Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/DF2BFB64030911F09512BA5FC4F9AE02.roa
File: DF2BFB64030911F09512BA5FC4F9AE02.roa (raw, json)
Hash identifier: XyTmdiA2D/Vgzkv/p9K0xImUltqy3DBdtf0fpQ8RrTs=
Subject key identifier: 95:13:94:84:CC:C0:F1:FC:18:A2:00:2A:6C:60:61:70:1C:86:58:1B
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0CA0
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/DF2BFB64030911F09512BA5FC4F9AE02.roa
Signing time: Mon 17 Mar 2025 08:28:59 +0000
ROA not before: Mon 17 Mar 2025 08:28:59 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 38322
IP address blocks: 42.152.0.0/14 maxlen: 14
42.153.4.0/24 maxlen: 24
42.153.6.0/24 maxlen: 24
42.153.7.0/24 maxlen: 24
42.153.8.0/24 maxlen: 24
42.153.9.0/24 maxlen: 24
42.153.10.0/24 maxlen: 24
42.153.11.0/24 maxlen: 24
42.153.16.0/24 maxlen: 24
42.153.19.0/24 maxlen: 24
42.153.20.0/24 maxlen: 24
42.153.21.0/24 maxlen: 24
42.153.22.0/24 maxlen: 24
42.153.23.0/24 maxlen: 24
42.153.24.0/24 maxlen: 24
42.153.25.0/24 maxlen: 24
42.153.26.0/24 maxlen: 24
42.153.28.0/24 maxlen: 24
42.153.29.0/24 maxlen: 24
42.153.32.0/24 maxlen: 24
42.153.33.0/24 maxlen: 24
42.153.34.0/24 maxlen: 24
42.153.35.0/24 maxlen: 24
42.153.36.0/24 maxlen: 24
42.153.37.0/24 maxlen: 24
42.153.38.0/24 maxlen: 24
42.153.39.0/24 maxlen: 24
42.153.40.0/24 maxlen: 24
42.153.41.0/24 maxlen: 24
42.153.42.0/24 maxlen: 24
42.153.43.0/24 maxlen: 24
42.153.44.0/24 maxlen: 24
42.153.45.0/24 maxlen: 24
42.153.46.0/24 maxlen: 24
42.153.47.0/24 maxlen: 24
42.153.48.0/24 maxlen: 24
42.153.49.0/24 maxlen: 24
42.153.50.0/24 maxlen: 24
42.153.51.0/24 maxlen: 24
42.153.52.0/24 maxlen: 24
42.153.53.0/24 maxlen: 24
42.153.54.0/24 maxlen: 24
42.153.55.0/24 maxlen: 24
42.153.56.0/24 maxlen: 24
42.153.57.0/24 maxlen: 24
42.153.58.0/24 maxlen: 24
42.153.59.0/24 maxlen: 24
42.153.60.0/24 maxlen: 24
42.153.61.0/24 maxlen: 24
42.153.62.0/24 maxlen: 24
42.153.63.0/24 maxlen: 24
42.153.89.0/24 maxlen: 24
42.153.95.0/24 maxlen: 24
42.153.96.0/24 maxlen: 24
42.153.128.0/24 maxlen: 24
42.153.129.0/24 maxlen: 24
42.153.130.0/24 maxlen: 24
42.153.131.0/24 maxlen: 24
42.153.132.0/24 maxlen: 24
42.153.133.0/24 maxlen: 24
42.153.134.0/24 maxlen: 24
42.153.135.0/24 maxlen: 24
42.153.136.0/24 maxlen: 24
42.153.137.0/24 maxlen: 24
42.153.138.0/24 maxlen: 24
42.153.139.0/24 maxlen: 24
42.153.140.0/24 maxlen: 24
42.153.141.0/24 maxlen: 24
42.153.142.0/24 maxlen: 24
42.153.143.0/24 maxlen: 24
