Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/C2F6995E34A511F0A6FC4F68C4F9AE02.roa
File: C2F6995E34A511F0A6FC4F68C4F9AE02.roa (raw, json)
Hash identifier: 2R5NvgxPz+VKzgVQqgtSoYyiP1awN5RV4KO/xXFg4YQ=
Subject key identifier: 13:4B:9C:AB:92:FE:A0:5A:1E:B5:8C:B0:12:0F:E6:22:89:60:9A:C0
Certificate issuer: /CN=A915BF76/serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
Certificate serial: 34E3
Authority key identifier: 63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/C2F6995E34A511F0A6FC4F68C4F9AE02.roa
Signing time: Mon 19 May 2025 11:38:19 +0000
ROA not before: Mon 19 May 2025 11:38:19 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.21.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 May 2025 09:53:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13539 (0x34e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BF76, serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
Validity
Not Before: May 19 11:38:19 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=682b182b-f1eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ba:5d:d8:bc:5d:93:bf:65:01:e4:cc:12:62:
41:49:4b:0e:6c:cb:06:49:6d:44:b9:80:8a:f7:1e:
fb:89:48:b9:f6:19:ea:9b:63:a3:57:c6:70:17:42:
c8:3b:7a:94:60:c0:8c:fb:8a:e5:1b:85:07:eb:23:
c4:db:51:f3:4c:a5:2e:e3:bc:0a:11:89:33:f6:d9:
58:74:8c:48:7e:68:ec:95:0a:3e:fa:af:33:05:36:
e0:98:c9:80:ca:a8:d9:c0:83:6d:ad:0b:9a:ec:7c:
08:2a:c2:27:9c:63:40:5e:60:f9:ce:9f:29:d9:dc:
9a:a9:e6:ce:09:bf:e6:5b:4c:65:cb:2b:2c:34:3d:
76:4b:f0:f0:8d:f7:d7:5a:92:d2:28:2d:f8:f4:1d:
68:84:ef:cd:75:a8:b0:26:21:44:08:1a:fb:64:de:
82:e8:cf:af:40:35:7a:dd:20:93:9d:5c:64:88:a6:
96:e4:c4:3b:26:18:a5:8b:41:a4:8c:59:64:f4:8e:
7c:6c:af:32:c6:ef:60:a3:ac:c3:3c:df:29:1c:d6:
4a:42:ae:91:6f:13:2b:d3:b7:af:6d:b8:ea:ef:54:
a4:6e:b0:b3:1a:2c:77:dc:81:76:7e:18:94:c6:17:
f6:85:b5:03:5b:92:35:22:34:db:ec:f9:e9:52:5b:
5e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:4B:9C:AB:92:FE:A0:5A:1E:B5:8C:B0:12:0F:E6:22:89:60:9A:C0
X509v3 Authority Key Identifier:
keyid:63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/C2F6995E34A511F0A6FC4F68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.137.0/24
Signature Algorithm: sha256WithRSAEncryption
58:fc:c2:51:9b:1d:e6:21:19:50:df:6e:3e:a8:db:6e:81:39:
14:85:1a:1c:15:58:65:58:57:40:8b:8f:46:6a:8c:02:24:01:
2a:4b:8c:18:2b:8c:6f:c4:83:89:0f:49:d7:5b:41:1f:19:7f:
fe:0a:91:a1:7d:b2:50:42:9f:6f:ef:eb:b8:f4:74:2f:f4:08:
05:42:f0:fb:24:7a:4d:31:db:21:bf:c7:9c:57:b5:79:44:3b:
31:5b:8f:f2:44:c2:da:05:86:f5:7f:b3:a1:b6:f8:ac:fb:c3:
3e:c4:eb:5a:43:47:0c:d9:92:4e:85:e4:d8:2e:9e:60:5e:93:
cb:dd:af:db:a8:9b:5d:dd:b0:73:ba:b4:77:4a:b0:7d:1b:37:
ce:1b:b8:9c:e3:7f:b5:6f:a9:88:c5:ba:11:2a:d4:47:57:cb:
51:e6:b7:22:a8:f6:06:a1:0e:c0:24:fd:66:58:5b:66:7d:87:
17:0c:80:0f:d0:0e:91:19:b0:f9:da:d4:14:b6:1d:ec:0e:5c:
f8:17:73:99:3d:47:02:ae:bf:71:58:bd:8e:a9:7c:e0:2b:24:
29:3a:62:a2:44:ac:33:60:ab:bd:76:42:9a:25:5b:e4:17:3a:
a7:69:b9:53:52:8a:5c:ae:f1:ac:06:95:e0:41:57:14:41:c5:
d2:82:9f:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJGNzYxMTAvBgNVBAUTKDYzRUM0RTYzODBGQUFFQTUxMTA3RTlDNDBDMkYxMDU4
RTA4Rjg1NkUwHhcNMjUwNTE5MTEzODE5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJiMTgyYi1mMWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz7pd2Lxdk79lAeTMEmJBSUsObMsGSW1EuYCK9x77iUi59hnqm2OjV8ZwF0LI
O3qUYMCM+4rlG4UH6yPE21HzTKUu47wKEYkz9tlYdIxIfmjslQo++q8zBTbgmMmA
yqjZwINtrQua7HwIKsInnGNAXmD5zp8p2dyaqebOCb/mW0xlyyssND12S/DwjffX
WpLSKC349B1ohO/NdaiwJiFECBr7ZN6C6M+vQDV63SCTnVxkiKaW5MQ7Jhili0Gk
jFlk9I58bK8yxu9go6zDPN8pHNZKQq6RbxMr07evbbjq71SkbrCzGix33IF2fhiU
xhf2hbUDW5I1IjTb7PnpUltepQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBNLnKuS
/qBaHrWMsBIP5iKJYJrAMB8GA1UdIwQYMBaAFGPsTmOA+q6lEQfpxAwvEFjgj4Vu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkY3Ni85NDRFMzg5MjFE
QUIxMUUyQkIzMENBQTkwOEIwMkNEMi9ZLXhPWTRENnJxVVJCLW5FREM4UVdPQ1Bo
VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1kteE9ZNEQ2cnFVUkItbkVEQzhRV09DUGhXNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJGNzYvOTQ0RTM4OTIxREFCMTFFMkJCMzBDQUE5MDhCMDJDRDIvQzJGNjk5NUUz
NEE1MTFGMEE2RkM0RjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnFYkwDQYJKoZIhvcNAQELBQADggEBAFj8wlGbHeYhGVDf
bj6o226BORSFGhwVWGVYV0CLj0ZqjAIkASpLjBgrjG/Eg4kPSddbQR8Zf/4KkaF9
slBCn2/v67j0dC/0CAVC8Pskek0x2yG/x5xXtXlEOzFbj/JEwtoFhvV/s6G2+Kz7
wz7E61pDRwzZkk6F5NgunmBek8vdr9uom13dsHO6tHdKsH0bN84buJzjf7VvqYjF
uhEq1EdXy1HmtyKo9gahDsAk/WZYW2Z9hxcMgA/QDpEZsPna1BS2HewOXPgXc5k9
RwKuv3FYvY6pfOArJCk6YqJErDNgq712QpolW+QXOqdpuVNSilyu8awGleBBVxRB
xdKCn/w=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:58:38 2025 by rpki-client