Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B7F8F5086EC211ECB8E7492BC4F9AE02.roa
File: B7F8F5086EC211ECB8E7492BC4F9AE02.roa (raw, json)
Hash identifier: B5CPLFgLtF4O8g12by9D88FRYm9CY6ryNdBLs6/+52Q=
Subject key identifier: 75:E1:17:EE:01:F4:C4:A6:D2:2C:AF:30:CF:38:69:DD:1D:25:7A:4A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B7C2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B7F8F5086EC211ECB8E7492BC4F9AE02.roa
Signing time: Thu 08 May 2025 16:21:56 +0000
ROA not before: Thu 08 May 2025 16:21:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 149221
IP address blocks: 103.178.254.0/23 maxlen: 24
103.214.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 May 2025 08:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47042 (0xb7c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 16:21:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cda24-aa88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c7:2a:f2:3c:77:74:ba:e5:04:35:a7:c0:30:
b7:61:e2:da:83:06:10:64:f8:08:9e:42:e9:5f:dc:
c9:cd:f7:d3:3b:aa:b5:48:95:34:fd:02:bd:8e:33:
de:ca:e5:b6:0d:57:1f:8c:b4:e3:e3:f1:af:47:69:
04:51:03:85:8f:90:b6:24:72:be:29:3d:44:08:33:
a4:6a:42:88:a0:eb:71:b5:c7:2f:97:a4:21:b8:e6:
16:f3:c5:c3:e9:de:f0:78:17:d9:81:51:36:98:ad:
1c:43:6f:70:e7:4a:ed:6c:c1:02:39:82:33:cd:59:
d9:4a:aa:dc:a0:c8:03:4b:bc:93:83:75:bf:f4:37:
29:ed:93:97:e4:47:1c:13:20:39:3a:cd:13:b5:6a:
2b:da:bb:32:8f:d9:de:86:0e:9b:61:41:4e:50:0c:
ee:48:1a:c6:98:b6:7f:dd:4b:31:6d:73:0b:e9:8c:
c5:56:62:95:75:35:65:1e:f7:1c:d8:15:f3:8d:95:
e7:3c:b9:8a:e4:ef:1b:21:7c:81:bf:7d:ac:12:61:
cd:07:6a:69:cf:e9:07:ef:cc:b5:64:dc:65:4a:2a:
8a:a1:ee:d9:f6:6d:06:68:1a:d0:cb:7e:f6:e2:5a:
75:e9:da:74:34:5e:50:87:7b:76:c5:de:48:19:0a:
ed:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E1:17:EE:01:F4:C4:A6:D2:2C:AF:30:CF:38:69:DD:1D:25:7A:4A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B7F8F5086EC211ECB8E7492BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.254.0/23
103.214.162.0/24
Signature Algorithm: sha256WithRSAEncryption
71:51:d6:43:e4:90:96:44:11:f6:34:be:bd:e0:4d:24:33:6f:
f4:6e:ed:11:31:3a:d7:ed:f6:f3:e3:37:30:61:96:60:98:73:
a2:70:16:fd:ce:18:9c:6b:c7:fc:ae:d4:e6:31:b0:ec:c0:f4:
ea:cf:2a:47:eb:0c:a3:e2:78:cf:02:67:47:87:87:02:c6:a2:
27:f3:2f:58:75:f3:64:e0:a0:62:1e:6a:2a:0b:6f:14:06:fd:
5e:df:cb:8b:60:b6:c3:fd:ba:3b:6a:de:9d:17:3f:4b:21:17:
99:b5:92:3e:6a:83:cc:34:97:0e:49:d3:f0:7d:bb:b1:95:6f:
c2:eb:a7:59:08:2a:ec:23:4b:d1:6c:bc:23:9d:69:c5:7e:30:
78:d6:d1:f1:06:eb:08:36:02:fe:61:33:e7:bf:a9:79:8d:03:
d0:8d:74:e2:c6:56:b3:41:7c:f8:73:e2:93:55:b5:f1:7d:7b:
8b:4a:61:3c:34:d2:2f:dc:b0:d4:4b:8f:a0:10:aa:69:87:ca:
33:a4:bb:72:b4:79:2a:15:a6:f8:da:97:1b:ab:86:4c:bf:c9:
2f:65:df:0b:93:85:63:63:bd:0a:f0:49:f1:85:11:ff:bd:4e:
0a:88:90:ae:d9:48:c8:ff:27:cf:f1:89:dd:ff:c5:83:41:73:
d0:74:a7:06
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDALfCMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MjE1NloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RhMjQtYWE4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOfHKvI8d3S65QQ1p8Awt2Hi2oMGEGT4CJ5C6V/cyc330zuqtUiVNP0CvY4z
3srltg1XH4y04+Pxr0dpBFEDhY+QtiRyvik9RAgzpGpCiKDrcbXHL5ekIbjmFvPF
w+ne8HgX2YFRNpitHENvcOdK7WzBAjmCM81Z2Uqq3KDIA0u8k4N1v/Q3Ke2Tl+RH
HBMgOTrNE7VqK9q7Mo/Z3oYOm2FBTlAM7kgaxpi2f91LMW1zC+mMxVZilXU1ZR73
HNgV842V5zy5iuTvGyF8gb99rBJhzQdqac/pB+/MtWTcZUoqiqHu2fZtBmga0Mt+
9uJadenadDReUId7dsXeSBkK7T8CAwEAAaOCApswggKXMB0GA1UdDgQWBBR14Rfu
AfTEptIsrzDPOGndHSV6SjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0I3RjhGNTA4
NkVDMjExRUNCOEU3NDkyQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQBZ7L+AwQAZ9aiMA0GCSqGSIb3DQEBCwUAA4IBAQBxUdZD
5JCWRBH2NL694E0kM2/0bu0RMTrX7fbz4zcwYZZgmHOicBb9zhica8f8rtTmMbDs
wPTqzypH6wyj4njPAmdHh4cCxqIn8y9YdfNk4KBiHmoqC28UBv1e38uLYLbD/bo7
at6dFz9LIReZtZI+aoPMNJcOSdPwfbuxlW/C66dZCCrsI0vRbLwjnWnFfjB41tHx
BusINgL+YTPnv6l5jQPQjXTixlazQXz4c+KTVbXxfXuLSmE8NNIv3LDUS4+gEKpp
h8ozpLtytHkqFab42pcbq4ZMv8kvZd8Lk4VjY70K8EnxhRH/vU4KiJCu2UjI/yfP
8Ynd/8WDQXPQdKcG
-----END CERTIFICATE-----
Generated at Mon Jun 9 23:05:50 2025 by rpki-client