42.153.144.0/24 maxlen: 24
42.153.145.0/24 maxlen: 24
42.153.146.0/24 maxlen: 24
42.153.147.0/24 maxlen: 24
42.153.148.0/24 maxlen: 24
42.153.149.0/24 maxlen: 24
42.153.150.0/24 maxlen: 24
42.153.151.0/24 maxlen: 24
42.153.152.0/24 maxlen: 24
42.153.153.0/24 maxlen: 24
42.153.154.0/24 maxlen: 24
42.153.155.0/24 maxlen: 24
42.153.156.0/24 maxlen: 24
42.153.157.0/24 maxlen: 24
42.153.158.0/24 maxlen: 24
42.153.159.0/24 maxlen: 24
122.255.96.0/19 maxlen: 19
2401:3c00:8::/46 maxlen: 46
2401:3c00:14::/46 maxlen: 46
2401:3c00:18::/46 maxlen: 46
2401:3c00:48::/46 maxlen: 46
2401:3c00:54::/46 maxlen: 46
2401:3c00:58::/46 maxlen: 46
2401:3c00:a4::/48 maxlen: 48
2401:3c00:a5::/48 maxlen: 48
2401:3c00:a6::/48 maxlen: 48
2401:3c00:a7::/48 maxlen: 48
2401:3c00:a8::/48 maxlen: 48
2401:3c00:a9::/48 maxlen: 48
2401:3c00:c0::/46 maxlen: 46
2401:3c00:c0:5::/64 maxlen: 64
2401:3c00:d8::/48 maxlen: 48
2401:3c00:d9::/48 maxlen: 48
2401:3c00:da::/48 maxlen: 48
2401:3c00:db::/48 maxlen: 48
2401:3c00:dc::/48 maxlen: 48
2401:3c00:100::/43 maxlen: 43
2401:3c00:120::/43 maxlen: 43
2401:3c00:180::/43 maxlen: 43
2401:3c00:1a0::/43 maxlen: 43
2401:3c00:241::/48 maxlen: 48
2401:3c00:242::/48 maxlen: 48
2401:3c00:243::/48 maxlen: 48
2401:3c00:244::/48 maxlen: 48
2401:3c00:245::/48 maxlen: 48
2401:3c00:246::/48 maxlen: 48
2401:3c00:247::/48 maxlen: 48
2401:3c00:248::/48 maxlen: 48
2401:3c00:249::/48 maxlen: 48
2401:3c00:24a::/48 maxlen: 48
2401:3c00:24b::/48 maxlen: 48
2401:3c00:24c::/48 maxlen: 48
2401:3c00:24d::/48 maxlen: 48
2401:3c00:24e::/48 maxlen: 48
2401:3c00:24f::/48 maxlen: 48
2401:3c00:250::/48 maxlen: 48
2401:3c00:251::/48 maxlen: 48
2401:3c00:252::/48 maxlen: 48
2401:3c00:253::/48 maxlen: 48
2401:3c00:254::/48 maxlen: 48
2401:3c00:255::/48 maxlen: 48
2401:3c00:256::/48 maxlen: 48
2401:3c00:257::/48 maxlen: 48
2401:3c00:258::/48 maxlen: 48
2401:3c00:259::/48 maxlen: 48
2401:3c00:25a::/48 maxlen: 48
2401:3c00:25c::/48 maxlen: 48
2401:3c00:25d::/48 maxlen: 48
2401:3c00:25f::/48 maxlen: 48
2401:3c00:260::/48 maxlen: 48
2401:3c00:261::/48 maxlen: 48
2401:3c00:262::/48 maxlen: 48
2401:3c00:280::/48 maxlen: 48
2401:3c00:281::/48 maxlen: 48
2401:3c00:290::/48 maxlen: 48
2401:3c00:291::/48 maxlen: 48
2401:3c00:292::/48 maxlen: 48
2401:3c00:293::/48 maxlen: 48
2401:3c00:294::/48 maxlen: 48
2401:3c00:295::/48 maxlen: 48
2401:3c00:2a0::/48 maxlen: 48
2401:3c00:2a1::/48 maxlen: 48
2401:3c00:2a2::/48 maxlen: 48
