Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/996B36F620BB11F0BE727E6BC4F9AE02.roa
File: 996B36F620BB11F0BE727E6BC4F9AE02.roa (raw, json)
Hash identifier: qv+hsNNJywEnTWiZRR7WO8MpFKGxHCOuXxRIaNqLl7c=
Subject key identifier: 7D:13:8A:F1:79:45:23:B4:7A:CE:8C:18:30:4C:A2:02:24:9B:DC:54
Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial: 0B0A
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/996B36F620BB11F0BE727E6BC4F9AE02.roa
Signing time: Thu 24 Apr 2025 03:24:15 +0000
ROA not before: Thu 24 Apr 2025 03:24:15 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 132203
IP address blocks: 43.128.222.0/23 maxlen: 23
43.128.224.0/19 maxlen: 19
43.128.241.0/24 maxlen: 24
43.129.32.0/20 maxlen: 20
43.129.48.0/20 maxlen: 20
43.130.0.0/17 maxlen: 24
43.130.128.0/18 maxlen: 24
43.130.224.0/19 maxlen: 19
43.131.0.0/18 maxlen: 24
43.131.224.0/19 maxlen: 24
43.132.12.0/22 maxlen: 22
43.132.16.0/22 maxlen: 22
43.132.28.0/22 maxlen: 22
43.132.32.0/22 maxlen: 22
43.132.40.0/22 maxlen: 22
43.132.52.0/22 maxlen: 22
43.132.68.0/24 maxlen: 24
43.132.96.0/19 maxlen: 24
43.132.128.0/17 maxlen: 24
43.133.0.0/19 maxlen: 19
43.133.128.0/20 maxlen: 20
43.133.144.0/20 maxlen: 20
43.133.160.0/19 maxlen: 19
43.133.192.0/19 maxlen: 19
43.134.0.0/18 maxlen: 18
43.134.64.0/18 maxlen: 18
43.135.58.0/24 maxlen: 24
43.135.187.0/24 maxlen: 24
43.135.192.0/19 maxlen: 19
43.135.221.0/24 maxlen: 24
43.152.74.0/23 maxlen: 23
43.152.76.0/22 maxlen: 22
43.152.80.0/22 maxlen: 22
43.152.92.0/23 maxlen: 23
43.152.96.0/19 maxlen: 24
43.152.192.0/19 maxlen: 19
43.152.224.0/19 maxlen: 19
43.153.0.0/18 maxlen: 18
43.153.64.0/18 maxlen: 18
43.153.128.0/18 maxlen: 18
43.153.164.0/24 maxlen: 24
43.153.187.0/24 maxlen: 24
43.153.192.0/18 maxlen: 18
43.153.250.0/23 maxlen: 23
43.154.0.0/18 maxlen: 18
43.154.64.0/18 maxlen: 18
43.154.128.0/18 maxlen: 18
43.154.192.0/18 maxlen: 18
43.155.0.0/17 maxlen: 18
43.155.127.0/24 maxlen: 24
43.155.128.0/17 maxlen: 18
43.155.149.0/24 maxlen: 24
43.156.0.0/18 maxlen: 18
43.156.64.0/18 maxlen: 18
43.156.128.0/18 maxlen: 18
43.156.192.0/18 maxlen: 18
43.156.252.0/24 maxlen: 24
43.156.254.0/24 maxlen: 24
43.157.0.0/17 maxlen: 24
43.157.128.0/18 maxlen: 24
43.157.192.0/18 maxlen: 24
43.158.0.0/16 maxlen: 16
43.158.0.0/17 maxlen: 24
43.158.128.0/18 maxlen: 24
43.158.192.0/18 maxlen: 24
43.159.0.0/16 maxlen: 16
43.159.0.0/20 maxlen: 24
43.159.16.0/20 maxlen: 24
43.159.32.0/19 maxlen: 24
