Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/8F44F16A4BCC11EDA2E6375FC4F9AE02.roa
File: 8F44F16A4BCC11EDA2E6375FC4F9AE02.roa (raw, json)
Hash identifier: khDPT7nUu2MBxImumtcyIV73z19WxJClk9M9DnU+8VY=
Subject key identifier: D9:BE:CA:9C:92:1F:1A:EE:05:12:BA:70:D3:F5:90:46:30:C9:3D:8B
Certificate issuer: /CN=A91B3CA4/serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302
Certificate serial: 0855
Authority key identifier: B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/8F44F16A4BCC11EDA2E6375FC4F9AE02.roa
Signing time: Thu 22 May 2025 20:57:57 +0000
ROA not before: Thu 22 May 2025 20:57:57 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 136014
IP address blocks: 103.138.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Jun 2025 06:19:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2133 (0x855)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B3CA4, serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302
Validity
Not Before: May 22 20:57:57 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=682f8fd4-fd60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:50:cb:00:fe:da:fb:80:df:1e:c8:90:41:53:
0f:68:9a:a8:47:e0:e9:60:90:15:2a:6a:e4:ad:78:
12:54:d8:26:53:2f:f2:bb:ab:a9:bb:a3:f1:d7:8b:
bd:a0:5e:25:91:43:e8:93:a6:b7:29:d9:fa:4e:72:
25:b4:04:28:ca:1b:c7:e7:35:a3:b7:64:56:7a:3f:
a6:8f:1a:a5:ee:f6:67:b6:ea:a6:79:1f:b1:7c:90:
bb:54:b9:18:28:d6:9a:f0:28:9a:1b:c7:d1:ac:04:
92:17:fb:d5:b1:7e:af:35:aa:a3:f9:94:ba:2a:de:
7a:f9:da:86:f6:0c:d1:14:fd:eb:99:cc:c4:24:05:
e7:98:e6:e3:ef:0c:3e:99:c0:22:96:59:f2:ed:f6:
e7:5c:0c:ed:23:33:30:f8:dc:d6:e5:e1:9e:d5:b6:
18:48:de:db:a1:d6:9f:e1:10:6b:0c:79:28:92:0a:
a0:73:6d:5d:51:64:43:d1:61:7c:6a:c1:47:7d:dc:
25:63:92:1d:ee:30:b9:ac:09:d5:1e:4f:3d:43:91:
20:89:02:1c:9b:ed:74:6e:a0:9a:14:8c:e3:76:ee:
a2:f8:31:b6:83:2c:4f:d0:0e:86:05:18:f5:15:98:
f0:80:7e:cb:00:96:eb:a2:c4:24:13:e5:1f:1d:c5:
c8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BE:CA:9C:92:1F:1A:EE:05:12:BA:70:D3:F5:90:46:30:C9:3D:8B
X509v3 Authority Key Identifier:
keyid:B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/8F44F16A4BCC11EDA2E6375FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.214.0/24
Signature Algorithm: sha256WithRSAEncryption
88:20:04:9c:8b:7e:35:d0:22:8f:19:23:8d:d7:ea:96:ce:35:
e7:92:f8:99:2e:56:ac:d4:c4:79:d6:de:9c:ff:a8:de:c4:d5:
fc:f0:7d:f6:88:29:98:7e:e0:ee:79:16:be:c6:dd:1b:b6:dd:
ca:4e:53:f4:a7:d4:26:a4:33:13:eb:a1:d9:fa:7e:75:92:4b:
b4:f1:d4:cf:77:83:18:7e:62:9e:6c:19:8a:67:09:82:8e:08:
79:50:8c:9d:94:89:62:80:21:ef:08:49:65:b8:12:0a:23:a7:
f1:1f:68:04:6e:f5:8a:35:95:1e:ad:4f:16:b1:ed:0b:3c:83:
8e:4f:e0:18:30:47:05:69:31:8f:51:b4:93:65:28:a8:79:f6:
5b:68:f6:5b:18:2b:7b:9c:a5:9f:f9:52:d5:7a:3c:ef:31:bf:
91:aa:f9:d8:01:7e:99:61:31:98:a1:6a:ee:00:0f:a6:81:60:
23:54:03:76:c4:c4:7d:b5:0d:ec:eb:a3:85:0c:a0:3c:71:e8:
29:f0:fc:6b:dc:3c:67:8c:b3:87:fe:f6:7d:43:2a:95:e6:37:
09:e8:50:04:2f:70:bc:8f:4a:bf:fc:0e:ad:00:2a:57:7c:a9:
85:01:31:c3:5c:03:e7:ae:18:1f:a4:c3:e0:0e:1b:08:0d:ce:
05:77:a5:de
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjNDQTQxMTAvBgNVBAUTKEI1OEQyOUY3QjgxMDdGMTU4NUI1RkZFNzBDNTAyQzZD
OEY1RDMzMDIwHhcNMjUwNTIyMjA1NzU3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJmOGZkNC1mZDYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq1DLAP7a+4DfHsiQQVMPaJqoR+DpYJAVKmrkrXgSVNgmUy/yu6upu6Px14u9
oF4lkUPok6a3Kdn6TnIltAQoyhvH5zWjt2RWej+mjxql7vZntuqmeR+xfJC7VLkY
KNaa8CiaG8fRrASSF/vVsX6vNaqj+ZS6Kt56+dqG9gzRFP3rmczEJAXnmObj7ww+
mcAillny7fbnXAztIzMw+NzW5eGe1bYYSN7bodaf4RBrDHkokgqgc21dUWRD0WF8
asFHfdwlY5Id7jC5rAnVHk89Q5EgiQIcm+10bqCaFIzjdu6i+DG2gyxP0A6GBRj1
FZjwgH7LAJbrosQkE+UfHcXI9wIDAQABo4IClTCCApEwHQYDVR0OBBYEFNm+ypyS
HxruBRK6cNP1kEYwyT2LMB8GA1UdIwQYMBaAFLWNKfe4EH8VhbX/5wxQLGyPXTMC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0NBNC8xNUY2OEI1Q0NG
MTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4V0Z0Zl9uREZBc2JJOWRN
d0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RZMHA5N2dRZnhXRnRmX25ERkFzYkk5ZE13SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjNDQTQvMTVGNjhCNUNDRjE5MTFFQUFFRjYwQjFFQzRGOUFFMDIvOEY0NEYxNkE0
QkNDMTFFREEyRTYzNzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnitYwDQYJKoZIhvcNAQELBQADggEBAIggBJyLfjXQIo8Z
I43X6pbONeeS+JkuVqzUxHnW3pz/qN7E1fzwffaIKZh+4O55Fr7G3Ru23cpOU/Sn
1CakMxProdn6fnWSS7Tx1M93gxh+Yp5sGYpnCYKOCHlQjJ2UiWKAIe8ISWW4Egoj
p/EfaARu9Yo1lR6tTxax7Qs8g45P4BgwRwVpMY9RtJNlKKh59lto9lsYK3ucpZ/5
UtV6PO8xv5Gq+dgBfplhMZihau4AD6aBYCNUA3bExH21Dezro4UMoDxx6Cnw/Gvc
PGeMs4f+9n1DKpXmNwnoUAQvcLyPSr/8Dq0AKld8qYUBMcNcA+euGB+kw+AOGwgN
zgV3pd4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 07:23:21 2025 by rpki-client