Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/05B3C1D2134511EAB2075B28C4F9AE02.roa
File: 05B3C1D2134511EAB2075B28C4F9AE02.roa (raw, json)
Hash identifier: pFx0/nN8tk37FYYMfan4l4qddU1Y7UoEXJGCdi9rZM4=
Subject key identifier: F4:A2:76:AF:E8:27:E5:4F:E5:72:7B:0A:52:C0:B7:CB:35:C0:AA:66
Certificate issuer: /CN=A91657DD/serialNumber=FBBAC1656A0C63708BCCD60DC825E6C3191A719B
Certificate serial: 0F56
Authority key identifier: FB:BA:C1:65:6A:0C:63:70:8B:CC:D6:0D:C8:25:E6:C3:19:1A:71:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/05B3C1D2134511EAB2075B28C4F9AE02.roa
Signing time: Sat 31 May 2025 15:21:39 +0000
ROA not before: Sat 31 May 2025 15:21:39 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 63996
IP address blocks: 45.120.112.0/22 maxlen: 24
103.60.172.0/22 maxlen: 24
103.205.68.0/22 maxlen: 24
192.144.86.0/23 maxlen: 24
203.95.220.0/22 maxlen: 24
2400:3240::/32 maxlen: 36
2400:3240:300::/40 maxlen: 40
2400:3240:7000::/42 maxlen: 42
2400:3240:7080::/42 maxlen: 42
2400:3240:7400::/42 maxlen: 42
2400:3240:7440::/42 maxlen: 42
2400:3240:8000::/48 maxlen: 48
2400:3240:9000::/43 maxlen: 43
2400:3240:9020::/43 maxlen: 43
2400:3240:9060::/43 maxlen: 43
2400:3240:9080::/43 maxlen: 43
2400:3240:90a0::/43 maxlen: 43
2400:3240:9100::/43 maxlen: 43
2400:3240:9120::/43 maxlen: 43
2400:3240:91a0::/43 maxlen: 43
2400:3240:91c0::/43 maxlen: 43
2400:3240:91e0::/43 maxlen: 43
2400:3240:9200::/43 maxlen: 43
2404:1380::/32 maxlen: 36
Validation: Failed, certificate revoked on Sat 31 May 2025 17:33:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3926 (0xf56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91657DD, serialNumber=FBBAC1656A0C63708BCCD60DC825E6C3191A719B
Validity
Not Before: May 31 15:21:39 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=683b1e82-2d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:86:33:66:f7:72:c7:a2:de:17:ee:e4:a1:
e5:77:8a:23:11:41:00:d1:a2:da:6a:36:f0:74:14:
95:b4:1a:ac:92:91:4d:5e:2b:41:c1:f3:3c:54:bf:
ba:8b:5d:10:62:c6:fa:21:39:3b:93:a7:5d:ba:be:
9b:89:50:97:99:f6:b8:fb:d8:07:61:33:b5:7b:44:
0f:2b:47:20:8d:94:94:3e:aa:55:04:4b:e2:2a:20:
a8:91:cd:9a:1c:1d:89:a9:a7:16:b5:2c:2f:98:6b:
6c:4d:e8:02:86:f0:fb:d1:37:21:e8:ba:90:34:34:
78:68:dd:74:46:54:e0:d7:14:1c:fb:e1:e1:f5:a0:
d1:f0:e6:7e:31:cd:66:9f:68:e5:30:47:40:84:94:
ca:c8:cd:a3:ed:5f:3f:a6:42:cc:a0:a6:0d:96:59:
eb:bd:c5:4b:10:c7:ce:c8:56:88:00:cc:9b:09:97:
7a:26:05:1b:a2:30:23:8a:71:7f:34:e6:74:64:7b:
2a:60:83:ea:15:7b:52:ca:0c:1b:bb:f0:b8:d2:d7:
34:7e:a6:bc:60:a2:49:9b:b6:c1:01:f5:1b:1d:cd:
ed:0c:af:c3:24:73:a0:48:26:b5:c2:ed:04:9c:03:
3d:9f:61:91:89:f7:b4:b9:e0:18:dd:46:4f:8e:e0:
d8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A2:76:AF:E8:27:E5:4F:E5:72:7B:0A:52:C0:B7:CB:35:C0:AA:66
X509v3 Authority Key Identifier:
