Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91450A4/DD4736980C3611EBA4E49E21C4F9AE02/A515841219B211F0BA728A27C4F9AE02.roa
File: A515841219B211F0BA728A27C4F9AE02.roa (raw, json)
Hash identifier: e90+6lWnDQwT06f3+o5gig4++1ddAjDPqoqSDMQcHvw=
Subject key identifier: 3A:69:49:23:C6:A5:A5:58:E2:E5:41:86:FE:EE:16:44:29:08:87:80
Certificate issuer: /CN=A91450A4/serialNumber=3D1D6A332AEA4EC502037A0909F4CC19D42DB198
Certificate serial: 07D7
Authority key identifier: 3D:1D:6A:33:2A:EA:4E:C5:02:03:7A:09:09:F4:CC:19:D4:2D:B1:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR1qMyrqTsUCA3oJCfTMGdQtsZg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91450A4/DD4736980C3611EBA4E49E21C4F9AE02/A515841219B211F0BA728A27C4F9AE02.roa
Signing time: Tue 15 Apr 2025 04:33:29 +0000
ROA not before: Tue 15 Apr 2025 04:33:29 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 55766
IP address blocks: 43.243.238.0/23 maxlen: 24
43.252.96.0/22 maxlen: 24
103.22.184.0/22 maxlen: 24
103.24.242.0/23 maxlen: 24
103.27.152.0/22 maxlen: 24
103.224.210.0/24 maxlen: 24
115.165.172.0/24 maxlen: 24
118.107.144.0/24 maxlen: 24
118.107.151.0/24 maxlen: 24
175.184.192.0/21 maxlen: 24
175.184.216.0/21 maxlen: 24
223.29.240.0/22 maxlen: 24
2400:f280::/32 maxlen: 40
Validation: Failed, certificate revoked on Wed 16 Apr 2025 04:24:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2007 (0x7d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91450A4, serialNumber=3D1D6A332AEA4EC502037A0909F4CC19D42DB198
Validity
Not Before: Apr 15 04:33:29 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67fde198-5a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cb:d3:b7:a7:2e:0b:af:3f:82:b5:ad:58:28:
22:2e:6a:3f:ec:eb:c8:3b:9e:a9:e6:d1:fe:55:64:
78:3f:c5:cb:ac:aa:eb:e9:5d:59:57:66:72:47:ee:
84:93:b3:f4:32:b4:52:c6:d9:c8:32:58:b2:28:40:
c7:58:3f:f4:5f:70:a1:03:11:a7:cd:e0:aa:1d:85:
ec:f9:aa:5f:b2:8b:02:ed:8f:5b:44:c3:5f:3d:98:
bd:de:d3:2c:86:02:7f:78:6e:f1:25:cf:07:16:9b:
97:8e:d1:ff:fd:51:e0:b0:bb:2a:7f:4f:0b:2e:dd:
e9:df:32:03:f4:0c:00:2c:2c:34:c3:4b:d3:e2:65:
15:20:92:19:bb:9b:2f:33:61:af:94:47:67:ce:36:
d6:26:e7:38:98:c7:05:d2:3c:12:5c:65:30:94:0c:
dc:76:65:e9:03:3f:3c:86:56:80:82:4d:3d:e4:66:
89:4c:f4:e1:b4:6f:21:bf:77:1e:3b:4a:0f:c6:4a:
66:46:58:0d:cb:dc:fb:b9:8b:b3:b8:5e:05:61:7b:
3f:07:f4:4a:9b:e4:2e:dc:63:4d:ac:e3:32:94:2e:
7f:df:96:f0:aa:73:70:63:d9:bf:c6:5f:7b:f0:16:
4f:78:72:45:43:ad:de:56:be:c7:b2:0e:3a:fa:58:
89:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:69:49:23:C6:A5:A5:58:E2:E5:41:86:FE:EE:16:44:29:08:87:80
X509v3 Authority Key Identifier:
keyid:3D:1D:6A:33:2A:EA:4E:C5:02:03:7A:09:09:F4:CC:19:D4:2D:B1:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91450A4/DD4736980C3611EBA4E49E21C4F9AE02/PR1qMyrqTsUCA3oJCfTMGdQtsZg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR1qMyrqTsUCA3oJCfTMGdQtsZg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91450A4/DD4736980C3611EBA4E49E21C4F9AE02/A515841219B211F0BA728A27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.238.0/23
