.237.8.0/22 maxlen: 24
182.237.12.0/22 maxlen: 24
183.182.88.0/24 maxlen: 24
183.182.89.0/24 maxlen: 24
183.182.90.0/24 maxlen: 24
183.182.91.0/24 maxlen: 24
2402:a00::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Mar 2025 08:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43681 (0xaaa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 12 08:15:59 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67d142bf-abb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d1:7b:15:9c:02:e1:5b:fb:2e:61:0e:9b:0f:
96:d6:87:43:5d:51:ac:5b:cc:5b:50:7b:d4:00:78:
00:88:b3:91:09:b9:df:44:fd:65:06:1f:8a:3f:47:
62:d1:71:5a:a8:08:32:cb:21:b5:a4:8e:79:ec:8a:
06:eb:30:d9:30:fd:f7:d4:5a:62:66:e0:d1:d7:d6:
c8:7f:1b:33:91:42:28:34:b4:5a:51:80:e5:33:58:
ff:53:ed:4f:30:0d:b2:7b:6d:2e:79:39:0d:b9:d2:
34:e4:b0:b6:6e:35:ea:a0:b4:a0:f1:68:2d:66:02:
be:ad:19:85:6b:c8:b0:d6:47:40:27:21:b1:1a:b5:
b2:f9:93:f0:9f:62:8d:49:6b:d8:8b:e0:14:56:95:
b4:85:3a:bd:cf:de:45:b9:32:3e:5a:31:93:56:67:
81:c6:63:47:cb:28:69:e4:80:dd:e3:04:16:2f:7c:
b3:dd:63:af:dc:d2:7a:50:05:44:50:e4:05:08:62:
2f:c2:de:ad:6c:fa:55:b5:82:39:9d:97:59:cb:9d:
53:b1:c8:95:bf:15:ef:d4:8d:ee:e6:ba:18:d8:8f:
56:b2:76:45:0d:1f:94:5f:72:96:53:75:a9:87:6c:
10:90:34:e1:c0:9e:9f:48:32:03:8d:cf:0e:38:e0:
81:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C7:0A:74:38:78:9E:B6:00:56:F1:DC:6F:F2:1B:34:20:1F:34:BB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3AAE9B02FF1A11EFBAB37034C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.28.0/22
27.116.48.0/21
27.121.100.0/22
43.224.0.0/22
43.224.8.0/22
43.230.212.0/22
43.231.56.0/22
43.239.200.0/22
43.241.140.0-43.241.147.255
43.241.192.0/22
43.242.116.0-43.242.123.255
43.243.36.0/22
43.248.32.0/22
43.249.216.0/22
43.249.228.0-43.249.235.255
43.250.156.0/22
43.250.164.0/22
43.251.72.0/22
43.251.220.0/22
43.252.196.0/22
103.1.100.0/22
103.15.60.0/22
103.21.160.0/22
103.36.80.0/22
103.38.204.0/22
103.39.128.0/22
103.50.148.0/24
103.50.150.0/23
103.81.92.0/22
103.84.104.0/23
103.84.198.0/23
103.85.8.0/22
103.86.16.0/22
103.94.192.0/22
103.95.164.0/22
103.161.98.0/23
103.175.182.0/23
103.176.10.0/23
103.182.162.0/24
103.206.136.0/22
103.209.64.0/22
103.216.80.0/22
103.226.184.0/22
103.228.144.0/22
103.232.128.0/22
103.238.104.0/21
103.240.76.0/22
103.240.160.0/22
103.240.168.0/22
103.240.204.0-103.240.211.255
103.241.44.0/22
103.241.224.0/22
103.245.196.0/22
103.246.84.0/22
103.249.232.0/22
103.250.136.0/22
103.250.144.0-103.250.167.255
103.250.188.0/22
103.251.16.0/22
103.251.56.0/22
103.251.212.0-103.251.219.255
103.251.224.0/22
113.20.16.0/22
150.107.188.0/22
150.107.232.0/22
150.107.240.0/22
150.107.252.0/22
150.129.52.0/22
150.129.104.0/22
150.129.112.0/22
150.129.148.0/22
150.129.164.0-150.129.171.255
150.129.200.0/21
157.119.204.0/22
163.53.176.0/22
163.53.208.0/22
182.237.8.0/21
183.182.88.0/22
IPv6:
2402:a00::/32
Signature Algorithm: sha256WithRSAEncryption
0b:ae:cb:4d:3e:4e:ca:e5:36:9f:6f:df:45:e8:0f:09:85:2a:
3a:52:4d:c5:74:72:4c:e3:8e:94:b8:f9:fe:12:4f:c1:2b:93:
61:42:ec:22:45:f8:a5:5d:83:76:ef:5e:31:36:e5:f0:a4:7d:
d0:bb:43:b1:4f:0a:05:6e:aa:ce:66:5f:ef:cb:20:59:88:01:
5a:b0:2f:06:71:a6:75:58:af:7e:81:62:77:0d:41:33:9d:4a:
f7:33:f8:b3:74:c7:93:9c:1d:d8:5b:c9:00:4e:b2:7e:9f:de:
5f:62:fd:37:96:a7:5d:6e:96:38:77:27:20:83:3f:51:64:23:
24:b2:6b:0b:5f:0c:86:e0:32:06:4c:77:53:8a:c8:6b:bc:a9:
df:9a:85:37:ba:79:a8:6d:a2:96:36:d6:e9:69:b7:bd:4e:16:
eb:0a:bd:1b:4f:91:3a:65:bb:1f:39:e8:75:15:08:1f:f7:c8:
00:42:53:e1:f9:f5:98:37:c3:45:24:a7:be:42:fe:ad:36:dc:
68:ea:f0:14:3f:b7:3c:b5:3c:9a:83:30:d4:e1:e1:56:56:5d:
59:7d:fd:99:a9:50:f4:63:47:a8:ba:50:77:c1:c7:06:ad:ec:
b1:65:2b:f7:cf:a2:77:c1:6b:6e:80:bf:5e:bc:7f:7d:78:a4:
41:f5:da:0b
-----BEGIN CERTIFICATE-----
MIIHkTCCBnmgAwIBAgIDAKqhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMxMjA4MTU1OVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdkMTQyYmYtYWJiODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHRexWcAuFb+y5hDpsPltaHQ11RrFvMW1B71AB4AIizkQm530T9ZQYfij9H
YtFxWqgIMsshtaSOeeyKBusw2TD999RaYmbg0dfWyH8bM5FCKDS0WlGA5TNY/1Pt
TzANsnttLnk5DbnSNOSwtm416qC0oPFoLWYCvq0ZhWvIsNZHQCchsRq1svmT8J9i
jUlr2IvgFFaVtIU6vc/eRbkyPloxk1ZngcZjR8soaeSA3eMEFi98s91jr9zSelAF
RFDkBQhiL8LerWz6VbWCOZ2XWcudU7HIlb8V79SN7ua6GNiPVrJ2RQ0flF9yllN1
qYdsEJA04cCen0gyA43PDjjggbsCAwEAAaOCBLQwggSwMB0GA1UdDgQWBBSOxwp0
OHietgBW8dxv8hs0IB80uzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzNBQUU5QjAy
RkYxQTExRUZCQUIzNzAzNEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIICPAYIKwYBBQUHAQcB
Af8EggIrMIICJzCCAhQEAgABMIICDAMEAg7AHAMEAxt0MAMEAht5ZAMEAivgAAME
AivgCAMEAivm1AMEAivnOAMEAivvyDAMAwQCK/GMAwQCK/GQAwQCK/HAMAwDBAIr
8nQDBAIr8ngDBAIr8yQDBAIr+CADBAIr+dgwDAMEAiv55AMEAiv56AMEAiv6nAME
Aiv6pAMEAiv7SAMEAiv73AMEAiv8xAMEAmcBZAMEAmcPPAMEAmcVoAMEAmckUAME
AmcmzAMEAmcngAMEAGcylAMEAWcylgMEAmdRXAMEAWdUaAMEAWdUxgMEAmdVCAME
AmdWEAMEAmdewAMEAmdfpAMEAWehYgMEAWevtgMEAWewCgMEAGe2ogMEAmfOiAME
AmfRQAMEAmfYUAMEAmfiuAMEAmfkkAMEAmfogAMEA2fuaAMEAmfwTAMEAmfwoAME
AmfwqDAMAwQCZ/DMAwQCZ/DQAwQCZ/EsAwQCZ/HgAwQCZ/XEAwQCZ/ZUAwQCZ/no
AwQCZ/qIMAwDBARn+pADBANn+qADBAJn+rwDBAJn+xADBAJn+zgwDAMEAmf71AME
Amf72AMEAmf74AMEAnEUEAMEApZrvAMEApZr6AMEApZr8AMEApZr/AMEApaBNAME
ApaBaAMEApaBcAMEApaBlDAMAwQCloGkAwQCloGoAwQDloHIAwQCnXfMAwQCozWw
AwQCozXQAwQDtu0IAwQCt7ZYMA0EAgACMAcDBQAkAgoAMA0GCSqGSIb3DQEBCwUA
A4IBAQALrstNPk7K5Tafb99F6A8JhSo6Uk3FdHJM446UuPn+Ek/BK5NhQuwiRfil
XYN2714xNuXwpH3Qu0OxTwoFbqrOZl/vyyBZiAFasC8GcaZ1WK9+gWJ3DUEznUr3
M/izdMeTnB3YW8kATrJ+n95fYv03lqddbpY4dycggz9RZCMksmsLXwyG4DIGTHdT
ishrvKnfmoU3unmobaKWNtbpabe9ThbrCr0bT5E6ZbsfOeh1FQgf98gAQlPh+fWY
N8NFJKe+Qv6tNtxo6vAUP7c8tTyagzDU4eFWVl1Zff2ZqVD0Y0eoulB3wccGreyx
ZSv3z6J3wWtugL9evH99eKRB9doL
-----END CERTIFICATE-----
Generated at Wed May 14 14:10:37 2025 by rpki-client