2401:3c00:2a3::/48 maxlen: 48
2401:3c00:2a4::/48 maxlen: 48
2401:3c00:2a5::/48 maxlen: 48
2401:3c00:2b0::/48 maxlen: 48
2401:3c00:2b1::/48 maxlen: 48
2401:3c00:2b2::/48 maxlen: 48
2401:3c00:2b3::/48 maxlen: 48
2401:3c00:2b4::/48 maxlen: 48
2401:3c00:2b5::/48 maxlen: 48
2401:3c00:2c0::/42 maxlen: 42
Validation: Failed, certificate revoked on Tue 22 Apr 2025 11:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3232 (0xca0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78, serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Mar 17 08:28:59 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67d7dd4a-d676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:fe:56:1e:b1:b1:31:fd:32:eb:b6:d7:5b:93:
96:ca:c2:11:dc:91:b7:3b:61:ab:c1:9f:a6:e4:1c:
f9:e4:39:a8:7a:54:93:bf:6a:68:af:84:13:9a:87:
e1:4a:ae:3c:63:07:98:ed:eb:4b:ff:9e:63:64:71:
5b:0a:e7:df:d5:d7:b2:06:41:af:09:fc:1c:38:5c:
70:25:81:e2:25:bc:18:37:76:ac:36:37:d2:4a:1a:
26:6d:71:d1:e3:d7:d0:01:ef:97:78:81:98:47:b6:
a0:b8:80:51:a2:e5:b5:0d:8c:9e:85:59:1e:26:b5:
b0:67:e2:90:68:e0:bc:63:b5:39:94:8b:72:89:66:
31:f4:2f:63:22:36:b8:e3:a7:ed:eb:7f:28:4d:26:
c6:2c:74:4c:8f:db:aa:6b:ab:de:d0:5f:0d:b4:f6:
9c:e1:91:88:7f:3c:44:cb:c4:4f:0f:15:cf:7e:a9:
b4:1c:6a:6d:ec:f1:14:48:d8:c0:fe:bb:86:f8:9a:
d8:bd:2a:57:28:a0:24:54:eb:08:12:79:cd:80:61:
00:b0:27:9f:a4:90:a4:36:e0:01:dd:91:af:6c:57:
b7:51:5c:97:cf:60:26:a9:f5:2d:7d:9f:80:1f:d7:
7f:cb:02:d3:4b:da:78:f5:9b:f7:d4:fa:4f:1a:b7:
66:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:13:94:84:CC:C0:F1:FC:18:A2:00:2A:6C:60:61:70:1C:86:58:1B
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/DF2BFB64030911F09512BA5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.152.0.0/14
122.255.96.0/19
IPv6:
2401:3c00:8::/46
2401:3c00:14::-2401:3c00:1b:ffff:ffff:ffff:ffff:ffff
2401:3c00:48::/46
2401:3c00:54::-2401:3c00:5b:ffff:ffff:ffff:ffff:ffff
2401:3c00:a4::-2401:3c00:a9:ffff:ffff:ffff:ffff:ffff
2401:3c00:c0::/46
2401:3c00:d8::-2401:3c00:dc:ffff:ffff:ffff:ffff:ffff
2401:3c00:100::/42
2401:3c00:180::/42
2401:3c00:241::-2401:3c00:25a:ffff:ffff:ffff:ffff:ffff
2401:3c00:25c::/47
2401:3c00:25f::-2401:3c00:262:ffff:ffff:ffff:ffff:ffff
2401:3c00:280::/47
2401:3c00:290::-2401:3c00:295:ffff:ffff:ffff:ffff:ffff
2401:3c00:2a0::-2401:3c00:2a5:ffff:ffff:ffff:ffff:ffff
2401:3c00:2b0::-2401:3c00:2b5:ffff:ffff:ffff:ffff:ffff
2401:3c00:2c0::/42
Signature Algorithm: sha256WithRSAEncryption
