Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127EEB/F57C94B0D3BA11EF947B0580C4F9AE02/B849F1DE527A11F08B1E0574C4F9AE02.roa
File: B849F1DE527A11F08B1E0574C4F9AE02.roa (raw, json)
Hash identifier: Msabqxp/8NnkmzpZJZlLAqtfq1B/DTQqhEyBwaqjNH8=
Subject key identifier: 83:8E:9F:F6:22:09:66:10:65:AF:C6:08:EB:90:F1:E6:EC:B5:AA:C3
Certificate issuer: /CN=A9127EEB/serialNumber=DEF3317CBD14D7DBAA27BFFE3FE5A7B8A6EDCFB9
Certificate serial: 5E
Authority key identifier: DE:F3:31:7C:BD:14:D7:DB:AA:27:BF:FE:3F:E5:A7:B8:A6:ED:CF:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3vMxfL0U19uqJ7_-P-WnuKbtz7k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127EEB/F57C94B0D3BA11EF947B0580C4F9AE02/B849F1DE527A11F08B1E0574C4F9AE02.roa
Signing time: Thu 26 Jun 2025 10:45:48 +0000
ROA not before: Thu 26 Jun 2025 10:45:48 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 38235
IP address blocks: 103.49.42.0/24 maxlen: 24
103.49.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Jul 2025 03:11:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94 (0x5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127EEB, serialNumber=DEF3317CBD14D7DBAA27BFFE3FE5A7B8A6EDCFB9
Validity
Not Before: Jun 26 10:45:48 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=685d24dc-13a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:52:7a:fa:b2:a6:ad:bd:71:b3:20:fe:c6:15:
6e:2c:67:c7:6c:81:61:fb:1d:e5:5d:46:eb:f3:a6:
c7:d8:50:d9:a9:a4:13:29:71:63:08:73:65:35:c1:
2a:2d:9a:ba:e2:bd:ba:ea:9b:85:f1:bf:03:92:43:
35:ee:9d:9a:7b:02:64:41:1b:a8:ef:af:06:47:65:
4f:72:76:b7:d3:60:3a:13:8f:15:e6:15:c2:d7:d3:
ab:d0:c9:c3:23:79:f6:fa:52:86:46:ee:33:27:00:
b5:3e:5a:3a:75:9f:41:9e:ca:0e:a9:ad:43:1f:30:
32:ab:7a:44:e2:7c:85:36:d6:94:b4:98:e8:10:27:
02:0e:f2:c9:ad:14:48:6d:61:c2:eb:5e:c7:16:fb:
ae:9b:b1:0b:dd:c8:9f:34:26:97:a2:02:aa:bf:69:
32:d8:0e:75:3f:c0:23:9b:20:d2:ca:c6:60:bd:80:
61:a1:9d:c3:03:24:25:ac:f9:66:14:2e:40:44:b0:
99:0c:b2:47:67:bd:48:a2:7e:23:c0:bd:61:0f:70:
b4:d5:3e:14:0a:87:1f:e3:d3:5e:55:ac:ce:fe:9c:
75:a5:c1:af:70:af:7b:c6:0a:17:41:37:d5:4e:ee:
78:52:36:b6:d8:67:7b:37:84:87:8c:22:57:13:05:
3e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8E:9F:F6:22:09:66:10:65:AF:C6:08:EB:90:F1:E6:EC:B5:AA:C3
X509v3 Authority Key Identifier:
keyid:DE:F3:31:7C:BD:14:D7:DB:AA:27:BF:FE:3F:E5:A7:B8:A6:ED:CF:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127EEB/F57C94B0D3BA11EF947B0580C4F9AE02/3vMxfL0U19uqJ7_-P-WnuKbtz7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3vMxfL0U19uqJ7_-P-WnuKbtz7k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127EEB/F57C94B0D3BA11EF947B0580C4F9AE02/B849F1DE527A11F08B1E0574C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.49.42.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:b2:15:c5:9e:c9:15:38:0d:57:b9:5b:3f:0b:1c:76:23:b9:
7b:e5:07:4c:ad:76:2d:cf:52:be:5d:7d:9f:c1:48:c5:55:83:
a5:aa:87:85:29:97:ce:1e:11:b4:22:c6:e4:6d:29:b2:54:71:
02:a9:ed:33:86:47:4b:13:1d:60:ac:aa:23:d5:7b:59:90:e1:
8d:7c:d5:80:ee:9c:7f:a8:00:83:63:e7:81:75:a6:d2:77:66:
a7:11:88:db:5a:74:69:65:dc:e8:2d:03:c4:77:6d:9a:b1:aa:
7a:97:ab:a8:41:66:58:08:90:6a:2d:48:e7:b0:b8:6f:76:c0:
40:63:7f:20:b2:f2:ac:30:88:6d:7d:92:a3:14:22:80:03:c2:
1d:bb:bb:4e:03:34:b2:9e:40:dd:0e:a4:e2:08:35:05:23:74:
73:b8:31:b4:c3:f8:84:ae:31:2a:84:2d:db:65:6d:57:f3:c0:
a4:c6:c5:c9:d3:dc:29:c5:15:64:b0:17:4c:b0:71:33:45:a3:
7c:f2:83:1b:ad:78:f5:40:79:1f:b4:79:3b:fd:9e:40:29:a4:
c8:8b:74:83:ce:88:e8:cd:2a:5c:9d:6e:61:4e:ad:02:fd:d5:
f1:a3:0e:4f:36:10:1c:35:d7:69:82:bd:93:fd:75:76:1c:30:
e8:c7:21:bc
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBXjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
N0VFQjExMC8GA1UEBRMoREVGMzMxN0NCRDE0RDdEQkFBMjdCRkZFM0ZFNUE3QjhB
NkVEQ0ZCOTAeFw0yNTA2MjYxMDQ1NDhaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4NWQyNGRjLTEzYTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYUnr6sqatvXGzIP7GFW4sZ8dsgWH7HeVdRuvzpsfYUNmppBMpcWMIc2U1wSot
mrrivbrqm4XxvwOSQzXunZp7AmRBG6jvrwZHZU9ydrfTYDoTjxXmFcLX06vQycMj
efb6UoZG7jMnALU+Wjp1n0Geyg6prUMfMDKrekTifIU21pS0mOgQJwIO8smtFEht
YcLrXscW+66bsQvdyJ80JpeiAqq/aTLYDnU/wCObINLKxmC9gGGhncMDJCWs+WYU
LkBEsJkMskdnvUiifiPAvWEPcLTVPhQKhx/j015VrM7+nHWlwa9wr3vGChdBN9VO
7nhSNrbYZ3s3hIeMIlcTBT4DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUg46f9iIJ
ZhBlr8YI65Dx5uy1qsMwHwYDVR0jBBgwFoAU3vMxfL0U19uqJ7/+P+WnuKbtz7kw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI3RUVCL0Y1N0M5NEIwRDNC
QTExRUY5NDdCMDU4MEM0RjlBRTAyLzN2TXhmTDBVMTl1cUo3Xy1QLVdudUtidHo3
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvM3ZNeGZMMFUxOXVxSjdfLVAtV251S2J0ejdrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
N0VFQi9GNTdDOTRCMEQzQkExMUVGOTQ3QjA1ODBDNEY5QUUwMi9CODQ5RjFERTUy
N0ExMUYwOEIxRTA1NzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcxKjANBgkqhkiG9w0BAQsFAAOCAQEAfrIVxZ7JFTgNV7lb
PwscdiO5e+UHTK12Lc9Svl19n8FIxVWDpaqHhSmXzh4RtCLG5G0pslRxAqntM4ZH
SxMdYKyqI9V7WZDhjXzVgO6cf6gAg2PngXWm0ndmpxGI21p0aWXc6C0DxHdtmrGq
eperqEFmWAiQai1I57C4b3bAQGN/ILLyrDCIbX2SoxQigAPCHbu7TgM0sp5A3Q6k
4gg1BSN0c7gxtMP4hK4xKoQt22VtV/PApMbFydPcKcUVZLAXTLBxM0WjfPKDG614
9UB5H7R5O/2eQCmkyIt0g86I6M0qXJ1uYU6tAv3V8aMOTzYQHDXXaYK9k/11dhww
6MchvA==
-----END CERTIFICATE-----
Generated at Wed Jul 2 23:18:31 2025 by rpki-client