Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/4DF4371066B111E98B2CD954C4F9AE02.roa
File: 4DF4371066B111E98B2CD954C4F9AE02.roa (raw, json)
Hash identifier: +XsTIinfoyZDjoRy5PnCbNg8vTw9cV0Zzga0fRyWan4=
Subject key identifier: 44:AB:D7:65:26:E8:51:70:A5:1D:6F:12:43:4B:DD:71:2F:4D:83:96
Certificate issuer: /CN=A9199E3F/serialNumber=6691ABEC1A46FDBCD2607C4DF17A54CE3334C212
Certificate serial: 0F95
Authority key identifier: 66:91:AB:EC:1A:46:FD:BC:D2:60:7C:4D:F1:7A:54:CE:33:34:C2:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZpGr7BpG_bzSYHxN8XpUzjM0whI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/4DF4371066B111E98B2CD954C4F9AE02.roa
Signing time: Wed 02 Apr 2025 17:47:16 +0000
ROA not before: Wed 02 Apr 2025 17:47:16 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 131259
IP address blocks: 36.255.124.0/24 maxlen: 24
36.255.125.0/24 maxlen: 24
36.255.126.0/24 maxlen: 24
36.255.127.0/24 maxlen: 24
43.249.12.0/24 maxlen: 24
43.249.13.0/24 maxlen: 24
43.249.14.0/24 maxlen: 24
43.249.15.0/24 maxlen: 24
103.23.76.0/22 maxlen: 24
103.209.120.0/24 maxlen: 24
103.209.121.0/24 maxlen: 24
103.209.122.0/24 maxlen: 24
103.209.123.0/24 maxlen: 24
103.250.64.0/24 maxlen: 24
103.250.65.0/24 maxlen: 24
103.250.66.0/24 maxlen: 24
103.250.67.0/24 maxlen: 24
2407:1a80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 08 Apr 2025 01:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3989 (0xf95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9199E3F, serialNumber=6691ABEC1A46FDBCD2607C4DF17A54CE3334C212
Validity
Not Before: Apr 2 17:47:16 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ed7824-607c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:60:00:96:e2:70:b3:3a:5d:45:58:ce:7a:7f:
1c:06:8b:b4:a7:86:0d:b6:9c:95:bc:ba:37:f7:7c:
de:f4:f9:f8:e5:52:e7:73:e5:31:26:37:24:61:06:
f4:4f:91:a5:ba:32:6a:2b:9f:f2:f9:2f:bd:3a:be:
56:04:9e:d9:f5:fc:05:a7:11:c9:9a:1b:4d:58:33:
25:12:d6:cc:91:25:56:83:b3:55:b8:d4:a9:55:52:
12:65:87:5c:3d:c4:ff:c4:be:b9:8b:04:72:4c:e1:
a7:38:ad:82:f8:32:79:ba:90:d2:60:7c:45:2a:dd:
79:d7:a3:58:fd:af:31:c7:8b:80:9b:96:ef:6e:10:
44:f5:f7:0f:aa:6d:53:21:7d:e1:ce:32:07:9a:45:
d6:ce:c7:ee:aa:33:c1:be:2a:03:3d:e5:58:e5:68:
7f:cf:0d:d4:aa:11:2d:f9:42:bf:26:db:2f:a1:17:
ab:2f:ee:6c:76:5a:aa:45:e1:68:99:c5:d7:65:f8:
31:b1:2c:e0:a2:aa:c8:73:08:7d:50:94:0b:82:1c:
9f:14:3c:5e:05:b3:c4:53:50:68:c1:03:ec:36:ff:
19:f7:ef:20:08:2b:65:e4:28:23:74:7c:7a:9e:fe:
af:c9:c3:fc:2a:a2:b8:3d:9c:6c:35:91:fe:02:66:
e2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AB:D7:65:26:E8:51:70:A5:1D:6F:12:43:4B:DD:71:2F:4D:83:96
X509v3 Authority Key Identifier:
keyid:66:91:AB:EC:1A:46:FD:BC:D2:60:7C:4D:F1:7A:54:CE:33:34:C2:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/ZpGr7BpG_bzSYHxN8XpUzjM0whI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZpGr7BpG_bzSYHxN8XpUzjM0whI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/4DF4371066B111E98B2CD954C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.124.0/22
