Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919337F/1E17E01CF25411E9AD3BFB61C4F9AE02/D0566D20F25411E9AEDBEA62C4F9AE02.roa
File: D0566D20F25411E9AEDBEA62C4F9AE02.roa (raw, json)
Hash identifier: Wkoa8W4YjS27rq3Mjj7s2L51PaT7aZqebGL+P7PCBi4=
Subject key identifier: 53:E0:F7:3D:ED:14:CA:09:18:FF:7C:74:C5:AC:81:36:3F:35:31:62
Certificate issuer: /CN=A919337F/serialNumber=33740622DF86B3BFE7BF4ABD5DF1361587F03912
Certificate serial: 0CA7
Authority key identifier: 33:74:06:22:DF:86:B3:BF:E7:BF:4A:BD:5D:F1:36:15:87:F0:39:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M3QGIt-Gs7_nv0q9XfE2FYfwORI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919337F/1E17E01CF25411E9AD3BFB61C4F9AE02/D0566D20F25411E9AEDBEA62C4F9AE02.roa
Signing time: Thu 08 May 2025 22:09:45 +0000
ROA not before: Thu 08 May 2025 22:09:45 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 139623
IP address blocks: 103.93.232.0/22 maxlen: 24
103.142.158.0/23 maxlen: 23
2405:3cc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 09 May 2025 11:33:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3239 (0xca7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919337F, serialNumber=33740622DF86B3BFE7BF4ABD5DF1361587F03912
Validity
Not Before: May 8 22:09:45 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=681d2ba9-5a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bf:80:57:de:35:7b:2a:88:ba:bc:08:f5:fa:
7d:21:44:7d:0a:ab:d0:9f:50:ce:c0:18:95:30:a8:
12:ee:13:69:cf:f2:89:4e:c4:ff:31:3b:3f:90:f5:
c3:f7:f5:0d:6e:dc:3d:1c:bd:a3:ed:7a:7e:6f:05:
36:cb:17:58:37:f3:1d:f9:a2:72:02:2e:56:76:2c:
eb:85:f7:30:a7:0c:1c:12:95:d9:60:89:c2:cb:2b:
5f:1c:35:f6:9d:e2:d4:16:ba:cd:6c:17:ab:2e:f9:
fc:0f:a8:28:69:81:7e:d2:fb:d9:49:90:2c:f1:25:
12:72:f9:a4:6d:c2:0a:df:a8:06:6e:dd:13:22:57:
87:50:b4:5d:e4:73:7b:89:36:e3:63:ea:5f:3f:9b:
0c:05:bf:d6:e8:f0:1f:03:5c:ec:db:ba:5a:56:bc:
d2:25:73:e9:f4:94:40:14:58:3b:f8:49:61:bd:2e:
5b:3c:49:5e:9d:ae:b2:8f:3c:a1:54:53:18:1c:86:
5a:9f:cf:d4:da:73:1c:a7:0c:a8:ef:c9:0c:d9:c1:
1a:1f:0b:8f:b1:26:1f:df:86:87:34:6f:82:7c:49:
64:74:4b:91:4f:d0:6c:86:8c:0b:e1:d4:42:a8:5f:
d6:19:ce:d5:d1:54:bc:ff:65:41:9c:a6:ba:26:63:
d8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E0:F7:3D:ED:14:CA:09:18:FF:7C:74:C5:AC:81:36:3F:35:31:62
X509v3 Authority Key Identifier:
keyid:33:74:06:22:DF:86:B3:BF:E7:BF:4A:BD:5D:F1:36:15:87:F0:39:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919337F/1E17E01CF25411E9AD3BFB61C4F9AE02/M3QGIt-Gs7_nv0q9XfE2FYfwORI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M3QGIt-Gs7_nv0q9XfE2FYfwORI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919337F/1E17E01CF25411E9AD3BFB61C4F9AE02/D0566D20F25411E9AEDBEA62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.232.0/22
