Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/AFB0F1260F5E11F0ABB59D3DC4F9AE02.roa
File: AFB0F1260F5E11F0ABB59D3DC4F9AE02.roa (raw, json)
Hash identifier: U48tvlVZz6YCJNVEE3sW2rUFvgMjHr/DM2JhMB/FSTg=
Subject key identifier: 53:33:51:4C:F5:E4:B2:BF:49:44:97:2E:6C:86:08:BE:04:40:8C:13
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 0BDC
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/AFB0F1260F5E11F0ABB59D3DC4F9AE02.roa
Signing time: Tue 27 May 2025 09:54:47 +0000
ROA not before: Tue 27 May 2025 09:54:47 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 395793
IP address blocks: 43.230.54.0/24 maxlen: 24
43.230.55.0/24 maxlen: 24
43.231.188.0/24 maxlen: 24
43.231.189.0/24 maxlen: 24
45.115.32.0/24 maxlen: 24
45.115.33.0/24 maxlen: 24
103.12.52.0/24 maxlen: 24
103.248.148.0/24 maxlen: 24
103.248.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 00:45:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3036 (0xbdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Validity
Not Before: May 27 09:54:47 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68358be7-12c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:25:a7:f6:9b:22:bf:4b:2d:4d:ae:8b:71:ff:
3e:3a:53:a0:fe:bd:99:bd:81:ae:08:09:90:6e:0b:
62:52:14:f1:f5:04:3e:44:0b:6d:25:4c:1e:ac:23:
0d:40:b0:f4:83:2c:59:31:c8:c9:d8:75:d6:9c:7c:
eb:f4:32:a9:90:05:a6:ea:1c:72:07:9d:d0:9b:0c:
0f:cf:a2:a3:da:1c:31:58:1c:7e:96:d4:03:95:ff:
c9:4e:69:27:a3:ef:c1:c2:53:12:78:58:ff:41:6d:
75:9b:ce:d3:9e:b9:73:75:8a:59:22:0a:57:91:9e:
9c:ee:6f:0b:3c:98:10:a8:6f:eb:8b:b0:75:62:8a:
a7:39:e9:a0:76:68:f4:a7:5a:62:fc:da:8c:7a:5d:
95:6a:31:b3:59:da:7e:b5:a7:2f:e6:ba:98:b9:b3:
d4:35:4e:92:8c:a0:c7:67:01:a2:13:0f:50:c1:e2:
76:e6:01:e7:06:9a:c0:87:0b:a9:b3:2b:a5:8c:0e:
a0:c7:c2:93:50:67:6b:00:9e:ff:e0:56:66:cb:59:
4d:69:80:a6:d1:0c:da:88:0c:08:fc:80:24:8a:ce:
d1:ea:9e:21:c6:c7:b3:15:5b:99:76:dc:0f:8d:5f:
18:2c:eb:ca:73:7a:60:37:af:3b:ea:f0:5c:d8:fc:
cc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:33:51:4C:F5:E4:B2:BF:49:44:97:2E:6C:86:08:BE:04:40:8C:13
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/AFB0F1260F5E11F0ABB59D3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.54.0/23
43.231.188.0/23
45.115.32.0/23
103.12.52.0/24
103.248.148.0/23
Signature Algorithm: sha256WithRSAEncryption
62:d9:31:f6:24:bb:5a:50:32:ab:2d:f2:fa:ec:9d:fa:02:56:
c2:d4:5c:8f:8e:ed:36:f0:76:dd:51:0b:02:0b:5a:99:91:dd:
89:52:3e:7f:7f:3e:13:8a:6c:f7:9f:9a:a0:58:75:13:fa:28:
8a:a9:ac:b3:ee:5c:87:45:85:de:6d:66:75:86:9f:60:b2:98:
d3:81:f0:e7:5b:f0:2a:f0:25:f8:17:bd:98:ff:7a:f9:73:99:
18:1e:17:38:70:32:93:a1:b2:0f:a3:22:03:ed:df:f0:99:d8:
d6:68:15:9d:b3:87:38:93:1d:91:30:08:26:94:ed:3c:c9:b3:
59:64:53:3c:5b:eb:67:42:e1:0b:35:37:d2:44:ff:bd:60:17:
69:2f:42:65:e8:d1:1d:b8:bf:68:50:b2:5c:bc:21:a2:4d:7d:
e4:c9:cc:6b:01:98:b1:0b:1b:24:5b:43:43:1f:e7:89:fc:8b:
d5:e6:63:8f:b3:d1:1c:fa:e5:71:98:d3:76:1a:72:87:77:34:
b5:c6:90:cf:75:de:c9:ec:33:ec:70:81:3e:8a:ce:eb:3b:60:
cc:69:77:2f:cc:e4:02:33:3d:c7:df:f2:75:26:d5:72:7d:23:
55:73:a7:c3:aa:e2:3e:0d:75:48:64:b2:ef:77:3a:5d:02:3c:
8c:11:ff:8a
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICC9wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjUwNTI3MDk1NDQ3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM1OGJlNy0xMmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8SWn9psiv0stTa6Lcf8+OlOg/r2ZvYGuCAmQbgtiUhTx9QQ+RAttJUwerCMN
QLD0gyxZMcjJ2HXWnHzr9DKpkAWm6hxyB53QmwwPz6Kj2hwxWBx+ltQDlf/JTmkn
o+/BwlMSeFj/QW11m87TnrlzdYpZIgpXkZ6c7m8LPJgQqG/ri7B1YoqnOemgdmj0
p1pi/NqMel2VajGzWdp+tacv5rqYubPUNU6SjKDHZwGiEw9QweJ25gHnBprAhwup
syuljA6gx8KTUGdrAJ7/4FZmy1lNaYCm0QzaiAwI/IAkis7R6p4hxsezFVuZdtwP
jV8YLOvKc3pgN6876vBc2PzMdQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFFMzUUz1
5LK/SUSXLmyGCL4EQIwTMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvQUZCMEYxMjYw
RjVFMTFGMEFCQjU5RDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAEr5jYDBAEr57wDBAEtcyADBABnDDQDBAFn+JQwDQYJKoZI
hvcNAQELBQADggEBAGLZMfYku1pQMqst8vrsnfoCVsLUXI+O7Tbwdt1RCwILWpmR
3YlSPn9/PhOKbPefmqBYdRP6KIqprLPuXIdFhd5tZnWGn2CymNOB8Odb8CrwJfgX
vZj/evlzmRgeFzhwMpOhsg+jIgPt3/CZ2NZoFZ2zhziTHZEwCCaU7TzJs1lkUzxb
62dC4Qs1N9JE/71gF2kvQmXo0R24v2hQsly8IaJNfeTJzGsBmLELGyRbQ0Mf54n8
i9XmY4+z0Rz65XGY03Yacod3NLXGkM913snsM+xwgT6Kzus7YMxpdy/M5AIzPcff
8nUm1XJ9I1Vzp8Oq4j4NdUhksu93Ol0CPIwR/4o=
-----END CERTIFICATE-----
Generated at Mon Jun 2 06:27:42 2025 by rpki-client