Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/557C01B0DC9011EFB2FA0156C4F9AE02.roa
File: 557C01B0DC9011EFB2FA0156C4F9AE02.roa (raw, json)
Hash identifier: afKvRJys2blDyokmb+WwzWHkg3YCV7oTe0HfogOuiZk=
Subject key identifier: 4D:51:B2:F7:05:5F:16:A2:EF:D4:63:CE:62:3C:A9:CF:1D:07:87:0E
Certificate issuer: /CN=A91BF312/serialNumber=F0297D0E4531A1D62A95AF5D2F22EF2408DAD29C
Certificate serial: 0792
Authority key identifier: F0:29:7D:0E:45:31:A1:D6:2A:95:AF:5D:2F:22:EF:24:08:DA:D2:9C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Cl9DkUxodYqla9dLyLvJAja0pw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/557C01B0DC9011EFB2FA0156C4F9AE02.roa
Signing time: Fri 02 May 2025 21:33:55 +0000
ROA not before: Fri 02 May 2025 21:33:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55720
IP address blocks: 103.212.68.0/24 maxlen: 24
103.212.69.0/24 maxlen: 24
103.212.70.0/24 maxlen: 24
103.212.71.0/24 maxlen: 24
139.5.177.0/24 maxlen: 24
139.5.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Jun 2025 06:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1938 (0x792)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BF312, serialNumber=F0297D0E4531A1D62A95AF5D2F22EF2408DAD29C
Validity
Not Before: May 2 21:33:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68153a43-88ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d6:05:bb:f7:0c:7c:7a:68:17:1e:bf:c0:3b:
60:b3:1d:72:48:99:b0:6d:68:66:42:78:63:1f:a0:
5b:ec:9a:a6:21:e4:bd:8b:e7:f1:62:b0:b8:70:de:
aa:0c:c3:32:b8:65:f3:36:6c:f8:4c:cc:5d:b7:57:
14:6d:a8:2b:ac:8d:e7:0a:28:c0:e3:cb:09:97:6d:
5b:2e:cd:f1:37:74:00:0c:d7:b1:36:c6:e7:df:09:
f0:93:b9:b1:dc:fa:2c:6b:4a:a4:b9:6d:58:41:ff:
bf:53:49:be:4e:a0:aa:43:1f:d9:ad:83:43:47:28:
e6:6e:dd:50:c4:9b:ec:fe:c3:cd:64:1a:bb:d4:94:
cb:2a:10:d3:1e:36:72:0b:20:c2:28:2b:28:ce:5a:
18:32:c3:2e:37:45:13:2e:1a:c5:14:b0:d7:5c:f9:
48:72:01:d2:2c:d5:4d:47:51:54:72:99:b2:7f:85:
5d:76:55:30:b1:58:3b:f0:4a:76:c0:10:74:6c:7f:
4f:56:fe:96:9c:e2:d9:b5:f5:a8:9f:2c:69:d1:f5:
0d:a2:84:d9:44:5e:e9:5b:09:3f:8e:3f:c7:f1:22:
1c:a4:e1:aa:df:11:0a:85:db:04:06:2e:e3:34:05:
5d:2e:ef:83:2c:1a:b9:38:38:c7:af:0c:92:26:18:
57:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:51:B2:F7:05:5F:16:A2:EF:D4:63:CE:62:3C:A9:CF:1D:07:87:0E
X509v3 Authority Key Identifier:
keyid:F0:29:7D:0E:45:31:A1:D6:2A:95:AF:5D:2F:22:EF:24:08:DA:D2:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/8Cl9DkUxodYqla9dLyLvJAja0pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Cl9DkUxodYqla9dLyLvJAja0pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/557C01B0DC9011EFB2FA0156C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.212.68.0/22
