Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF6EF/ACBF6F2A574211F0BEDB455CC4F9AE02/7C48405A574311F0AC477360C4F9AE02.roa
File: 7C48405A574311F0AC477360C4F9AE02.roa (raw, json)
Hash identifier: uodLyfS813xZBb9zpxXXi2N5gXTKrj7mghA+R5AMEwg=
Subject key identifier: E6:C0:43:AA:56:74:D6:65:53:72:09:29:A4:FA:49:E5:E2:31:AB:0E
Certificate issuer: /CN=A91EF6EF/serialNumber=9A023B80ABCF4E6797D388C0DE8160A16EB15DFE
Certificate serial: 02
Authority key identifier: 9A:02:3B:80:AB:CF:4E:67:97:D3:88:C0:DE:81:60:A1:6E:B1:5D:FE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mgI7gKvPTmeX04jA3oFgoW6xXf4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF6EF/ACBF6F2A574211F0BEDB455CC4F9AE02/7C48405A574311F0AC477360C4F9AE02.roa
Signing time: Wed 02 Jul 2025 12:53:01 +0000
ROA not before: Wed 02 Jul 2025 12:53:01 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45411
IP address blocks: 103.153.158.0/23 maxlen: 23
103.153.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Jul 2025 22:23:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF6EF, serialNumber=9A023B80ABCF4E6797D388C0DE8160A16EB15DFE
Validity
Not Before: Jul 2 12:53:01 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68652bad-5dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c0:cb:81:f8:35:53:b7:a3:5c:49:a8:8b:df:
27:71:9e:1d:bc:d0:2e:a4:7b:3b:1e:8d:f4:c8:67:
d2:59:15:6b:7f:32:d4:dd:22:a5:c9:ab:d5:45:e0:
a6:2b:7c:45:d5:5a:6b:65:40:92:6d:af:4a:7c:5d:
a8:aa:d0:b4:e8:a7:02:43:66:12:dd:60:fd:31:40:
08:02:7e:0b:5e:d5:ac:a8:cd:4e:6a:2c:22:03:8b:
89:86:74:53:b7:93:61:e8:8a:4c:1c:c7:93:20:d2:
b7:c2:43:9e:e1:0c:87:2c:3d:31:85:e7:ac:b7:23:
1e:ff:b9:74:fa:48:0e:c0:38:0e:00:2d:16:8a:81:
41:af:da:1a:2e:3e:f2:7d:3b:98:28:e5:fc:9d:6d:
cd:87:9c:4a:2b:fa:a0:cc:20:03:09:50:29:fc:45:
e0:fc:f9:e6:e0:d2:16:8a:12:e6:fa:5c:ca:6c:2a:
46:95:c7:21:72:b1:6b:bc:ff:50:e2:dd:c6:77:d3:
e6:5f:fb:38:f6:2b:ec:5d:73:b1:cb:6d:fb:54:57:
76:5d:2e:ba:53:dc:fd:91:c7:b6:e5:18:6c:0f:b6:
24:32:b2:c9:2b:db:21:92:af:07:89:04:aa:46:fd:
52:06:5d:74:33:78:2c:6c:a4:17:96:1f:88:89:82:
2a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C0:43:AA:56:74:D6:65:53:72:09:29:A4:FA:49:E5:E2:31:AB:0E
X509v3 Authority Key Identifier:
keyid:9A:02:3B:80:AB:CF:4E:67:97:D3:88:C0:DE:81:60:A1:6E:B1:5D:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF6EF/ACBF6F2A574211F0BEDB455CC4F9AE02/mgI7gKvPTmeX04jA3oFgoW6xXf4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mgI7gKvPTmeX04jA3oFgoW6xXf4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF6EF/ACBF6F2A574211F0BEDB455CC4F9AE02/7C48405A574311F0AC477360C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.153.158.0/23
