Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/34D8F6AC363611F09860C64FC4F9AE02.roa
File: 34D8F6AC363611F09860C64FC4F9AE02.roa (raw, json)
Hash identifier: jeQPQ/PC60106Qn4bZ5WT6TnaGgvGPe6KA0eLzQTwlw=
Subject key identifier: BD:73:FC:0F:1A:D8:0E:1C:E8:0B:E4:5A:4F:46:0B:A9:E7:BC:A2:1C
Certificate issuer: /CN=A915DA5A/serialNumber=B1177B2B4C2DF8B306D14A643007286F89D69CC0
Certificate serial: 0C52
Authority key identifier: B1:17:7B:2B:4C:2D:F8:B3:06:D1:4A:64:30:07:28:6F:89:D6:9C:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sRd7K0wt-LMG0UpkMAcob4nWnMA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/34D8F6AC363611F09860C64FC4F9AE02.roa
Signing time: Wed 21 May 2025 11:24:49 +0000
ROA not before: Wed 21 May 2025 11:24:49 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 139735
IP address blocks: 103.143.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 13:33:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3154 (0xc52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915DA5A, serialNumber=B1177B2B4C2DF8B306D14A643007286F89D69CC0
Validity
Not Before: May 21 11:24:49 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=682db801-92ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6e:fe:08:0a:7f:2b:43:73:d5:7e:b9:67:56:
88:a1:c7:fb:f7:ad:c4:60:6b:bc:aa:34:e0:8e:51:
7a:d3:b7:88:ae:d3:09:9d:3b:98:3a:ff:79:59:fe:
e1:21:dc:b6:ed:20:69:32:a3:eb:98:be:9e:44:2f:
e4:34:d1:c1:8d:ec:e9:19:97:a1:cb:74:cf:cd:b2:
51:ad:f6:bc:20:9f:ff:45:6e:52:d4:66:19:23:5b:
32:53:87:ee:3c:08:a1:16:08:cc:87:03:f3:74:a2:
1d:bd:10:50:d6:95:73:ed:fc:7a:e3:aa:2b:c7:10:
0f:74:e2:22:da:99:1f:df:4b:e1:90:9a:ef:89:59:
0d:90:f6:ee:d3:d0:c9:d9:1f:04:5f:1a:38:d9:7f:
76:b5:01:59:8e:1e:66:16:3e:99:52:80:35:07:3c:
f7:53:d2:9a:d5:42:1c:28:b7:19:af:f4:0c:83:98:
ea:05:25:36:4b:ec:02:5e:ff:ea:32:78:4c:0e:32:
89:bd:fd:cb:eb:b3:d3:51:32:01:aa:6e:4d:35:9f:
38:03:7c:b3:b3:fe:f3:99:1b:82:6e:0d:3b:10:20:
62:12:b6:a8:87:ea:b3:d5:c6:d6:f8:20:80:b0:19:
fa:fb:6e:ad:7b:f7:69:7a:aa:0c:fd:ca:32:94:b7:
a8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:73:FC:0F:1A:D8:0E:1C:E8:0B:E4:5A:4F:46:0B:A9:E7:BC:A2:1C
X509v3 Authority Key Identifier:
keyid:B1:17:7B:2B:4C:2D:F8:B3:06:D1:4A:64:30:07:28:6F:89:D6:9C:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/sRd7K0wt-LMG0UpkMAcob4nWnMA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sRd7K0wt-LMG0UpkMAcob4nWnMA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/34D8F6AC363611F09860C64FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.143.255.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:ab:e0:34:1d:5c:60:41:5e:f6:79:21:6d:cb:a6:80:de:72:
8b:05:05:11:da:00:bd:ab:ab:74:d1:7d:64:4f:84:46:bf:53:
79:79:83:ce:29:d1:a8:74:86:ac:67:9b:d5:9d:8a:c0:66:81:
9a:72:2e:14:24:61:85:e3:7c:73:28:bb:5e:33:d6:f6:a1:99:
8e:28:66:d5:92:f9:8e:2f:59:b6:7d:f3:97:10:29:97:7f:bb:
6e:6f:e8:40:69:59:e0:ab:3d:40:3c:86:08:76:bb:5d:d5:5f:
3b:9a:ec:00:fc:05:f7:c3:9b:71:d2:c5:58:b4:90:80:3f:9a:
e3:be:7a:5a:2c:7c:35:79:dc:1e:5e:76:f4:c8:0d:3f:ed:db:
bc:cb:20:e5:b6:b5:c8:d8:ec:14:e5:0a:24:05:5d:f0:7c:80:
d4:00:38:bb:53:fc:2a:61:6d:dd:93:a9:df:e7:30:aa:25:86:
f4:41:23:70:ba:a2:86:57:db:15:23:81:89:bf:39:d2:15:53:
58:12:71:9f:9e:96:26:94:8b:ea:7c:a9:39:74:a0:5b:da:3f:
be:3b:18:6e:bb:fb:71:44:99:8f:ac:6a:1c:bf:d2:80:5b:b8:
95:9f:ab:bd:18:c3:a4:88:63:08:79:b2:73:d0:a9:47:98:b4:
f4:89:b8:81
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NURBNUExMTAvBgNVBAUTKEIxMTc3QjJCNEMyREY4QjMwNkQxNEE2NDMwMDcyODZG
ODlENjlDQzAwHhcNMjUwNTIxMTEyNDQ5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJkYjgwMS05MmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvm7+CAp/K0Nz1X65Z1aIocf7963EYGu8qjTgjlF607eIrtMJnTuYOv95Wf7h
Idy27SBpMqPrmL6eRC/kNNHBjezpGZehy3TPzbJRrfa8IJ//RW5S1GYZI1syU4fu
PAihFgjMhwPzdKIdvRBQ1pVz7fx646orxxAPdOIi2pkf30vhkJrviVkNkPbu09DJ
2R8EXxo42X92tQFZjh5mFj6ZUoA1Bzz3U9Ka1UIcKLcZr/QMg5jqBSU2S+wCXv/q
MnhMDjKJvf3L67PTUTIBqm5NNZ84A3yzs/7zmRuCbg07ECBiEraoh+qz1cbW+CCA
sBn6+26te/dpeqoM/coylLeoPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFL1z/A8a
2A4c6AvkWk9GC6nnvKIcMB8GA1UdIwQYMBaAFLEXeytMLfizBtFKZDAHKG+J1pzA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1REE1QS80NEU3NzBCMjAz
RUUxMUVBQkNBMUExNkVDNEY5QUUwMi9zUmQ3SzB3dC1MTUcwVXBrTUFjb2I0bldu
TUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NSZDdLMHd0LUxNRzBVcGtNQWNvYjRuV25NQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NURBNUEvNDRFNzcwQjIwM0VFMTFFQUJDQTFBMTZFQzRGOUFFMDIvMzREOEY2QUMz
NjM2MTFGMDk4NjBDNjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnj/8wDQYJKoZIhvcNAQELBQADggEBAF6r4DQdXGBBXvZ5
IW3LpoDecosFBRHaAL2rq3TRfWRPhEa/U3l5g84p0ah0hqxnm9WdisBmgZpyLhQk
YYXjfHMou14z1vahmY4oZtWS+Y4vWbZ985cQKZd/u25v6EBpWeCrPUA8hgh2u13V
Xzua7AD8BffDm3HSxVi0kIA/muO+elosfDV53B5edvTIDT/t27zLIOW2tcjY7BTl
CiQFXfB8gNQAOLtT/Cphbd2Tqd/nMKolhvRBI3C6ooZX2xUjgYm/OdIVU1gScZ+e
liaUi+p8qTl0oFvaP747GG67+3FEmY+sahy/0oBbuJWfq70Yw6SIYwh5snPQqUeY
tPSJuIE=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:55:32 2025 by rpki-client