Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/CF04CF4E55DA11F09853590FC4F9AE02.roa
File: CF04CF4E55DA11F09853590FC4F9AE02.roa (raw, json)
Hash identifier: 9U72Wq99uF2uxMLx3L300O+HHcjMJFqCEAsDUUIzmHE=
Subject key identifier: 02:FE:1B:6E:1B:47:D6:0D:D6:96:B5:70:D6:16:11:DA:66:99:0F:E2
Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial: 0C7F
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/CF04CF4E55DA11F09853590FC4F9AE02.roa
Signing time: Mon 30 Jun 2025 17:51:11 +0000
ROA not before: Mon 30 Jun 2025 17:51:11 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 134371
IP address blocks: 103.62.140.0/22 maxlen: 24
202.136.88.0/22 maxlen: 24
2400:3dc0::/32 maxlen: 32
2400:3dc0::/36 maxlen: 36
2400:3dc0::/44 maxlen: 48
2400:3dc0:10::/44 maxlen: 48
2400:3dc0:2e::/48 maxlen: 48
2400:3dc0:2f::/48 maxlen: 48
2400:3dc0:3e::/48 maxlen: 48
2400:3dc0:3f::/48 maxlen: 48
2400:3dc0:40::/44 maxlen: 45
2400:3dc0:40::/46 maxlen: 48
2400:3dc0:44::/47 maxlen: 48
2400:3dc0:46::/47 maxlen: 48
2400:3dc0:48::/45 maxlen: 48
2400:3dc0:50::/44 maxlen: 47
2400:3dc0:50::/45 maxlen: 48
2400:3dc0:58::/48 maxlen: 48
2400:3dc0:5a::/47 maxlen: 48
2400:3dc0:5c::/46 maxlen: 48
2400:3dc0:60::/44 maxlen: 47
2400:3dc0:60::/45 maxlen: 48
2400:3dc0:68::/46 maxlen: 48
2400:3dc0:6c::/48 maxlen: 48
2400:3dc0:6e::/47 maxlen: 48
2400:3dc0:89::/48 maxlen: 48
2400:3dc0:100::/48 maxlen: 48
2400:3dc0:101::/48 maxlen: 48
2400:3dc0:140::/48 maxlen: 48
2400:3dc0:200::/48 maxlen: 48
2400:3dc0:201::/48 maxlen: 48
2400:3dc0:300::/48 maxlen: 48
2400:3dc0:400::/48 maxlen: 48
2400:3dc0:500::/48 maxlen: 48
2400:3dc0:600::/48 maxlen: 48
2400:3dc0:700::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 01 Jul 2025 06:40:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3199 (0xc7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D75C, serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Validity
Not Before: Jun 30 17:51:11 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6862ce8f-38db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:30:64:ba:49:bb:6a:f6:f1:c1:35:7d:d6:cf:
d1:94:ec:98:7e:6c:df:77:0f:5e:cb:6b:53:be:c7:
8b:c7:41:8a:fa:d3:76:29:d1:c3:55:d2:4e:cf:8f:
60:9f:b7:f6:d9:c7:07:a7:33:76:0d:85:bf:54:85:
19:d3:ca:16:1b:2a:5b:9d:de:ab:10:c2:1a:20:e6:
e2:37:c2:ca:0f:3d:f4:e2:e8:51:a1:74:0c:88:e6:
06:4e:fc:5d:b2:45:b5:4e:a5:e0:f2:56:72:9c:2a:
c7:ee:dd:71:cb:64:82:3c:eb:40:40:cf:9b:d3:a5:
09:75:28:c9:ed:df:f2:69:9a:87:99:1a:f2:51:53:
71:54:1f:45:f0:31:c4:70:d3:19:1d:a0:f6:77:30:
61:c1:83:e7:5e:99:01:52:df:60:7f:05:3c:95:c8:
59:5c:d6:f3:62:0b:d2:0e:ae:30:be:00:e4:9c:69:
35:dc:f9:32:a7:5f:87:8a:6a:7f:62:db:97:13:66:
d2:31:35:d7:b5:c2:4b:95:93:ee:09:21:37:2d:d4:
df:37:0f:d6:6d:d1:59:f5:ae:86:b4:39:fc:61:b7:
c3:d3:b9:8a:bc:35:4b:79:0d:92:6e:39:ad:bb:1c:
9e:8a:c5:fa:2c:e3:43:33:43:d4:c5:87:e5:01:45:
1f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FE:1B:6E:1B:47:D6:0D:D6:96:B5:70:D6:16:11:DA:66:99:0F:E2
X509v3 Authority Key Identifier:
keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/CF04CF4E55DA11F09853590FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.62.140.0/22
202.136.88.0/22
IPv6:
2400:3dc0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:7c:52:99:c5:13:28:f1:49:bc:a8:b1:d4:da:97:c3:1b:cf:
39:d1:e7:f7:4b:cb:eb:6d:64:be:73:46:a5:ec:c6:79:96:23:
84:57:68:c8:0e:15:e2:e3:7b:64:9f:f2:a2:4f:cc:e8:d3:bf:
15:32:ab:4a:03:2f:e9:bb:00:5d:05:2e:0a:f4:7b:2c:d0:02:
71:c1:08:cc:a0:66:aa:f1:61:97:8a:4d:e8:57:5b:0e:b5:09:
50:09:7d:fb:19:08:8d:23:1f:2d:f8:e2:6e:07:9b:98:73:6d:
d6:f0:84:7e:2a:d9:53:85:97:b6:60:df:69:a3:b0:66:0f:f8:
6d:93:84:94:2c:aa:38:cb:72:ca:6e:9b:64:d2:3c:51:15:72:
39:bb:ff:28:53:7c:91:dc:1c:88:25:f0:49:7b:40:b5:aa:81:
ea:c0:eb:9c:a7:fb:32:f5:b1:6d:77:71:f5:7a:a7:84:8e:56:
c7:55:3e:5d:ab:8a:5c:df:28:0b:54:d1:01:5f:f3:14:6f:7b:
34:56:9d:cb:5f:5e:59:6f:28:c1:9a:e5:b2:db:6e:d3:d9:83:
38:a0:2d:de:01:ce:64:54:8b:5d:a7:a2:ca:76:d2:11:40:1a:
86:47:06:e2:ca:c4:fd:23:da:0c:65:cd:15:b5:01:5e:1f:77:
99:d3:0d:d5
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDH8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwNjMwMTc1MTExWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODYyY2U4Zi0zOGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxDBkukm7avbxwTV91s/RlOyYfmzfdw9ey2tTvseLx0GK+tN2KdHDVdJOz49g
n7f22ccHpzN2DYW/VIUZ08oWGypbnd6rEMIaIObiN8LKDz304uhRoXQMiOYGTvxd
skW1TqXg8lZynCrH7t1xy2SCPOtAQM+b06UJdSjJ7d/yaZqHmRryUVNxVB9F8DHE
cNMZHaD2dzBhwYPnXpkBUt9gfwU8lchZXNbzYgvSDq4wvgDknGk13Pkyp1+Himp/
YtuXE2bSMTXXtcJLlZPuCSE3LdTfNw/WbdFZ9a6GtDn8YbfD07mKvDVLeQ2Sbjmt
uxyeisX6LONDM0PUxYflAUUfKQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAL+G24b
R9YN1pa1cNYWEdpmmQ/iMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvQ0YwNENGNEU1
NURBMTFGMDk4NTM1OTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnPowDBALKiFgwDQQCAAIwBwMFACQAPcAwDQYJKoZIhvcN
AQELBQADggEBAIx8UpnFEyjxSbyosdTal8MbzznR5/dLy+ttZL5zRqXsxnmWI4RX
aMgOFeLje2Sf8qJPzOjTvxUyq0oDL+m7AF0FLgr0eyzQAnHBCMygZqrxYZeKTehX
Ww61CVAJffsZCI0jHy344m4Hm5hzbdbwhH4q2VOFl7Zg32mjsGYP+G2ThJQsqjjL
cspum2TSPFEVcjm7/yhTfJHcHIgl8El7QLWqgerA65yn+zL1sW13cfV6p4SOVsdV
Pl2rilzfKAtU0QFf8xRvezRWnctfXllvKMGa5bLbbtPZgzigLd4BzmRUi12nosp2
0hFAGoZHBuLKxP0j2gxlzRW1AV4fd5nTDdU=
-----END CERTIFICATE-----
Generated at Mon Jul 21 06:58:45 2025 by rpki-client