Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA449/401790FC073C11EF8D1DB056C4F9AE02/47037838268311F097764555C4F9AE02.roa
File: 47037838268311F097764555C4F9AE02.roa (raw, json)
Hash identifier: tdnNsEHRFgAAjnu4SjzxWctHbbyBnVo8akRM6PaccxI=
Subject key identifier: 63:56:69:60:82:CF:D2:A8:B0:77:83:5A:30:F9:B0:82:40:15:4E:A1
Certificate issuer: /CN=A91EA449/serialNumber=6F65A0C92260B1ADA23187B29BAC3BEADAC05661
Certificate serial: C8
Authority key identifier: 6F:65:A0:C9:22:60:B1:AD:A2:31:87:B2:9B:AC:3B:EA:DA:C0:56:61
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b2WgySJgsa2iMYeym6w76trAVmE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA449/401790FC073C11EF8D1DB056C4F9AE02/47037838268311F097764555C4F9AE02.roa
Signing time: Thu 01 May 2025 11:56:12 +0000
ROA not before: Thu 01 May 2025 11:56:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 209178
IP address blocks: 203.21.95.0/24 maxlen: 24
203.27.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 13:59:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200 (0xc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA449, serialNumber=6F65A0C92260B1ADA23187B29BAC3BEADAC05661
Validity
Not Before: May 1 11:56:12 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6813615c-cad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:19:76:71:50:e1:b9:77:e9:2f:99:ea:bb:f0:
6e:ac:54:e7:35:0c:30:90:98:6e:8c:fd:1e:9d:c9:
96:f3:46:35:d1:d8:68:5f:0e:5a:e6:ca:31:15:ff:
cb:42:2e:20:ac:c2:37:6b:1f:57:62:a1:87:a7:e4:
65:95:85:53:d1:05:2d:55:6c:dc:b3:98:96:b5:85:
31:68:12:10:cf:17:60:56:a8:3b:47:c7:70:5e:fc:
1f:fd:ab:9b:0b:6f:a7:fe:9c:87:14:d1:6e:72:15:
88:f3:e1:9d:7c:31:f0:74:56:8f:be:e9:b4:b7:e2:
0f:b3:61:1f:94:4c:ee:e4:7d:5a:e5:d0:53:f4:a4:
4a:bc:b6:9b:c0:bd:d3:32:9f:63:d6:18:de:07:65:
43:f7:60:ca:d9:51:7c:1e:fb:17:48:1c:7b:b5:71:
8e:11:14:8b:62:3a:ba:35:18:4d:88:9c:9a:1a:2f:
30:e6:25:d2:a9:f0:f7:e1:bf:5f:e1:f3:35:59:0e:
42:eb:02:cf:64:d2:db:53:46:b3:3d:5b:3d:b2:d3:
54:8a:b4:b2:69:c2:f0:0d:ad:2f:2d:4d:5c:97:24:
c8:ee:a1:7e:00:85:56:0e:4c:00:bb:19:b6:f3:f9:
ff:e8:96:54:54:47:65:dc:25:15:77:da:15:26:79:
88:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:56:69:60:82:CF:D2:A8:B0:77:83:5A:30:F9:B0:82:40:15:4E:A1
X509v3 Authority Key Identifier:
keyid:6F:65:A0:C9:22:60:B1:AD:A2:31:87:B2:9B:AC:3B:EA:DA:C0:56:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA449/401790FC073C11EF8D1DB056C4F9AE02/b2WgySJgsa2iMYeym6w76trAVmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b2WgySJgsa2iMYeym6w76trAVmE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA449/401790FC073C11EF8D1DB056C4F9AE02/47037838268311F097764555C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.21.95.0/24
