Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/F13FC2BE5F1011F099EC3676C4F9AE02.roa
File: F13FC2BE5F1011F099EC3676C4F9AE02.roa (raw, json)
Hash identifier: x5AHVZvJg3KWQsYtcJTvwveatQuda/mz5tIy/gdDUzY=
Subject key identifier: A0:5E:13:92:8B:BF:F8:8F:06:D9:B6:00:0A:91:AF:17:6D:AA:1C:44
Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial: 0CC4
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/F13FC2BE5F1011F099EC3676C4F9AE02.roa
Signing time: Sat 12 Jul 2025 11:11:22 +0000
ROA not before: Sat 12 Jul 2025 11:11:22 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 134371
IP address blocks: 103.62.140.0/22 maxlen: 24
202.136.88.0/22 maxlen: 24
2400:3dc0::/32 maxlen: 32
2400:3dc0::/36 maxlen: 36
2400:3dc0::/44 maxlen: 48
2400:3dc0:10::/44 maxlen: 48
2400:3dc0:2e::/48 maxlen: 48
2400:3dc0:2f::/48 maxlen: 48
2400:3dc0:3e::/48 maxlen: 48
2400:3dc0:3f::/48 maxlen: 48
2400:3dc0:40::/44 maxlen: 47
2400:3dc0:40::/48 maxlen: 48
2400:3dc0:43::/48 maxlen: 48
2400:3dc0:45::/48 maxlen: 48
2400:3dc0:46::/48 maxlen: 48
2400:3dc0:49::/48 maxlen: 48
2400:3dc0:4a::/47 maxlen: 48
2400:3dc0:4c::/48 maxlen: 48
2400:3dc0:50::/44 maxlen: 47
2400:3dc0:50::/45 maxlen: 48
2400:3dc0:58::/48 maxlen: 48
2400:3dc0:5a::/47 maxlen: 48
2400:3dc0:5c::/47 maxlen: 48
2400:3dc0:5e::/48 maxlen: 48
2400:3dc0:60::/44 maxlen: 47
2400:3dc0:60::/47 maxlen: 48
2400:3dc0:62::/48 maxlen: 48
2400:3dc0:64::/48 maxlen: 48
2400:3dc0:68::/47 maxlen: 48
2400:3dc0:6a::/48 maxlen: 48
2400:3dc0:6c::/48 maxlen: 48
2400:3dc0:6e::/47 maxlen: 48
2400:3dc0:89::/48 maxlen: 48
2400:3dc0:100::/48 maxlen: 48
2400:3dc0:101::/48 maxlen: 48
2400:3dc0:140::/48 maxlen: 48
2400:3dc0:200::/48 maxlen: 48
2400:3dc0:201::/48 maxlen: 48
2400:3dc0:300::/48 maxlen: 48
2400:3dc0:400::/48 maxlen: 48
2400:3dc0:500::/48 maxlen: 48
2400:3dc0:600::/48 maxlen: 48
2400:3dc0:700::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 13 Jul 2025 15:09:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3268 (0xcc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D75C, serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Validity
Not Before: Jul 12 11:11:22 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=687242da-4344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:69:cd:ca:9e:de:a1:2d:4e:09:37:5e:b1:7f:
1d:5a:b4:7c:7c:13:81:2e:da:86:ac:4b:df:b5:3e:
ce:c7:37:f0:dc:30:d8:4b:ea:5f:fb:c4:2c:e6:9e:
e1:91:87:fe:0c:80:fc:9a:9a:c7:ab:4b:6e:9a:66:
ad:09:cb:df:9d:4b:b4:54:49:8d:a6:76:06:f5:31:
41:67:4c:66:fa:17:77:a1:5b:8b:45:05:2a:37:4a:
5d:3d:fe:9e:39:78:c2:ad:9e:f2:14:f3:62:27:74:
2b:a0:4e:3d:49:0f:98:6e:85:77:fc:77:76:aa:87:
7f:d0:7e:3f:d4:12:ca:ab:ca:6c:49:e6:f3:8f:a8:
83:5a:44:60:58:19:6a:67:cd:fb:00:68:a2:40:e6:
6c:3a:09:ae:30:0d:d3:e8:92:cc:13:59:02:d1:55:
ba:41:04:35:ea:13:1b:63:06:44:21:92:6c:e1:b6:
36:df:70:b4:a4:88:32:11:b3:90:0c:3d:64:74:b1:
24:dc:dc:03:14:42:6c:40:78:24:54:2d:ae:73:5e:
fa:18:8f:21:af:dd:c0:3a:1a:ea:86:ee:76:d6:a9:
ed:ff:4a:96:99:3e:69:9d:3c:b3:09:44:09:e4:f7:
8a:83:68:f0:2b:3b:27:a6:8f:24:81:04:48:40:16:
40:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5E:13:92:8B:BF:F8:8F:06:D9:B6:00:0A:91:AF:17:6D:AA:1C:44
X509v3 Authority Key Identifier:
keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/F13FC2BE5F1011F099EC3676C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.62.140.0/22
202.136.88.0/22
IPv6:
2400:3dc0::/32
Signature Algorithm: sha256WithRSAEncryption
09:53:6c:c8:59:f8:ec:b0:bb:62:85:8e:53:dc:88:f4:e6:7e:
6b:a5:12:a0:0a:8e:8a:87:71:1b:58:76:7f:a9:50:4a:3a:7b:
58:e9:67:4a:ee:b0:5b:dd:9e:9b:07:1e:9c:5d:10:85:4c:f6:
68:0d:44:97:e1:8f:71:50:18:25:db:eb:fe:1c:fc:18:89:45:
2d:40:94:19:0e:e6:85:2b:e9:1d:d5:c7:4f:4b:9a:1c:d1:1e:
b7:f5:6c:27:f3:3f:32:9b:82:71:9d:2d:42:01:c3:54:c8:b8:
98:44:42:24:bf:ee:95:46:c3:94:2e:8a:1f:57:07:b9:b3:8f:
10:17:27:91:c5:5a:c2:74:d5:68:dc:5a:2a:b1:fe:58:8c:5a:
a2:77:05:3d:30:b2:e0:55:ed:75:74:7a:eb:a6:c7:75:3c:3b:
f6:7e:55:20:bf:fe:4b:78:64:cf:93:c7:8f:ef:0c:bd:36:2d:
38:96:c4:e6:71:e6:12:b1:ba:e9:b9:cf:7d:28:4b:32:0b:01:
99:fb:50:c0:a9:11:6d:d7:e8:ef:e8:12:cb:a3:9c:2a:88:8e:
c8:57:97:98:c6:ed:1e:6f:0b:42:35:d4:11:34:8c:ee:24:7b:
b6:07:f3:4c:24:43:d1:3c:e6:9b:1d:bf:18:da:07:85:0d:ac:
53:9b:80:aa
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwNzEyMTExMTIyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODcyNDJkYS00MzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsWnNyp7eoS1OCTdesX8dWrR8fBOBLtqGrEvftT7Oxzfw3DDYS+pf+8Qs5p7h
kYf+DID8mprHq0tummatCcvfnUu0VEmNpnYG9TFBZ0xm+hd3oVuLRQUqN0pdPf6e
OXjCrZ7yFPNiJ3QroE49SQ+YboV3/Hd2qod/0H4/1BLKq8psSebzj6iDWkRgWBlq
Z837AGiiQOZsOgmuMA3T6JLME1kC0VW6QQQ16hMbYwZEIZJs4bY233C0pIgyEbOQ
DD1kdLEk3NwDFEJsQHgkVC2uc176GI8hr93AOhrqhu521qnt/0qWmT5pnTyzCUQJ
5PeKg2jwKzsnpo8kgQRIQBZAvwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKBeE5KL
v/iPBtm2AAqRrxdtqhxEMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvRjEzRkMyQkU1
RjEwMTFGMDk5RUMzNjc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnPowDBALKiFgwDQQCAAIwBwMFACQAPcAwDQYJKoZIhvcN
AQELBQADggEBAAlTbMhZ+Oywu2KFjlPciPTmfmulEqAKjoqHcRtYdn+pUEo6e1jp
Z0rusFvdnpsHHpxdEIVM9mgNRJfhj3FQGCXb6/4c/BiJRS1AlBkO5oUr6R3Vx09L
mhzRHrf1bCfzPzKbgnGdLUIBw1TIuJhEQiS/7pVGw5Quih9XB7mzjxAXJ5HFWsJ0
1WjcWiqx/liMWqJ3BT0wsuBV7XV0euumx3U8O/Z+VSC//kt4ZM+Tx4/vDL02LTiW
xOZx5hKxuum5z30oSzILAZn7UMCpEW3X6O/oEsujnCqIjshXl5jG7R5vC0I11BE0
jO4ke7YH80wkQ9E85psdvxjaB4UNrFObgKo=
-----END CERTIFICATE-----
Generated at Mon Jul 21 06:57:45 2025 by rpki-client