Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3F043974158511F0BCFDD12FC4F9AE02.roa
File: 3F043974158511F0BCFDD12FC4F9AE02.roa (raw, json)
Hash identifier: 25Be7eMKiBqWiVpzzBHMqjvoPZzC/aUCWn9BPE2gzHs=
Subject key identifier: 8A:EE:A7:C8:58:46:0F:49:C4:E8:73:B8:E9:C8:8B:35:D6:1E:8A:B6
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 0763
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3F043974158511F0BCFDD12FC4F9AE02.roa
Signing time: Wed 09 Apr 2025 20:57:28 +0000
ROA not before: Wed 09 Apr 2025 20:57:28 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 9790
IP address blocks: 60.234.0.0/16 maxlen: 20
101.98.0.0/16 maxlen: 20
101.100.128.0/19 maxlen: 24
103.224.128.0/22 maxlen: 24
103.237.40.0/22 maxlen: 24
110.44.16.0/22 maxlen: 24
118.148.64.0/20 maxlen: 24
118.148.80.0/20 maxlen: 24
118.148.96.0/20 maxlen: 24
118.148.112.0/20 maxlen: 24
118.149.64.0/20 maxlen: 24
118.149.80.0/20 maxlen: 24
118.149.96.0/20 maxlen: 24
118.149.112.0/20 maxlen: 24
119.224.0.0/18 maxlen: 22
119.224.64.0/19 maxlen: 22
119.224.128.0/20 maxlen: 20
121.98.0.0/15 maxlen: 20
202.49.92.0/22 maxlen: 24
202.49.244.0/22 maxlen: 24
202.50.124.0/22 maxlen: 24
202.50.170.0/24 maxlen: 24
202.53.176.0/20 maxlen: 20
202.89.128.0/19 maxlen: 20
202.180.64.0/18 maxlen: 20
202.189.160.0/20 maxlen: 20
202.191.32.0/20 maxlen: 20
203.184.0.0/18 maxlen: 20
2400:4800::/32 maxlen: 32
2402:6000::/32 maxlen: 32
2402:8200::/32 maxlen: 32
2404:4400::/28 maxlen: 36
Validation: Failed, certificate revoked on Mon 14 Apr 2025 21:10:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1891 (0x763)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA, serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Validity
Not Before: Apr 9 20:57:28 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67f6df38-dfe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e4:11:c8:7f:b5:14:2a:8e:0f:f3:46:79:ca:
aa:14:00:47:50:7c:d3:16:c5:ca:80:83:90:92:46:
40:53:81:76:65:6f:b3:2c:d6:06:88:7f:0c:b4:9f:
81:62:17:ae:67:74:d6:66:7f:b8:70:87:77:7a:3e:
56:d0:59:a0:4c:80:ed:b6:11:27:5e:a9:09:17:ff:
8a:14:da:dc:1e:99:88:ea:91:7c:27:a4:00:d5:b6:
65:21:47:09:8c:ba:39:15:63:a3:dc:ae:52:f4:14:
1f:7a:e5:44:fb:fb:8c:f0:53:02:9d:ae:61:09:36:
aa:cd:b4:97:0b:d9:f6:71:77:27:59:64:5d:50:a2:
5d:9a:84:78:a6:98:a2:e0:26:6f:2e:31:5b:c8:4e:
23:0a:85:08:61:ae:29:ef:1f:76:c5:b0:d3:19:93:
b9:ff:99:0f:e7:12:8f:30:d4:31:af:cd:ff:03:1a:
d0:9d:30:6e:96:0e:fc:27:9a:1e:f8:b7:58:d1:c5:
fa:52:61:96:7c:10:6a:48:fc:81:04:2c:8e:0b:30:
c0:3e:c8:67:93:cb:aa:f5:40:97:6f:e6:4b:8b:bd:
c5:35:ef:a3:4e:e7:ee:89:c5:48:c0:24:70:36:81:
65:a5:b3:b0:90:c6:94:f4:7f:db:c1:c5:81:ef:b9:
8c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:EE:A7:C8:58:46:0F:49:C4:E8:73:B8:E9:C8:8B:35:D6:1E:8A:B6
