Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/428CEA5AFE6011EFA346B084C4F9AE02.roa
File: 428CEA5AFE6011EFA346B084C4F9AE02.roa (raw, json)
Hash identifier: 1LfsbmFVdyDggbO8LTVNTMPT8SKfpJvcoCQAv7zesuc=
Subject key identifier: D2:76:73:26:68:56:DD:7A:E1:D0:AC:1A:1A:72:F6:4F:52:3F:73:BF
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AA3D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/428CEA5AFE6011EFA346B084C4F9AE02.roa
Signing time: Tue 11 Mar 2025 11:16:30 +0000
ROA not before: Tue 11 Mar 2025 11:16:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.229.200.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
43.239.112.0/22 maxlen: 24
43.239.152.0/22 maxlen: 24
45.113.248.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
45.251.32.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.26.169.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.41.40.0/22 maxlen: 24
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.98.79.0/24 maxlen: 24
103.99.48.0/23 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.127.188.0/22 maxlen: 24
103.132.203.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.137.48.0/22 maxlen: 24
103.139.88.0/23 maxlen: 24
103.142.64.0/23 maxlen: 24
103.143.180.0/23 maxlen: 24
103.143.215.0/24 maxlen: 24
103.144.112.0/23 maxlen: 24
103.154.26.0/24 maxlen: 24
103.155.170.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.157.50.0/23 maxlen: 24
103.157.69.0/24 maxlen: 24
103.158.111.0/24 maxlen: 24
103.158.180.0/24 maxlen: 24
103.158.216.0/23 maxlen: 24
103.159.137.0/24 maxlen: 24
103.162.80.0/23 maxlen: 24
103.166.220.0/23 maxlen: 24
103.169.58.0/23 maxlen: 24
103.171.8.0/23 maxlen: 24
103.171.54.0/23 maxlen: 24
103.171.60.0/23 maxlen: 24
103.171.208.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.172.46.0/23 maxlen: 24
103.172.56.0/23 maxlen: 24
103.172.90.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.174.26.0/23 maxlen: 24
103.174.42.0/23 maxlen: 24
103.175.12.0/23 maxlen: 24
103.175.58.0/23 maxlen: 24
103.175.106.0/23 maxlen: 24
103.176.142.0/24 maxlen: 24
103.180.216.0/23 maxlen: 24
103.190.12.0/23 maxlen: 24
103.191.86.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.199.144.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.219.204.0/22 maxlen: 24
103.224.50.0/23 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.228.184.0/22 maxlen: 24
103.236.112.0/22 maxlen: 24
103.245.170.0/23 maxlen: 24
103.249.88.0/22 maxlen: 24
103.254.96.0/22 maxlen: 24
103.254.200.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
2406:68c0::/32 maxlen: 40
