Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/3521D20C353011F08D12C04DC4F9AE02.roa
File: 3521D20C353011F08D12C04DC4F9AE02.roa (raw, json)
Hash identifier: ZUHYED+pi+b1jG1tkEd/wo3y4AiJaO6To/XxfF5LG20=
Subject key identifier: 9B:3F:9A:C0:14:4C:2C:A9:AB:A8:C0:79:C7:62:C6:2B:12:95:5B:C1
Certificate issuer: /CN=A915EFDF/serialNumber=E8C21B03B65083B21BFA37526D12B341F249CC8B
Certificate serial: 0834
Authority key identifier: E8:C2:1B:03:B6:50:83:B2:1B:FA:37:52:6D:12:B3:41:F2:49:CC:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6MIbA7ZQg7Ib-jdSbRKzQfJJzIs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/3521D20C353011F08D12C04DC4F9AE02.roa
Signing time: Tue 20 May 2025 04:09:21 +0000
ROA not before: Tue 20 May 2025 04:09:21 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 151215
IP address blocks: 103.72.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jun 2025 07:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2100 (0x834)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EFDF, serialNumber=E8C21B03B65083B21BFA37526D12B341F249CC8B
Validity
Not Before: May 20 04:09:21 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=682c0071-48c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3b:72:40:b1:35:30:3b:2b:04:54:7f:19:ea:
12:bf:42:11:4c:2e:3b:df:a5:2d:ea:e6:c8:97:11:
ea:8c:61:ec:f1:dc:06:7b:e3:a7:c6:77:eb:2b:82:
7c:d4:d2:f4:fd:4d:6f:8c:a7:e8:fb:3d:0f:e9:e2:
b4:a8:a0:bb:36:49:69:93:51:b9:17:d0:09:eb:0b:
d4:c7:3e:cd:58:6f:94:22:b2:51:cc:c6:f4:21:17:
93:84:3b:c6:46:b1:42:bf:8f:31:18:7c:d0:29:a8:
cb:92:19:46:82:e5:7b:70:cf:e4:9c:d5:9a:71:5b:
e8:13:73:c3:5e:c2:07:9e:8c:c6:c7:fc:c6:34:77:
4a:2a:95:88:13:0b:14:ed:e9:72:34:db:c8:38:20:
9f:3f:1f:a2:68:dd:27:8b:d0:b9:8e:e2:d8:39:ea:
d8:10:4c:a0:dc:37:a6:e9:e5:9a:69:06:2f:75:e4:
26:a0:9a:a7:9f:5e:57:ac:02:89:6a:1d:fe:c0:a4:
a3:3f:68:09:f8:1c:3e:3c:d6:b3:b3:06:38:46:97:
58:7c:4d:5d:04:ac:6a:f1:c0:43:80:7c:b1:58:59:
c2:3a:d7:a4:21:68:13:3d:8f:c9:47:9b:77:91:6b:
9d:ff:af:f5:00:ca:d3:c4:47:75:ed:f7:72:3c:24:
00:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3F:9A:C0:14:4C:2C:A9:AB:A8:C0:79:C7:62:C6:2B:12:95:5B:C1
X509v3 Authority Key Identifier:
keyid:E8:C2:1B:03:B6:50:83:B2:1B:FA:37:52:6D:12:B3:41:F2:49:CC:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/6MIbA7ZQg7Ib-jdSbRKzQfJJzIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6MIbA7ZQg7Ib-jdSbRKzQfJJzIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EFDF/0BDD7EA2E90C11EA965C2A2FC4F9AE02/3521D20C353011F08D12C04DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.103.0/24
