Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911AE4D/57C37E380A5711EE8C635A46C4F9AE02/3A9B86AED0C011EEB134543DC4F9AE02.roa
File: 3A9B86AED0C011EEB134543DC4F9AE02.roa (raw, json)
Hash identifier: ZfhjsvZo9nirkvWfNtmPWNkeFUQmmPyqQ7LPgQBVs7Q=
Subject key identifier: 3A:19:39:4A:FA:4F:77:83:E8:26:47:ED:2A:B6:E3:70:7B:64:B2:9E
Certificate issuer: /CN=A911AE4D/serialNumber=B459B915D67B72D8335384202DBFBB39565C94D8
Certificate serial: 0234
Authority key identifier: B4:59:B9:15:D6:7B:72:D8:33:53:84:20:2D:BF:BB:39:56:5C:94:D8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tFm5FdZ7ctgzU4QgLb-7OVZclNg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911AE4D/57C37E380A5711EE8C635A46C4F9AE02/3A9B86AED0C011EEB134543DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:15:17 +0000
ROA not before: Fri 29 Aug 2025 03:52:29 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 397423
IP address blocks: 103.120.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Mar 2026 13:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 564 (0x234)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AE4D, serialNumber=B459B915D67B72D8335384202DBFBB39565C94D8
Validity
Not Before: Aug 29 03:52:29 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a47425-3747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:fc:ca:2b:10:60:3f:da:43:0d:95:6d:60:a1:
12:81:1b:93:4f:ab:fe:5f:48:b6:2e:bb:f7:6b:56:
04:82:0a:a0:b5:1d:d8:ec:1f:bc:06:f9:1c:5c:7c:
10:7e:a7:f9:1f:10:bf:e8:f5:c1:97:01:6b:9e:11:
07:1f:d6:76:d9:88:b9:20:4f:44:a8:30:f0:95:36:
bc:c8:c3:c9:8d:9e:c2:18:da:b3:2e:2a:0d:70:f4:
9d:52:89:d7:32:4f:fa:e2:71:39:60:52:3d:cc:be:
ab:fa:74:81:67:ba:01:58:27:51:7f:5c:5b:19:ac:
e9:d1:7c:c0:9c:a8:ad:6a:32:d8:0b:56:f8:b5:0a:
f2:53:65:a5:f0:eb:2c:f9:d3:04:a5:ec:c4:e5:84:
95:4a:fa:a5:d5:59:2f:4c:06:02:fb:20:ec:00:1a:
86:77:14:ed:f8:47:5b:fe:18:dd:08:9c:4a:8d:89:
d1:b2:8a:1b:05:fc:2f:50:e8:33:ef:37:7d:c6:a7:
8a:88:0e:80:4d:26:19:de:2c:48:4e:43:35:8f:52:
90:d0:56:62:c7:ac:4a:f3:e6:35:5a:3f:58:68:c1:
8b:17:1d:49:a9:7f:2f:c4:5d:04:46:6a:1e:1b:98:
20:9f:4b:32:ed:c2:28:99:75:7f:63:7f:ef:1a:c7:
5e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:19:39:4A:FA:4F:77:83:E8:26:47:ED:2A:B6:E3:70:7B:64:B2:9E
X509v3 Authority Key Identifier:
keyid:B4:59:B9:15:D6:7B:72:D8:33:53:84:20:2D:BF:BB:39:56:5C:94:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911AE4D/57C37E380A5711EE8C635A46C4F9AE02/tFm5FdZ7ctgzU4QgLb-7OVZclNg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tFm5FdZ7ctgzU4QgLb-7OVZclNg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AE4D/57C37E380A5711EE8C635A46C4F9AE02/3A9B86AED0C011EEB134543DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.120.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:9a:1a:d9:fd:b7:e2:52:74:64:ec:9e:53:26:f2:8c:f1:6c:
6b:6a:54:16:a0:0b:d5:e2:dc:05:73:22:30:aa:94:0e:8c:4f:
28:93:42:ee:ec:38:3d:3f:ab:1d:56:d4:4a:3c:4d:29:01:27:
64:3f:e3:ce:a6:81:53:37:33:73:3d:73:3e:bc:cc:6c:f9:e4:
e0:70:da:68:14:d5:41:f3:7e:a6:14:a3:d6:8f:94:10:37:0e:
c7:fc:7f:c0:58:19:19:16:ba:76:8c:29:4f:07:16:1a:d9:2a:
d1:95:7a:26:0b:39:bd:6c:c3:6b:fa:15:87:7d:67:36:b7:ef:
53:c7:bc:bd:a8:7e:f1:ca:40:cb:2d:ad:9f:93:10:ed:a9:f6:
62:4c:50:09:c9:d3:7a:c7:39:cd:63:78:63:8d:ce:a2:ab:57:
28:19:63:b6:96:e3:05:49:df:1c:ee:ad:78:6e:93:65:cc:42:
07:ae:80:d1:76:20:6e:07:05:a6:e6:96:da:93:90:50:93:03:
38:34:12:dc:3f:95:e6:22:d0:05:99:ec:a7:96:c3:9a:7e:9e:
66:80:8a:48:04:28:b2:8e:b6:b4:22:19:cd:4f:95:40:0e:d2:
21:5d:73:82:e6:53:53:52:07:ea:5c:9c:8f:94:b5:63:2b:bc:
12:cf:46:e0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUFFNEQxMTAvBgNVBAUTKEI0NTlCOTE1RDY3QjcyRDgzMzUzODQyMDJEQkZCQjM5
NTY1Qzk0RDgwHhcNMjUwODI5MDM1MjI5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzQyNS0zNzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7fzKKxBgP9pDDZVtYKESgRuTT6v+X0i2Lrv3a1YEggqgtR3Y7B+8BvkcXHwQ
fqf5HxC/6PXBlwFrnhEHH9Z22Yi5IE9EqDDwlTa8yMPJjZ7CGNqzLioNcPSdUonX
Mk/64nE5YFI9zL6r+nSBZ7oBWCdRf1xbGazp0XzAnKitajLYC1b4tQryU2Wl8Oss
+dMEpezE5YSVSvql1VkvTAYC+yDsABqGdxTt+Edb/hjdCJxKjYnRsoobBfwvUOgz
7zd9xqeKiA6ATSYZ3ixITkM1j1KQ0FZix6xK8+Y1Wj9YaMGLFx1JqX8vxF0ERmoe
G5ggn0sy7cIomXV/Y3/vGsdeJwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFDoZOUr6
T3eD6CZH7Sq243B7ZLKeMB8GA1UdIwQYMBaAFLRZuRXWe3LYM1OEIC2/uzlWXJTY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUU0RC81N0MzN0UzODBB
NTcxMUVFOEM2MzVBNDZDNEY5QUUwMi90Rm01RmRaN2N0Z3pVNFFnTGItN09WWmNs
TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RGbTVGZFo3Y3RnelU0UWdMYi03T1ZaY2xOZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUFFNEQvNTdDMzdFMzgwQTU3MTFFRThDNjM1QTQ2QzRGOUFFMDIvM0E5Qjg2QUVE
MEMwMTFFRUIxMzQ1NDNEQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAZ3gOMA0GCSqGSIb3DQEBCwUAA4IBAQBNmhrZ/bfiUnRk7J5TJvKM
8WxralQWoAvV4twFcyIwqpQOjE8ok0Lu7Dg9P6sdVtRKPE0pASdkP+POpoFTNzNz
PXM+vMxs+eTgcNpoFNVB836mFKPWj5QQNw7H/H/AWBkZFrp2jClPBxYa2SrRlXom
Czm9bMNr+hWHfWc2t+9Tx7y9qH7xykDLLa2fkxDtqfZiTFAJydN6xznNY3hjjc6i
q1coGWO2luMFSd8c7q14bpNlzEIHroDRdiBuBwWm5pbak5BQkwM4NBLcP5XmItAF
meynlsOafp5mgIpIBCiyjra0IhnNT5VADtIhXXOC5lNTUgfqXJyPlLVjK7wSz0bg
-----END CERTIFICATE-----
Generated at Fri Mar 13 08:04:15 2026 by rpki-client