103.142.158.0/23
IPv6:
2405:3cc0::/32
Signature Algorithm: sha256WithRSAEncryption
11:43:91:67:97:4e:90:09:68:9c:ca:b6:00:d1:a4:d7:f1:33:
64:44:dc:f9:74:91:68:14:2e:9c:2a:0d:3a:1d:d9:20:23:41:
c3:35:6e:07:32:b7:8d:51:24:84:a1:17:c5:ca:c8:50:5b:35:
e9:e2:4e:62:78:65:cf:e8:71:4d:db:5c:cc:9a:d2:22:4c:16:
ae:fc:0b:09:ad:cb:c5:0b:4f:96:0d:70:50:84:39:f0:9e:e0:
6d:55:86:8b:81:d1:55:1f:4d:9c:68:46:66:07:00:0e:aa:6a:
0e:64:22:33:73:2b:ec:a4:50:fc:02:44:33:69:08:4d:fa:5c:
31:87:b5:06:c8:4b:df:49:76:fc:51:71:b4:02:4d:89:fa:1c:
1a:3c:a4:e5:b2:6f:df:d5:d2:9c:82:8c:09:81:b4:09:c4:6e:
0e:21:7b:b9:68:a1:ab:04:de:8c:74:0d:bb:3f:29:03:21:7d:
94:b5:d9:fa:b8:56:26:35:c6:d9:c8:26:18:47:d8:62:d9:85:
4e:cb:7e:b0:0d:bd:34:d8:cb:80:f9:f9:d7:56:99:90:b3:07:
ea:9e:59:37:88:64:77:31:1c:8d:d4:d3:d2:52:5d:0d:c1:16:
e8:9f:35:0e:44:68:50:34:63:67:30:4a:8b:fa:69:68:81:9f:
c5:fa:8c:eb
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTMzN0YxMTAvBgNVBAUTKDMzNzQwNjIyREY4NkIzQkZFN0JGNEFCRDVERjEzNjE1
ODdGMDM5MTIwHhcNMjUwNTA4MjIwOTQ1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODFkMmJhOS01YTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwL+AV941eyqIurwI9fp9IUR9CqvQn1DOwBiVMKgS7hNpz/KJTsT/MTs/kPXD
9/UNbtw9HL2j7Xp+bwU2yxdYN/Md+aJyAi5WdizrhfcwpwwcEpXZYInCyytfHDX2
neLUFrrNbBerLvn8D6goaYF+0vvZSZAs8SUScvmkbcIK36gGbt0TIleHULRd5HN7
iTbjY+pfP5sMBb/W6PAfA1zs27paVrzSJXPp9JRAFFg7+ElhvS5bPElena6yjzyh
VFMYHIZan8/U2nMcpwyo78kM2cEaHwuPsSYf34aHNG+CfElkdEuRT9BshowL4dRC
qF/WGc7V0VS8/2VBnKa6JmPYywIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFPg9z3t
FMoJGP98dMWsgTY/NTFiMB8GA1UdIwQYMBaAFDN0BiLfhrO/579KvV3xNhWH8DkS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzM3Ri8xRTE3RTAxQ0Yy
NTQxMUU5QUQzQkZCNjFDNEY5QUUwMi9NM1FHSXQtR3M3X252MHE5WGZFMkZZZndP
UkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL00zUUdJdC1HczdfbnYwcTlYZkUyRllmd09SSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTMzN0YvMUUxN0UwMUNGMjU0MTFFOUFEM0JGQjYxQzRGOUFFMDIvRDA1NjZEMjBG
MjU0MTFFOUFFREJFQTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnXegDBAFnjp4wDQQCAAIwBwMFACQFPMAwDQYJKoZIhvcN
AQELBQADggEBABFDkWeXTpAJaJzKtgDRpNfxM2RE3Pl0kWgULpwqDTod2SAjQcM1
bgcyt41RJIShF8XKyFBbNeniTmJ4Zc/ocU3bXMya0iJMFq78Cwmty8ULT5YNcFCE
OfCe4G1VhouB0VUfTZxoRmYHAA6qag5kIjNzK+ykUPwCRDNpCE36XDGHtQbIS99J
dvxRcbQCTYn6HBo8pOWyb9/V0pyCjAmBtAnEbg4he7looasE3ox0Dbs/KQMhfZS1
2fq4ViY1xtnIJhhH2GLZhU7LfrANvTTYy4D5+ddWmZCzB+qeWTeIZHcxHI3U09JS
XQ3BFuifNQ5EaFA0Y2cwSov6aWiBn8X6jOs=
-----END CERTIFICATE-----
Generated at Fri May 16 22:32:10 2025 by rpki-client