02:58:81:c0:cc:51:6a:c2:fc:81:17:07:ea:44:57:5c:e4:56:
a9:0a:69:c6:57:2a:29:74:f0:3d:9b:03:2b:8a:eb:39:38:eb:
fe:b7:2c:46:b9:50:ca:83:85:00:12:3e:fc:60:aa:89:e6:28:
88:cc:5a:83:27:1f:1d:6c:05:d3:85:a2:8d:00:75:47:63:5c:
dd:6a:94:6e:1b:e4:60:92:df:04:e4:0f:6b:2b:77:56:e2:6b:
87:f2:59:8e:38:a7:b1:8f:07:1e:df:a9:74:9f:76:88:5b:99:
34:da:0e:31:b7:73:f6:23:14:2c:eb:f6:e0:7b:47:80:11:34:
27:d5:55:54:4e:37:d9:7d:73:d5:67:82:30:47:53:fb:5c:38:
a0:9b:ab:b0:50:8c:9d:80:29:95:15:9b:e5:d2:e1:45:b2:19:
7f:a7:81:20:24:74:4d:31:c7:bb:8c:82:18:cb:f2:43:30:d0:
70:60:8a:63:17:a1:71:08:7e:6e:ef:bd:51:22:70:d5:9e:95:
6b:ec:c2:ec:f7:0e:81:dc:7c:b6:fd:5f:ca:62:75:be:b6:e6:
eb:ec:0b:d3:65:cc:a3:37:3f:e0:eb:a5:21:61:26:81:61:57:
09:2e:ad:f3:6f:5a:13:75:65:ae:43:19:4a:8b:a6:08:a5:3b:
16:42:90:61
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgICDKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjUwMzE3MDgyODU5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q3ZGQ0YS1kNjc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5P5WHrGxMf0y67bXW5OWysIR3JG3O2GrwZ+m5Bz55DmoelSTv2por4QTmofh
Sq48YweY7etL/55jZHFbCuff1deyBkGvCfwcOFxwJYHiJbwYN3asNjfSShombXHR
49fQAe+XeIGYR7aguIBRouW1DYyehVkeJrWwZ+KQaOC8Y7U5lItyiWYx9C9jIja4
46ft638oTSbGLHRMj9uqa6ve0F8NtPac4ZGIfzxEy8RPDxXPfqm0HGpt7PEUSNjA
/ruG+JrYvSpXKKAkVOsIEnnNgGEAsCefpJCkNuAB3ZGvbFe3UVyXz2AmqfUtfZ+A
H9d/ywLTS9p49Zv31PpPGrdmRwIDAQABo4IDpzCCA6MwHQYDVR0OBBYEFJUTlITM
wPH8GKIAKmxgYXAchlgbMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvREYyQkZCNjQw
MzA5MTFGMDk1MTJCQTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEvBggrBgEFBQcBBwEB
/wSCAR4wggEaMBEEAgABMAsDAwIqmAMEBXr/YDCCAQMEAgACMIH8AwcCJAE8AAAI
MBIDBwIkATwAABQDBwIkATwAABgDBwIkATwAAEgwEgMHAiQBPAAAVAMHAiQBPAAA
WDASAwcCJAE8AACkAwcBJAE8AACoAwcCJAE8AADAMBIDBwMkATwAANgDBwAkATwA
ANwDBwYkATwAAQADBwYkATwAAYAwEgMHACQBPAACQQMHACQBPAACWgMHASQBPAAC
XDASAwcAJAE8AAJfAwcAJAE8AAJiAwcBJAE8AAKAMBIDBwQkATwAApADBwEkATwA
ApQwEgMHBSQBPAACoAMHASQBPAACpDASAwcEJAE8AAKwAwcBJAE8AAK0AwcGJAE8
AALAMA0GCSqGSIb3DQEBCwUAA4IBAQACWIHAzFFqwvyBFwfqRFdc5FapCmnGVyop
dPA9mwMrius5OOv+tyxGuVDKg4UAEj78YKqJ5iiIzFqDJx8dbAXThaKNAHVHY1zd
apRuG+Rgkt8E5A9rK3dW4muH8lmOOKexjwce36l0n3aIW5k02g4xt3P2IxQs6/bg
e0eAETQn1VVUTjfZfXPVZ4IwR1P7XDigm6uwUIydgCmVFZvl0uFFshl/p4EgJHRN
Mce7jIIYy/JDMNBwYIpjF6FxCH5u771RInDVnpVr7MLs9w6B3Hy2/V/KYnW+tubr
7AvTZcyjNz/g66UhYSaBYVcJLq3zb1oTdWWuQxlKi6YIpTsWQpBh
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:33:31 2025 by rpki-client