Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC5BD/76C2C72E1CEB11EF85DFD776C4F9AE02/488E74EE5AFB11F091581858C4F9AE02.roa
File: 488E74EE5AFB11F091581858C4F9AE02.roa (raw, json)
Hash identifier: GvUQNuFD/dYdmpRxKGYJK8eWpnbVswf4iuw9yEasLrA=
Subject key identifier: 70:67:0A:37:25:FC:A6:61:FC:64:FD:5D:68:0D:08:EA:D1:96:6B:AE
Certificate issuer: /CN=A91FC5BD/serialNumber=E977A9226220E8C78A1D1B3BE04D60CDCC8A2188
Certificate serial: D4
Authority key identifier: E9:77:A9:22:62:20:E8:C7:8A:1D:1B:3B:E0:4D:60:CD:CC:8A:21:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6XepImIg6MeKHRs74E1gzcyKIYg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FC5BD/76C2C72E1CEB11EF85DFD776C4F9AE02/488E74EE5AFB11F091581858C4F9AE02.roa
Signing time: Mon 07 Jul 2025 06:26:15 +0000
ROA not before: Mon 07 Jul 2025 06:26:15 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 132546
IP address blocks: 2401:3d20:24:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Thu 10 Jul 2025 01:22:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212 (0xd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FC5BD, serialNumber=E977A9226220E8C78A1D1B3BE04D60CDCC8A2188
Validity
Not Before: Jul 7 06:26:15 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=686b6887-dea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:43:aa:43:cd:8a:29:70:b8:6a:63:34:0e:4e:
0b:93:a1:9e:6e:7b:9d:b5:79:b6:50:50:6a:4b:c5:
45:e2:73:c4:37:8c:bb:67:f3:60:59:fc:2c:4f:be:
cd:b2:64:bb:e6:43:77:e0:30:6d:de:16:0f:45:0a:
04:74:47:6c:40:87:36:f0:3b:04:9b:c8:95:11:28:
bf:11:63:2f:f4:2e:8a:6b:83:04:12:c7:6b:72:43:
dc:23:4c:15:3b:2b:c0:68:75:f5:38:3a:fe:ec:3e:
71:66:89:56:0c:00:69:c9:89:dc:58:cb:ad:6b:48:
3f:a2:0e:ae:88:fb:e3:a2:e1:94:52:ac:d4:02:55:
c7:8d:5e:5e:02:68:b4:de:50:36:bc:ac:63:79:21:
ef:17:49:33:85:d5:67:8c:a7:5b:5f:6b:8f:f0:94:
cf:6a:e5:6d:dd:d1:88:dc:96:7d:f5:1b:5f:aa:e2:
b7:96:23:e1:6b:07:25:c9:8f:a2:12:5c:e5:57:f1:
03:53:94:32:20:b0:26:8d:90:8c:e8:d1:4b:25:1c:
31:e3:18:24:eb:ca:7c:a8:e0:4e:5e:6c:1f:b8:cd:
91:06:07:34:53:30:a9:c3:8b:8a:27:58:ce:59:55:
9d:e1:71:2a:18:2e:82:2c:96:b1:d8:f6:49:9d:a4:
80:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:67:0A:37:25:FC:A6:61:FC:64:FD:5D:68:0D:08:EA:D1:96:6B:AE
X509v3 Authority Key Identifier:
keyid:E9:77:A9:22:62:20:E8:C7:8A:1D:1B:3B:E0:4D:60:CD:CC:8A:21:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FC5BD/76C2C72E1CEB11EF85DFD776C4F9AE02/6XepImIg6MeKHRs74E1gzcyKIYg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6XepImIg6MeKHRs74E1gzcyKIYg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC5BD/76C2C72E1CEB11EF85DFD776C4F9AE02/488E74EE5AFB11F091581858C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3d20:24:24::/64