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3F043974158511F0BCFDD12FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
60.234.0.0/16
101.98.0.0/16
101.100.128.0/19
103.224.128.0/22
103.237.40.0/22
110.44.16.0/22
118.148.64.0/18
118.149.64.0/18
119.224.0.0-119.224.95.255
119.224.128.0/20
121.98.0.0/15
202.49.92.0/22
202.49.244.0/22
202.50.124.0/22
202.50.170.0/24
202.53.176.0/20
202.89.128.0/19
202.180.64.0/18
202.189.160.0/20
202.191.32.0/20
203.184.0.0/18
IPv6:
2400:4800::/32
2402:6000::/32
2402:8200::/32
2404:4400::/28
Signature Algorithm: sha256WithRSAEncryption
41:da:65:81:7d:c2:fd:5a:a2:78:84:8a:b7:8d:f2:13:39:27:
4c:79:3d:35:90:d3:e9:27:ea:1c:40:82:ff:88:b1:ae:ab:9a:
5a:6b:f1:d6:76:74:e6:01:18:cb:bd:0f:77:44:bd:c5:3b:3f:
e8:6c:60:83:ab:bc:5a:13:df:7c:84:e2:cd:da:d2:7f:a2:13:
bf:a0:cc:bc:5f:44:13:40:67:8d:f4:ea:ba:8a:ac:bc:09:cb:
c6:35:74:94:28:f8:bc:e0:f4:29:8c:24:01:a5:ee:d5:47:b6:
e8:a7:3b:ec:e7:39:04:11:53:4f:c3:80:34:66:6a:0e:27:3a:
ac:7c:24:11:4b:8d:42:b3:fa:f7:ff:42:05:a7:1c:b5:38:84:
ba:6c:20:67:d6:f1:2c:d1:3d:a5:b9:dd:5c:d1:e3:15:a6:e1:
46:b6:49:13:2e:fd:e4:8a:36:d8:c3:81:9a:96:b8:a7:60:4e:
ee:d4:0d:b4:60:3e:a9:6a:b2:70:44:49:b7:38:4a:a0:19:9c:
af:32:35:42:19:65:c2:bb:7f:91:41:c9:4f:5b:15:3a:f8:17:
f5:18:63:2a:ff:9a:52:87:f8:35:7b:cb:49:1e:76:94:78:69:
17:d3:8a:40:3a:ad:95:09:2f:eb:a0:a6:95:a1:08:65:53:ab:
d3:a6:af:12
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICB2MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjUwNDA5MjA1NzI4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y2ZGYzOC1kZmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAveQRyH+1FCqOD/NGecqqFABHUHzTFsXKgIOQkkZAU4F2ZW+zLNYGiH8MtJ+B
YheuZ3TWZn+4cId3ej5W0FmgTIDtthEnXqkJF/+KFNrcHpmI6pF8J6QA1bZlIUcJ
jLo5FWOj3K5S9BQfeuVE+/uM8FMCna5hCTaqzbSXC9n2cXcnWWRdUKJdmoR4ppii
4CZvLjFbyE4jCoUIYa4p7x92xbDTGZO5/5kP5xKPMNQxr83/AxrQnTBulg78J5oe
+LdY0cX6UmGWfBBqSPyBBCyOCzDAPshnk8uq9UCXb+ZLi73FNe+jTufuicVIwCRw
NoFlpbOwkMaU9H/bwcWB77mMdwIDAQABo4IDOjCCAzYwHQYDVR0OBBYEFIrup8hY
Rg9JxOhzuOnIizXWHoq2MB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvM0YwNDM5NzQx
NTg1MTFGMEJDRkREMTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcMGCCsGAQUFBwEHAQH/
BIGzMIGwMIGJBAIAATCBggMDADzqAwMAZWIDBAVlZIADBAJn4IADBAJn7SgDBAJu
LBADBAZ2lEADBAZ2lUAwCwMDBXfgAwQFd+BAAwQEd+CAAwMBeWIDBALKMVwDBALK
MfQDBALKMnwDBADKMqoDBATKNbADBAXKWYADBAbKtEADBATKvaADBATKvyADBAbL
uAAwIgQCAAIwHAMFACQASAADBQAkAmAAAwUAJAKCAAMFBCQERAAwDQYJKoZIhvcN
AQELBQADggEBAEHaZYF9wv1aoniEireN8hM5J0x5PTWQ0+kn6hxAgv+Isa6rmlpr
8dZ2dOYBGMu9D3dEvcU7P+hsYIOrvFoT33yE4s3a0n+iE7+gzLxfRBNAZ4306rqK
rLwJy8Y1dJQo+Lzg9CmMJAGl7tVHtuinO+znOQQRU0/DgDRmag4nOqx8JBFLjUKz
+vf/QgWnHLU4hLpsIGfW8SzRPaW53VzR4xWm4Ua2SRMu/eSKNtjDgZqWuKdgTu7U
DbRgPqlqsnBESbc4SqAZnK8yNUIZZcK7f5FByU9bFTr4F/UYYyr/mlKH+DV7y0ke
dpR4aRfTikA6rZUJL+ugppWhCGVTq9OmrxI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:19:06 2025 by rpki-client