43.159.76.0/24 maxlen: 24
43.159.128.0/18 maxlen: 24
43.159.192.0/18 maxlen: 24
43.160.0.0/16 maxlen: 24
43.161.0.0/17 maxlen: 24
43.161.128.0/17 maxlen: 24
43.162.0.0/17 maxlen: 24
43.162.128.0/17 maxlen: 24
43.163.0.0/16 maxlen: 16
43.163.0.0/17 maxlen: 17
43.163.0.0/18 maxlen: 24
43.163.64.0/18 maxlen: 24
43.163.128.0/18 maxlen: 18
43.163.192.0/18 maxlen: 24
43.164.0.0/16 maxlen: 24
43.165.0.0/16 maxlen: 24
43.166.0.0/16 maxlen: 24
43.167.0.0/16 maxlen: 24
43.170.0.0/16 maxlen: 24
43.171.0.0/16 maxlen: 24
43.172.0.0/16 maxlen: 24
43.173.0.0/16 maxlen: 24
101.32.94.0/23 maxlen: 23
101.32.96.0/20 maxlen: 20
101.32.102.0/23 maxlen: 23
101.32.104.0/21 maxlen: 21
101.32.140.0/24 maxlen: 24
101.33.4.0/23 maxlen: 23
101.33.17.0/24 maxlen: 24
101.33.18.0/23 maxlen: 23
101.33.26.0/23 maxlen: 23
101.33.30.0/23 maxlen: 23
101.33.41.0/24 maxlen: 24
101.33.52.0/22 maxlen: 22
101.33.114.0/23 maxlen: 24
124.156.208.0/20 maxlen: 20
124.156.224.0/20 maxlen: 20
150.109.90.0/24 maxlen: 24
150.109.91.0/24 maxlen: 24
150.109.140.0/22 maxlen: 22
150.109.192.0/20 maxlen: 20
150.109.192.0/21 maxlen: 21
150.109.192.0/23 maxlen: 23
150.109.200.0/22 maxlen: 22
150.109.204.0/23 maxlen: 23
150.109.206.0/24 maxlen: 24
150.109.207.0/24 maxlen: 24
240d:c000::/24 maxlen: 32
240d:c000:1000::/36 maxlen: 36
240d:c000:2000::/36 maxlen: 36
240d:c000:3000::/36 maxlen: 36
240d:c000:6000::/36 maxlen: 36
240d:c000:6000::/44 maxlen: 48
240d:c000:7000::/44 maxlen: 44
240d:c000:f000::/36 maxlen: 36
240d:c000:f000::/44 maxlen: 44
240d:c000:f010::/44 maxlen: 44
240d:c000:f020::/44 maxlen: 44
240d:c000:f030::/44 maxlen: 44
240d:c000:f040::/44 maxlen: 44
240d:c000:f050::/44 maxlen: 44
240d:c000:f060::/44 maxlen: 44
240d:c000:f070::/44 maxlen: 44
240d:c000:f0c0::/44 maxlen: 44
240d:c000:f0d0::/44 maxlen: 44
240d:c000:f0e0::/44 maxlen: 44
240d:c000:f0f0::/44 maxlen: 44
240d:c010::/48 maxlen: 48
240d:c010::/56 maxlen: 56
240d:c010:0:100::/56 maxlen: 56
240d:c010:10::/48 maxlen: 48
240d:c010:11::/48 maxlen: 48
240d:c010:12::/48 maxlen: 48
240d:c010:14::/48 maxlen: 48
240d:c010:16::/48 maxlen: 48
240d:c010:17::/48 maxlen: 48
240d:c010:20::/44 maxlen: 44
240d:c010:20::/56 maxlen: 56
240d:c010:20:100::/56 maxlen: 56
240d:c010:20:200::/56 maxlen: 56
240d:c010:30::/56 maxlen: 56
240d:c010:30:100::/56 maxlen: 56
240d:c010:50::/48 maxlen: 48
240d:c010:57::/48 maxlen: 48
240d:c010:58::/47 maxlen: 48
240d:c010:5c::/46 maxlen: 48
