Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8937A56225A711F0A6698E61C4F9AE02.roa
File: 8937A56225A711F0A6698E61C4F9AE02.roa (raw, json)
Hash identifier: 5LBSeN1yXuFjT8DOFM/ETZAM/r1dORezGtcwP5fR7wU=
Subject key identifier: FF:3B:1C:F1:6E:18:9E:AF:49:FF:CC:07:2E:5F:AD:1F:E9:3B:D7:84
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B02C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8937A56225A711F0A6698E61C4F9AE02.roa
Signing time: Wed 30 Apr 2025 09:43:14 +0000
ROA not before: Wed 30 Apr 2025 09:43:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133676
IP address blocks: 36.50.82.0/24 maxlen: 24
43.225.74.0/24 maxlen: 24
43.230.196.0/22 maxlen: 24
43.239.132.0/22 maxlen: 24
43.240.4.0/24 maxlen: 24
43.240.5.0/24 maxlen: 24
43.240.6.0/24 maxlen: 24
43.240.7.0/24 maxlen: 24
43.250.252.0/22 maxlen: 24
45.64.8.0/24 maxlen: 24
45.64.9.0/24 maxlen: 24
45.64.10.0/24 maxlen: 24
45.64.11.0/24 maxlen: 24
45.248.24.0/24 maxlen: 24
45.248.25.0/24 maxlen: 24
45.248.26.0/23 maxlen: 24
103.42.88.0/22 maxlen: 24
103.47.12.0/23 maxlen: 24
103.47.14.0/24 maxlen: 24
103.47.15.0/24 maxlen: 24
103.47.72.0/23 maxlen: 24
103.47.74.0/23 maxlen: 24
103.47.172.0/23 maxlen: 24
103.47.174.0/23 maxlen: 24
103.49.232.0/23 maxlen: 24
103.54.24.0/23 maxlen: 24
103.54.26.0/24 maxlen: 24
103.62.147.0/24 maxlen: 24
103.80.34.0/23 maxlen: 24
103.82.72.0/22 maxlen: 24
103.85.118.0/23 maxlen: 24
103.87.204.0/22 maxlen: 24
103.93.172.0/22 maxlen: 24
103.93.212.0/23 maxlen: 24
103.98.53.0/24 maxlen: 24
103.101.116.0/24 maxlen: 24
103.101.117.0/24 maxlen: 24
103.101.118.0/23 maxlen: 24
103.103.163.0/24 maxlen: 24
103.105.228.0/23 maxlen: 24
103.105.230.0/23 maxlen: 24
103.109.180.0/23 maxlen: 24
103.109.182.0/23 maxlen: 24
103.114.188.0/23 maxlen: 24
103.118.180.0/22 maxlen: 24
103.153.208.0/23 maxlen: 24
103.173.218.0/24 maxlen: 24
103.177.202.0/23 maxlen: 24
103.178.58.0/24 maxlen: 24
103.178.59.0/24 maxlen: 24
103.181.90.0/23 maxlen: 24
103.182.44.0/23 maxlen: 24
103.182.160.0/23 maxlen: 24
103.184.184.0/23 maxlen: 24
103.186.44.0/23 maxlen: 24
103.189.146.0/24 maxlen: 24
103.189.147.0/24 maxlen: 24
103.191.182.0/23 maxlen: 24
103.191.234.0/23 maxlen: 24
103.195.26.0/23 maxlen: 24
103.204.168.0/22 maxlen: 24
103.211.56.0/23 maxlen: 24
103.211.58.0/24 maxlen: 24
103.211.190.0/23 maxlen: 24
103.212.136.0/23 maxlen: 24
103.212.138.0/23 maxlen: 24
103.213.6.0/23 maxlen: 24
103.225.204.0/24 maxlen: 24
103.225.205.0/24 maxlen: 24
103.225.206.0/23 maxlen: 24
