Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EA4A794C44611EF89288719C4F9AE02.roa
File: 6EA4A794C44611EF89288719C4F9AE02.roa (raw, json)
Hash identifier: y/zlZxxOSV1D0x/cipOcIWtzwKGadEc6/onD+S1eRO0=
Subject key identifier: FD:76:99:CF:FE:8F:A4:4A:A0:79:9B:71:60:5E:D9:C9:0E:2A:29:73
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A091
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EA4A794C44611EF89288719C4F9AE02.roa
Signing time: Fri 27 Dec 2024 11:33:45 +0000
ROA not before: Fri 27 Dec 2024 11:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.82.144.0/22 maxlen: 24
103.85.16.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.87.28.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.129.206.0/24 maxlen: 24
103.142.64.0/23 maxlen: 24
103.155.188.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.156.122.0/23 maxlen: 24
103.166.119.0/24 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.22.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.195.196.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 27 Dec 2024 11:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41105 (0xa091)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 27 11:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676e9099-bc02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f9:c0:e7:6e:7f:40:09:6c:98:ea:24:50:78:
8c:69:b0:19:b0:bf:97:b3:45:37:de:aa:08:89:60:
50:f7:8c:8e:87:f3:08:23:22:69:e8:b6:72:e0:9d:
c3:99:62:a1:ce:88:64:47:6d:fb:91:11:63:50:64:
94:fb:e1:bf:05:d1:19:45:6d:6a:41:4e:65:7c:d2:
b2:4f:91:29:a9:fa:d7:c6:a0:26:64:2a:ac:4f:91:
5c:2b:59:f3:19:ce:b3:0b:b2:7a:94:de:e8:77:20:
ec:f9:06:08:b0:10:fa:8a:18:b1:87:44:c6:1b:7d:
f4:79:e3:33:54:a9:40:c4:1f:e6:02:ef:00:37:72:
37:04:12:91:d0:20:f9:5f:31:a0:5c:57:b5:59:38:
b3:20:dd:22:e1:77:8b:60:91:59:66:8f:09:e7:c4:
6f:51:7c:b7:59:93:b5:c3:22:59:0a:de:fd:73:f7:
8a:63:0d:c9:89:09:70:10:31:2b:61:03:e3:b1:e7:
c8:74:0c:4a:7f:32:d5:b9:e2:9a:16:c1:d4:0c:56:
42:df:f3:2b:95:cd:68:05:7a:ef:b7:78:bf:9d:4b:
5b:82:0b:a0:dc:5c:17:5e:87:70:b8:1a:80:15:43:
3f:7c:3f:00:7d:40:ee:68:48:60:aa:d7:53:9b:94:
0a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:76:99:CF:FE:8F:A4:4A:A0:79:9B:71:60:5E:D9:C9:0E:2A:29:73
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EA4A794C44611EF89288719C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
43.231.116.0/22
45.114.156.0/22
103.14.196.0/22
103.16.140.0/22
103.27.168.0/24
103.27.170.0/23
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.82.144.0/22
103.85.16.0/22
103.86.20.0/22
103.87.28.0/22
103.88.124.0/22
103.108.76.0/22
103.111.128.0/22
103.118.8.0/22
103.129.206.0/24
103.142.64.0/23
103.155.188.0/23
103.155.194.0/23
103.156.122.0/23