139.5.177.0/24
139.5.179.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:2d:d5:77:e8:b7:f6:46:ee:7f:d6:53:e3:17:8d:52:46:08:
27:8a:0f:4d:02:3d:89:0f:b2:11:79:17:17:9e:39:0a:b4:70:
af:d2:2d:8d:b8:cb:99:99:58:07:cb:a4:82:11:ed:07:0b:4e:
70:90:d3:0b:40:84:9b:27:4c:10:2f:4d:43:39:2d:72:19:0b:
dc:65:a5:25:34:3f:0d:f5:e1:32:a9:83:df:3e:b2:27:5d:53:
c2:a4:18:61:ab:80:67:87:1a:ae:83:c2:41:36:8c:c4:e5:08:
8c:4b:1e:ec:8e:57:c7:f9:3a:e6:32:8e:78:4a:c1:76:2d:7d:
fb:77:f4:23:e7:df:7a:01:6c:08:28:5f:0d:61:98:58:3c:2e:
7e:4f:32:67:f7:47:81:72:e4:62:54:83:89:3a:3a:ec:69:81:
4f:e1:55:d6:07:b2:86:1b:d1:fd:95:3f:e8:33:e4:c8:5a:99:
f8:f1:bb:62:f5:9e:23:89:ed:1c:57:0f:67:ff:9a:1c:12:69:
2d:f3:bd:bc:97:dd:6a:62:26:4b:bb:ac:90:86:88:1b:f6:46:
86:ff:c2:3d:10:92:d3:b3:7d:0c:75:d0:4e:ef:c1:36:b0:29:
bf:ed:9a:c1:37:a0:b0:9d:f0:eb:d3:63:11:c5:dd:3a:47:ea:
cc:f7:be:64
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICB5IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkYzMTIxMTAvBgNVBAUTKEYwMjk3RDBFNDUzMUExRDYyQTk1QUY1RDJGMjJFRjI0
MDhEQUQyOUMwHhcNMjUwNTAyMjEzMzU1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODE1M2E0My04OGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAntYFu/cMfHpoFx6/wDtgsx1ySJmwbWhmQnhjH6Bb7JqmIeS9i+fxYrC4cN6q
DMMyuGXzNmz4TMxdt1cUbagrrI3nCijA48sJl21bLs3xN3QADNexNsbn3wnwk7mx
3Posa0qkuW1YQf+/U0m+TqCqQx/ZrYNDRyjmbt1QxJvs/sPNZBq71JTLKhDTHjZy
CyDCKCsozloYMsMuN0UTLhrFFLDXXPlIcgHSLNVNR1FUcpmyf4VddlUwsVg78Ep2
wBB0bH9PVv6WnOLZtfWonyxp0fUNooTZRF7pWwk/jj/H8SIcpOGq3xEKhdsEBi7j
NAVdLu+DLBq5ODjHrwySJhhXWQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFE1RsvcF
Xxai79RjzmI8qc8dB4cOMB8GA1UdIwQYMBaAFPApfQ5FMaHWKpWvXS8i7yQI2tKc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjMxMi9BQTkyQjk3ODBD
MjkxMUVCOTU0MERENjFDNEY5QUUwMi84Q2w5RGtVeG9kWXFsYTlkTHlMdkpBamEw
cHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhDbDlEa1V4b2RZcWxhOWRMeUx2SkFqYTBwdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkYzMTIvQUE5MkI5NzgwQzI5MTFFQjk1NDBERDYxQzRGOUFFMDIvNTU3QzAxQjBE
QzkwMTFFRkIyRkEwMTU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJn1EQDBACLBbEDBACLBbMwDQYJKoZIhvcNAQELBQADggEB
AC8t1Xfot/ZG7n/WU+MXjVJGCCeKD00CPYkPshF5FxeeOQq0cK/SLY24y5mZWAfL
pIIR7QcLTnCQ0wtAhJsnTBAvTUM5LXIZC9xlpSU0Pw314TKpg98+siddU8KkGGGr
gGeHGq6DwkE2jMTlCIxLHuyOV8f5OuYyjnhKwXYtfft39CPn33oBbAgoXw1hmFg8
Ln5PMmf3R4Fy5GJUg4k6OuxpgU/hVdYHsoYb0f2VP+gz5Mhamfjxu2L1niOJ7RxX
D2f/mhwSaS3zvbyX3WpiJku7rJCGiBv2Rob/wj0QktOzfQx10E7vwTawKb/tmsE3
oLCd8OvTYxHF3TpH6sz3vmQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 06:21:57 2025 by rpki-client