Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6F870B564D9511F099564B3CC4F9AE02.roa
File: 6F870B564D9511F099564B3CC4F9AE02.roa (raw, json)
Hash identifier: 7An/DwAQItWb5epF+wke2+6edzjUZ5g3SLBA1QEAyZU=
Subject key identifier: 34:AD:8D:5A:08:0D:5D:B2:B3:E9:B7:F9:D0:6F:2C:87:2B:4C:C3:69
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 38B5
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6F870B564D9511F099564B3CC4F9AE02.roa
Signing time: Fri 20 Jun 2025 05:14:27 +0000
ROA not before: Fri 20 Jun 2025 05:14:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 111.88.96.0/21 maxlen: 21
111.88.96.0/24 maxlen: 24
111.88.97.0/24 maxlen: 24
111.88.98.0/24 maxlen: 24
111.88.99.0/24 maxlen: 24
111.88.100.0/24 maxlen: 24
111.88.101.0/24 maxlen: 24
111.88.102.0/24 maxlen: 24
111.88.103.0/24 maxlen: 24
111.88.112.0/20 maxlen: 20
111.88.112.0/24 maxlen: 24
111.88.113.0/24 maxlen: 24
111.88.114.0/24 maxlen: 24
111.88.115.0/24 maxlen: 24
111.88.116.0/24 maxlen: 24
111.88.117.0/24 maxlen: 24
111.88.118.0/24 maxlen: 24
111.88.119.0/24 maxlen: 24
111.88.120.0/24 maxlen: 24
111.88.121.0/24 maxlen: 24
111.88.122.0/24 maxlen: 24
111.88.123.0/24 maxlen: 24
111.88.124.0/24 maxlen: 24
111.88.125.0/24 maxlen: 24
111.88.126.0/24 maxlen: 24
111.88.127.0/24 maxlen: 24
111.88.128.0/21 maxlen: 21
111.88.128.0/24 maxlen: 24
111.88.129.0/24 maxlen: 24
111.88.130.0/24 maxlen: 24
111.88.131.0/24 maxlen: 24
111.88.132.0/24 maxlen: 24
111.88.133.0/24 maxlen: 24
111.88.134.0/24 maxlen: 24
111.88.135.0/24 maxlen: 24
111.88.140.0/22 maxlen: 22
111.88.140.0/24 maxlen: 24
111.88.141.0/24 maxlen: 24
111.88.142.0/24 maxlen: 24
111.88.143.0/24 maxlen: 24
111.88.160.0/21 maxlen: 21
111.88.160.0/22 maxlen: 22
111.88.160.0/23 maxlen: 23
111.88.160.0/24 maxlen: 24
111.88.161.0/24 maxlen: 24
111.88.162.0/23 maxlen: 23
111.88.162.0/24 maxlen: 24
111.88.163.0/24 maxlen: 24
111.88.164.0/22 maxlen: 22
111.88.164.0/23 maxlen: 23
111.88.164.0/24 maxlen: 24
111.88.165.0/24 maxlen: 24
111.88.166.0/23 maxlen: 23
111.88.166.0/24 maxlen: 24
111.88.167.0/24 maxlen: 24
111.88.200.0/21 maxlen: 21
111.88.200.0/24 maxlen: 24
111.88.201.0/24 maxlen: 24
111.88.202.0/24 maxlen: 24
111.88.203.0/24 maxlen: 24
111.88.204.0/24 maxlen: 24
111.88.205.0/24 maxlen: 24
111.88.206.0/24 maxlen: 24
111.88.207.0/24 maxlen: 24
111.88.224.0/21 maxlen: 21
203.81.212.0/24 maxlen: 24
203.81.213.0/24 maxlen: 24
203.81.214.0/24 maxlen: 24
203.81.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Jun 2025 13:09:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14517 (0x38b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B, serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Jun 20 05:14:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6854ee32-4ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a7:21:37:c5:95:72:ca:07:4c:0a:19:b5:9e:
87:ce:49:fa:d4:27:75:7f:d4:c5:70:05:b1:a1:94:
64:dc:69:df:e9:77:0f:39:07:17:78:f9:70:3c:2b:
f0:07:36:3c:86:ad:09:38:fe:67:1b:67:73:e4:0d:
93:4a:29:ae:6b:6d:05:68:87:1a:90:a0:8c:b6:62:
99:1c:fb:57:90:83:7b:26:b5:33:ab:fa:3d:7c:67:
f3:d1:d6:64:5b:f9:2e:4a:2b:1b:01:98:da:78:61:
3c:cf:b3:b3:22:5a:6f:10:ab:d1:31:7b:af:84:db:
9d:a1:3e:95:d3:e1:12:36:1e:5c:3e:9e:df:4e:04:
26:18:29:8d:30:0b:86:c3:0c:f4:a2:aa:19:69:25:
48:ea:43:ba:fb:49:13:81:70:4d:cb:38:6b:5c:61:
4c:b9:6b:68:b3:d0:3b:9a:67:fe:f0:aa:e9:4b:06:
28:1f:f2:9c:e6:64:79:60:0b:99:76:d7:89:5a:44:
2e:aa:f4:a0:6d:0a:7c:01:1f:ba:a9:62:1d:f7:37:
c2:e6:b7:51:c2:b1:31:00:f9:33:0e:05:12:f2:f0:
2a:0a:86:a7:d4:dd:68:a0:4c:30:d4:b3:17:f2:fc:
62:1f:3e:02:05:32:82:0c:42:3f:2d:c2:22:a3:32:
ff:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AD:8D:5A:08:0D:5D:B2:B3:E9:B7:F9:D0:6F:2C:87:2B:4C:C3:69
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6F870B564D9511F099564B3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.96.0/21
111.88.112.0-111.88.135.255
111.88.140.0/22
111.88.160.0/21
111.88.200.0/21
111.88.224.0/21
203.81.212.0/22
Signature Algorithm: sha256WithRSAEncryption
28:9b:66:2b:34:03:93:50:02:64:2e:3c:e1:b3:d4:8f:44:c0:
5e:d9:18:a4:61:df:0e:6c:4d:20:84:ff:62:14:cd:1e:a6:95:
6f:47:e7:d4:2e:22:4c:36:e9:10:fb:9f:6e:30:4b:62:6a:ca:
01:18:52:de:6b:66:d6:52:5b:d8:1e:98:53:40:d0:94:bf:19:
07:99:ef:95:17:2c:c5:27:93:e6:77:04:88:7b:7f:db:5f:fa:
65:01:5e:d0:0d:0a:4f:a1:9d:b0:ac:40:67:a6:95:aa:c3:43:
ff:ca:52:65:8f:99:3e:46:c0:4e:43:b4:8d:f6:30:ba:c5:af:
1a:f0:8f:2f:0b:b1:b1:cb:69:b9:ff:72:66:b3:43:12:55:79:
9d:5d:f3:8a:02:3d:75:c0:d5:73:35:8d:fe:d8:0c:3a:2a:8f:
d5:26:77:39:38:ba:94:1e:69:9b:61:84:f8:de:2f:02:42:8c:
37:7f:5a:76:26:58:fc:f4:f2:25:82:63:6a:eb:3e:15:18:ae:
2d:87:65:b9:b1:22:df:90:2e:e0:81:2d:58:9a:ba:90:ea:3e:
b8:d4:56:08:fe:d6:68:23:70:8d:b1:74:b1:91:9d:24:42:7f:
61:b0:ba:77:5a:ad:98:6b:d1:1e:20:57:a2:ae:d9:3c:c0:9d:
56:ff:74:20
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICOLUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjUwNjIwMDUxNDI3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODU0ZWUzMi00ZWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoachN8WVcsoHTAoZtZ6Hzkn61Cd1f9TFcAWxoZRk3Gnf6XcPOQcXePlwPCvw
BzY8hq0JOP5nG2dz5A2TSimua20FaIcakKCMtmKZHPtXkIN7JrUzq/o9fGfz0dZk
W/kuSisbAZjaeGE8z7OzIlpvEKvRMXuvhNudoT6V0+ESNh5cPp7fTgQmGCmNMAuG
wwz0oqoZaSVI6kO6+0kTgXBNyzhrXGFMuWtos9A7mmf+8KrpSwYoH/Kc5mR5YAuZ
dteJWkQuqvSgbQp8AR+6qWId9zfC5rdRwrExAPkzDgUS8vAqCoan1N1ooEww1LMX
8vxiHz4CBTKCDEI/LcIiozL/aQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFDStjVoI
DV2ys+m3+dBvLIcrTMNpMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvNkY4NzBCNTY0
RDk1MTFGMDk5NTY0QjNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MDgEAgABMDIDBANvWGAwDAMEBG9YcAMEA29YgAMEAm9YjAMEA29YoAMEA29Y
yAMEA29Y4AMEAstR1DANBgkqhkiG9w0BAQsFAAOCAQEAKJtmKzQDk1ACZC484bPU
j0TAXtkYpGHfDmxNIIT/YhTNHqaVb0fn1C4iTDbpEPufbjBLYmrKARhS3mtm1lJb
2B6YU0DQlL8ZB5nvlRcsxSeT5ncEiHt/21/6ZQFe0A0KT6GdsKxAZ6aVqsND/8pS
ZY+ZPkbATkO0jfYwusWvGvCPLwuxsctpuf9yZrNDElV5nV3zigI9dcDVczWN/tgM
OiqP1SZ3OTi6lB5pm2GE+N4vAkKMN39adiZY/PTyJYJjaus+FRiuLYdlubEi35Au
4IEtWJq6kOo+uNRWCP7WaCNwjbF0sZGdJEJ/YbC6d1qtmGvRHiBXoq7ZPMCdVv90
IA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 06:55:11 2025 by rpki-client