103.166.119.0/24
103.171.236.0/23
103.173.22.0/23
103.180.216.0/23
103.192.72.0/22
103.195.196.0/22
103.200.48.0/22
103.206.64.0/22
103.212.132.0/22
103.226.224.0/22
103.228.172.0/22
139.5.96.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
50:5b:0b:db:6c:76:bc:4d:12:32:74:b2:84:80:a0:05:87:e3:
e0:1e:e4:5a:6a:c8:f3:1c:70:f9:b2:39:e0:61:35:da:00:13:
d0:66:1d:8b:9e:3f:de:51:1f:3c:3d:8d:00:3a:c5:53:f8:42:
51:f1:98:a0:15:88:93:64:17:f8:d9:21:f2:38:8d:04:73:c6:
41:32:3f:e2:ff:95:0e:02:8f:7d:24:92:e7:3b:7a:fe:25:94:
1b:fa:f8:58:22:f0:6a:ef:6d:e3:27:c5:1f:86:21:e1:ed:68:
eb:08:61:c9:8b:c8:78:b8:bb:52:71:35:b0:74:71:32:09:ca:
c7:e8:15:b6:b3:6e:9a:a6:2e:f0:98:bc:da:37:5a:d4:ce:e4:
92:86:e9:7f:8e:d3:04:c1:a0:61:1f:6e:fd:07:d1:c7:1f:40:
79:d5:56:53:9f:d8:04:e5:65:09:f6:c1:67:77:79:34:5e:ad:
08:af:af:d5:5b:e6:22:9a:cd:ee:f5:e1:55:d1:76:89:f4:42:
e6:55:08:63:04:79:84:d3:ec:76:8a:e5:51:a7:4c:62:be:cb:
b6:23:fb:85:26:d2:ad:75:cc:b0:15:48:df:5d:f9:8d:7c:9c:
45:67:c2:1c:c6:23:14:70:a5:40:04:70:3e:ed:02:2d:4a:d6:
77:28:fe:b7
-----BEGIN CERTIFICATE-----
MIIGfTCCBWWgAwIBAgIDAKCRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIyNzExMzM0NVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc2ZTkwOTktYmMwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO/5wOduf0AJbJjqJFB4jGmwGbC/l7NFN96qCIlgUPeMjofzCCMiaei2cuCd
w5lioc6IZEdt+5ERY1BklPvhvwXRGUVtakFOZXzSsk+RKan618agJmQqrE+RXCtZ
8xnOswuyepTe6Hcg7PkGCLAQ+ooYsYdExht99HnjM1SpQMQf5gLvADdyNwQSkdAg
+V8xoFxXtVk4syDdIuF3i2CRWWaPCefEb1F8t1mTtcMiWQre/XP3imMNyYkJcBAx
K2ED47HnyHQMSn8y1bnimhbB1AxWQt/zK5XNaAV677d4v51LW4ILoNxcF16HcLga
gBVDP3w/AH1A7mhIYKrXU5uUCmECAwEAAaOCA6AwggOcMB0GA1UdDgQWBBT9dpnP
/o+kSqB5m3FgXtnJDiopczAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzZFQTRBNzk0
QzQ0NjExRUY4OTI4ODcxOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBKAYIKwYBBQUHAQcB
Af8EggEXMIIBEzCB6wQCAAEwgeQDBAIr4QADBAIr53QDBAItcpwDBAJnDsQDBAJn
EIwDBABnG6gDBAFnG6oDBABnL5gDBAJnM1wDBAJnNDADBAJnNmADBAJnN1QDBAJn
UpADBAJnVRADBAJnVhQDBAJnVxwDBAJnWHwDBAJnbEwDBAJnb4ADBAJndggDBABn
gc4DBAFnjkADBAFnm7wDBAFnm8IDBAFnnHoDBABnpncDBAFnq+wDBAFnrRYDBAFn
tNgDBAJnwEgDBAJnw8QDBAJnyDADBAJnzkADBAJn1IQDBAJn4uADBAJn5KwDBAKL
BWADBALLvzgwIwQCAAIwHTASAwcBJADRgABmAwcBJADRgABoAwcBJADRgABwMA0G
CSqGSIb3DQEBCwUAA4IBAQBQWwvbbHa8TRIydLKEgKAFh+PgHuRaasjzHHD5sjng
YTXaABPQZh2Lnj/eUR88PY0AOsVT+EJR8ZigFYiTZBf42SHyOI0Ec8ZBMj/i/5UO
Ao99JJLnO3r+JZQb+vhYIvBq723jJ8UfhiHh7WjrCGHJi8h4uLtScTWwdHEyCcrH
6BW2s26api7wmLzaN1rUzuSShul/jtMEwaBhH279B9HHH0B51VZTn9gE5WUJ9sFn
d3k0Xq0Ir6/VW+Yims3u9eFV0XaJ9ELmVQhjBHmE0+x2iuVRp0xivsu2I/uFJtKt
dcywFUjfXfmNfJxFZ8IcxiMUcKVABHA+7QItStZ3KP63
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:04:38 2025 by rpki-client