Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/96BF84D621A411F0AC5C0C24C4F9AE02.roa
File: 96BF84D621A411F0AC5C0C24C4F9AE02.roa (raw, json)
Hash identifier: 798NxIqDDFl6KrkCTp1VY6O+JV8in8IvqJ86we9gpvc=
Subject key identifier: 8D:FA:AF:B2:69:AD:00:9F:99:2A:53:BD:13:2F:FE:79:C8:EF:58:45
Certificate issuer: /CN=A91DD4A6/serialNumber=17004AA33105B0A0E6D3EB4E47C513063D92CEC2
Certificate serial: 0418
Authority key identifier: 17:00:4A:A3:31:05:B0:A0:E6:D3:EB:4E:47:C5:13:06:3D:92:CE:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/96BF84D621A411F0AC5C0C24C4F9AE02.roa
Signing time: Sun 27 Apr 2025 00:35:07 +0000
ROA not before: Sun 27 Apr 2025 00:35:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56209
IP address blocks: 202.47.112.0/21 maxlen: 21
202.47.112.0/24 maxlen: 24
202.47.113.0/24 maxlen: 24
202.47.114.0/24 maxlen: 24
202.47.115.0/24 maxlen: 24
202.47.116.0/24 maxlen: 24
202.47.117.0/24 maxlen: 24
202.47.118.0/24 maxlen: 24
202.47.119.0/24 maxlen: 24
202.71.0.0/23 maxlen: 23
202.71.0.0/24 maxlen: 24
202.71.1.0/24 maxlen: 24
202.71.2.0/23 maxlen: 23
202.71.2.0/24 maxlen: 24
202.71.3.0/24 maxlen: 24
2406:2100::/32 maxlen: 32
2406:2100::/48 maxlen: 48
2406:2100:1::/48 maxlen: 48
2406:2100:2::/48 maxlen: 48
2406:2100:3::/48 maxlen: 48
2406:2100:4::/48 maxlen: 48
2406:2100:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 May 2025 10:32:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1048 (0x418)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD4A6, serialNumber=17004AA33105B0A0E6D3EB4E47C513063D92CEC2
Validity
Not Before: Apr 27 00:35:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=680d7bbb-6aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0f:30:8e:dc:92:36:1f:10:2b:d0:90:60:04:
ad:d5:ed:49:78:aa:50:00:ac:f6:fd:b0:13:e8:f1:
ed:dd:86:6f:33:20:63:f4:e2:6c:30:d1:8c:70:5a:
18:08:e7:aa:c9:37:b9:53:a9:fc:df:ea:3a:5c:07:
2e:26:a0:77:a9:71:5a:8a:43:2a:54:d9:ee:79:18:
2f:8c:b8:9c:ae:a9:80:c4:90:f4:51:5c:5d:7d:23:
53:4b:e9:0c:d0:3d:cb:1a:17:b8:53:1c:69:f1:1d:
d0:31:be:73:e3:2d:69:2d:0d:f0:23:f2:46:6c:ec:
8e:10:cc:19:d1:08:cc:95:eb:a5:aa:6d:be:56:ad:
6c:7a:a6:21:a4:5d:e5:85:06:df:d0:f4:2a:0e:94:
43:e3:ff:74:dd:42:9d:01:e8:65:93:a4:2c:9e:8f:
c7:9d:95:b6:dc:a7:70:4a:77:4b:95:0f:88:ba:0c:
77:b1:a7:57:2d:9c:d3:f5:4e:a9:ce:83:af:96:18:
28:4d:89:da:50:99:5c:2d:60:9d:93:b8:46:aa:3c:
8d:77:02:84:85:60:99:0a:11:4d:b7:1a:4c:87:b2:
be:92:30:b4:91:3d:79:66:05:ab:62:e3:36:07:8d:
47:a0:1a:0f:c4:9b:d3:6a:f8:4d:fc:89:c6:d9:14:
35:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FA:AF:B2:69:AD:00:9F:99:2A:53:BD:13:2F:FE:79:C8:EF:58:45
X509v3 Authority Key Identifier:
keyid:17:00:4A:A3:31:05:B0:A0:E6:D3:EB:4E:47:C5:13:06:3D:92:CE:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/FwBKozEFsKDm0-tOR8UTBj2SzsI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/96BF84D621A411F0AC5C0C24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.47.112.0/21
202.71.0.0/22
IPv6:
2406:2100::/32
Signature Algorithm: sha256WithRSAEncryption
38:0e:d3:26:1b:58:90:f6:18:10:72:34:d0:18:cd:a8:65:b3:
82:87:a7:e9:21:3e:77:fc:42:27:76:a9:8d:d2:f3:5a:0a:39:
2b:31:8b:8e:3b:b3:ac:bf:1d:e9:63:d6:d2:b1:50:5e:35:66:
e3:3d:3a:b7:38:f3:6f:86:f4:81:e4:b9:fd:77:c0:bd:1c:e1:
73:65:24:c0:22:60:03:12:ed:53:58:df:ed:54:5a:0c:32:3d:
f2:c9:3e:bc:69:5c:b0:fd:29:83:8a:4d:eb:98:59:18:df:11:
24:af:cb:88:dc:dc:a6:57:24:26:82:47:dc:42:d4:c6:8d:4f:
ff:29:01:63:fd:d5:29:31:1a:13:36:de:75:a6:cf:57:5a:ec:
01:a2:94:15:61:54:fc:97:aa:46:a4:28:5f:80:56:51:df:40:
45:70:29:e3:19:e6:a4:bb:32:51:f2:98:42:f8:76:5c:6a:5a:
8e:84:71:eb:32:ee:83:5d:e4:92:c9:3e:eb:77:b9:ce:0d:32:
af:af:3c:ce:85:c1:2c:bb:fc:ec:bc:29:b3:af:4c:3c:87:d8:
fc:25:6d:bc:11:ef:04:5e:a5:0f:31:37:98:78:49:c1:cf:68:
cc:e6:c0:87:d7:a3:fb:31:21:c7:26:e5:f5:dc:4c:09:90:35:
a2:63:78:03
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBBgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQ0QTYxMTAvBgNVBAUTKDE3MDA0QUEzMzEwNUIwQTBFNkQzRUI0RTQ3QzUxMzA2
M0Q5MkNFQzIwHhcNMjUwNDI3MDAzNTA3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODBkN2JiYi02YWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtw8wjtySNh8QK9CQYASt1e1JeKpQAKz2/bAT6PHt3YZvMyBj9OJsMNGMcFoY
COeqyTe5U6n83+o6XAcuJqB3qXFaikMqVNnueRgvjLicrqmAxJD0UVxdfSNTS+kM
0D3LGhe4Uxxp8R3QMb5z4y1pLQ3wI/JGbOyOEMwZ0QjMleulqm2+Vq1seqYhpF3l
hQbf0PQqDpRD4/903UKdAehlk6Qsno/HnZW23KdwSndLlQ+Iugx3sadXLZzT9U6p
zoOvlhgoTYnaUJlcLWCdk7hGqjyNdwKEhWCZChFNtxpMh7K+kjC0kT15ZgWrYuM2
B41HoBoPxJvTavhN/InG2RQ12QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI36r7Jp
rQCfmSpTvRMv/nnI71hFMB8GA1UdIwQYMBaAFBcASqMxBbCg5tPrTkfFEwY9ks7C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDRBNi82QTU5NjlBODdF
OTUxMUVDODJFRTUyMEFDNEY5QUUwMi9Gd0JLb3pFRnNLRG0wLXRPUjhVVEJqMlN6
c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Z3QktvekVGc0tEbTAtdE9SOFVUQmoyU3pzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQ0QTYvNkE1OTY5QTg3RTk1MTFFQzgyRUU1MjBBQzRGOUFFMDIvOTZCRjg0RDYy
MUE0MTFGMEFDNUMwQzI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAPKL3ADBALKRwAwDQQCAAIwBwMFACQGIQAwDQYJKoZIhvcN
AQELBQADggEBADgO0yYbWJD2GBByNNAYzahls4KHp+khPnf8Qid2qY3S81oKOSsx
i447s6y/Helj1tKxUF41ZuM9Orc482+G9IHkuf13wL0c4XNlJMAiYAMS7VNY3+1U
WgwyPfLJPrxpXLD9KYOKTeuYWRjfESSvy4jc3KZXJCaCR9xC1MaNT/8pAWP91Skx
GhM23nWmz1da7AGilBVhVPyXqkakKF+AVlHfQEVwKeMZ5qS7MlHymEL4dlxqWo6E
cesy7oNd5JLJPut3uc4NMq+vPM6FwSy7/Oy8KbOvTDyH2PwlbbwR7wRepQ8xN5h4
ScHPaMzmwIfXo/sxIccm5fXcTAmQNaJjeAM=
-----END CERTIFICATE-----
Generated at Tue May 13 02:23:42 2025 by rpki-client