Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/5BFC94C6613F11F0A8BE7D3BC4F9AE02.roa
File: 5BFC94C6613F11F0A8BE7D3BC4F9AE02.roa (raw, json)
Hash identifier: ZVXDpehq/Nfh8pwAA+o2nc2wVhGYntJgJkSH8ytv2W4=
Subject key identifier: 8E:0B:D6:19:38:9D:86:55:7C:C3:19:5B:8F:49:30:01:DC:1D:07:31
Certificate issuer: /CN=A915F89C/serialNumber=AF8F0CFB47FBFCC7C4933C473CDB36442B5051CE
Certificate serial: 3812
Authority key identifier: AF:8F:0C:FB:47:FB:FC:C7:C4:93:3C:47:3C:DB:36:44:2B:50:51:CE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r48M-0f7_MfEkzxHPNs2RCtQUc4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/5BFC94C6613F11F0A8BE7D3BC4F9AE02.roa
Signing time: Tue 15 Jul 2025 05:48:40 +0000
ROA not before: Tue 15 Jul 2025 05:48:40 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 9506
IP address blocks: 14.100.0.0/17 maxlen: 24
42.60.0.0/16 maxlen: 24
42.61.128.0/17 maxlen: 24
101.78.64.0/18 maxlen: 24
115.66.0.0/16 maxlen: 24
116.14.0.0/15 maxlen: 15
116.14.0.0/16 maxlen: 24
116.15.0.0/16 maxlen: 24
118.200.0.0/16 maxlen: 24
118.201.0.0/17 maxlen: 24
118.201.192.0/18 maxlen: 18
118.201.224.0/19 maxlen: 24
119.74.0.0/16 maxlen: 24
119.234.128.0/18 maxlen: 24
119.234.192.0/19 maxlen: 24
121.6.0.0/16 maxlen: 24
121.7.0.0/16 maxlen: 24
180.255.64.0/18 maxlen: 24
219.74.0.0/16 maxlen: 24
219.75.0.0/17 maxlen: 24
220.255.0.0/22 maxlen: 22
220.255.0.0/24 maxlen: 24
220.255.1.0/24 maxlen: 24
220.255.2.0/24 maxlen: 24
220.255.3.0/24 maxlen: 24
220.255.4.0/22 maxlen: 22
220.255.4.0/24 maxlen: 24
220.255.5.0/24 maxlen: 24
220.255.6.0/24 maxlen: 24
220.255.7.0/24 maxlen: 24
220.255.16.0/20 maxlen: 24
220.255.32.0/19 maxlen: 19
220.255.64.0/18 maxlen: 18
220.255.128.0/17 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Jul 2025 06:09:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14354 (0x3812)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F89C, serialNumber=AF8F0CFB47FBFCC7C4933C473CDB36442B5051CE
Validity
Not Before: Jul 15 05:48:40 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6875ebb8-342e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:96:a5:19:72:b6:37:98:13:3a:23:f8:7b:04:
45:20:9e:75:36:e7:b8:3f:95:af:36:ff:19:f5:0d:
50:46:10:d4:51:00:66:96:32:b3:a5:4e:fc:0c:ea:
33:79:b6:9c:3a:ac:e4:08:2b:79:18:76:b8:a0:eb:
da:b0:f8:d8:6e:64:1c:28:33:0f:4c:9b:47:e1:f6:
c9:49:a6:cd:64:ca:55:ed:21:4a:e8:2f:5d:d3:71:
ac:db:ee:1c:f7:95:75:41:46:c8:db:80:89:ac:59:
b3:99:cb:69:04:ae:fc:42:08:62:90:c3:00:fb:f6:
06:23:90:77:d4:05:a6:0b:09:4a:df:0a:09:0c:bb:
97:7a:ac:8b:43:90:d2:1e:b1:37:9d:ac:d8:f2:21:
ed:89:7b:36:e3:04:53:3d:3c:64:18:85:60:08:53:
81:61:70:87:83:87:f6:fd:e8:23:85:71:6e:c9:e6:
89:f6:71:09:9a:7d:32:3a:61:53:b9:02:1b:18:ce:
48:a8:fe:a4:40:96:8b:d2:ec:cb:80:79:0b:b1:17:
af:55:48:09:58:b6:ca:11:d3:a2:d1:20:e7:29:5c:
bb:d6:3d:c7:7e:bb:71:ed:18:6d:70:05:42:da:fd:
47:03:76:47:28:7a:92:b0:a0:71:43:18:ae:d9:85:
b5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:0B:D6:19:38:9D:86:55:7C:C3:19:5B:8F:49:30:01:DC:1D:07:31
X509v3 Authority Key Identifier:
keyid:AF:8F:0C:FB:47:FB:FC:C7:C4:93:3C:47:3C:DB:36:44:2B:50:51:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/r48M-0f7_MfEkzxHPNs2RCtQUc4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r48M-0f7_MfEkzxHPNs2RCtQUc4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/5BFC94C6613F11F0A8BE7D3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.100.0.0/17
42.60.0.0/16
42.61.128.0/17
101.78.64.0/18
115.66.0.0/16
116.14.0.0/15
118.200.0.0-118.201.127.255
118.201.192.0/18
119.74.0.0/16
119.234.128.0-119.234.223.255
121.6.0.0/15
180.255.64.0/18
219.74.0.0-219.75.127.255
220.255.0.0/21
220.255.16.0-220.255.255.255
Signature Algorithm: sha256WithRSAEncryption
86:05:76:fe:f6:7b:5e:06:4d:3b:64:47:9e:a6:6f:d6:7e:47:
44:f9:3f:e5:09:ed:0c:22:41:ce:fc:dd:7c:89:62:ee:f3:26:
09:86:bf:d4:3d:79:a7:a9:46:35:12:30:58:94:d6:c3:fa:80:
51:68:f1:54:66:4e:1f:70:dd:7d:9d:5e:7c:46:4f:43:26:8f:
f4:d6:22:53:12:42:43:15:15:ac:25:c2:b2:fd:e1:8c:24:df:
c6:49:f1:41:5b:8b:2b:86:19:f1:e6:cc:af:8c:ad:93:73:39:
28:76:bd:d4:10:f9:66:23:f0:22:f8:ac:e4:f0:af:1a:b3:a1:
ac:c0:53:12:5a:9e:6b:cb:92:e2:86:ac:76:80:55:7d:ed:47:
b9:72:d6:a7:30:14:e4:e8:58:f2:c7:e6:27:7c:c4:92:48:50:
72:47:90:42:68:3b:29:ef:fb:92:6b:16:f2:8f:3d:f0:46:68:
78:06:c9:7f:e3:e5:3f:e5:88:88:33:93:98:50:c2:b7:31:31:
4e:0c:b4:fb:5b:d9:09:5e:3e:90:4b:2a:6d:9c:6c:06:84:a6:
22:40:86:48:0d:b8:b0:d3:db:a0:45:6f:a8:a1:75:a7:53:a6:
37:20:0c:04:0d:e1:63:1d:7e:02:76:1a:5d:01:20:e8:68:cf:
35:6a:29:62
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgICOBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUY4OUMxMTAvBgNVBAUTKEFGOEYwQ0ZCNDdGQkZDQzdDNDkzM0M0NzNDREIzNjQ0
MkI1MDUxQ0UwHhcNMjUwNzE1MDU0ODQwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc1ZWJiOC0zNDJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArZalGXK2N5gTOiP4ewRFIJ51Nue4P5WvNv8Z9Q1QRhDUUQBmljKzpU78DOoz
ebacOqzkCCt5GHa4oOvasPjYbmQcKDMPTJtH4fbJSabNZMpV7SFK6C9d03Gs2+4c
95V1QUbI24CJrFmzmctpBK78QghikMMA+/YGI5B31AWmCwlK3woJDLuXeqyLQ5DS
HrE3nazY8iHtiXs24wRTPTxkGIVgCFOBYXCHg4f2/egjhXFuyeaJ9nEJmn0yOmFT
uQIbGM5IqP6kQJaL0uzLgHkLsRevVUgJWLbKEdOi0SDnKVy71j3Hfrtx7RhtcAVC
2v1HA3ZHKHqSsKBxQxiu2YW1CwIDAQABo4IDATCCAv0wHQYDVR0OBBYEFI4L1hk4
nYZVfMMZW49JMAHcHQcxMB8GA1UdIwQYMBaAFK+PDPtH+/zHxJM8RzzbNkQrUFHO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy82OTA3QzNFMjFE
ODMxMUUyOUIzNUE1RDgwOEIwMkNEMi9yNDhNLTBmN19NZkVrenhIUE5zMlJDdFFV
YzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I0OE0tMGY3X01mRWt6eEhQTnMyUkN0UVVjNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUY4OUMvNjkwN0MzRTIxRDgzMTFFMjlCMzVBNUQ4MDhCMDJDRDIvNUJGQzk0QzY2
MTNGMTFGMEE4QkU3RDNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYoGCCsGAQUFBwEHAQH/
BHsweTB3BAIAATBxAwQHDmQAAwMAKjwDBAcqPYADBAZlTkADAwBzQgMDAXQOMAsD
AwN2yAMEB3bJAAMEBnbJwAMDAHdKMAwDBAd36oADBAV36sADAwF5BgMEBrT/QDAL
AwMB20oDBAfbSwADBAPc/wAwCgMEBNz/EAMCANwwDQYJKoZIhvcNAQELBQADggEB
AIYFdv72e14GTTtkR56mb9Z+R0T5P+UJ7QwiQc783XyJYu7zJgmGv9Q9eaepRjUS
MFiU1sP6gFFo8VRmTh9w3X2dXnxGT0Mmj/TWIlMSQkMVFawlwrL94Ywk38ZJ8UFb
iyuGGfHmzK+MrZNzOSh2vdQQ+WYj8CL4rOTwrxqzoazAUxJanmvLkuKGrHaAVX3t
R7ly1qcwFOToWPLH5id8xJJIUHJHkEJoOynv+5JrFvKPPfBGaHgGyX/j5T/liIgz
k5hQwrcxMU4MtPtb2QlePpBLKm2cbAaEpiJAhkgNuLDT26BFb6ihdadTpjcgDAQN
4WMdfgJ2Gl0BIOhozzVqKWI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 03:26:06 2025 by rpki-client