
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/A985E18E4A1011F08CBA9060C4F9AE02.roa
File: A985E18E4A1011F08CBA9060C4F9AE02.roa (raw, json)
Hash identifier: FQKzCZySydhYKOGdDzsusm+bAROUA+ZEIJBnyTIRjUQ=
Subject key identifier: A8:B5:6B:16:82:C0:3D:5C:13:B6:23:8F:1E:3C:30:7A:5C:BE:E9:20
Certificate issuer: /CN=A9161FF7/serialNumber=EEE94E3AF40EAC8CA36DC32E49E4446ECFB33505
Certificate serial: 122A
Authority key identifier: EE:E9:4E:3A:F4:0E:AC:8C:A3:6D:C3:2E:49:E4:44:6E:CF:B3:35:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ulOOvQOrIyjbcMuSeREbs-zNQU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/A985E18E4A1011F08CBA9060C4F9AE02.roa
Signing time: Sun 15 Jun 2025 17:46:27 +0000
ROA not before: Sun 15 Jun 2025 17:46:27 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 138403
IP address blocks: 103.124.180.0/24 maxlen: 24
103.124.181.0/24 maxlen: 24
103.124.183.0/24 maxlen: 24
2403:e3c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 24 Jun 2025 13:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4650 (0x122a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161FF7, serialNumber=EEE94E3AF40EAC8CA36DC32E49E4446ECFB33505
Validity
Not Before: Jun 15 17:46:27 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=684f06f3-298e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:70:54:3c:30:99:99:71:b1:be:c1:e4:af:1c:
b9:5c:c8:59:f3:99:fd:37:35:7d:55:b4:62:32:bb:
9c:91:26:da:d1:74:8c:d3:b6:f6:e2:88:99:04:7c:
cb:0d:34:eb:f3:db:17:a3:06:39:08:d3:70:40:3f:
4e:b3:e0:16:2d:46:9e:eb:ca:95:f0:56:52:81:78:
61:7c:88:91:ac:db:d7:57:24:21:36:95:3c:f4:2e:
9e:3d:65:c5:ae:a1:97:8f:da:8a:45:0d:8c:00:d7:
a2:fc:ba:34:85:e2:c7:ba:f9:bf:1c:e1:f5:54:11:
86:a1:38:a4:5b:e5:0b:4f:be:d2:34:2a:2f:3b:76:
36:12:3e:45:1f:1b:86:62:eb:7c:96:11:20:94:c1:
94:be:ad:3a:e4:1e:9b:22:0c:57:48:ff:a5:c0:3e:
0e:55:9b:45:01:63:7d:58:3b:6e:6d:7a:9e:76:0c:
0f:f2:82:0f:7e:3a:60:5c:ec:f3:d1:81:02:63:72:
d9:5f:34:61:c7:dd:dc:e9:dc:a2:22:2f:7f:fa:9b:
16:40:c9:28:e7:db:b7:80:5f:bf:a6:54:cb:e7:f5:
0d:6e:5c:bc:8d:ef:f4:cb:b1:b6:ae:b5:30:3e:7c:
91:5f:42:ac:b0:5f:4f:a0:f8:a9:9f:de:58:1e:53:
3b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B5:6B:16:82:C0:3D:5C:13:B6:23:8F:1E:3C:30:7A:5C:BE:E9:20
X509v3 Authority Key Identifier:
keyid:EE:E9:4E:3A:F4:0E:AC:8C:A3:6D:C3:2E:49:E4:44:6E:CF:B3:35:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/7ulOOvQOrIyjbcMuSeREbs-zNQU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ulOOvQOrIyjbcMuSeREbs-zNQU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/A985E18E4A1011F08CBA9060C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.180.0/23
