Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/2E122308503411F0A4287A7EC4F9AE02.roa
File: 2E122308503411F0A4287A7EC4F9AE02.roa (raw, json)
Hash identifier: dlL65nFoXfvA/7jB/PgFNStnk+e65lM6Xxciu6kGxeY=
Subject key identifier: 19:C6:44:D5:CA:D5:B4:7D:C0:6F:31:0A:91:98:B0:E9:CE:ED:1C:22
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 38C4
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/2E122308503411F0A4287A7EC4F9AE02.roa
Signing time: Mon 23 Jun 2025 13:15:49 +0000
ROA not before: Mon 23 Jun 2025 13:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 111.88.96.0/21 maxlen: 21
111.88.96.0/24 maxlen: 24
111.88.97.0/24 maxlen: 24
111.88.98.0/24 maxlen: 24
111.88.99.0/24 maxlen: 24
111.88.100.0/24 maxlen: 24
111.88.101.0/24 maxlen: 24
111.88.102.0/24 maxlen: 24
111.88.103.0/24 maxlen: 24
111.88.112.0/20 maxlen: 20
111.88.112.0/24 maxlen: 24
111.88.113.0/24 maxlen: 24
111.88.114.0/24 maxlen: 24
111.88.115.0/24 maxlen: 24
111.88.116.0/24 maxlen: 24
111.88.117.0/24 maxlen: 24
111.88.118.0/24 maxlen: 24
111.88.119.0/24 maxlen: 24
111.88.120.0/24 maxlen: 24
111.88.121.0/24 maxlen: 24
111.88.122.0/24 maxlen: 24
111.88.123.0/24 maxlen: 24
111.88.124.0/24 maxlen: 24
111.88.125.0/24 maxlen: 24
111.88.126.0/24 maxlen: 24
111.88.127.0/24 maxlen: 24
111.88.128.0/21 maxlen: 21
111.88.128.0/24 maxlen: 24
111.88.129.0/24 maxlen: 24
111.88.130.0/24 maxlen: 24
111.88.131.0/24 maxlen: 24
111.88.132.0/24 maxlen: 24
111.88.133.0/24 maxlen: 24
111.88.134.0/24 maxlen: 24
111.88.135.0/24 maxlen: 24
111.88.140.0/22 maxlen: 22
111.88.140.0/24 maxlen: 24
111.88.141.0/24 maxlen: 24
111.88.142.0/24 maxlen: 24
111.88.143.0/24 maxlen: 24
111.88.160.0/21 maxlen: 21
111.88.160.0/22 maxlen: 22
111.88.160.0/23 maxlen: 23
111.88.160.0/24 maxlen: 24
111.88.161.0/24 maxlen: 24
111.88.162.0/23 maxlen: 23
111.88.162.0/24 maxlen: 24
111.88.163.0/24 maxlen: 24
111.88.164.0/22 maxlen: 22
111.88.164.0/23 maxlen: 23
111.88.164.0/24 maxlen: 24
111.88.165.0/24 maxlen: 24
111.88.166.0/23 maxlen: 23
111.88.166.0/24 maxlen: 24
111.88.167.0/24 maxlen: 24
111.88.200.0/21 maxlen: 21
111.88.200.0/24 maxlen: 24
111.88.201.0/24 maxlen: 24
111.88.202.0/24 maxlen: 24
111.88.203.0/24 maxlen: 24
111.88.204.0/24 maxlen: 24
111.88.205.0/24 maxlen: 24
111.88.206.0/24 maxlen: 24
111.88.207.0/24 maxlen: 24
111.88.224.0/22 maxlen: 24
111.88.228.0/22 maxlen: 24
203.81.212.0/24 maxlen: 24
203.81.213.0/24 maxlen: 24
203.81.214.0/24 maxlen: 24
203.81.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Jun 2025 10:51:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14532 (0x38c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B, serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Jun 23 13:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68595385-faa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d8:e8:f8:91:3a:80:f4:9c:51:bf:d8:e9:d0:
fd:f0:04:e1:df:c1:7b:3e:97:97:ae:5b:87:53:ee:
af:34:b8:4c:db:e5:8b:cd:7d:a9:a6:e5:5a:19:8a:
71:c7:c9:b3:7f:31:14:e7:20:03:6e:bb:37:d1:87:
82:47:28:2d:52:7a:8a:3c:0a:b5:24:d6:b9:c5:6d:
9b:b7:ef:d3:a6:a2:f3:89:69:ea:eb:f2:fa:bb:45:
3c:3e:e5:f5:6e:c1:5b:24:ad:fd:71:35:04:23:12:
8d:cf:ce:30:a3:42:cf:aa:e9:b4:12:b0:f7:60:cd:
d3:ad:65:e3:4f:a4:8f:0f:67:f1:48:d4:fe:97:60:
c4:08:32:2f:f8:3d:d2:b5:52:15:65:37:ef:07:1e:
49:7e:c6:91:c5:f9:8f:68:2c:12:2f:4b:39:04:da:
ae:10:e0:20:4a:7d:aa:28:37:6e:9e:49:2e:fb:7f:
34:7d:36:c5:b0:72:0b:5c:30:5a:b3:76:69:45:c7:
27:41:9e:89:e1:e1:00:8d:b0:37:35:61:b6:a7:b5:
59:d3:6c:c1:45:64:be:67:62:ce:7f:0d:e5:8f:10:
12:e2:32:b9:fb:f9:ce:a6:c5:f8:9e:27:25:87:cc:
48:5f:13:41:eb:c4:bb:68:f3:f8:6e:06:d7:cd:23:
a1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C6:44:D5:CA:D5:B4:7D:C0:6F:31:0A:91:98:B0:E9:CE:ED:1C:22
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/2E122308503411F0A4287A7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.96.0/21
111.88.112.0-111.88.135.255
111.88.140.0/22
111.88.160.0/21
111.88.200.0/21
111.88.224.0/21
203.81.212.0/22
Signature Algorithm: sha256WithRSAEncryption
47:b9:a3:87:96:28:36:98:f6:75:42:fd:3c:34:32:52:60:bc:
ce:f5:eb:30:4b:af:c0:35:41:87:89:bd:f2:86:85:79:0d:cf:
fd:5d:4e:e3:31:07:aa:3c:03:13:8c:fd:71:c4:37:eb:41:74:
7f:a3:64:ba:4b:da:f4:23:c2:95:83:08:10:de:55:00:9b:4f:
eb:f9:d9:09:00:f3:e4:f2:6c:a9:34:e8:a3:97:e1:36:e6:6e:
d9:9c:bf:14:ad:cd:ee:1b:af:cf:c3:1b:95:05:68:e9:06:e5:
2f:72:cf:cd:7a:83:72:d6:1d:b4:32:07:25:0b:42:ae:47:c1:
2d:e7:8d:c6:8f:2f:69:9f:ba:2f:cc:64:c2:f7:bf:ab:aa:6c:
f3:b3:88:7e:c9:29:3b:f8:50:e2:ae:cc:95:1d:15:72:1f:55:
81:27:81:11:45:61:af:e4:d2:ad:5e:42:56:b4:0c:b0:61:4a:
be:0a:ad:1d:9f:94:7c:4c:f6:f6:ec:74:ae:27:09:89:43:af:
c3:36:15:65:00:1e:27:31:01:e1:5d:e1:24:a1:44:80:2f:e1:
b6:e6:9b:bb:2a:13:d6:73:e8:e6:6b:a3:a0:21:74:79:63:68:
0e:fe:1c:53:04:3b:a1:81:81:84:6c:14:c1:25:07:0a:5c:f6:
fc:47:cf:14
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICOMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjUwNjIzMTMxNTQ5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODU5NTM4NS1mYWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxtjo+JE6gPScUb/Y6dD98ATh38F7PpeXrluHU+6vNLhM2+WLzX2ppuVaGYpx
x8mzfzEU5yADbrs30YeCRygtUnqKPAq1JNa5xW2bt+/TpqLziWnq6/L6u0U8PuX1
bsFbJK39cTUEIxKNz84wo0LPqum0ErD3YM3TrWXjT6SPD2fxSNT+l2DECDIv+D3S
tVIVZTfvBx5JfsaRxfmPaCwSL0s5BNquEOAgSn2qKDdunkku+380fTbFsHILXDBa
s3ZpRccnQZ6J4eEAjbA3NWG2p7VZ02zBRWS+Z2LOfw3ljxAS4jK5+/nOpsX4nicl
h8xIXxNB68S7aPP4bgbXzSOh5wIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFBnGRNXK
1bR9wG8xCpGYsOnO7RwiMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvMkUxMjIzMDg1
MDM0MTFGMEE0Mjg3QTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MDgEAgABMDIDBANvWGAwDAMEBG9YcAMEA29YgAMEAm9YjAMEA29YoAMEA29Y
yAMEA29Y4AMEAstR1DANBgkqhkiG9w0BAQsFAAOCAQEAR7mjh5YoNpj2dUL9PDQy
UmC8zvXrMEuvwDVBh4m98oaFeQ3P/V1O4zEHqjwDE4z9ccQ360F0f6Nkukva9CPC
lYMIEN5VAJtP6/nZCQDz5PJsqTToo5fhNuZu2Zy/FK3N7huvz8MblQVo6QblL3LP
zXqDctYdtDIHJQtCrkfBLeeNxo8vaZ+6L8xkwve/q6ps87OIfskpO/hQ4q7MlR0V
ch9VgSeBEUVhr+TSrV5CVrQMsGFKvgqtHZ+UfEz29ux0ricJiUOvwzYVZQAeJzEB
4V3hJKFEgC/htuabuyoT1nPo5mujoCF0eWNoDv4cUwQ7oYGBhGwUwSUHClz2/EfP
FA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:07:53 2025 by rpki-client