Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/2ADC7D762B5D11EE92DCCE7CC4F9AE02.roa
File: 2ADC7D762B5D11EE92DCCE7CC4F9AE02.roa (raw, json)
Hash identifier: FySHD5pD282CXn5YoG5y5ACC5nRxEYPn+zTjqB1C06k=
Subject key identifier: D4:56:3B:BC:A7:D2:DC:21:83:F6:32:3D:4D:7B:08:4C:11:19:5D:01
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4B24
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/2ADC7D762B5D11EE92DCCE7CC4F9AE02.roa
Signing time: Sat 17 May 2025 05:27:51 +0000
ROA not before: Sat 17 May 2025 05:27:51 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150860
IP address blocks: 103.237.86.0/23 maxlen: 23
2401:1760::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 May 2025 02:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19236 (0x4b24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: May 17 05:27:51 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68281e57-9721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:44:0e:e7:64:c9:44:cc:06:ba:49:4c:08:a8:
d7:47:ec:3d:d7:be:af:2a:ae:47:0e:86:5d:73:b7:
21:6b:30:37:4c:98:fa:27:09:28:97:90:19:f0:72:
19:29:08:d2:d1:ab:6a:3c:9e:45:63:6d:ef:d5:eb:
3f:0a:b6:37:c7:ea:11:fe:99:de:fd:72:0e:ca:bb:
5f:e0:ab:f7:30:fd:91:f0:30:5e:75:a0:22:3b:8c:
8f:ee:1e:c6:fe:ac:7d:9a:7c:f5:ff:d9:b1:8d:93:
a4:aa:2f:5f:24:8b:41:27:9e:8d:aa:df:32:03:34:
d8:2d:5b:54:fc:36:9d:8e:05:ca:d2:da:be:bc:9f:
d7:b1:6a:c6:af:06:56:28:02:12:0d:24:15:18:27:
e2:eb:72:97:1d:98:1b:33:fb:73:e7:ff:de:f8:ef:
9a:a0:64:b5:be:90:69:45:07:7c:d0:78:ed:12:2f:
fe:ef:2f:72:5f:98:1a:f1:ff:9a:dd:0a:42:8f:43:
68:36:a5:57:a2:e6:51:20:d0:2d:66:c2:4f:f5:73:
e6:11:ec:eb:94:5a:74:f4:5d:21:68:93:56:c7:9c:
d5:f4:f0:f6:a2:ed:86:c9:70:bf:c2:44:b3:ff:36:
be:6e:81:12:89:a4:86:73:19:52:c7:4f:30:0f:5c:
d8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:56:3B:BC:A7:D2:DC:21:83:F6:32:3D:4D:7B:08:4C:11:19:5D:01
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/2ADC7D762B5D11EE92DCCE7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.237.86.0/23
IPv6:
2401:1760::/48
Signature Algorithm: sha256WithRSAEncryption
ba:60:b6:ed:85:ff:6f:9a:cb:1e:27:69:5a:47:4b:da:2c:77:
5f:c1:ce:c7:36:91:7d:ee:1f:e1:1f:75:39:5e:96:a2:e0:2a:
47:07:62:d6:93:83:08:ad:bc:9d:94:3b:8b:53:f7:8e:a9:43:
17:74:60:c7:8f:e4:3c:13:ba:85:26:03:73:f2:da:1e:fb:23:
21:95:6e:aa:eb:c7:dc:99:55:d7:78:fc:a1:fe:25:da:c0:ce:
dd:a7:d2:07:cc:a1:a4:07:f5:48:a4:7f:d8:7e:8b:36:53:dd:
63:41:ad:02:be:62:49:70:2d:0a:88:01:18:98:2c:81:23:cc:
99:ab:1e:82:17:78:a1:44:3a:8e:ce:bc:1e:21:4d:ca:9c:c9:
86:1a:1a:c5:7c:fa:b4:2d:39:29:9b:38:2b:bd:cd:a9:08:16:
c0:83:5c:ed:3f:af:69:3f:af:05:7d:7b:a5:b9:23:92:55:3b:
bd:8f:c2:ac:6d:f0:4b:a8:26:90:b9:8d:5b:4e:3a:06:74:05:
b1:46:b5:c5:45:83:d2:97:1d:38:57:48:86:4a:ec:44:cb:03:
21:9e:6e:4d:37:f8:a5:c6:1a:27:09:93:c8:a0:1a:42:a3:df:
88:1f:11:d8:04:ea:2f:9e:ef:bd:d1:93:bf:5c:1a:0f:db:e0:
8a:8f:fe:10
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICSyQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwNTE3MDUyNzUxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI4MWU1Ny05NzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyUQO52TJRMwGuklMCKjXR+w9176vKq5HDoZdc7chazA3TJj6Jwkol5AZ8HIZ
KQjS0atqPJ5FY23v1es/CrY3x+oR/pne/XIOyrtf4Kv3MP2R8DBedaAiO4yP7h7G
/qx9mnz1/9mxjZOkqi9fJItBJ56Nqt8yAzTYLVtU/DadjgXK0tq+vJ/XsWrGrwZW
KAISDSQVGCfi63KXHZgbM/tz5//e+O+aoGS1vpBpRQd80HjtEi/+7y9yX5ga8f+a
3QpCj0NoNqVXouZRINAtZsJP9XPmEezrlFp09F0haJNWx5zV9PD2ou2GyXC/wkSz
/za+boESiaSGcxlSx08wD1zYFQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNRWO7yn
0twhg/YyPU17CEwRGV0BMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMkFEQzdENzYy
QjVEMTFFRTkyRENDRTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn7VYwDwQCAAIwCQMHACQBF2AAADANBgkqhkiG9w0BAQsF
AAOCAQEAumC27YX/b5rLHidpWkdL2ix3X8HOxzaRfe4f4R91OV6WouAqRwdi1pOD
CK28nZQ7i1P3jqlDF3Rgx4/kPBO6hSYDc/LaHvsjIZVuquvH3JlV13j8of4l2sDO
3afSB8yhpAf1SKR/2H6LNlPdY0GtAr5iSXAtCogBGJgsgSPMmaseghd4oUQ6js68
HiFNypzJhhoaxXz6tC05KZs4K73NqQgWwINc7T+vaT+vBX17pbkjklU7vY/CrG3w
S6gmkLmNW046BnQFsUa1xUWD0pcdOFdIhkrsRMsDIZ5uTTf4pcYaJwmTyKAaQqPf
iB8R2ATqL57vvdGTv1waD9vgio/+EA==
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:31:39 2025 by rpki-client