103.124.183.0/24
IPv6:
2403:e3c0::/32
Signature Algorithm: sha256WithRSAEncryption
08:6c:b4:de:4b:6d:f5:f9:5e:21:41:91:a7:02:e6:a9:de:44:
f8:44:74:b8:60:66:9f:76:57:16:08:4a:f2:98:cf:be:42:9d:
5d:89:45:cd:de:2c:24:91:01:60:c3:9d:fe:3c:87:a3:57:27:
07:95:93:36:85:20:6f:aa:bf:8f:48:b0:15:90:3d:fe:ae:c0:
f4:e7:ec:0d:80:e9:52:0c:54:99:f8:7e:10:86:95:9f:82:32:
23:63:23:43:56:c5:c5:f3:ab:ff:08:4c:eb:50:ce:0e:f0:86:
38:25:67:17:b8:74:a1:b7:eb:91:e7:64:f2:26:00:45:11:af:
03:cd:d5:eb:57:e0:e2:d2:5e:18:01:32:38:d8:c9:89:64:bf:
4c:5b:aa:8d:08:ea:76:8d:8d:d5:77:8e:86:d1:6d:65:b3:c3:
a5:15:c2:56:9e:dd:4d:6b:0f:b4:fd:12:5d:90:9d:0f:0e:d5:
b9:29:76:39:89:6f:40:c0:2b:02:aa:1f:13:bd:82:a8:7d:3e:
c5:13:d3:a5:c4:87:cb:fd:7c:3f:31:15:56:ea:b6:00:8b:90:
75:b2:2e:e5:e9:7e:a5:e3:fb:59:69:4d:3b:ef:eb:ad:db:89:
d1:77:1a:62:40:02:24:e2:41:71:3f:d8:a8:fe:d6:bb:bb:15:
ca:f7:b5:23
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICEiowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFGRjcxMTAvBgNVBAUTKEVFRTk0RTNBRjQwRUFDOENBMzZEQzMyRTQ5RTQ0NDZF
Q0ZCMzM1MDUwHhcNMjUwNjE1MTc0NjI3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODRmMDZmMy0yOThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1XBUPDCZmXGxvsHkrxy5XMhZ85n9NzV9VbRiMruckSba0XSM07b24oiZBHzL
DTTr89sXowY5CNNwQD9Os+AWLUae68qV8FZSgXhhfIiRrNvXVyQhNpU89C6ePWXF
rqGXj9qKRQ2MANei/Lo0heLHuvm/HOH1VBGGoTikW+ULT77SNCovO3Y2Ej5FHxuG
Yut8lhEglMGUvq065B6bIgxXSP+lwD4OVZtFAWN9WDtubXqedgwP8oIPfjpgXOzz
0YECY3LZXzRhx93c6dyiIi9/+psWQMko59u3gF+/plTL5/UNbly8je/0y7G2rrUw
PnyRX0KssF9PoPipn95YHlM7qwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKi1axaC
wD1cE7Yjjx48MHpcvukgMB8GA1UdIwQYMBaAFO7pTjr0DqyMo23DLknkRG7PszUF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUZGNy8yMTg2MkM2NEUw
QzAxMUU4OUU5QkZFMTVDNEY5QUUwMi83dWxPT3ZRT3JJeWpiY011U2VSRWJzLXpO
UVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzd1bE9PdlFPckl5amJjTXVTZVJFYnMtek5RVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFGRjcvMjE4NjJDNjRFMEMwMTFFODlFOUJGRTE1QzRGOUFFMDIvQTk4NUUxOEU0
QTEwMTFGMDhDQkE5MDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAFnfLQDBABnfLcwDQQCAAIwBwMFACQD48AwDQYJKoZIhvcN
AQELBQADggEBAAhstN5LbfX5XiFBkacC5qneRPhEdLhgZp92VxYISvKYz75CnV2J
Rc3eLCSRAWDDnf48h6NXJweVkzaFIG+qv49IsBWQPf6uwPTn7A2A6VIMVJn4fhCG
lZ+CMiNjI0NWxcXzq/8ITOtQzg7whjglZxe4dKG365HnZPImAEURrwPN1etX4OLS
XhgBMjjYyYlkv0xbqo0I6naNjdV3jobRbWWzw6UVwlae3U1rD7T9El2QnQ8O1bkp
djmJb0DAKwKqHxO9gqh9PsUT06XEh8v9fD8xFVbqtgCLkHWyLuXpfqXj+1lpTTvv
663bidF3GmJAAiTiQXE/2Kj+1ru7Fcr3tSM=
-----END CERTIFICATE-----
Generated at Tue Jul 22 12:32:05 2025 by rpki-client