Signature Algorithm: sha256WithRSAEncryption
40:d2:84:09:1c:3b:4c:4b:ae:c1:98:10:80:0c:28:89:ad:e0:
de:7c:fd:b1:c4:b3:6d:53:a3:e4:84:49:2b:c2:b9:1a:40:2c:
d4:b8:f4:3d:f0:97:a0:79:c6:79:e5:1e:0f:b7:37:c9:52:47:
c4:a9:63:b3:b1:1c:cd:6f:c0:a4:50:eb:d1:69:e7:45:90:00:
98:72:8a:ac:2e:ed:ae:b3:d2:70:e0:70:4c:4a:68:8c:4f:a0:
df:58:79:19:47:ca:df:0e:ac:6c:ef:43:74:f2:84:6a:2c:14:
61:0b:7f:84:d6:ca:8c:01:ac:a1:9c:cc:0e:a9:8f:b3:d7:56:
f1:f0:d7:21:f3:ba:de:fa:c2:28:4e:57:35:bd:7a:db:6c:72:
5a:de:a7:70:78:cd:c5:b4:59:08:a1:21:a2:df:ae:62:53:c1:
08:2e:fd:b7:2d:10:89:c1:82:59:98:07:59:33:3c:82:5d:b5:
97:f4:b8:a8:be:91:61:9a:c2:17:2f:2a:40:52:cf:38:95:f8:
91:40:30:2d:d3:56:9d:d7:2c:83:43:ec:e4:07:1d:4e:9d:bd:
1b:68:4f:b7:d7:09:fe:5f:e5:70:e4:c9:b8:5b:e6:e7:1b:5c:
c0:63:4e:85:98:b3:f4:72:cd:a9:6d:75:38:89:59:2b:a1:20:
fb:da:6d:01
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkM1QkQxMTAvBgNVBAUTKEU5NzdBOTIyNjIyMEU4Qzc4QTFEMUIzQkUwNEQ2MENE
Q0M4QTIxODgwHhcNMjUwNzA3MDYyNjE1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZiNjg4Ny1kZWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAukOqQ82KKXC4amM0Dk4Lk6GebnudtXm2UFBqS8VF4nPEN4y7Z/NgWfwsT77N
smS75kN34DBt3hYPRQoEdEdsQIc28DsEm8iVESi/EWMv9C6Ka4MEEsdrckPcI0wV
OyvAaHX1ODr+7D5xZolWDABpyYncWMuta0g/og6uiPvjouGUUqzUAlXHjV5eAmi0
3lA2vKxjeSHvF0kzhdVnjKdbX2uP8JTPauVt3dGI3JZ99RtfquK3liPhawclyY+i
ElzlV/EDU5QyILAmjZCM6NFLJRwx4xgk68p8qOBOXmwfuM2RBgc0UzCpw4uKJ1jO
WVWd4XEqGC6CLJax2PZJnaSAJwIDAQABo4ICmjCCApYwHQYDVR0OBBYEFHBnCjcl
/KZh/GT9XWgNCOrRlmuuMB8GA1UdIwQYMBaAFOl3qSJiIOjHih0bO+BNYM3MiiGI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQzVCRC83NkMyQzcyRTFD
RUIxMUVGODVERkQ3NzZDNEY5QUUwMi82WGVwSW1JZzZNZUtIUnM3NEUxZ3pjeUtJ
WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZYZXBJbUlnNk1lS0hSczc0RTFnemN5S0lZZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkM1QkQvNzZDMkM3MkUxQ0VCMTFFRjg1REZENzc2QzRGOUFFMDIvNDg4RTc0RUU1
QUZCMTFGMDkxNTgxODU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E
FTATMBEEAgACMAsDCQAkAT0gACQAJDANBgkqhkiG9w0BAQsFAAOCAQEAQNKECRw7
TEuuwZgQgAwoia3g3nz9scSzbVOj5IRJK8K5GkAs1Lj0PfCXoHnGeeUeD7c3yVJH
xKljs7EczW/ApFDr0WnnRZAAmHKKrC7trrPScOBwTEpojE+g31h5GUfK3w6sbO9D
dPKEaiwUYQt/hNbKjAGsoZzMDqmPs9dW8fDXIfO63vrCKE5XNb1622xyWt6ncHjN
xbRZCKEhot+uYlPBCC79ty0QicGCWZgHWTM8gl21l/S4qL6RYZrCFy8qQFLPOJX4
kUAwLdNWndcsg0Ps5AcdTp29G2hPt9cJ/l/lcOTJuFvm5xtcwGNOhZiz9HLNqW11
OIlZK6Eg+9ptAQ==
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:54:15 2025 by rpki-client