Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF590/2F7B17C4390D11EB88BC6165C4F9AE02/E9E53D64390E11EBAC72036BC4F9AE02.roa
File: E9E53D64390E11EBAC72036BC4F9AE02.roa (raw, json)
Hash identifier: /vqrkkBMkYSu1OpGYGktQRyNIb8KIlTV2u6tTj1RSqE=
Subject key identifier: 0C:48:34:13:9A:F8:75:F4:4B:D8:28:7B:FB:33:99:71:C6:11:BA:E2
Certificate issuer: /CN=A91EF590/serialNumber=4D71A7A18A82ADD044BC28EF5DF2196B0FD21D5C
Certificate serial: 0711
Authority key identifier: 4D:71:A7:A1:8A:82:AD:D0:44:BC:28:EF:5D:F2:19:6B:0F:D2:1D:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXGnoYqCrdBEvCjvXfIZaw_SHVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF590/2F7B17C4390D11EB88BC6165C4F9AE02/E9E53D64390E11EBAC72036BC4F9AE02.roa
Signing time: Mon 14 Apr 2025 22:02:56 +0000
ROA not before: Mon 14 Apr 2025 22:02:56 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 17763
IP address blocks: 103.109.232.0/24 maxlen: 24
103.109.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Jul 2025 00:06:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1809 (0x711)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF590, serialNumber=4D71A7A18A82ADD044BC28EF5DF2196B0FD21D5C
Validity
Not Before: Apr 14 22:02:56 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67fd8610-1af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7b:cc:f1:d4:71:fe:a1:55:70:e1:f6:0e:91:
c7:17:e7:f7:2d:1d:2e:f8:dd:f1:39:4f:ac:0d:27:
1d:f4:6b:55:4c:69:54:49:ac:4d:e4:c5:48:88:81:
39:2a:67:a2:a4:80:b5:79:48:32:b4:28:9a:34:6e:
eb:90:49:9d:a4:45:45:3a:12:3b:2b:9e:3f:f3:e6:
dd:89:f4:df:e6:7a:bc:33:6a:ce:fe:d4:f8:6a:a0:
b8:85:db:03:20:b0:99:20:28:96:b2:ef:04:93:e7:
af:45:04:be:00:8d:3a:a3:9c:07:b8:56:31:af:de:
cc:58:38:9c:ff:44:39:4c:f8:d2:b9:d2:64:fb:17:
cd:84:19:48:57:2e:32:03:65:af:9e:c4:a5:f6:52:
08:55:4f:1b:74:11:37:56:5a:9a:40:5c:2f:8d:5c:
2c:35:ff:5b:ca:eb:0b:59:58:be:0b:d3:a2:9a:1e:
c9:e1:d1:08:86:33:dd:b3:82:a4:63:21:3a:67:72:
fe:0d:7d:18:4d:39:35:77:76:23:0d:70:e3:dd:27:
f1:98:0d:d3:28:49:9f:c8:14:aa:fb:86:e2:71:28:
51:a7:13:c6:b2:a1:d1:2f:af:88:e5:c3:77:5a:de:
ee:16:11:2c:bd:9d:cc:53:99:1b:eb:b6:ea:0f:cc:
66:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:48:34:13:9A:F8:75:F4:4B:D8:28:7B:FB:33:99:71:C6:11:BA:E2
X509v3 Authority Key Identifier:
keyid:4D:71:A7:A1:8A:82:AD:D0:44:BC:28:EF:5D:F2:19:6B:0F:D2:1D:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF590/2F7B17C4390D11EB88BC6165C4F9AE02/TXGnoYqCrdBEvCjvXfIZaw_SHVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXGnoYqCrdBEvCjvXfIZaw_SHVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF590/2F7B17C4390D11EB88BC6165C4F9AE02/E9E53D64390E11EBAC72036BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.232.0/24
