Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/236F2E3424D611F0A81E280CC4F9AE02.roa
File: 236F2E3424D611F0A81E280CC4F9AE02.roa (raw, json)
Hash identifier: Bd642TqJTTRBJpIErqCGeDTJcr+jwMSGrgi4F7Y9RM4=
Subject key identifier: 97:F0:B5:F0:6D:F9:6F:EE:0A:11:0D:C3:7B:76:39:2B:69:A0:A7:25
Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Certificate serial: 03F1
Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/236F2E3424D611F0A81E280CC4F9AE02.roa
Signing time: Tue 29 Apr 2025 08:44:18 +0000
ROA not before: Tue 29 Apr 2025 08:44:18 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 153706
IP address blocks: 103.103.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 May 2025 09:06:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1009 (0x3f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916557B, serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Validity
Not Before: Apr 29 08:44:18 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=68109162-2930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:be:0e:50:36:43:dc:4d:1c:95:63:da:9a:55:
93:d3:cf:fa:d4:c8:80:5c:f3:c0:d6:89:4b:07:ed:
c4:33:78:57:6b:f6:9e:c3:5e:74:83:4e:99:7d:17:
5b:ed:b2:70:34:04:a2:f3:dc:17:e7:24:6b:27:bc:
30:b5:46:b2:0a:8b:d5:e7:32:90:e5:e6:9a:17:c0:
ab:7c:c1:5b:b1:00:92:09:47:33:39:56:0f:24:62:
a0:bb:60:b9:e6:05:54:25:ab:da:49:17:8f:bc:5a:
91:c7:bd:32:bc:3c:02:58:9b:b0:07:9f:33:08:fc:
04:65:56:9c:8d:27:59:93:82:d7:4b:d3:0a:e1:05:
5f:21:ce:1d:ac:71:a4:88:0a:50:5b:a9:c4:02:67:
d0:be:6e:00:d2:63:df:b2:ff:e1:5a:50:03:bd:fb:
e3:a3:66:f1:51:99:95:63:d1:ae:04:df:32:1e:30:
e8:9b:89:53:0b:eb:10:34:3a:fc:e5:6b:a6:3a:f9:
f0:15:8e:fb:f4:4c:5e:6a:16:9c:ba:54:17:2c:db:
dd:e0:42:b6:ba:13:7c:7d:da:41:ac:11:94:42:d6:
41:39:a0:cf:a6:49:e2:35:06:76:07:2a:b2:29:20:
dc:1a:f2:f6:70:75:90:c1:a7:d5:b2:df:31:bd:c2:
43:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F0:B5:F0:6D:F9:6F:EE:0A:11:0D:C3:7B:76:39:2B:69:A0:A7:25
X509v3 Authority Key Identifier:
keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/236F2E3424D611F0A81E280CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.103.244.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:26:3d:1b:9f:a9:94:92:7a:35:fd:a5:6c:3d:b7:d0:7c:fd:
cb:89:4d:5d:c0:81:d0:64:ba:34:ac:1c:87:f1:b2:ee:5b:b1:
1e:bb:0e:33:6e:60:17:dc:84:5a:2a:22:b2:2b:85:c9:7f:29:
7f:75:c7:ea:59:46:4c:91:2c:5d:27:a8:c2:0c:4c:55:c5:ce:
45:a0:22:51:e9:54:b1:d5:33:47:51:74:b2:c5:8d:11:e6:7a:
88:25:c0:3a:05:93:df:c8:bc:92:6f:2a:b7:70:1b:a2:db:4c:
ca:4b:c2:89:80:de:36:79:f8:60:45:b6:17:f0:aa:33:75:7f:
f0:2e:7a:1b:c6:bb:32:57:a2:4f:d2:4c:5a:55:7a:b5:50:44:
1e:8c:87:56:b1:b5:c8:e0:6e:97:6f:c7:f1:49:5a:7f:40:1c:
60:56:23:f8:10:37:c1:64:af:df:59:f9:45:d5:c4:ca:9b:30:
9f:8b:a0:c8:8c:f7:ab:53:58:d2:f3:49:05:97:bb:ff:2e:4c:
e2:e6:07:fa:1f:eb:d0:10:1a:16:65:5e:1f:98:86:28:b9:ae:
31:4d:0a:43:03:3e:78:5b:c1:d3:1d:22:e3:75:bc:6c:c3:d6:
8a:15:d4:b2:e7:02:98:b4:15:04:71:82:b2:d7:a4:18:9f:19:
d7:3f:dd:64
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA/EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE
MjYwQUE5NzgwHhcNMjUwNDI5MDg0NDE4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEwOTE2Mi0yOTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtL4OUDZD3E0clWPamlWT08/61MiAXPPA1olLB+3EM3hXa/aew150g06ZfRdb
7bJwNASi89wX5yRrJ7wwtUayCovV5zKQ5eaaF8CrfMFbsQCSCUczOVYPJGKgu2C5
5gVUJavaSRePvFqRx70yvDwCWJuwB58zCPwEZVacjSdZk4LXS9MK4QVfIc4drHGk
iApQW6nEAmfQvm4A0mPfsv/hWlADvfvjo2bxUZmVY9GuBN8yHjDom4lTC+sQNDr8
5WumOvnwFY779ExeahaculQXLNvd4EK2uhN8fdpBrBGUQtZBOaDPpkniNQZ2Byqy
KSDcGvL2cHWQwafVst8xvcJDnwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJfwtfBt
+W/uChENw3t2OStpoKclMB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx
RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1N0IvOERBNzI2NDBDMUZBMTFFQ0IzMEVFMjFBQzRGOUFFMDIvMjM2RjJFMzQy
NEQ2MTFGMEE4MUUyODBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnZ/QwDQYJKoZIhvcNAQELBQADggEBAH8mPRufqZSSejX9
pWw9t9B8/cuJTV3AgdBkujSsHIfxsu5bsR67DjNuYBfchFoqIrIrhcl/KX91x+pZ
RkyRLF0nqMIMTFXFzkWgIlHpVLHVM0dRdLLFjRHmeoglwDoFk9/IvJJvKrdwG6Lb
TMpLwomA3jZ5+GBFthfwqjN1f/AuehvGuzJXok/STFpVerVQRB6Mh1axtcjgbpdv
x/FJWn9AHGBWI/gQN8Fkr99Z+UXVxMqbMJ+LoMiM96tTWNLzSQWXu/8uTOLmB/of
69AQGhZlXh+Yhii5rjFNCkMDPnhbwdMdIuN1vGzD1ooV1LLnApi0FQRxgrLXpBif
Gdc/3WQ=
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:08:38 2025 by rpki-client