Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/889DBC605C7D11F0844C3B33C4F9AE02.roa
File: 889DBC605C7D11F0844C3B33C4F9AE02.roa (raw, json)
Hash identifier: T7ptkD0gOrbuTS2LKM30mCA3GOIbkw6jwa5JGFIbdnM=
Subject key identifier: 46:48:9D:A5:0E:04:FA:44:B1:ED:FF:02:66:C5:BF:69:15:9A:88:75
Certificate issuer: /CN=A915BC98/serialNumber=FF8CCBE618755A1F5199BD0C82760E8EDB8F85BA
Certificate serial: 82
Authority key identifier: FF:8C:CB:E6:18:75:5A:1F:51:99:BD:0C:82:76:0E:8E:DB:8F:85:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_4zL5hh1Wh9Rmb0MgnYOjtuPhbo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/889DBC605C7D11F0844C3B33C4F9AE02.roa
Signing time: Wed 09 Jul 2025 04:34:10 +0000
ROA not before: Wed 09 Jul 2025 04:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215750
IP address blocks: 2401:f860::/44 maxlen: 44
2401:f860::/48 maxlen: 48
2401:f860:1::/48 maxlen: 48
2401:f860:2::/48 maxlen: 48
2401:f860:3::/48 maxlen: 48
2401:f860:4::/48 maxlen: 48
2401:f860:5::/48 maxlen: 48
2401:f860:6::/48 maxlen: 48
2401:f860:7::/48 maxlen: 48
2401:f860:8::/48 maxlen: 48
2401:f860:9::/48 maxlen: 48
2401:f860:a::/48 maxlen: 48
2401:f860:b::/48 maxlen: 48
2401:f860:c::/46 maxlen: 46
2401:f860:c::/48 maxlen: 48
2401:f860:d::/48 maxlen: 48
2401:f860:e::/48 maxlen: 48
2401:f860:f::/48 maxlen: 48
2401:f860:89::/48 maxlen: 48
2401:f860:90::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Jul 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130 (0x82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BC98, serialNumber=FF8CCBE618755A1F5199BD0C82760E8EDB8F85BA
Validity
Not Before: Jul 9 04:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=686df142-af71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:43:5d:71:dd:2a:60:c2:00:ab:1e:1e:13:a0:
09:04:28:ea:e9:78:85:66:c9:7a:7f:43:7a:46:33:
b3:10:88:74:39:b7:24:85:0a:f5:2d:cd:9a:b3:f7:
a1:54:df:f0:ce:ca:91:9a:13:5b:90:e5:54:ca:ab:
91:80:13:fe:14:38:38:9b:e2:15:fd:69:9e:36:57:
84:85:52:f4:79:99:fd:20:1c:c8:7b:5f:b4:42:d1:
0e:e2:f8:17:1a:8e:24:a4:70:4d:6f:ee:94:f2:98:
8b:5e:ac:e9:ce:f8:6f:32:cd:9b:21:c6:35:84:b5:
1f:c2:f6:78:59:d6:1c:ec:85:8c:ab:da:f9:ac:42:
82:1a:08:c8:0d:42:91:1d:e4:36:cc:86:cd:68:d8:
87:f6:d0:e3:32:ca:16:f2:ab:2b:19:b9:42:72:5a:
50:ce:ac:f6:80:86:ea:63:86:c9:17:24:34:75:eb:
4a:1d:0e:f3:1d:34:82:b0:a3:65:cd:76:1c:a3:45:
01:e5:0b:39:71:41:6e:70:b0:bb:a6:78:26:f7:3d:
a6:90:b8:c3:26:69:89:cf:b3:06:ce:83:2b:bd:61:
cc:9c:3f:c2:11:71:62:a4:0e:f9:00:03:f2:43:d7:
b6:68:2c:b1:a9:e6:de:cf:90:2e:d9:1a:b7:a9:f5:
05:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:48:9D:A5:0E:04:FA:44:B1:ED:FF:02:66:C5:BF:69:15:9A:88:75
X509v3 Authority Key Identifier:
keyid:FF:8C:CB:E6:18:75:5A:1F:51:99:BD:0C:82:76:0E:8E:DB:8F:85:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/_4zL5hh1Wh9Rmb0MgnYOjtuPhbo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_4zL5hh1Wh9Rmb0MgnYOjtuPhbo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/889DBC605C7D11F0844C3B33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:f860::/44
2401:f860:89::/48
2401:f860:90::/48
Signature Algorithm: sha256WithRSAEncryption
90:59:72:37:85:dc:56:4b:de:53:64:fb:af:ea:35:51:2f:fc:
4e:73:06:a3:cb:25:e7:07:26:98:6e:27:73:03:5c:7d:a0:13:
20:d5:65:0e:ab:b3:20:7f:78:86:f4:fb:a4:07:53:54:71:df:
95:72:10:5d:ea:08:c3:b9:58:6e:da:b0:f3:e1:5a:14:97:5f:
64:77:c4:98:5d:e1:a9:8e:05:20:72:cf:a3:a8:86:65:f2:e7:
b4:b7:66:c7:18:9f:5a:40:b5:61:bf:a5:1b:c4:95:7b:2b:3e:
d2:43:96:f7:6e:cf:6a:b8:dd:2d:71:21:ca:d1:c7:49:70:1e:
9f:29:72:29:cc:22:22:1e:31:8d:fe:3b:a7:9c:29:cc:c1:f7:
2c:45:fc:f8:e3:37:4f:9d:0f:df:8b:75:7f:76:e1:bc:5b:39:
41:fe:06:62:2a:10:b2:0e:20:5f:e3:38:fe:00:de:d0:21:1c:
3b:5c:53:59:ed:af:e0:52:39:a8:c7:a3:03:25:b7:e6:f6:3f:
81:b9:d7:67:94:93:33:ae:f7:72:22:cb:f1:1e:0b:d3:d0:81:
8c:64:3d:f7:91:1e:37:25:96:32:ab:f7:4e:8a:e9:c5:14:99:
2b:8f:9b:50:48:32:57:78:fb:ad:68:c1:1b:ec:cb:73:8e:21:
41:83:ec:e2
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAIIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJDOTgxMTAvBgNVBAUTKEZGOENDQkU2MTg3NTVBMUY1MTk5QkQwQzgyNzYwRThF
REI4Rjg1QkEwHhcNMjUwNzA5MDQzNDEwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZkZjE0Mi1hZjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5UNdcd0qYMIAqx4eE6AJBCjq6XiFZsl6f0N6RjOzEIh0ObckhQr1Lc2as/eh
VN/wzsqRmhNbkOVUyquRgBP+FDg4m+IV/WmeNleEhVL0eZn9IBzIe1+0QtEO4vgX
Go4kpHBNb+6U8piLXqzpzvhvMs2bIcY1hLUfwvZ4WdYc7IWMq9r5rEKCGgjIDUKR
HeQ2zIbNaNiH9tDjMsoW8qsrGblCclpQzqz2gIbqY4bJFyQ0detKHQ7zHTSCsKNl
zXYco0UB5Qs5cUFucLC7pngm9z2mkLjDJmmJz7MGzoMrvWHMnD/CEXFipA75AAPy
Q9e2aCyxqebez5Au2Rq3qfUFyQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEZInaUO
BPpEse3/AmbFv2kVmoh1MB8GA1UdIwQYMBaAFP+My+YYdVofUZm9DIJ2Do7bj4W6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkM5OC9BQkFGRjVFQTA2
MTIxMUYwOEU5QUU1MjlDNEY5QUUwMi9fNHpMNWhoMVdoOVJtYjBNZ25ZT2p0dVBo
Ym8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL180ekw1aGgxV2g5Um1iME1nbllPanR1UGhiby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJDOTgvQUJBRkY1RUEwNjEyMTFGMDhFOUFFNTI5QzRGOUFFMDIvODg5REJDNjA1
QzdEMTFGMDg0NEMzQjMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMCEEAgACMBsDBwQkAfhgAAADBwAkAfhgAIkDBwAkAfhgAJAwDQYJKoZIhvcN
AQELBQADggEBAJBZcjeF3FZL3lNk+6/qNVEv/E5zBqPLJecHJphuJ3MDXH2gEyDV
ZQ6rsyB/eIb0+6QHU1Rx35VyEF3qCMO5WG7asPPhWhSXX2R3xJhd4amOBSByz6Oo
hmXy57S3ZscYn1pAtWG/pRvElXsrPtJDlvduz2q43S1xIcrRx0lwHp8pcinMIiIe
MY3+O6ecKczB9yxF/PjjN0+dD9+LdX924bxbOUH+BmIqELIOIF/jOP4A3tAhHDtc
U1ntr+BSOajHowMlt+b2P4G512eUkzOu93Iiy/EeC9PQgYxkPfeRHjclljKr906K
6cUUmSuPm1BIMld4+61owRvsy3OOIUGD7OI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 07:01:53 2025 by rpki-client