Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/4338FC5CFB5611EBB7032080C4F9AE02.roa
File: 4338FC5CFB5611EBB7032080C4F9AE02.roa (raw, json)
Hash identifier: VK/E0zQ1ew39L+Gs+xBXW4f/LVbRDtXaeVHnbfPAxq8=
Subject key identifier: B7:FA:3A:45:47:A8:B6:70:0F:AB:7A:9F:9D:6F:DF:0A:AC:BA:4B:F4
Certificate issuer: /CN=A911FAC3/serialNumber=7762AA8277020D0BB5C75997DE5F7D8A5142DF14
Certificate serial: 138C
Authority key identifier: 77:62:AA:82:77:02:0D:0B:B5:C7:59:97:DE:5F:7D:8A:51:42:DF:14
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/4338FC5CFB5611EBB7032080C4F9AE02.roa
Signing time: Wed 14 May 2025 16:55:59 +0000
ROA not before: Wed 14 May 2025 16:55:59 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 63932
IP address blocks: 43.229.12.0/22 maxlen: 22
43.229.12.0/24 maxlen: 24
43.229.13.0/24 maxlen: 24
43.229.15.0/24 maxlen: 24
103.48.16.0/22 maxlen: 22
114.130.240.0/21 maxlen: 21
114.130.240.0/24 maxlen: 24
114.130.252.0/22 maxlen: 22
2401:ed80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 15 May 2025 05:19:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5004 (0x138c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911FAC3, serialNumber=7762AA8277020D0BB5C75997DE5F7D8A5142DF14
Validity
Not Before: May 14 16:55:59 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6824cb1f-5e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:40:a5:c4:64:8e:a3:56:cd:eb:7e:a9:d4:f6:
19:bc:99:d3:49:cd:c3:3e:5f:14:88:f5:b4:93:1f:
20:8f:d3:3c:15:c4:e7:9c:26:60:e0:94:23:18:03:
99:3c:0b:10:3b:4c:c5:e6:c1:5d:bb:00:45:12:18:
ac:4f:e5:9d:b3:8d:48:11:e1:3c:36:70:ff:7f:2c:
84:0b:cf:3f:16:24:35:a4:1d:3f:03:63:8f:ba:f3:
6d:f2:37:5b:6c:73:2b:47:f7:04:6d:8d:3f:5c:2a:
e1:80:ee:f0:d9:e7:7c:d1:8d:11:e6:69:cc:06:01:
74:b6:04:ee:1f:ee:18:aa:b6:96:18:f5:83:31:e0:
75:f9:5e:0e:64:95:87:89:9f:31:ad:c9:9b:61:4f:
0c:52:c2:9a:7a:e7:f3:8d:a0:d3:78:76:46:94:31:
02:d9:2b:9a:e5:e0:35:a6:a5:d0:63:c6:3d:ba:51:
56:33:34:af:6b:6e:62:ab:b3:fa:a7:1c:ea:2a:04:
b6:51:d5:41:5f:84:5d:f3:44:7a:5d:1e:7d:02:86:
3b:9d:ce:53:95:8c:a8:0e:6c:22:f4:3a:cb:75:dd:
92:85:f8:7b:bc:7e:ae:20:6e:43:c2:42:fc:e1:96:
99:22:91:76:07:9c:0d:76:dc:4a:3b:8f:98:90:a5:
87:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:FA:3A:45:47:A8:B6:70:0F:AB:7A:9F:9D:6F:DF:0A:AC:BA:4B:F4
X509v3 Authority Key Identifier:
keyid:77:62:AA:82:77:02:0D:0B:B5:C7:59:97:DE:5F:7D:8A:51:42:DF:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/4338FC5CFB5611EBB7032080C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.12.0/22
103.48.16.0/22
114.130.240.0/21
114.130.252.0/22
IPv6:
2401:ed80::/32
Signature Algorithm: sha256WithRSAEncryption
c3:2a:c2:31:bd:3d:4e:22:35:82:8f:a0:46:f8:90:67:97:75:
55:32:3c:06:33:55:cb:39:49:04:87:d8:82:8e:fd:a7:48:f9:
01:42:03:40:5a:a5:66:cf:90:6f:b7:75:c9:e6:b2:b8:8c:76:
33:91:5d:5e:bc:af:ff:fe:ff:56:b2:7c:a1:a3:e2:76:cc:72:
7c:9a:67:a6:66:78:a0:3c:2e:5e:17:87:7c:6d:6d:45:95:ce:
73:51:c7:cd:db:63:e1:4c:7c:63:66:99:eb:f9:f2:2e:e2:be:
2e:4c:df:c6:0b:58:e5:ba:31:60:7d:87:af:62:1c:3e:17:55:
27:7d:6e:95:22:32:de:5d:a6:12:e3:db:e6:5a:4f:7d:c7:67:
2d:8c:da:be:5e:93:8a:07:33:18:1e:45:3e:9e:3f:52:b9:3a:
7f:20:0a:fa:b0:b5:ae:f6:07:cc:16:7d:7c:ee:45:b7:d4:d0:
97:28:c5:b2:27:e2:55:ee:b8:ae:cf:30:5d:89:6c:49:4e:22:
3e:da:75:d5:a8:db:f8:2b:74:5f:d6:ce:37:de:d2:f5:1b:46:
e6:21:f9:54:c9:06:e1:90:52:4c:20:25:7a:05:8d:8a:cf:52:
91:a3:ab:ce:25:d3:fd:fa:da:26:82:32:98:51:f9:19:f3:30:
e7:93:e3:51
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICE4wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUZBQzMxMTAvBgNVBAUTKDc3NjJBQTgyNzcwMjBEMEJCNUM3NTk5N0RFNUY3RDhB
NTE0MkRGMTQwHhcNMjUwNTE0MTY1NTU5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI0Y2IxZi01ZTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtUClxGSOo1bN636p1PYZvJnTSc3DPl8UiPW0kx8gj9M8FcTnnCZg4JQjGAOZ
PAsQO0zF5sFduwBFEhisT+Wds41IEeE8NnD/fyyEC88/FiQ1pB0/A2OPuvNt8jdb
bHMrR/cEbY0/XCrhgO7w2ed80Y0R5mnMBgF0tgTuH+4YqraWGPWDMeB1+V4OZJWH
iZ8xrcmbYU8MUsKaeufzjaDTeHZGlDEC2Sua5eA1pqXQY8Y9ulFWMzSva25iq7P6
pxzqKgS2UdVBX4Rd80R6XR59AoY7nc5TlYyoDmwi9DrLdd2Shfh7vH6uIG5DwkL8
4ZaZIpF2B5wNdtxKO4+YkKWHsQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFLf6OkVH
qLZwD6t6n51v3wqsukv0MB8GA1UdIwQYMBaAFHdiqoJ3Ag0LtcdZl95ffYpRQt8U
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRkFDMy83Qjg2OEMwODlE
RjUxMUU4OTU3QUI0MTZDNEY5QUUwMi9kMktxZ25jQ0RRdTF4MW1YM2w5OWlsRkMz
eFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QyS3FnbmNDRFF1MXgxbVgzbDk5aWxGQzN4US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUZBQzMvN0I4NjhDMDg5REY1MTFFODk1N0FCNDE2QzRGOUFFMDIvNDMzOEZDNUNG
QjU2MTFFQkI3MDMyMDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr5QwDBAJnMBADBANygvADBAJygvwwDQQCAAIwBwMFACQB
7YAwDQYJKoZIhvcNAQELBQADggEBAMMqwjG9PU4iNYKPoEb4kGeXdVUyPAYzVcs5
SQSH2IKO/adI+QFCA0BapWbPkG+3dcnmsriMdjORXV68r//+/1ayfKGj4nbMcnya
Z6ZmeKA8Ll4Xh3xtbUWVznNRx83bY+FMfGNmmev58i7ivi5M38YLWOW6MWB9h69i
HD4XVSd9bpUiMt5dphLj2+ZaT33HZy2M2r5ek4oHMxgeRT6eP1K5On8gCvqwta72
B8wWfXzuRbfU0JcoxbIn4lXuuK7PMF2JbElOIj7addWo2/grdF/Wzjfe0vUbRuYh
+VTJBuGQUkwgJXoFjYrPUpGjq84l0/362iaCMphR+RnzMOeT41E=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:55:27 2025 by rpki-client