Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/631F9D58053611F08A2C940AC4F9AE02.roa
File: 631F9D58053611F08A2C940AC4F9AE02.roa (raw, json)
Hash identifier: BqBpcyLmWNjXOkjQdvfDfXdsjQDTcD4/IvpxoJn9yxQ=
Subject key identifier: 24:0D:62:F1:E2:11:B7:33:9B:1A:E4:EF:DB:6B:3A:52:F0:3D:60:63
Certificate issuer: /CN=A91275FD/serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5
Certificate serial: 2729
Authority key identifier: 4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/631F9D58053611F08A2C940AC4F9AE02.roa
Signing time: Thu 22 May 2025 15:52:29 +0000
ROA not before: Thu 22 May 2025 15:52:29 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 9386
IP address blocks: 202.128.32.0/19 maxlen: 19
202.128.32.0/22 maxlen: 22
202.128.36.0/22 maxlen: 22
202.128.40.0/22 maxlen: 22
202.128.44.0/22 maxlen: 22
202.128.48.0/22 maxlen: 22
202.128.52.0/22 maxlen: 22
202.128.56.0/22 maxlen: 22
202.128.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 26 May 2025 03:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10025 (0x2729)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91275FD, serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5
Validity
Not Before: May 22 15:52:29 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=682f483d-31c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3b:84:52:d1:08:92:18:9b:a5:51:25:2e:46:
a3:a0:2a:d4:7f:c3:c4:2b:53:a8:90:42:0a:9c:67:
8a:f2:51:66:a0:72:75:39:64:2a:f5:69:84:1d:bd:
26:f4:08:17:dc:62:7d:64:ef:33:cd:c0:10:93:b9:
6f:0a:19:b7:95:f6:f0:1c:ac:07:99:38:2c:28:1c:
8a:62:ec:01:43:b6:21:db:a6:7e:70:16:51:54:a5:
68:4c:61:80:5e:06:10:c9:1b:6c:f7:47:ad:df:06:
bc:59:16:96:99:cd:5a:6b:05:82:ca:de:11:c0:58:
fb:e3:59:9c:6e:5c:86:71:1b:25:18:13:ec:41:ef:
bb:ba:81:80:e6:28:75:a5:3f:e2:eb:c0:5e:25:57:
7d:89:ca:8f:e3:5b:db:5b:26:5d:1b:9d:92:37:b0:
50:7e:56:7b:25:a8:10:f4:dc:43:76:11:89:4d:1b:
46:90:af:d5:b5:a2:f3:94:73:99:99:73:4a:e0:0b:
23:5a:b0:5c:86:89:f7:31:76:10:ed:26:68:12:3c:
01:e4:99:a8:5b:f0:76:dd:3c:da:84:21:70:15:26:
46:a9:9c:a2:53:46:73:87:48:ff:05:71:d0:5e:9f:
f2:b9:fa:4f:30:f9:a7:d0:f5:cb:ab:ed:42:5c:72:
28:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0D:62:F1:E2:11:B7:33:9B:1A:E4:EF:DB:6B:3A:52:F0:3D:60:63
X509v3 Authority Key Identifier:
keyid:4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/631F9D58053611F08A2C940AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.128.32.0/19
Signature Algorithm: sha256WithRSAEncryption
39:9e:e2:44:7e:7b:9d:3b:4b:67:73:02:3c:64:32:7f:c9:5a:
5c:84:66:0b:58:52:9b:5d:53:8a:53:fd:38:87:f6:06:36:8a:
1a:ff:fb:a7:c6:c7:a1:d2:eb:60:8d:58:33:ca:75:67:dc:1e:
8b:2b:56:3a:e9:71:99:0c:e8:b3:b0:f3:5f:db:54:c2:10:f3:
fb:5d:80:18:dc:f1:27:5d:dc:a1:49:af:fb:e5:9a:f9:da:83:
cf:46:7b:0a:cd:b4:0a:97:d5:a3:51:82:46:5a:f8:3d:e9:0e:
94:51:2e:ba:b9:61:a6:f9:6b:e6:a7:7c:be:55:5b:b0:83:73:
c7:6b:a6:f2:87:85:95:ce:bb:65:3e:8f:40:74:67:32:88:48:
2c:b9:59:1d:e7:cf:8c:ba:b4:b4:d6:1c:a5:8c:e8:2a:c7:4c:
d2:0b:4c:77:50:a1:bd:2c:83:27:00:01:5d:c8:26:cf:f1:1e:
f7:de:10:4e:d0:75:ef:2f:c2:e1:02:7f:da:13:41:c0:7c:b2:
fe:d6:a4:19:96:ef:f6:16:8d:56:e8:a9:af:70:b2:3a:83:d6:
e7:c6:04:ab:d9:fc:78:42:68:ff:69:e3:35:ac:10:6c:9b:7f:
e9:99:90:dc:32:d4:a2:25:31:c4:34:b4:b0:a1:3f:85:51:d8:
c6:33:dd:fb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJykwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc1RkQxMTAvBgNVBAUTKDRFMTBGMTNGMjk1RkJGMkIzNTlDODREREQxNjUxQkM4
NTFBQThBRjUwHhcNMjUwNTIyMTU1MjI5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJmNDgzZC0zMWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuzuEUtEIkhibpVElLkajoCrUf8PEK1OokEIKnGeK8lFmoHJ1OWQq9WmEHb0m
9AgX3GJ9ZO8zzcAQk7lvChm3lfbwHKwHmTgsKByKYuwBQ7Yh26Z+cBZRVKVoTGGA
XgYQyRts90et3wa8WRaWmc1aawWCyt4RwFj741mcblyGcRslGBPsQe+7uoGA5ih1
pT/i68BeJVd9icqP41vbWyZdG52SN7BQflZ7JagQ9NxDdhGJTRtGkK/VtaLzlHOZ
mXNK4AsjWrBchon3MXYQ7SZoEjwB5JmoW/B23TzahCFwFSZGqZyiU0Zzh0j/BXHQ
Xp/yufpPMPmn0PXLq+1CXHIoyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCQNYvHi
Ebczmxrk79trOlLwPWBjMB8GA1UdIwQYMBaAFE4Q8T8pX78rNZyE3dFlG8hRqor1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVGRC9FMUVGRDlCNkRF
Q0UxMUU0QTE0RjAwNjhDNEY5QUUwMi9UaER4UHlsZnZ5czFuSVRkMFdVYnlGR3Fp
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RoRHhQeWxmdnlzMW5JVGQwV1VieUZHcWl2VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc1RkQvRTFFRkQ5QjZERUNFMTFFNEExNEYwMDY4QzRGOUFFMDIvNjMxRjlENTgw
NTM2MTFGMDhBMkM5NDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAXKgCAwDQYJKoZIhvcNAQELBQADggEBADme4kR+e507S2dz
AjxkMn/JWlyEZgtYUptdU4pT/TiH9gY2ihr/+6fGx6HS62CNWDPKdWfcHosrVjrp
cZkM6LOw81/bVMIQ8/tdgBjc8Sdd3KFJr/vlmvnag89GewrNtAqX1aNRgkZa+D3p
DpRRLrq5Yab5a+anfL5VW7CDc8drpvKHhZXOu2U+j0B0ZzKISCy5WR3nz4y6tLTW
HKWM6CrHTNILTHdQob0sgycAAV3IJs/xHvfeEE7Qde8vwuECf9oTQcB8sv7WpBmW
7/YWjVboqa9wsjqD1ufGBKvZ/HhCaP9p4zWsEGybf+mZkNwy1KIlMcQ0tLChP4VR
2MYz3fs=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:11:03 2025 by rpki-client