keyid:FB:BA:C1:65:6A:0C:63:70:8B:CC:D6:0D:C8:25:E6:C3:19:1A:71:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/05B3C1D2134511EAB2075B28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.120.112.0/22
103.60.172.0/22
103.205.68.0/22
192.144.86.0/23
203.95.220.0/22
IPv6:
2400:3240::/32
2404:1380::/32
Signature Algorithm: sha256WithRSAEncryption
71:30:45:ce:16:3f:9c:21:36:c5:13:e2:78:e5:4e:c9:7f:56:
03:e3:68:2c:d7:af:20:db:cf:c9:29:71:09:d4:6c:cf:49:9f:
8b:18:d4:ae:30:03:34:4d:69:00:e6:81:d6:ed:88:cc:11:d1:
a8:f4:ae:8b:8a:a8:ca:57:e5:c8:1c:f4:00:2c:af:31:db:a0:
09:bf:2c:f1:47:71:06:73:ed:b0:ef:6b:64:c9:cc:1a:07:e6:
61:84:80:f8:73:2b:43:43:2d:39:be:5a:44:75:c3:b8:71:09:
d3:22:26:ec:5c:41:06:e8:79:aa:2e:d7:86:5a:3e:e0:67:f1:
3e:4e:93:b0:d0:fa:0d:49:b6:75:e9:4e:67:42:06:54:94:14:
4f:f0:5c:72:39:d4:a2:c2:0c:67:5e:fd:a2:38:f0:df:2b:c9:
8e:36:5e:cf:73:54:13:1b:ba:1a:61:cc:e8:94:c6:af:b6:08:
4e:33:a0:89:15:fd:7c:4f:69:67:73:a4:a1:69:77:b4:d0:72:
07:54:59:34:91:0a:4d:2b:e4:c8:7d:00:42:5e:8a:c5:3e:73:
d2:b8:8c:78:0f:77:d3:e2:e4:30:3b:c7:de:35:12:98:c6:30:
70:85:dd:40:08:8c:57:89:e8:31:6b:2d:e5:36:f0:e7:2a:bc:
45:f0:81:65
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICD1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU3REQxMTAvBgNVBAUTKEZCQkFDMTY1NkEwQzYzNzA4QkNDRDYwREM4MjVFNkMz
MTkxQTcxOUIwHhcNMjUwNTMxMTUyMTM5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODNiMWU4Mi0yZDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr7SGM2b3csei3hfu5KHld4ojEUEA0aLaajbwdBSVtBqskpFNXitBwfM8VL+6
i10QYsb6ITk7k6ddur6biVCXmfa4+9gHYTO1e0QPK0cgjZSUPqpVBEviKiCokc2a
HB2JqacWtSwvmGtsTegChvD70Tch6LqQNDR4aN10RlTg1xQc++Hh9aDR8OZ+Mc1m
n2jlMEdAhJTKyM2j7V8/pkLMoKYNllnrvcVLEMfOyFaIAMybCZd6JgUbojAjinF/
NOZ0ZHsqYIPqFXtSygwbu/C40tc0fqa8YKJJm7bBAfUbHc3tDK/DJHOgSCa1wu0E
nAM9n2GRife0ueAY3UZPjuDYxwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFPSidq/o
J+VP5XJ7ClLAt8s1wKpmMB8GA1UdIwQYMBaAFPu6wWVqDGNwi8zWDcgl5sMZGnGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTdERC9BRDYxNUY2RTZF
NTYxMUU5QkQ5QjVFNjlDNEY5QUUwMi8tN3JCWldvTVkzQ0x6TllOeUNYbXd4a2Fj
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy03ckJaV29NWTNDTHpOWU55Q1htd3hrYWNacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU3REQvQUQ2MTVGNkU2RTU2MTFFOUJEOUI1RTY5QzRGOUFFMDIvMDVCM0MxRDIx
MzQ1MTFFQUIyMDc1QjI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MCQEAgABMB4DBAIteHADBAJnPKwDBAJnzUQDBAHAkFYDBALLX9wwFAQCAAIw
DgMFACQAMkADBQAkBBOAMA0GCSqGSIb3DQEBCwUAA4IBAQBxMEXOFj+cITbFE+J4
5U7Jf1YD42gs168g28/JKXEJ1GzPSZ+LGNSuMAM0TWkA5oHW7YjMEdGo9K6LiqjK
V+XIHPQALK8x26AJvyzxR3EGc+2w72tkycwaB+ZhhID4cytDQy05vlpEdcO4cQnT
IibsXEEG6HmqLteGWj7gZ/E+TpOw0PoNSbZ16U5nQgZUlBRP8FxyOdSiwgxnXv2i
OPDfK8mONl7Pc1QTG7oaYczolMavtghOM6CJFf18T2lnc6ShaXe00HIHVFk0kQpN
K+TIfQBCXorFPnPSuIx4D3fT4uQwO8feNRKYxjBwhd1ACIxXiegxay3lNvDnKrxF
8IFl
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:02:58 2025 by rpki-client