Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/BF459D00ACD811EFB8B7415BC4F9AE02.roa
File: BF459D00ACD811EFB8B7415BC4F9AE02.roa (raw, json)
Hash identifier: dfrU0Aqz/bLDubrPMf2LJmeVzuGTlb7MF7xG2N3V718=
Subject key identifier: 39:46:54:C6:07:4D:DB:3E:06:60:7D:65:35:5F:0D:C5:20:A1:D9:02
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0C50
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/BF459D00ACD811EFB8B7415BC4F9AE02.roa
Signing time: Fri 06 Dec 2024 01:13:33 +0000
ROA not before: Fri 06 Dec 2024 01:13:33 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 18206
IP address blocks: 49.236.192.0/24 maxlen: 24
49.236.193.0/24 maxlen: 24
49.236.194.0/24 maxlen: 24
49.236.195.0/24 maxlen: 24
49.236.197.0/24 maxlen: 24
49.236.198.0/24 maxlen: 24
49.236.199.0/24 maxlen: 24
49.236.200.0/24 maxlen: 24
49.236.202.0/24 maxlen: 24
49.236.203.0/24 maxlen: 24
49.236.204.0/24 maxlen: 24
49.236.205.0/24 maxlen: 24
112.137.160.0/24 maxlen: 24
112.137.161.0/24 maxlen: 24
112.137.162.0/24 maxlen: 24
112.137.163.0/24 maxlen: 24
112.137.164.0/24 maxlen: 24
112.137.165.0/24 maxlen: 24
112.137.168.0/24 maxlen: 24
112.137.169.0/24 maxlen: 24
112.137.170.0/24 maxlen: 24
112.137.171.0/24 maxlen: 24
112.137.172.0/24 maxlen: 24
112.137.173.0/24 maxlen: 24
112.137.174.0/24 maxlen: 24
112.137.175.0/24 maxlen: 24
119.110.97.0/24 maxlen: 24
119.110.98.0/24 maxlen: 24
119.110.99.0/24 maxlen: 24
119.110.100.0/24 maxlen: 24
119.110.102.0/24 maxlen: 24
119.110.105.0/24 maxlen: 24
119.110.107.0/24 maxlen: 24
119.110.108.0/24 maxlen: 24
124.197.224.0/20 maxlen: 20
124.197.224.0/22 maxlen: 22
124.197.224.0/24 maxlen: 24
124.197.225.0/24 maxlen: 24
124.197.233.0/24 maxlen: 24
124.197.238.0/24 maxlen: 24
124.197.239.0/24 maxlen: 24
202.71.96.0/20 maxlen: 24
202.75.32.0/20 maxlen: 24
202.75.48.0/20 maxlen: 24
202.162.0.0/19 maxlen: 24
202.165.0.0/19 maxlen: 24
203.153.80.0/20 maxlen: 24
210.48.144.0/20 maxlen: 24
2401:b000::/48 maxlen: 48
2401:b000:0:5::/64 maxlen: 64
2401:b000:0:6::/64 maxlen: 64
2401:b000:10::/48 maxlen: 48
2404:b8::/32 maxlen: 32
2404:b8::/48 maxlen: 48
2404:b8:0:1::/64 maxlen: 64
2404:b8:1::/48 maxlen: 48
2404:b8:3::/48 maxlen: 48
2404:b8:20::/43 maxlen: 43
2404:b8:2000::/44 maxlen: 44
2404:b8:2020::/43 maxlen: 43
Validation: Failed, certificate revoked on Fri 03 Jan 2025 16:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3152 (0xc50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78, serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Dec 6 01:13:33 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67524fbd-df0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:40:50:6f:31:7c:48:80:93:b5:2f:35:cb:7d:
02:97:ed:2f:61:b7:91:3c:fc:c2:d5:1d:55:d9:f0:
75:0d:95:9d:54:d1:ad:e4:69:ed:20:d5:ea:4b:31:
35:64:82:70:0d:9e:0d:7a:90:6c:51:93:6c:ec:72:
8d:e2:75:52:0c:51:a7:f2:cc:56:8c:6d:0e:f9:06:
4e:52:34:cf:9c:a7:44:e9:9d:55:75:83:2a:4b:5c:
37:35:cf:c2:10:58:88:d2:38:ba:f7:d2:44:1c:77:
32:9c:64:ae:39:93:d5:a8:08:23:d6:9e:ea:2b:99:
10:76:af:bd:5e:5b:dd:17:c5:24:5a:c8:e0:39:cf:
f7:90:04:24:4a:1d:15:f4:e4:42:4d:58:d6:05:74:
45:e6:15:51:60:d4:1e:40:8c:16:6d:3d:bb:da:a3:
a3:a9:b0:f4:a6:85:79:41:37:bc:4d:d5:ea:4e:90:
cd:74:c0:98:35:d5:cd:ae:af:8a:7a:5b:17:0a:bf:
95:7e:f5:10:6b:21:72:f5:20:28:30:cb:d7:cc:91:
d6:2f:4d:b1:77:e7:c0:65:9a:4f:af:32:6b:e0:51:
6c:49:b0:2d:aa:97:48:f0:0a:ec:80:14:a9:74:08:
93:ea:55:72:3c:8b:9e:2c:d9:ad:2e:6b:c8:db:43:
07:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:46:54:C6:07:4D:DB:3E:06:60:7D:65:35:5F:0D:C5:20:A1:D9:02
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/BF459D00ACD811EFB8B7415BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/22
49.236.197.0-49.236.200.255
49.236.202.0-49.236.205.255
112.137.160.0-112.137.165.255
112.137.168.0/21
119.110.97.0-119.110.100.255
119.110.102.0/24
119.110.105.0/24
119.110.107.0-119.110.108.255
124.197.224.0/20
202.71.96.0/20
202.75.32.0/19
202.162.0.0/19
202.165.0.0/19
203.153.80.0/20
210.48.144.0/20
IPv6:
2401:b000::/48
2401:b000:10::/48
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
8b:e2:e5:07:1b:71:d7:a5:84:cb:94:8f:39:61:da:d3:10:49:
d7:65:66:bb:b6:86:2b:21:bb:19:e3:a8:6e:57:ff:2f:28:c3:
9e:37:d8:d5:bc:05:f8:3a:05:f0:f2:69:de:3a:dc:97:f8:32:
bf:08:12:21:27:ed:1d:5e:5f:06:35:da:56:1d:56:d4:d6:84:
a4:12:af:b3:40:08:5e:15:06:e4:26:1f:36:e2:ba:39:8c:dc:
71:3d:75:9d:49:ba:e5:8c:b6:bd:7f:05:68:cb:78:38:2f:34:
68:c1:61:0e:34:54:fe:72:ec:e0:be:02:a0:a4:a8:e1:cb:f6:
b9:03:57:3c:32:30:72:32:e6:89:0b:19:6e:ca:77:e4:9f:eb:
1a:7b:1a:89:3b:96:c3:58:6e:e7:ec:a9:d9:cb:3d:22:33:08:
be:cd:5a:3e:b2:ce:25:bf:93:bb:ff:4f:de:9f:43:0f:10:93:
9a:04:23:da:88:1c:4e:95:e0:42:d1:8a:a7:f5:64:52:b2:0e:
44:78:e7:ea:7c:8a:8e:2c:ac:1c:e6:c1:80:86:e0:d6:b3:a7:
6d:66:d7:5d:99:f1:37:f2:3b:dc:67:c1:6f:a1:3e:69:ef:f9:
8d:3f:0f:76:39:07:dc:b2:e1:49:d3:f7:eb:a0:14:23:69:45:
67:ee:17:8c
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgICDFAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjQxMjA2MDExMzMzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUyNGZiZC1kZjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArEBQbzF8SICTtS81y30Cl+0vYbeRPPzC1R1V2fB1DZWdVNGt5GntINXqSzE1
ZIJwDZ4NepBsUZNs7HKN4nVSDFGn8sxWjG0O+QZOUjTPnKdE6Z1VdYMqS1w3Nc/C
EFiI0ji699JEHHcynGSuOZPVqAgj1p7qK5kQdq+9XlvdF8UkWsjgOc/3kAQkSh0V
9ORCTVjWBXRF5hVRYNQeQIwWbT272qOjqbD0poV5QTe8TdXqTpDNdMCYNdXNrq+K
elsXCr+VfvUQayFy9SAoMMvXzJHWL02xd+fAZZpPrzJr4FFsSbAtqpdI8ArsgBSp
dAiT6lVyPIueLNmtLmvI20MHYwIDAQABo4IDPTCCAzkwHQYDVR0OBBYEFDlGVMYH
Tds+BmB9ZTVfDcUgodkCMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvQkY0NTlEMDBB
Q0Q4MTFFRkI4Qjc0MTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcYGCCsGAQUFBwEHAQH/
BIG2MIGzMIGPBAIAATCBiAMEAjHswDAMAwQAMezFAwQAMezIMAwDBAEx7MoDBAEx
7MwwDAMEBXCJoAMEAXCJpAMEA3CJqDAMAwQAd25hAwQAd25kAwQAd25mAwQAd25p
MAwDBAB3bmsDBAB3bmwDBAR8xeADBATKR2ADBAXKSyADBAXKogADBAXKpQADBATL
mVADBATSMJAwHwQCAAIwGQMHACQBsAAAAAMHACQBsAAAEAMFACQEALgwDQYJKoZI
hvcNAQELBQADggEBAIvi5QcbcdelhMuUjzlh2tMQSddlZru2hishuxnjqG5X/y8o
w5432NW8Bfg6BfDyad463Jf4Mr8IEiEn7R1eXwY12lYdVtTWhKQSr7NACF4VBuQm
HzbiujmM3HE9dZ1JuuWMtr1/BWjLeDgvNGjBYQ40VP5y7OC+AqCkqOHL9rkDVzwy
MHIy5okLGW7Kd+Sf6xp7Gok7lsNYbufsqdnLPSIzCL7NWj6yziW/k7v/T96fQw8Q
k5oEI9qIHE6V4ELRiqf1ZFKyDkR45+p8io4srBzmwYCG4Nazp21m112Z8TfyO9xn
wW+hPmnv+Y0/D3Y5B9yy4UnT9+ugFCNpRWfuF4w=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:29:54 2025 by rpki-client