Signature Algorithm: sha256WithRSAEncryption
17:9d:b6:96:83:ed:b1:f6:e0:8e:8a:6c:36:5b:03:b7:2d:cc:
0d:f8:e8:39:b1:5e:20:3a:78:3d:ec:99:36:0c:44:2e:36:e9:
11:8e:0a:5d:4a:40:c8:48:80:20:30:d0:f8:72:5f:41:d7:0c:
0c:5f:09:fc:2d:4b:04:21:0b:1c:a2:09:5a:7b:53:a3:05:2f:
03:35:6f:89:7c:10:bf:4d:4e:6c:31:05:06:00:11:b5:3e:d2:
6e:75:21:c7:0f:32:30:db:93:a2:d1:0d:74:da:ab:f9:0e:5a:
9d:d7:25:37:86:70:81:a1:21:55:f2:aa:c0:f8:01:0e:2e:c1:
b8:4f:81:1c:bd:03:08:54:b2:11:f5:d0:63:d4:21:c1:7c:b1:
c7:f9:cb:ee:39:39:9f:7b:46:8b:d7:ce:49:57:d9:ee:28:64:
0c:e6:09:f1:da:45:96:f9:61:0e:9e:87:de:c6:f9:58:5c:2b:
7c:ec:d3:f0:44:17:f7:41:47:b9:2d:b9:a5:87:c3:47:b4:06:
55:6a:4c:8b:23:ab:50:e2:4f:50:3e:29:77:98:88:be:c6:07:
7a:74:8b:6e:a5:b2:eb:e6:6d:c4:33:fc:a6:d6:3c:d5:d9:fc:
b4:c9:ad:dd:64:78:b4:b3:26:dd:83:dc:7b:22:2c:27:16:24:
68:1e:f5:af
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RjZFRjExMC8GA1UEBRMoOUEwMjNCODBBQkNGNEU2Nzk3RDM4OEMwREU4MTYwQTE2
RUIxNURGRTAeFw0yNTA3MDIxMjUzMDFaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4NjUyYmFkLTVkYzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrwMuB+DVTt6NcSaiL3ydxnh280C6kezsejfTIZ9JZFWt/MtTdIqXJq9VF4KYr
fEXVWmtlQJJtr0p8Xaiq0LTopwJDZhLdYP0xQAgCfgte1ayozU5qLCIDi4mGdFO3
k2Hoikwcx5Mg0rfCQ57hDIcsPTGF56y3Ix7/uXT6SA7AOA4ALRaKgUGv2houPvJ9
O5go5fydbc2HnEor+qDMIAMJUCn8ReD8+ebg0haKEub6XMpsKkaVxyFysWu8/1Di
3cZ30+Zf+zj2K+xdc7HLbftUV3ZdLrpT3P2Rx7blGGwPtiQysskr2yGSrweJBKpG
/VIGXXQzeCxspBeWH4iJgipHAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU5sBDqlZ0
1mVTcgkppPpJ5eIxqw4wHwYDVR0jBBgwFoAUmgI7gKvPTmeX04jA3oFgoW6xXf4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGNkVGL0FDQkY2RjJBNTc0
MjExRjBCRURCNDU1Q0M0RjlBRTAyL21nSTdnS3ZQVG1lWDA0akEzb0Znb1c2eFhm
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbWdJN2dLdlBUbWVYMDRqQTNvRmdvVzZ4WGY0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RjZFRi9BQ0JGNkYyQTU3NDIxMUYwQkVEQjQ1NUNDNEY5QUUwMi83QzQ4NDA1QTU3
NDMxMUYwQUM0NzczNjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeZnjANBgkqhkiG9w0BAQsFAAOCAQEAF522loPtsfbgjops
NlsDty3MDfjoObFeIDp4PeyZNgxELjbpEY4KXUpAyEiAIDDQ+HJfQdcMDF8J/C1L
BCELHKIJWntTowUvAzVviXwQv01ObDEFBgARtT7SbnUhxw8yMNuTotENdNqr+Q5a
ndclN4ZwgaEhVfKqwPgBDi7BuE+BHL0DCFSyEfXQY9QhwXyxx/nL7jk5n3tGi9fO
SVfZ7ihkDOYJ8dpFlvlhDp6H3sb5WFwrfOzT8EQX90FHuS25pYfDR7QGVWpMiyOr
UOJPUD4pd5iIvsYHenSLbqWy6+ZtxDP8ptY81dn8tMmt3WR4tLMm3YPceyIsJxYk
aB71rw==
-----END CERTIFICATE-----
Generated at Sun Jul 20 07:50:52 2025 by rpki-client