Signature Algorithm: sha256WithRSAEncryption
23:42:ef:75:c1:88:20:84:d7:42:ea:fd:75:1f:58:8c:15:10:
94:46:42:d9:a1:ef:0a:45:f1:89:74:bf:02:e1:41:2c:39:e0:
fb:cc:0e:47:0c:21:83:b3:f5:3d:29:56:5a:6d:3c:67:73:f2:
93:25:8d:f7:ef:75:1f:ca:7c:03:d1:67:6f:be:6f:21:dc:6f:
60:da:b4:19:b4:6e:c5:ce:a4:c1:ef:09:98:0f:aa:d2:c2:71:
9b:a5:36:54:a5:19:f9:fe:a9:aa:f4:b7:5f:dc:24:bc:01:6e:
5d:88:a0:cb:e0:93:8d:24:ac:4e:b5:30:60:6f:74:f1:b9:68:
d8:42:14:d0:b1:43:2c:a6:b0:32:6e:27:ab:d7:72:ee:40:0e:
a9:32:bb:77:e8:ff:54:97:12:36:30:56:86:66:38:4d:14:7f:
16:66:54:a2:c0:1a:db:7d:16:6c:a3:3e:0c:99:86:20:8a:b7:
dc:dc:30:72:46:3b:3c:39:00:df:c0:ad:e7:0b:3e:57:2f:3c:
49:12:95:36:53:71:98:80:11:f6:02:c7:04:55:c3:d7:ad:da:
5d:bb:c9:85:85:60:82:83:53:c2:53:1f:c4:a8:38:bf:93:29:
9d:fc:fe:2c:61:19:fa:4e:ab:1f:54:6c:60:32:db:70:65:ff:
04:ce:bb:33
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCDQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVGREYxMTAvBgNVBAUTKEU4QzIxQjAzQjY1MDgzQjIxQkZBMzc1MjZEMTJCMzQx
RjI0OUNDOEIwHhcNMjUwNTIwMDQwOTIxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJjMDA3MS00OGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0DtyQLE1MDsrBFR/GeoSv0IRTC4736Ut6ubIlxHqjGHs8dwGe+OnxnfrK4J8
1NL0/U1vjKfo+z0P6eK0qKC7Nklpk1G5F9AJ6wvUxz7NWG+UIrJRzMb0IReThDvG
RrFCv48xGHzQKajLkhlGguV7cM/knNWacVvoE3PDXsIHnozGx/zGNHdKKpWIEwsU
7elyNNvIOCCfPx+iaN0ni9C5juLYOerYEEyg3Dem6eWaaQYvdeQmoJqnn15XrAKJ
ah3+wKSjP2gJ+Bw+PNazswY4RpdYfE1dBKxq8cBDgHyxWFnCOtekIWgTPY/JR5t3
kWud/6/1AMrTxEd17fdyPCQAoQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJs/msAU
TCypq6jAecdixisSlVvBMB8GA1UdIwQYMBaAFOjCGwO2UIOyG/o3Um0Ss0HyScyL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUZERi8wQkREN0VBMkU5
MEMxMUVBOTY1QzJBMkZDNEY5QUUwMi82TUliQTdaUWc3SWItamRTYlJLelFmSkp6
SXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZNSWJBN1pRZzdJYi1qZFNiUkt6UWZKSnpJcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVGREYvMEJERDdFQTJFOTBDMTFFQTk2NUMyQTJGQzRGOUFFMDIvMzUyMUQyMEMz
NTMwMTFGMDhEMTJDMDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnSGcwDQYJKoZIhvcNAQELBQADggEBACNC73XBiCCE10Lq
/XUfWIwVEJRGQtmh7wpF8Yl0vwLhQSw54PvMDkcMIYOz9T0pVlptPGdz8pMljffv
dR/KfAPRZ2++byHcb2DatBm0bsXOpMHvCZgPqtLCcZulNlSlGfn+qar0t1/cJLwB
bl2IoMvgk40krE61MGBvdPG5aNhCFNCxQyymsDJuJ6vXcu5ADqkyu3fo/1SXEjYw
VoZmOE0UfxZmVKLAGtt9FmyjPgyZhiCKt9zcMHJGOzw5AN/ArecLPlcvPEkSlTZT
cZiAEfYCxwRVw9et2l27yYWFYIKDU8JTH8SoOL+TKZ38/ixhGfpOqx9UbGAy23Bl
/wTOuzM=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:55:24 2025 by rpki-client