Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/354FE56C6C5111EC9FF8F481C4F9AE02.roa
File: 354FE56C6C5111EC9FF8F481C4F9AE02.roa (raw, json)
Hash identifier: JdtcGBtRBbrLSZ435GS7dOO7iO+vHpcSCO6w9suO6wI=
Subject key identifier: 5A:3D:C4:B7:67:A1:CF:59:77:41:D0:BB:FB:65:1F:AA:79:E7:E0:C0
Certificate issuer: /CN=A919C47E/serialNumber=894FE11398B679AEB1B118B1BDE673E18CF6E934
Certificate serial: 1368
Authority key identifier: 89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/354FE56C6C5111EC9FF8F481C4F9AE02.roa
Signing time: Wed 28 May 2025 08:13:19 +0000
ROA not before: Wed 28 May 2025 08:13:19 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 139074
IP address blocks: 103.130.68.0/24 maxlen: 24
2403:b4c0:ae00::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 25 Jun 2025 01:35:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4968 (0x1368)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C47E, serialNumber=894FE11398B679AEB1B118B1BDE673E18CF6E934
Validity
Not Before: May 28 08:13:19 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6836c59e-5d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3e:10:d8:33:b9:ec:1c:73:1e:8d:dd:b2:5c:
07:4a:c6:af:99:ad:8f:17:69:9f:87:3a:29:79:b5:
0b:02:a1:73:8c:bf:94:24:24:02:22:de:aa:6e:74:
3b:10:db:a7:15:f4:18:7e:89:da:ee:f0:fd:c4:fc:
e1:82:c5:f7:54:e6:b0:42:23:ff:be:ec:3b:f4:cd:
0e:c2:d3:4d:82:36:c7:ea:d4:75:64:6f:f3:70:5e:
3e:de:37:e7:64:12:47:94:6b:c3:18:48:d8:ea:9b:
35:47:ff:3a:85:f9:dc:b5:ee:a1:be:dd:b3:df:79:
5a:2b:4c:18:9e:04:9c:49:c1:21:51:39:27:d7:75:
09:99:62:fc:1f:b1:b4:32:50:b6:36:59:42:e5:80:
f4:83:40:c0:e7:50:c2:5a:ba:d6:b1:03:3f:2a:06:
02:a0:0e:34:96:a1:8d:53:2b:57:fe:fa:78:77:c1:
e3:e0:6e:6e:c5:5c:42:81:65:be:25:da:5d:6b:ca:
02:bc:81:da:48:44:f6:e6:b0:c9:58:62:ef:ef:e1:
93:0f:60:97:1f:0f:30:ea:88:bb:2a:53:a6:bb:f2:
1b:78:55:43:85:1b:50:8b:7e:e9:af:2a:70:0b:f9:
2e:27:62:07:1e:8c:da:11:19:ca:e9:f2:a5:05:20:
7c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3D:C4:B7:67:A1:CF:59:77:41:D0:BB:FB:65:1F:AA:79:E7:E0:C0
X509v3 Authority Key Identifier:
keyid:89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/iU_hE5i2ea6xsRixveZz4Yz26TQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/354FE56C6C5111EC9FF8F481C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.68.0/24
IPv6:
2403:b4c0:ae00::/40
Signature Algorithm: sha256WithRSAEncryption
a0:8d:8a:c3:34:62:fd:b6:70:36:70:ba:a1:ea:79:3c:af:a4:
27:95:c7:e1:7b:8e:40:33:cf:df:c6:28:3c:69:10:a8:ac:07:
df:2a:4d:85:93:a7:2b:fe:a7:6a:10:84:5f:27:4e:5c:ac:43:
18:ee:d1:3e:19:08:bd:a4:b5:3d:e3:d0:a0:41:4b:b1:57:7e:
93:07:96:e4:e0:ed:a9:11:4a:83:20:66:04:f8:3e:be:c6:79:
18:13:89:16:4f:ae:cf:ff:d5:67:33:1c:bc:a7:ea:43:d1:ba:
03:30:35:51:6a:bc:2e:d0:35:0f:9b:1b:78:35:da:3c:ae:3c:
d0:bd:54:37:54:d1:04:25:f5:80:0a:4e:c8:b0:ac:8e:9b:a4:
83:5d:a4:ff:43:e0:5e:15:41:f6:48:56:c2:b7:de:16:e5:81:
e6:59:a9:4f:ba:ab:99:5d:cf:b7:35:53:79:74:58:b6:a1:99:
27:58:c8:02:cf:91:84:ec:b4:c0:96:b0:71:ba:86:1b:82:f0:
7f:c4:d4:9e:d8:ef:b7:1d:bd:e2:0f:50:66:6e:80:ff:58:24:
ec:1e:d9:b6:a8:a3:0f:a8:11:21:5f:7a:8a:f3:f5:80:ab:7c:
bd:76:99:4b:57:3f:30:b8:24:b9:95:44:5d:a7:36:ae:11:2f:
1c:3c:11:56
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICE2gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUM0N0UxMTAvBgNVBAUTKDg5NEZFMTEzOThCNjc5QUVCMUIxMThCMUJERTY3M0Ux
OENGNkU5MzQwHhcNMjUwNTI4MDgxMzE5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM2YzU5ZS01ZDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnT4Q2DO57BxzHo3dslwHSsavma2PF2mfhzopebULAqFzjL+UJCQCIt6qbnQ7
ENunFfQYfona7vD9xPzhgsX3VOawQiP/vuw79M0OwtNNgjbH6tR1ZG/zcF4+3jfn
ZBJHlGvDGEjY6ps1R/86hfncte6hvt2z33laK0wYngScScEhUTkn13UJmWL8H7G0
MlC2NllC5YD0g0DA51DCWrrWsQM/KgYCoA40lqGNUytX/vp4d8Hj4G5uxVxCgWW+
Jdpda8oCvIHaSET25rDJWGLv7+GTD2CXHw8w6oi7KlOmu/IbeFVDhRtQi37prypw
C/kuJ2IHHozaERnK6fKlBSB8DwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFo9xLdn
oc9Zd0HQu/tlH6p55+DAMB8GA1UdIwQYMBaAFIlP4ROYtnmusbEYsb3mc+GM9uk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzQ3RS9CQ0VERjQ0MkIw
QkYxMUU4ODYzOTIyMzdDNEY5QUUwMi9pVV9oRTVpMmVhNnhzUml4dmVaejRZejI2
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lVX2hFNWkyZWE2eHNSaXh2ZVp6NFl6MjZUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUM0N0UvQkNFREY0NDJCMEJGMTFFODg2MzkyMjM3QzRGOUFFMDIvMzU0RkU1NkM2
QzUxMTFFQzlGRjhGNDgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBABngkQwDgQCAAIwCAMGACQDtMCuMA0GCSqGSIb3DQEBCwUA
A4IBAQCgjYrDNGL9tnA2cLqh6nk8r6Qnlcfhe45AM8/fxig8aRCorAffKk2Fk6cr
/qdqEIRfJ05crEMY7tE+GQi9pLU949CgQUuxV36TB5bk4O2pEUqDIGYE+D6+xnkY
E4kWT67P/9VnMxy8p+pD0boDMDVRarwu0DUPmxt4Ndo8rjzQvVQ3VNEEJfWACk7I
sKyOm6SDXaT/Q+BeFUH2SFbCt94W5YHmWalPuquZXc+3NVN5dFi2oZknWMgCz5GE
7LTAlrBxuoYbgvB/xNSe2O+3Hb3iD1BmboD/WCTsHtm2qKMPqBEhX3qK8/WAq3y9
dplLVz8wuCS5lURdpzauES8cPBFW
-----END CERTIFICATE-----
Generated at Sun Jul 20 07:36:21 2025 by rpki-client