203.27.70.0/24
Signature Algorithm: sha256WithRSAEncryption
50:0b:f5:00:ab:76:4a:e5:f2:d0:ce:f8:68:cf:42:3b:20:cf:
81:c3:31:1f:ff:0a:f6:10:52:5c:47:26:86:57:01:c5:fc:6f:
df:57:7c:54:76:8f:65:5e:4d:99:82:cf:f1:76:48:19:36:12:
c9:35:98:6f:ef:e9:2d:7b:5d:09:2a:be:9a:87:93:fb:bf:51:
a7:88:2d:fa:8c:a1:d1:d9:e1:af:8e:93:e5:c1:0c:3c:53:c8:
a4:de:3e:38:3b:8d:74:36:70:22:02:f6:ab:4d:e3:37:13:a8:
5e:6e:1e:6a:9d:a5:a9:1a:b7:05:c9:c5:f9:c1:b8:64:ec:22:
9d:47:47:3e:94:3a:76:7e:21:b1:57:aa:4d:bf:01:01:2c:61:
06:15:ea:f7:8b:13:5a:88:cc:6c:f1:9f:12:57:a7:e4:ff:b4:
e6:08:d2:e9:08:2c:8c:36:45:e0:74:a7:a7:c4:51:ea:13:f1:
9a:cd:f1:b8:7e:c5:7b:e6:70:d2:1f:89:ea:fd:ae:8d:b9:4c:
03:ae:33:09:3a:cb:c5:7b:0d:eb:02:d8:42:5c:13:64:c9:4d:
60:50:0f:04:29:f1:83:97:f7:a1:11:e8:48:99:42:a5:1b:2f:
f5:a6:4d:c6:be:58:4b:6a:d5:5c:ff:cd:bf:08:ab:9f:6d:80:
f1:2f:9b:12
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE0NDkxMTAvBgNVBAUTKDZGNjVBMEM5MjI2MEIxQURBMjMxODdCMjlCQUMzQkVB
REFDMDU2NjEwHhcNMjUwNTAxMTE1NjEyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEzNjE1Yy1jYWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApxl2cVDhuXfpL5nqu/BurFTnNQwwkJhujP0encmW80Y10dhoXw5a5soxFf/L
Qi4grMI3ax9XYqGHp+RllYVT0QUtVWzcs5iWtYUxaBIQzxdgVqg7R8dwXvwf/aub
C2+n/pyHFNFuchWI8+GdfDHwdFaPvum0t+IPs2EflEzu5H1a5dBT9KRKvLabwL3T
Mp9j1hjeB2VD92DK2VF8HvsXSBx7tXGOERSLYjq6NRhNiJyaGi8w5iXSqfD34b9f
4fM1WQ5C6wLPZNLbU0azPVs9stNUirSyacLwDa0vLU1clyTI7qF+AIVWDkwAuxm2
8/n/6JZUVEdl3CUVd9oVJnmIjQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGNWaWCC
z9KosHeDWjD5sIJAFU6hMB8GA1UdIwQYMBaAFG9loMkiYLGtojGHspusO+rawFZh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ0OS80MDE3OTBGQzA3
M0MxMUVGOEQxREIwNTZDNEY5QUUwMi9iMldneVNKZ3NhMmlNWWV5bTZ3NzZ0ckFW
bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2IyV2d5U0pnc2EyaU1ZZXltNnc3NnRyQVZtRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE0NDkvNDAxNzkwRkMwNzNDMTFFRjhEMURCMDU2QzRGOUFFMDIvNDcwMzc4Mzgy
NjgzMTFGMDk3NzY0NTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLFV8DBADLG0YwDQYJKoZIhvcNAQELBQADggEBAFAL9QCr
dkrl8tDO+GjPQjsgz4HDMR//CvYQUlxHJoZXAcX8b99XfFR2j2VeTZmCz/F2SBk2
Esk1mG/v6S17XQkqvpqHk/u/UaeILfqModHZ4a+Ok+XBDDxTyKTePjg7jXQ2cCIC
9qtN4zcTqF5uHmqdpakatwXJxfnBuGTsIp1HRz6UOnZ+IbFXqk2/AQEsYQYV6veL
E1qIzGzxnxJXp+T/tOYI0ukILIw2ReB0p6fEUeoT8ZrN8bh+xXvmcNIfier9ro25
TAOuMwk6y8V7DesC2EJcE2TJTWBQDwQp8YOX96ER6EiZQqUbL/WmTca+WEtq1Vz/
zb8Iq59tgPEvmxI=
-----END CERTIFICATE-----
Generated at Wed May 14 11:39:21 2025 by rpki-client