103.226.200.0/22 maxlen: 24
103.227.95.0/24 maxlen: 24
103.248.120.0/24 maxlen: 24
103.248.121.0/24 maxlen: 24
103.248.122.0/24 maxlen: 24
103.248.123.0/24 maxlen: 24
139.5.16.0/23 maxlen: 24
139.5.18.0/23 maxlen: 24
2405:5540::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 02 May 2025 06:10:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45100 (0xb02c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 30 09:43:14 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6811f0b2-95b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ba:cc:d8:f2:f7:6d:32:06:29:17:ce:d1:6e:
bd:56:1b:27:b4:75:fe:ec:8e:74:11:1d:a3:08:ee:
5a:38:ed:9f:21:a3:f6:02:a4:e0:df:6e:02:01:48:
c4:09:04:33:70:94:12:32:63:90:31:13:39:24:76:
45:40:77:b6:32:69:63:49:92:0b:ee:1f:e8:1f:5c:
1f:67:7d:cb:ab:fc:3b:76:39:ec:97:97:9f:69:9a:
2f:dd:7d:5d:6a:c8:4e:12:2e:37:e9:40:5e:da:ef:
db:d2:1d:7f:0e:73:31:42:4d:92:8a:62:1f:f9:7d:
e5:97:25:9e:cd:a5:57:82:a0:35:48:ae:f9:c7:67:
c6:71:00:6c:eb:7d:c0:b6:80:54:b2:99:bc:ae:83:
49:72:25:73:81:e1:06:1a:85:3d:9e:59:01:44:f4:
1a:fa:99:71:ba:df:c1:c6:ab:61:c3:8f:e9:ec:e5:
c8:51:37:8e:00:ce:00:89:c5:4d:a4:7c:79:6d:9e:
a5:93:6f:17:45:10:2d:2b:1e:0c:6d:f6:3a:e9:8b:
d4:9a:2c:17:c5:6f:da:92:74:34:eb:a8:73:a7:82:
8c:90:9f:07:2c:b8:77:49:0c:ca:d8:3c:e3:79:0d:
1e:70:d5:84:50:6f:0a:6d:30:08:5a:80:b1:d4:17:
76:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3B:1C:F1:6E:18:9E:AF:49:FF:CC:07:2E:5F:AD:1F:E9:3B:D7:84
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8937A56225A711F0A6698E61C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.82.0/24
43.225.74.0/24
43.230.196.0/22
43.239.132.0/22
43.240.4.0/22
43.250.252.0/22
45.64.8.0/22
45.248.24.0/22
103.42.88.0/22
103.47.12.0/22
103.47.72.0/22
103.47.172.0/22
103.49.232.0/23
103.54.24.0-103.54.26.255
103.62.147.0/24
103.80.34.0/23
103.82.72.0/22
103.85.118.0/23
103.87.204.0/22
103.93.172.0/22
103.93.212.0/23
103.98.53.0/24
103.101.116.0/22
103.103.163.0/24
103.105.228.0/22
103.109.180.0/22
103.114.188.0/23
103.118.180.0/22
103.153.208.0/23
103.173.218.0/24
103.177.202.0/23
103.178.58.0/23
103.181.90.0/23
103.182.44.0/23
103.182.160.0/23
103.184.184.0/23
103.186.44.0/23
103.189.146.0/23
103.191.182.0/23
103.191.234.0/23
103.195.26.0/23
103.204.168.0/22
103.211.56.0-103.211.58.255
103.211.190.0/23
103.212.136.0/22
103.213.6.0/23
103.225.204.0/22
103.226.200.0/22
103.227.95.0/24
103.248.120.0/22
139.5.16.0/22
IPv6:
2405:5540::/32
Signature Algorithm: sha256WithRSAEncryption
b2:6d:35:0a:64:e7:a7:33:34:46:e6:32:b0:5e:bd:4b:c1:fe:
bc:a9:8a:26:73:a2:0c:10:c3:1e:4d:02:08:b1:ae:6a:95:a3:
e2:95:41:a3:9b:33:41:04:93:9c:e7:ea:04:f3:25:51:3a:ea:
13:98:7f:ca:63:2c:2b:9f:8f:40:27:ce:f0:5d:0f:df:22:88:
cf:f7:18:6c:bc:95:6a:e9:f0:a1:71:0d:bc:1c:62:9f:23:58:
27:d8:47:05:86:b9:ba:4d:f9:b3:cf:73:52:d5:bd:d0:f8:5e:
a5:0c:7d:3c:32:3c:d1:6e:64:ec:c0:6d:5a:63:55:1e:f0:a2:
8b:f5:df:84:56:a8:bb:60:da:38:e5:ec:0f:cf:49:8d:12:d4:
49:36:29:9a:53:12:18:2a:f7:ab:85:05:ae:63:4d:38:27:e0:
88:66:e2:81:dc:6c:58:bf:a4:1c:99:82:5a:36:66:e4:0d:56:
b7:38:a8:3e:ea:e4:9d:23:e9:9c:1d:ce:2a:77:a7:21:a7:bb:
72:e5:2c:7d:3b:c6:04:ff:a2:d6:7e:0a:8e:15:8d:0d:7f:f9:
88:57:76:d9:4c:06:eb:97:77:50:17:3d:32:ae:d8:f5:00:8b:
8b:43:fe:c1:85:48:44:cb:74:e4:7e:1a:5e:46:7a:84:73:d9:
9a:fb:bc:b0
-----BEGIN CERTIFICATE-----
MIIGxzCCBa+gAwIBAgIDALAsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQzMDA5NDMxNFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxMWYwYjItOTViMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJm6zNjy920yBikXztFuvVYbJ7R1/uyOdBEdowjuWjjtnyGj9gKk4N9uAgFI
xAkEM3CUEjJjkDETOSR2RUB3tjJpY0mSC+4f6B9cH2d9y6v8O3Y57JeXn2maL919
XWrIThIuN+lAXtrv29Idfw5zMUJNkopiH/l95Zclns2lV4KgNUiu+cdnxnEAbOt9
wLaAVLKZvK6DSXIlc4HhBhqFPZ5ZAUT0GvqZcbrfwcarYcOP6ezlyFE3jgDOAInF
TaR8eW2epZNvF0UQLSseDG32OumL1JosF8Vv2pJ0NOuoc6eCjJCfByy4d0kMytg8
43kNHnDVhFBvCm0wCFqAsdQXduMCAwEAAaOCA+owggPmMB0GA1UdDgQWBBT/Oxzx
bhier0n/zAcuX60f6TvXhDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzg5MzdBNTYy
MjVBNzExRjBBNjY5OEU2MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBcgYIKwYBBQUHAQcB
Af8EggFhMIIBXTCCAUoEAgABMIIBQgMEACQyUgMEACvhSgMEAivmxAMEAivvhAME
AivwBAMEAiv6/AMEAi1ACAMEAi34GAMEAmcqWAMEAmcvDAMEAmcvSAMEAmcvrAME
AWcx6DAMAwQDZzYYAwQAZzYaAwQAZz6TAwQBZ1AiAwQCZ1JIAwQBZ1V2AwQCZ1fM
AwQCZ12sAwQBZ13UAwQAZ2I1AwQCZ2V0AwQAZ2ejAwQCZ2nkAwQCZ220AwQBZ3K8
AwQCZ3a0AwQBZ5nQAwQAZ63aAwQBZ7HKAwQBZ7I6AwQBZ7VaAwQBZ7YsAwQBZ7ag
AwQBZ7i4AwQBZ7osAwQBZ72SAwQBZ7+2AwQBZ7/qAwQBZ8MaAwQCZ8yoMAwDBANn
0zgDBABn0zoDBAFn074DBAJn1IgDBAFn1QYDBAJn4cwDBAJn4sgDBABn418DBAJn
+HgDBAKLBRAwDQQCAAIwBwMFACQFVUAwDQYJKoZIhvcNAQELBQADggEBALJtNQpk
56czNEbmMrBevUvB/rypiiZzogwQwx5NAgixrmqVo+KVQaObM0EEk5zn6gTzJVE6
6hOYf8pjLCufj0AnzvBdD98iiM/3GGy8lWrp8KFxDbwcYp8jWCfYRwWGubpN+bPP
c1LVvdD4XqUMfTwyPNFuZOzAbVpjVR7woov134RWqLtg2jjl7A/PSY0S1Ek2KZpT
Ehgq96uFBa5jTTgn4Ihm4oHcbFi/pByZglo2ZuQNVrc4qD7q5J0j6Zwdzip3pyGn
u3LlLH07xgT/otZ+Co4VjQ1/+YhXdtlMBuuXd1AXPTKu2PUAi4tD/sGFSETLdOR+
Gl5GeoRz2Zr7vLA=
-----END CERTIFICATE-----
Generated at Fri May 16 20:46:59 2025 by rpki-client