Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/7FD328F0623011F080AE2931C4F9AE02.roa
File: 7FD328F0623011F080AE2931C4F9AE02.roa (raw, json)
Hash identifier: ONyCk1roWHelbumh8YXUaFO1cjx4c4+1qAe3JKP89I4=
Subject key identifier: C7:6E:61:52:DA:9A:E0:11:4A:70:E5:71:8D:3E:80:80:B5:0E:DD:94
Certificate issuer: /CN=A9142F59/serialNumber=1CA36DCFC3C04333F883B835F2C8DDD025D54106
Certificate serial: 02
Authority key identifier: 1C:A3:6D:CF:C3:C0:43:33:F8:83:B8:35:F2:C8:DD:D0:25:D5:41:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/7FD328F0623011F080AE2931C4F9AE02.roa
Signing time: Wed 16 Jul 2025 10:34:49 +0000
ROA not before: Wed 16 Jul 2025 10:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 153689
IP address blocks: 163.223.80.0/23 maxlen: 23
163.223.80.0/24 maxlen: 24
163.223.81.0/24 maxlen: 24
2001:df5:3840::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 24 Aug 2025 10:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9142F59, serialNumber=1CA36DCFC3C04333F883B835F2C8DDD025D54106
Validity
Not Before: Jul 16 10:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68778049-ee02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:04:a1:65:9b:f4:18:99:cc:70:84:8d:af:
da:a3:fd:60:9c:c9:46:8f:e1:e5:ca:73:21:2e:b4:
47:33:79:68:5e:96:ef:e8:61:90:e5:6a:62:90:66:
5f:0e:05:2a:2c:be:18:9a:39:eb:d9:76:cc:5c:e2:
d3:61:e2:f8:8a:5a:21:69:26:4a:e1:4f:9a:14:e3:
09:dc:10:1b:7f:2b:20:6b:78:f1:6c:6b:f2:1b:39:
99:9e:08:99:98:6f:dd:ca:0a:c6:a5:74:6f:08:d4:
88:33:46:4d:47:1f:53:c6:ce:b6:08:aa:e0:60:3d:
fe:59:07:b8:9f:18:7b:7c:89:8e:38:f5:12:b3:94:
64:88:b1:cc:b8:06:be:42:0a:38:b5:cb:8a:7f:5b:
21:2f:b0:7c:d8:c5:cf:e2:61:bb:e3:03:70:e7:8d:
da:9f:35:93:0c:a1:03:3d:30:0c:ba:d8:df:9a:bf:
43:e4:7f:2a:bd:a2:a8:ec:d3:bc:1a:3a:13:f4:1a:
64:8c:f9:77:1c:9c:37:b0:2c:29:ce:a0:cf:50:4b:
1e:5e:1c:a3:22:ff:1d:b9:ca:70:81:43:3e:60:fc:
29:d4:86:41:19:69:05:5f:05:a6:43:83:bb:14:05:
4f:7c:fb:3e:20:fb:ad:7a:4b:c0:1a:e7:0c:8d:bc:
0c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:6E:61:52:DA:9A:E0:11:4A:70:E5:71:8D:3E:80:80:B5:0E:DD:94
X509v3 Authority Key Identifier:
keyid:1C:A3:6D:CF:C3:C0:43:33:F8:83:B8:35:F2:C8:DD:D0:25:D5:41:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/7FD328F0623011F080AE2931C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.80.0/23
IPv6:
2001:df5:3840::/48
Signature Algorithm: sha256WithRSAEncryption
ab:c5:6f:a8:34:ed:f9:48:f4:1e:61:cc:d1:95:2b:ac:b3:48:
a2:dd:cb:1f:57:c5:ff:34:70:d3:75:b2:45:d9:38:7f:fb:df:
f8:6c:65:3e:ba:12:cf:fe:3f:69:b0:23:fb:7b:f0:1e:7e:9d:
d9:df:de:5a:40:8e:aa:cb:8f:df:af:9c:ae:9f:64:eb:5e:81:
68:63:5a:83:d3:fd:db:d8:15:ef:b6:08:64:93:0c:de:22:16:
8e:5e:c3:2c:b1:6a:a5:ee:b4:2e:86:db:fd:ad:a3:60:7b:07:
ba:d5:aa:f6:35:7c:e0:1c:e0:74:9f:08:cf:12:3b:9c:05:cf:
5d:33:8b:82:5f:33:16:31:3c:90:45:91:b8:a3:6b:bf:4a:dc:
06:33:4a:2d:66:5e:b1:49:ba:2f:34:a3:e1:61:3b:89:f1:7f:
10:d9:ca:11:24:af:6b:65:3f:90:29:6a:9b:a6:50:21:f0:54:
7e:67:5c:0d:0b:a6:68:16:95:43:86:04:9e:c9:83:9a:f8:da:
b5:4e:d3:30:f2:c2:b0:1c:d6:54:4c:ab:da:43:df:9e:3f:94:
bd:b0:6e:25:7c:f9:2c:fa:80:76:b9:a7:92:17:7f:35:75:12:
6f:fc:c5:68:ed:63:29:37:3a:1b:e7:83:58:5b:d0:fd:fd:56:
5c:ce:56:a0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MkY1OTExMC8GA1UEBRMoMUNBMzZEQ0ZDM0MwNDMzM0Y4ODNCODM1RjJDOERERDAy
NUQ1NDEwNjAeFw0yNTA3MTYxMDM0NDlaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4Nzc4MDQ5LWVlMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvUgShZZv0GJnMcISNr9qj/WCcyUaP4eXKcyEutEczeWhelu/oYZDlamKQZl8O
BSosvhiaOevZdsxc4tNh4viKWiFpJkrhT5oU4wncEBt/KyBrePFsa/IbOZmeCJmY
b93KCsaldG8I1IgzRk1HH1PGzrYIquBgPf5ZB7ifGHt8iY449RKzlGSIscy4Br5C
Cji1y4p/WyEvsHzYxc/iYbvjA3DnjdqfNZMMoQM9MAy62N+av0Pkfyq9oqjs07wa
OhP0GmSM+XccnDewLCnOoM9QSx5eHKMi/x25ynCBQz5g/CnUhkEZaQVfBaZDg7sU
BU98+z4g+616S8Aa5wyNvAw7AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUx25hUtqa
4BFKcOVxjT6AgLUO3ZQwHwYDVR0jBBgwFoAUHKNtz8PAQzP4g7g18sjd0CXVQQYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyRjU5LzA1MjZENjJFNjIz
MDExRjBBMDIwNzYzMEM0RjlBRTAyL0hLTnR6OFBBUXpQNGc3ZzE4c2pkMENYVlFR
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSEtOdHo4UEFRelA0ZzdnMThzamQwQ1hWUVFZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MkY1OS8wNTI2RDYyRTYyMzAxMUYwQTAyMDc2MzBDNEY5QUUwMi83RkQzMjhGMDYy
MzAxMUYwODBBRTI5MzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAaPfUDAPBAIAAjAJAwcAIAEN9ThAMA0GCSqGSIb3DQEBCwUA
A4IBAQCrxW+oNO35SPQeYczRlSuss0ii3csfV8X/NHDTdbJF2Th/+9/4bGU+uhLP
/j9psCP7e/Aefp3Z395aQI6qy4/fr5yun2TrXoFoY1qD0/3b2BXvtghkkwzeIhaO
XsMssWql7rQuhtv9raNgewe61ar2NXzgHOB0nwjPEjucBc9dM4uCXzMWMTyQRZG4
o2u/StwGM0otZl6xSbovNKPhYTuJ8X8Q2coRJK9rZT+QKWqbplAh8FR+Z1wNC6Zo
FpVDhgSeyYOa+Nq1TtMw8sKwHNZUTKvaQ9+eP5S9sG4lfPks+oB2uaeSF381dRJv
/MVo7WMpNzob54NYW9D9/VZczlag
-----END CERTIFICATE-----
Generated at Sun Aug 24 12:08:15 2025 by rpki-client