2407:1340::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Mar 2025 11:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43581 (0xaa3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 11 11:16:29 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67d01b8d-feb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:13:f7:63:60:15:b6:7d:89:49:0e:6b:1d:41:
5e:09:f2:73:76:7e:29:2b:3d:8f:3d:c7:e7:de:ba:
c4:a3:d2:73:67:dc:09:8a:f3:d8:4f:da:34:37:ef:
b3:a3:17:06:f2:24:08:b2:8f:01:6c:bd:95:3b:32:
26:5e:d1:bd:ea:37:87:13:46:c1:3e:9a:a7:34:d0:
8e:9d:61:27:83:52:1a:79:e4:f2:2a:8e:20:0f:e3:
8b:9d:89:c9:dd:63:5f:58:96:35:e9:17:21:7c:fb:
a7:5a:76:9e:34:d5:d8:3b:7e:16:11:9e:ce:41:4d:
96:15:9f:24:fc:6f:7f:38:20:58:f4:1b:0e:41:43:
36:e8:85:28:04:e4:6f:83:b6:61:dc:69:5d:63:d8:
22:fd:66:ec:8b:12:84:bb:51:41:b9:9a:a6:3f:ca:
e5:24:e6:01:03:72:49:df:9f:96:6d:46:e9:65:38:
00:55:78:84:f4:e3:a9:80:1b:00:59:37:31:01:e0:
bd:a0:b7:42:55:7f:c7:01:b3:6f:66:50:12:4a:b0:
28:18:a0:c1:92:e9:8e:14:81:8c:89:90:7d:56:af:
77:05:b6:3e:60:64:24:05:79:b8:a9:ee:39:75:92:
70:cb:1e:d1:23:3d:c3:18:97:eb:69:bc:0b:de:73:
44:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:76:73:26:68:56:DD:7A:E1:D0:AC:1A:1A:72:F6:4F:52:3F:73:BF
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/428CEA5AFE6011EFA346B084C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.200.0/22
43.231.116.0/22
43.239.112.0/22
43.239.152.0/22
45.113.248.0/22
45.114.156.0/22
45.251.32.0/22
103.14.196.0/22
103.16.140.0/22
103.26.169.0/24
103.27.168.0/24
103.27.170.0/23
103.41.40.0/22
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.82.144.0/22
103.86.20.0/22
103.88.124.0/22
103.98.79.0/24
103.99.48.0/23
103.108.76.0/22
103.111.128.0/22
103.118.8.0/22
103.127.188.0/22
103.132.203.0/24
103.133.116.0/24
103.137.48.0/22
103.139.88.0/23
103.142.64.0/23
103.143.180.0/23
103.143.215.0/24
103.144.112.0/23
103.154.26.0/24
103.155.170.0/23
103.155.194.0/23
103.157.50.0/23
103.157.69.0/24
103.158.111.0/24
103.158.180.0/24
103.158.216.0/23
103.159.137.0/24
103.162.80.0/23
103.166.220.0/23
103.169.58.0/23
103.171.8.0/23
103.171.54.0/23
103.171.60.0/23
103.171.208.0/23
103.171.236.0/23
103.172.46.0/23
103.172.56.0/23
103.172.90.0/23
103.173.14.0/23
103.173.41.0/24
103.174.26.0/23
103.174.42.0/23
103.175.12.0/23
103.175.58.0/23
103.175.106.0/23
103.176.142.0/24
103.180.216.0/23
103.190.12.0/23
103.191.86.0/23
103.192.72.0/22
103.199.92.0/22
103.199.144.0/22
103.200.48.0/22
103.206.64.0/22
103.212.132.0/22
103.219.204.0/22
103.224.50.0/23
103.226.224.0/22
103.228.172.0/22
103.228.184.0/22
103.236.112.0/22
103.245.170.0/23
103.249.88.0/22
103.254.96.0/22
103.254.200.0/22
137.59.204.0/22
139.5.96.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
2406:68c0::/32
2407:1340::/32
Signature Algorithm: sha256WithRSAEncryption
3a:c0:1d:f0:1e:3c:08:6f:56:65:75:a1:8c:00:6e:d8:b4:18:
ae:54:94:1a:fa:5b:83:54:a5:73:9d:c8:42:50:fe:d7:04:71:
69:d8:51:86:ab:ad:b0:75:d6:f4:a9:c6:eb:e6:11:fc:09:39:
fa:78:65:23:09:d0:93:a9:08:f8:4e:1b:c3:44:8c:38:6a:45:
57:9f:58:dc:60:d7:e5:a9:b5:62:6a:62:41:b0:e1:8b:f1:19:
49:5d:b5:2f:d9:b3:4e:4b:8c:64:0c:12:4d:7b:b0:23:98:e6:
b8:35:e0:81:2c:f5:8a:5f:b5:2b:6e:86:b6:dd:65:20:76:0e:
67:ab:19:6f:bc:62:c1:f3:fc:60:32:cd:5f:5a:5a:33:9b:9c:
2f:b5:25:de:81:a5:a8:57:be:13:fc:23:39:0e:a1:eb:65:b1:
19:fe:e7:ef:04:30:02:f0:14:7e:92:57:3b:a5:e0:a5:2d:42:
c5:ea:d4:f5:5b:cf:9f:f7:69:b8:c4:bd:e5:1b:67:8a:ad:97:
e2:dc:6d:32:4f:94:17:2e:42:f8:bf:bf:27:37:68:54:9d:65:
4b:d8:25:d6:69:71:19:5a:50:50:0d:cb:49:72:28:4d:3e:e7:
df:c5:13:d5:69:d1:6e:b4:0a:92:19:15:60:7c:a3:aa:74:21:
02:22:3a:9d
-----BEGIN CERTIFICATE-----
MIIHpzCCBo+gAwIBAgIDAKo9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMxMTExMTYyOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdkMDFiOGQtZmViMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYT92NgFbZ9iUkOax1BXgnyc3Z+KSs9jz3H5966xKPSc2fcCYrz2E/aNDfv
s6MXBvIkCLKPAWy9lTsyJl7Rveo3hxNGwT6apzTQjp1hJ4NSGnnk8iqOIA/ji52J
yd1jX1iWNekXIXz7p1p2njTV2Dt+FhGezkFNlhWfJPxvfzggWPQbDkFDNuiFKATk
b4O2YdxpXWPYIv1m7IsShLtRQbmapj/K5STmAQNySd+flm1G6WU4AFV4hPTjqYAb
AFk3MQHgvaC3QlV/xwGzb2ZQEkqwKBigwZLpjhSBjImQfVavdwW2PmBkJAV5uKnu
OXWScMse0SM9wxiX62m8C95zRCMCAwEAAaOCBMowggTGMB0GA1UdDgQWBBTSdnMm
aFbdeuHQrBoacvZPUj9zvzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQyOENFQTVB
RkU2MDExRUZBMzQ2QjA4NEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIICUgYIKwYBBQUHAQcB
Af8EggJBMIICPTCCAgYEAgABMIIB/gMEAivlyAMEAivndAMEAivvcAMEAivvmAME
Ai1x+AMEAi1ynAMEAi37IAMEAmcOxAMEAmcQjAMEAGcaqQMEAGcbqAMEAWcbqgME
AmcpKAMEAGcvmAMEAmczXAMEAmc0MAMEAmc2YAMEAmc3VAMEAmdSkAMEAmdWFAME
AmdYfAMEAGdiTwMEAWdjMAMEAmdsTAMEAmdvgAMEAmd2CAMEAmd/vAMEAGeEywME
AGeFdAMEAmeJMAMEAWeLWAMEAWeOQAMEAWePtAMEAGeP1wMEAWeQcAMEAGeaGgME
AWebqgMEAWebwgMEAWedMgMEAGedRQMEAGeebwMEAGeetAMEAWee2AMEAGefiQME
AWeiUAMEAWem3AMEAWepOgMEAWerCAMEAWerNgMEAWerPAMEAWer0AMEAWer7AME
AWesLgMEAWesOAMEAWesWgMEAWetDgMEAGetKQMEAWeuGgMEAWeuKgMEAWevDAME
AWevOgMEAWevagMEAGewjgMEAWe02AMEAWe+DAMEAWe/VgMEAmfASAMEAmfHXAME
AmfHkAMEAmfIMAMEAmfOQAMEAmfUhAMEAmfbzAMEAWfgMgMEAmfi4AMEAmfkrAME
AmfkuAMEAmfscAMEAWf1qgMEAmf5WAMEAmf+YAMEAmf+yAMEAok7zAMEAosFYAME
Asu/ODAxBAIAAjArMBIDBwEkANGAAGYDBwEkANGAAGgDBwEkANGAAHADBQAkBmjA
AwUAJAcTQDANBgkqhkiG9w0BAQsFAAOCAQEAOsAd8B48CG9WZXWhjABu2LQYrlSU
Gvpbg1Slc53IQlD+1wRxadhRhqutsHXW9KnG6+YR/Ak5+nhlIwnQk6kI+E4bw0SM
OGpFV59Y3GDX5am1YmpiQbDhi/EZSV21L9mzTkuMZAwSTXuwI5jmuDXggSz1il+1
K26Gtt1lIHYOZ6sZb7xiwfP8YDLNX1paM5ucL7Ul3oGlqFe+E/wjOQ6h62WxGf7n
7wQwAvAUfpJXO6XgpS1CxerU9VvPn/dpuMS95Rtniq2X4txtMk+UFy5C+L+/Jzdo
VJ1lS9gl1mlxGVpQUA3LSXIoTT7n38UT1WnRbrQKkhkVYHyjqnQhAiI6nQ==
-----END CERTIFICATE-----
Generated at Wed May 14 14:57:13 2025 by rpki-client