240d:c010:60::/48 maxlen: 48
240d:c010:66::/47 maxlen: 48
240d:c010:68::/48 maxlen: 48
240d:c010:6c::/47 maxlen: 48
240d:c010:6e::/48 maxlen: 48
240d:c040::/44 maxlen: 44
240d:c040:10::/44 maxlen: 44
240d:c040:20::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 24 Apr 2025 06:23:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2826 (0xb0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Validity
Not Before: Apr 24 03:24:15 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6809aedf-c6d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:66:8e:85:dc:fb:5d:ad:e5:ea:79:af:5f:95:
46:ee:9e:4c:f3:a8:0e:04:70:81:94:b2:b0:02:9f:
07:f6:0f:aa:c6:b7:7e:93:98:63:57:5f:55:5c:0d:
6e:65:9c:c5:f0:f9:d5:02:93:39:df:1d:54:dc:00:
6e:1e:78:65:39:da:5f:b1:fa:7b:b7:f7:f8:69:9a:
90:83:0d:8e:95:44:fe:87:ae:79:c1:96:8e:de:be:
c8:04:38:40:48:cb:a3:52:18:8e:a3:e9:9b:00:a2:
c7:d6:66:db:40:f8:4e:64:54:b9:56:3a:a3:52:25:
f0:88:a1:b9:0d:fe:2f:a4:26:53:0e:59:a5:81:51:
a3:9b:86:3a:fc:75:90:21:48:77:d2:05:67:f5:5c:
f7:6d:13:cd:c6:b8:80:97:62:8b:29:1f:35:f9:5d:
52:7c:fc:48:4f:69:8b:1a:9b:31:65:aa:df:0e:ae:
e3:3a:17:25:5d:d0:62:5c:cf:d1:5c:d0:dd:40:91:
a3:8d:14:0b:fe:41:b8:a7:69:be:77:41:95:46:66:
91:ef:6b:f4:53:1d:a7:5d:8f:5c:d2:ee:f6:20:d6:
e4:fa:01:28:59:ab:8d:5e:af:1d:6d:d0:95:62:2f:
35:8f:8c:3c:86:b2:66:9a:b9:eb:7a:aa:f8:96:6f:
10:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:13:8A:F1:79:45:23:B4:7A:CE:8C:18:30:4C:A2:02:24:9B:DC:54
X509v3 Authority Key Identifier:
keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/996B36F620BB11F0BE727E6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.128.222.0-43.128.255.255
43.129.32.0/19
43.130.0.0-43.130.191.255
43.130.224.0-43.131.63.255
43.131.224.0/19
43.132.12.0-43.132.19.255
43.132.28.0-43.132.35.255
43.132.40.0/22
43.132.52.0/22
43.132.68.0/24
43.132.96.0-43.133.31.255
43.133.128.0-43.133.223.255
43.134.0.0/17
43.135.58.0/24
43.135.187.0/24
43.135.192.0/19
43.152.74.0-43.152.83.255
43.152.92.0/23
43.152.96.0/19
43.152.192.0-43.167.255.255
43.170.0.0-43.173.255.255
101.32.94.0-101.32.111.255
101.32.140.0/24
101.33.4.0/23
101.33.17.0-101.33.19.255
101.33.26.0/23
101.33.30.0/23
101.33.41.0/24
101.33.52.0/22
101.33.114.0/23
124.156.208.0-124.156.239.255
150.109.90.0/23
150.109.140.0/22
150.109.192.0/20
IPv6:
240d:c000::/24
Signature Algorithm: sha256WithRSAEncryption
1d:1a:20:42:9e:52:05:7d:37:ba:0f:ce:f1:8f:2a:3a:09:1b:
22:bf:5d:a6:e3:aa:c1:8a:80:38:9d:4c:ce:ad:3e:1b:a5:c4:
15:e0:28:6d:fe:c0:e7:a2:aa:ee:be:03:69:37:70:64:2b:92:
4b:e3:66:8f:ce:00:3b:e5:06:aa:41:98:5a:e3:09:8a:0a:5f:
e1:46:2a:25:b5:c5:03:14:13:06:50:2c:a1:4b:bd:6a:b3:05:
0c:f0:0b:c1:b7:e2:ed:59:59:19:09:6c:ad:bc:ff:5e:0c:ab:
10:b6:1a:f6:3e:ac:97:51:c3:f0:53:cc:8e:8c:d3:5c:1a:da:
1a:40:9e:b1:89:58:d4:01:a2:91:92:44:22:5d:83:88:39:37:
fc:11:9f:83:36:de:ef:64:d4:a3:05:4b:ee:39:b5:26:29:4d:
ee:01:87:96:50:a8:e4:26:9b:94:1f:9a:e4:54:a0:be:ab:1e:
aa:2c:bb:22:7a:37:7b:9f:50:e5:ba:f4:21:72:4c:9b:c6:3f:
c4:1c:7b:d9:c5:ca:ab:b9:2d:d6:a7:f8:d4:51:c0:72:da:22:
da:32:0a:23:6f:df:ae:d3:79:50:36:fb:ee:af:27:fa:03:a2:
ab:c5:c4:2a:a2:8c:76:d9:52:d2:31:1e:2d:eb:2d:c8:86:fc:
bc:2d:fc:9c
-----BEGIN CERTIFICATE-----
MIIGsjCCBZqgAwIBAgICCwowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjUwNDI0MDMyNDE1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA5YWVkZi1jNmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx2aOhdz7Xa3l6nmvX5VG7p5M86gOBHCBlLKwAp8H9g+qxrd+k5hjV19VXA1u
ZZzF8PnVApM53x1U3ABuHnhlOdpfsfp7t/f4aZqQgw2OlUT+h655wZaO3r7IBDhA
SMujUhiOo+mbAKLH1mbbQPhOZFS5VjqjUiXwiKG5Df4vpCZTDlmlgVGjm4Y6/HWQ
IUh30gVn9Vz3bRPNxriAl2KLKR81+V1SfPxIT2mLGpsxZarfDq7jOhclXdBiXM/R
XNDdQJGjjRQL/kG4p2m+d0GVRmaR72v0Ux2nXY9c0u72INbk+gEoWauNXq8dbdCV
Yi81j4w8hrJmmrnreqr4lm8QJwIDAQABo4ID1jCCA9IwHQYDVR0OBBYEFH0TivF5
RSO0es6MGDBMogIkm9xUMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvOTk2QjM2RjYy
MEJCMTFGMEJFNzI3RTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFeBggrBgEFBQcBBwEB
/wSCAU0wggFJMIIBNwQCAAEwggEvMAsDBAErgN4DAwArgAMEBSuBIDALAwMBK4ID
BAYrgoAwDAMEBSuC4AMEBiuDAAMEBSuD4DAMAwQCK4QMAwQCK4QQMAwDBAIrhBwD
BAIrhCADBAIrhCgDBAIrhDQDBAArhEQwDAMEBSuEYAMEBSuFADAMAwQHK4WAAwQF
K4XAAwQHK4YAAwQAK4c6AwQAK4e7AwQFK4fAMAwDBAErmEoDBAIrmFADBAErmFwD
BAUrmGAwCwMEBiuYwAMDAyugMAoDAwErqgMDASusMAwDBAFlIF4DBARlIGADBABl
IIwDBAFlIQQwDAMEAGUhEQMEAmUhEAMEAWUhGgMEAWUhHgMEAGUhKQMEAmUhNAME
AWUhcjAMAwQEfJzQAwQEfJzgAwQBlm1aAwQClm2MAwQElm3AMAwEAgACMAYDBAAk
DcAwDQYJKoZIhvcNAQELBQADggEBAB0aIEKeUgV9N7oPzvGPKjoJGyK/XabjqsGK
gDidTM6tPhulxBXgKG3+wOeiqu6+A2k3cGQrkkvjZo/OADvlBqpBmFrjCYoKX+FG
KiW1xQMUEwZQLKFLvWqzBQzwC8G34u1ZWRkJbK28/14MqxC2GvY+rJdRw/BTzI6M
01wa2hpAnrGJWNQBopGSRCJdg4g5N/wRn4M23u9k1KMFS+45tSYpTe4Bh5ZQqOQm
m5QfmuRUoL6rHqosuyJ6N3ufUOW69CFyTJvGP8Qce9nFyqu5Ldan+NRRwHLaItoy
CiNv367TeVA2++6vJ/oDoqvFxCqijHbZUtIxHi3rLciG/Lwt/Jw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:09:39 2025 by rpki-client