43.252.96.0/22
103.22.184.0/22
103.24.242.0/23
103.27.152.0/22
103.224.210.0/24
115.165.172.0/24
118.107.144.0/24
118.107.151.0/24
175.184.192.0/21
175.184.216.0/21
223.29.240.0/22
IPv6:
2400:f280::/32
Signature Algorithm: sha256WithRSAEncryption
64:bd:0d:c2:db:c7:65:a5:09:2a:a5:6e:3f:14:cd:05:7d:5b:
7d:0a:87:49:1a:8f:0c:40:a5:a5:45:f7:9d:cd:f2:0a:ef:56:
af:8d:85:d1:d6:24:89:71:c5:89:39:23:6f:ee:ea:62:86:41:
a3:67:33:2a:7c:94:af:28:de:4c:f9:55:1b:90:ef:45:c6:82:
05:c3:94:fb:6b:cf:b8:05:d5:fd:6f:2a:83:45:4c:0c:c2:dc:
da:82:17:50:82:a3:16:6c:34:0e:87:c8:0e:96:5d:e4:0b:b3:
3a:e5:a7:e5:23:d9:f0:13:65:28:aa:6d:18:6f:e4:d1:db:68:
1d:13:81:e1:25:da:36:75:c2:ef:b6:50:dc:89:88:a0:f0:64:
bb:b9:39:c6:0d:96:25:9a:ad:45:cd:33:4d:bd:22:39:1f:87:
b7:c8:ab:ce:94:f8:79:15:d2:bf:01:64:de:86:b1:e8:6f:d0:
99:83:2a:59:55:f6:a4:d8:d4:6f:80:0d:47:af:3e:82:ac:e0:
ac:86:f0:d7:64:dc:e2:ba:55:77:82:22:96:5e:33:61:24:d8:
2c:4b:41:64:ac:be:fb:64:f0:09:f1:33:19:f6:d4:71:97:c9:
0f:d4:c8:c0:3c:ed:5c:f1:48:fa:22:a3:10:0c:07:fa:60:5f:
ed:b3:57:ee
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgICB9cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDUwQTQxMTAvBgNVBAUTKDNEMUQ2QTMzMkFFQTRFQzUwMjAzN0EwOTA5RjRDQzE5
RDQyREIxOTgwHhcNMjUwNDE1MDQzMzI5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ZkZTE5OC01YTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1cvTt6cuC68/grWtWCgiLmo/7OvIO56p5tH+VWR4P8XLrKrr6V1ZV2ZyR+6E
k7P0MrRSxtnIMliyKEDHWD/0X3ChAxGnzeCqHYXs+apfsosC7Y9bRMNfPZi93tMs
hgJ/eG7xJc8HFpuXjtH//VHgsLsqf08LLt3p3zID9AwALCw0w0vT4mUVIJIZu5sv
M2GvlEdnzjbWJuc4mMcF0jwSXGUwlAzcdmXpAz88hlaAgk095GaJTPThtG8hv3ce
O0oPxkpmRlgNy9z7uYuzuF4FYXs/B/RKm+Qu3GNNrOMylC5/35bwqnNwY9m/xl97
8BZPeHJFQ63eVr7Hsg46+liJyQIDAQABo4IC5jCCAuIwHQYDVR0OBBYEFDppSSPG
paVY4uVBhv7uFkQpCIeAMB8GA1UdIwQYMBaAFD0dajMq6k7FAgN6CQn0zBnULbGY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTBBNC9ERDQ3MzY5ODBD
MzYxMUVCQTRFNDlFMjFDNEY5QUUwMi9QUjFxTXlycVRzVUNBM29KQ2ZUTUdkUXRz
WmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BSMXFNeXJxVHNVQ0Ezb0pDZlRNR2RRdHNaZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDUwQTQvREQ0NzM2OTgwQzM2MTFFQkE0RTQ5RTIxQzRGOUFFMDIvQTUxNTg0MTIx
OUIyMTFGMEJBNzI4QTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcAYIKwYBBQUHAQcBAf8E
YTBfME4EAgABMEgDBAEr8+4DBAIr/GADBAJnFrgDBAFnGPIDBAJnG5gDBABn4NID
BABzpawDBAB2a5ADBAB2a5cDBAOvuMADBAOvuNgDBALfHfAwDQQCAAIwBwMFACQA
8oAwDQYJKoZIhvcNAQELBQADggEBAGS9DcLbx2WlCSqlbj8UzQV9W30Kh0kajwxA
paVF953N8grvVq+NhdHWJIlxxYk5I2/u6mKGQaNnMyp8lK8o3kz5VRuQ70XGggXD
lPtrz7gF1f1vKoNFTAzC3NqCF1CCoxZsNA6HyA6WXeQLszrlp+Uj2fATZSiqbRhv
5NHbaB0TgeEl2jZ1wu+2UNyJiKDwZLu5OcYNliWarUXNM029Ijkfh7fIq86U+HkV
0r8BZN6Gsehv0JmDKllV9qTY1G+ADUevPoKs4KyG8Ndk3OK6VXeCIpZeM2Ek2CxL
QWSsvvtk8AnxMxn21HGXyQ/UyMA87VzxSPoioxAMB/pgX+2zV+4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:29:53 2025 by rpki-client