103.109.234.0/24
Signature Algorithm: sha256WithRSAEncryption
43:68:d1:d4:97:e9:d3:4c:d3:80:cf:7f:42:ad:33:75:59:11:
89:58:67:e2:4d:fc:9a:ff:d8:76:f4:4c:19:54:db:0f:dc:14:
58:ef:c4:40:60:36:59:8a:b4:80:b5:e2:6e:eb:c5:e1:e4:28:
73:90:fa:06:78:84:aa:65:70:ab:e4:2e:5a:89:64:08:cc:a3:
38:11:a2:4d:84:c6:cc:15:e7:9a:68:b1:0c:c8:cf:9d:d8:0b:
13:13:93:a3:f6:12:94:4f:45:34:be:e6:fb:4c:e7:04:6e:ea:
2b:0c:f3:92:42:07:6a:03:95:e8:eb:9d:45:44:0b:ec:e0:e7:
3b:0d:c8:9e:ac:a6:bf:75:ba:51:ed:4c:a5:9d:75:e9:10:4d:
8c:24:a1:8e:fb:d1:61:83:2e:76:54:df:da:27:d3:93:e9:83:
a4:87:52:3c:4c:0a:76:27:c2:9c:b5:e3:2c:c9:cb:13:d2:51:
76:f6:48:21:92:43:f0:fb:6e:fa:09:35:88:4b:db:bc:34:55:
8e:eb:a3:87:53:84:da:fd:ef:5d:b7:87:ba:7e:43:eb:cc:fc:
28:da:3a:3f:64:95:5d:f4:c6:29:80:c8:a1:72:31:ba:1a:a9:
dc:e3:e8:a0:46:59:33:2b:77:fc:13:a9:da:58:b7:1a:6a:d5:
68:83:44:c7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBxEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUY1OTAxMTAvBgNVBAUTKDRENzFBN0ExOEE4MkFERDA0NEJDMjhFRjVERjIxOTZC
MEZEMjFENUMwHhcNMjUwNDE0MjIwMjU2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ZkODYxMC0xYWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0nvM8dRx/qFVcOH2DpHHF+f3LR0u+N3xOU+sDScd9GtVTGlUSaxN5MVIiIE5
KmeipIC1eUgytCiaNG7rkEmdpEVFOhI7K54/8+bdifTf5nq8M2rO/tT4aqC4hdsD
ILCZICiWsu8Ek+evRQS+AI06o5wHuFYxr97MWDic/0Q5TPjSudJk+xfNhBlIVy4y
A2WvnsSl9lIIVU8bdBE3VlqaQFwvjVwsNf9byusLWVi+C9Oimh7J4dEIhjPds4Kk
YyE6Z3L+DX0YTTk1d3YjDXDj3SfxmA3TKEmfyBSq+4bicShRpxPGsqHRL6+I5cN3
Wt7uFhEsvZ3MU5kb67bqD8xmBQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAxINBOa
+HX0S9goe/szmXHGEbriMB8GA1UdIwQYMBaAFE1xp6GKgq3QRLwo713yGWsP0h1c
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjU5MC8yRjdCMTdDNDM5
MEQxMUVCODhCQzYxNjVDNEY5QUUwMi9UWEdub1lxQ3JkQkV2Q2p2WGZJWmF3X1NI
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RYR25vWXFDcmRCRXZDanZYZklaYXdfU0hWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUY1OTAvMkY3QjE3QzQzOTBEMTFFQjg4QkM2MTY1QzRGOUFFMDIvRTlFNTNENjQz
OTBFMTFFQkFDNzIwMzZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnbegDBABnbeowDQYJKoZIhvcNAQELBQADggEBAENo0dSX
6dNM04DPf0KtM3VZEYlYZ+JN/Jr/2Hb0TBlU2w/cFFjvxEBgNlmKtIC14m7rxeHk
KHOQ+gZ4hKplcKvkLlqJZAjMozgRok2ExswV55posQzIz53YCxMTk6P2EpRPRTS+
5vtM5wRu6isM85JCB2oDlejrnUVEC+zg5zsNyJ6spr91ulHtTKWddekQTYwkoY77
0WGDLnZU39on05Ppg6SHUjxMCnYnwpy14yzJyxPSUXb2SCGSQ/D7bvoJNYhL27w0
VY7ro4dThNr97123h7p+Q+vM/CjaOj9klV30ximAyKFyMboaqdzj6KBGWTMrd/wT
qdpYtxpq1WiDRMc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:32:58 2025 by rpki-client