43.249.12.0/22
103.23.76.0/22
103.209.120.0/22
103.250.64.0/22
IPv6:
2407:1a80::/32
Signature Algorithm: sha256WithRSAEncryption
57:21:99:ba:d2:8f:ea:aa:f2:77:a5:04:bd:70:8b:c2:7b:c4:
98:0c:97:46:e3:bd:68:4d:6e:89:dc:15:b4:f4:dd:fb:ed:7c:
b6:41:09:79:b2:d9:b4:45:c4:9d:2a:c1:cd:a9:7d:99:9d:32:
ad:10:37:fc:1d:90:df:14:4a:6b:f1:e0:e8:a9:8c:10:89:17:
d9:c3:6b:ee:7c:17:03:e1:81:4c:84:ea:fe:54:21:fc:14:9c:
5a:9a:58:49:6c:14:28:ab:ce:ab:b7:eb:f3:a4:a6:ab:35:ae:
98:f6:a0:a3:b0:e8:52:e5:70:bb:91:b9:9b:e5:83:d8:e0:8e:
56:55:3b:ee:2b:fb:f2:8b:2b:52:f5:5c:08:f1:25:b4:7b:6f:
6f:d0:24:24:07:e0:5c:17:d5:0b:4c:af:67:ca:ca:4e:37:30:
e7:51:af:a5:86:d4:3f:2f:95:ae:81:a3:44:4d:31:d7:c7:5e:
4f:b7:12:59:5f:f0:8e:c3:80:f6:1f:9b:f4:91:3c:66:b1:05:
d3:a8:c0:d3:29:59:45:26:7e:89:4d:b9:c2:3e:65:23:a9:51:
06:d4:03:53:64:07:d1:96:d4:af:bd:ec:b4:43:b2:2b:f1:99:
d5:05:4f:e9:6b:fb:89:b0:71:0c:56:7c:89:d6:61:14:7c:8b:
c4:58:80:8a
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICD5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTlFM0YxMTAvBgNVBAUTKDY2OTFBQkVDMUE0NkZEQkNEMjYwN0M0REYxN0E1NENF
MzMzNEMyMTIwHhcNMjUwNDAyMTc0NzE2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VkNzgyNC02MDdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0WAAluJwszpdRVjOen8cBou0p4YNtpyVvLo393ze9Pn45VLnc+UxJjckYQb0
T5GlujJqK5/y+S+9Or5WBJ7Z9fwFpxHJmhtNWDMlEtbMkSVWg7NVuNSpVVISZYdc
PcT/xL65iwRyTOGnOK2C+DJ5upDSYHxFKt1516NY/a8xx4uAm5bvbhBE9fcPqm1T
IX3hzjIHmkXWzsfuqjPBvioDPeVY5Wh/zw3UqhEt+UK/JtsvoRerL+5sdlqqReFo
mcXXZfgxsSzgoqrIcwh9UJQLghyfFDxeBbPEU1BowQPsNv8Z9+8gCCtl5CgjdHx6
nv6vycP8KqK4PZxsNZH+AmbicQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFESr12Um
6FFwpR1vEkNL3XEvTYOWMB8GA1UdIwQYMBaAFGaRq+waRv280mB8TfF6VM4zNMIS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OUUzRi9EOEM1MUFDQTVD
RjMxMUU5OTJGRDYyMkFDNEY5QUUwMi9acEdyN0JwR19ielNZSHhOOFhwVXpqTTB3
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pwR3I3QnBHX2J6U1lIeE44WHBVempNMHdoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTlFM0YvRDhDNTFBQ0E1Q0YzMTFFOTkyRkQ2MjJBQzRGOUFFMDIvNERGNDM3MTA2
NkIxMTFFOThCMkNEOTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIk/3wDBAIr+QwDBAJnF0wDBAJn0XgDBAJn+kAwDQQCAAIw
BwMFACQHGoAwDQYJKoZIhvcNAQELBQADggEBAFchmbrSj+qq8nelBL1wi8J7xJgM
l0bjvWhNboncFbT03fvtfLZBCXmy2bRFxJ0qwc2pfZmdMq0QN/wdkN8USmvx4Oip
jBCJF9nDa+58FwPhgUyE6v5UIfwUnFqaWElsFCirzqu36/Okpqs1rpj2oKOw6FLl
cLuRuZvlg9jgjlZVO+4r+/KLK1L1XAjxJbR7b2/QJCQH4FwX1QtMr2fKyk43MOdR
r6WG1D8vla6Bo0RNMdfHXk+3Ellf8I7DgPYfm/SRPGaxBdOowNMpWUUmfolNucI+
ZSOpUQbUA1NkB9GW1K+97LRDsivxmdUFT+lr+4mwcQxWfInWYRR8i8RYgIo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:01:10 2025 by rpki-client