Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/63BFAC32597B11F0B7432C29C4F9AE02.roa
File: 63BFAC32597B11F0B7432C29C4F9AE02.roa (raw, json)
Hash identifier: fwmKG7qfM3rSlgpSxhDwwohUo5BL2w64eoGpfmhjaO8=
Subject key identifier: 84:81:C7:3E:BF:21:27:54:81:36:37:95:54:F3:8F:A5:42:BD:5F:2A
Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial: 0CA1
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/63BFAC32597B11F0B7432C29C4F9AE02.roa
Signing time: Sat 05 Jul 2025 08:38:14 +0000
ROA not before: Sat 05 Jul 2025 08:38:14 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 134371
IP address blocks: 103.62.140.0/22 maxlen: 24
202.136.88.0/22 maxlen: 24
2400:3dc0::/32 maxlen: 32
2400:3dc0::/36 maxlen: 36
2400:3dc0::/44 maxlen: 48
2400:3dc0:10::/44 maxlen: 48
2400:3dc0:2e::/48 maxlen: 48
2400:3dc0:2f::/48 maxlen: 48
2400:3dc0:3e::/48 maxlen: 48
2400:3dc0:3f::/48 maxlen: 48
2400:3dc0:40::/44 maxlen: 47
2400:3dc0:40::/48 maxlen: 48
2400:3dc0:42::/47 maxlen: 48
2400:3dc0:45::/48 maxlen: 48
2400:3dc0:46::/47 maxlen: 48
2400:3dc0:49::/48 maxlen: 48
2400:3dc0:4a::/47 maxlen: 48
2400:3dc0:4c::/48 maxlen: 48
2400:3dc0:4e::/47 maxlen: 48
2400:3dc0:50::/44 maxlen: 47
2400:3dc0:50::/45 maxlen: 48
2400:3dc0:58::/48 maxlen: 48
2400:3dc0:5a::/47 maxlen: 48
2400:3dc0:5c::/46 maxlen: 48
2400:3dc0:60::/44 maxlen: 47
2400:3dc0:60::/46 maxlen: 48
2400:3dc0:64::/48 maxlen: 48
2400:3dc0:66::/47 maxlen: 48
2400:3dc0:68::/47 maxlen: 48
2400:3dc0:6a::/48 maxlen: 48
2400:3dc0:6c::/48 maxlen: 48
2400:3dc0:6e::/47 maxlen: 48
2400:3dc0:89::/48 maxlen: 48
2400:3dc0:100::/48 maxlen: 48
2400:3dc0:101::/48 maxlen: 48
2400:3dc0:140::/48 maxlen: 48
2400:3dc0:200::/48 maxlen: 48
2400:3dc0:201::/48 maxlen: 48
2400:3dc0:300::/48 maxlen: 48
2400:3dc0:400::/48 maxlen: 48
2400:3dc0:500::/48 maxlen: 48
2400:3dc0:600::/48 maxlen: 48
2400:3dc0:700::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 05 Jul 2025 09:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3233 (0xca1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D75C, serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Validity
Not Before: Jul 5 08:38:14 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=6868e476-b63d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5e:05:0b:30:aa:34:79:28:36:d7:36:79:87:
56:83:67:02:ba:f7:ec:4d:a5:64:45:f7:74:3d:f8:
4c:b3:7e:e2:a4:f8:4d:96:28:05:d3:bd:dd:21:a1:
c5:a2:3b:4c:3e:bc:6e:3a:b9:d9:df:79:2b:9c:fd:
33:c8:ed:08:49:da:1c:fe:c4:08:7c:22:cf:63:01:
12:3e:a9:20:2d:aa:d4:8e:77:ec:dc:62:e3:e4:0a:
10:cc:22:e9:1f:ef:d9:25:50:75:df:6c:60:1c:62:
a3:06:6d:6c:de:a4:51:f0:6b:9b:00:71:51:37:c1:
d6:8d:dc:f2:77:98:8b:60:31:be:2f:a6:d7:a9:30:
26:7a:89:23:24:4e:81:13:a8:f4:56:1d:bc:aa:8d:
b3:08:ab:ce:c2:94:3c:c1:1b:62:bf:c7:2b:b6:22:
4d:ce:80:35:38:3f:fb:1a:ed:c9:3d:d8:b1:a8:e4:
21:64:c4:09:0f:c0:29:e7:f6:b3:c7:ab:f6:f5:6e:
77:01:96:47:66:2c:cc:dd:9d:34:f6:e6:8a:44:41:
85:66:4c:84:b1:e7:80:9f:1c:94:25:7e:66:77:b6:
dd:22:2b:05:cd:d7:6b:3b:ff:72:f5:1c:3b:f8:f4:
82:8f:a7:61:b0:0a:41:88:24:dc:f9:7e:e3:80:f7:
08:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:81:C7:3E:BF:21:27:54:81:36:37:95:54:F3:8F:A5:42:BD:5F:2A
X509v3 Authority Key Identifier:
keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/63BFAC32597B11F0B7432C29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.62.140.0/22
202.136.88.0/22
IPv6:
2400:3dc0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:1d:07:3f:32:11:05:a0:58:2b:2c:86:70:39:07:99:da:44:
ee:08:82:9a:9a:a3:99:0c:28:1d:fe:b6:dd:33:3d:d4:98:d2:
09:58:45:04:6b:8f:87:d1:d6:c9:d1:49:ea:e7:da:69:4b:32:
5d:f3:fe:9c:e1:26:65:1d:64:01:15:3d:01:e3:84:ca:3a:81:
ae:c2:95:cd:a5:5b:61:e0:0e:37:3e:3d:81:3d:6d:71:a2:68:
77:ae:1c:01:55:02:35:29:2a:bb:3c:2b:4b:05:94:18:a4:de:
f0:b9:76:ab:0d:48:0a:91:ae:6e:31:61:46:61:60:83:5f:51:
9c:c3:5c:79:fc:be:47:2a:e3:06:fe:3e:d4:50:93:b6:3c:9f:
b2:d3:ea:72:95:3b:89:cf:07:2b:57:fb:4f:61:bc:01:10:0f:
90:5b:fb:ce:27:7c:31:23:29:6a:e0:cd:bb:9f:76:bd:2f:9a:
e7:8d:4e:a0:a0:c5:cb:3b:9f:66:42:8d:93:92:a2:02:86:f3:
fa:0e:d9:03:eb:32:23:54:42:9b:0c:7f:cd:d1:0b:7b:4b:df:
6d:04:ba:eb:ba:ab:2c:bd:c4:41:90:9a:79:47:dd:43:be:43:
57:41:c4:10:3c:50:94:98:38:ec:54:19:0f:f8:79:15:46:62:
cb:89:de:2b
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwNzA1MDgzODE0WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY4ZTQ3Ni1iNjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAul4FCzCqNHkoNtc2eYdWg2cCuvfsTaVkRfd0PfhMs37ipPhNligF073dIaHF
ojtMPrxuOrnZ33krnP0zyO0ISdoc/sQIfCLPYwESPqkgLarUjnfs3GLj5AoQzCLp
H+/ZJVB132xgHGKjBm1s3qRR8GubAHFRN8HWjdzyd5iLYDG+L6bXqTAmeokjJE6B
E6j0Vh28qo2zCKvOwpQ8wRtiv8crtiJNzoA1OD/7Gu3JPdixqOQhZMQJD8Ap5/az
x6v29W53AZZHZizM3Z009uaKREGFZkyEseeAnxyUJX5md7bdIisFzddrO/9y9Rw7
+PSCj6dhsApBiCTc+X7jgPcIjwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFISBxz6/
ISdUgTY3lVTzj6VCvV8qMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvNjNCRkFDMzI1
OTdCMTFGMEI3NDMyQzI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnPowDBALKiFgwDQQCAAIwBwMFACQAPcAwDQYJKoZIhvcN
AQELBQADggEBAF4dBz8yEQWgWCsshnA5B5naRO4Igpqao5kMKB3+tt0zPdSY0glY
RQRrj4fR1snRSern2mlLMl3z/pzhJmUdZAEVPQHjhMo6ga7Clc2lW2HgDjc+PYE9
bXGiaHeuHAFVAjUpKrs8K0sFlBik3vC5dqsNSAqRrm4xYUZhYINfUZzDXHn8vkcq
4wb+PtRQk7Y8n7LT6nKVO4nPBytX+09hvAEQD5Bb+84nfDEjKWrgzbufdr0vmueN
TqCgxcs7n2ZCjZOSogKG8/oO2QPrMiNUQpsMf83RC3tL320Euuu6qyy9xEGQmnlH
3UO+Q1dBxBA8UJSYOOxUGQ/4eRVGYsuJ3is=
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:15:00 2025 by rpki-client