Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/F876A460217D11F0BAA3D57FC4F9AE02.roa
File: F876A460217D11F0BAA3D57FC4F9AE02.roa (raw, json)
Hash identifier: jFHHaBvwnpRJ0fE3q0/PqloIDk71YxSCzCOYUo1eL1E=
Subject key identifier: 57:BC:2E:EA:29:F6:C1:8B:B3:21:BD:6B:32:AA:33:E8:3F:ED:92:B2
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4A91
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/F876A460217D11F0BAA3D57FC4F9AE02.roa
Signing time: Fri 25 Apr 2025 02:35:37 +0000
ROA not before: Fri 25 Apr 2025 02:35:37 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 140825
IP address blocks: 59.153.216.0/22 maxlen: 24
103.12.76.0/23 maxlen: 24
103.81.84.0/22 maxlen: 24
103.173.154.0/23 maxlen: 24
103.173.254.0/23 maxlen: 24
103.184.112.0/23 maxlen: 24
103.186.146.0/23 maxlen: 24
2001:df0:5b40::/48 maxlen: 48
2001:df0:5bc0::/48 maxlen: 48
2001:df0:90c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 May 2025 15:13:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19089 (0x4a91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Apr 25 02:35:37 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=680af4f9-5821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:50:e3:49:e0:af:69:31:e2:47:ac:dd:a0:51:
65:32:6e:64:09:b7:a2:87:7d:67:4f:16:a3:26:4e:
89:ec:a1:92:09:29:91:92:21:6c:62:53:9a:dd:50:
8b:e9:2d:cd:09:b5:7e:3c:1a:55:71:8c:b8:85:2d:
f1:53:c5:ad:50:c3:c5:78:a6:bb:29:78:89:fb:6a:
89:05:81:e4:cd:39:44:e8:f2:ea:40:cf:2f:5c:20:
ac:50:5b:cf:f1:c3:48:5d:51:20:3c:dd:0a:86:6b:
57:ff:12:71:da:49:a6:1f:a1:5d:d0:a0:63:b1:55:
69:3c:05:e7:e7:b2:d4:49:2d:3e:68:87:89:f2:b4:
21:fd:ae:01:e6:64:f1:45:b5:51:f0:48:48:5d:f6:
f4:9f:25:ec:b5:2a:23:a6:22:ec:d2:f6:3b:bf:0c:
e7:cc:b0:c5:65:3d:a4:25:da:76:fc:1a:36:c5:c2:
4a:d7:1c:97:ca:66:13:0a:de:15:49:bc:45:9a:27:
40:72:c8:9e:84:ce:e8:22:82:42:d2:f1:f7:e3:bc:
08:cc:3a:36:5c:ab:a9:e8:94:9b:d6:88:a3:b7:d9:
9d:30:97:4b:82:05:c4:a5:2a:b9:05:88:77:91:99:
11:e8:b5:f0:27:ab:df:3c:4b:26:cf:d5:5c:57:68:
05:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:BC:2E:EA:29:F6:C1:8B:B3:21:BD:6B:32:AA:33:E8:3F:ED:92:B2
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/F876A460217D11F0BAA3D57FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.216.0/22
103.12.76.0/23
103.81.84.0/22
103.173.154.0/23
103.173.254.0/23
103.184.112.0/23
103.186.146.0/23
IPv6:
2001:df0:5b40::/48
2001:df0:5bc0::/48
2001:df0:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
b7:f3:75:22:89:68:77:d8:8f:5e:01:7d:14:e3:5d:26:9c:34:
a9:c1:c5:2a:58:eb:8c:ba:f6:e5:f2:8a:f2:eb:d5:53:d3:c5:
99:3e:3c:39:9a:b5:16:64:51:26:6c:c2:09:26:76:64:66:ae:
e6:71:2c:bd:56:6d:b6:ca:8e:3d:e0:35:fb:5c:aa:07:04:23:
d6:33:f5:98:24:87:91:3d:bb:d6:7f:4f:9d:43:b4:6c:86:42:
88:4b:9d:96:83:7c:37:49:8b:c0:b5:09:33:1e:2d:8a:ab:a3:
cf:60:e1:07:55:5a:a5:55:68:a8:46:c4:67:e7:64:7b:1b:6e:
1d:17:a7:76:cf:e0:ce:a1:e7:57:c7:da:01:51:e2:a1:1d:c4:
e7:6d:fc:e8:66:82:cd:bb:82:5a:83:06:2d:c2:f2:3b:71:70:
60:05:f7:f2:6e:7e:6a:f3:11:58:33:db:63:aa:f7:e2:40:f2:
12:5a:f6:a5:2c:e4:bb:da:ab:fb:19:bf:b4:12:f8:ac:09:8a:
90:b2:4f:19:14:d5:f7:53:55:b7:73:b3:47:1b:93:f0:f2:01:
2e:5f:63:5c:c8:c4:50:1c:38:69:37:a9:79:15:bc:7a:6f:1c:
88:02:d5:d6:07:4f:ce:c1:7c:0f:1b:b4:4f:95:be:e5:b7:f1:
fc:b1:aa:ca
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICSpEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwNDI1MDIzNTM3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODBhZjRmOS01ODIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz1DjSeCvaTHiR6zdoFFlMm5kCbeih31nTxajJk6J7KGSCSmRkiFsYlOa3VCL
6S3NCbV+PBpVcYy4hS3xU8WtUMPFeKa7KXiJ+2qJBYHkzTlE6PLqQM8vXCCsUFvP
8cNIXVEgPN0KhmtX/xJx2kmmH6Fd0KBjsVVpPAXn57LUSS0+aIeJ8rQh/a4B5mTx
RbVR8EhIXfb0nyXstSojpiLs0vY7vwznzLDFZT2kJdp2/Bo2xcJK1xyXymYTCt4V
SbxFmidAcsiehM7oIoJC0vH347wIzDo2XKup6JSb1oijt9mdMJdLggXEpSq5BYh3
kZkR6LXwJ6vfPEsmz9VcV2gFSQIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFFe8Luop
9sGLsyG9azKqM+g/7ZKyMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRjg3NkE0NjAy
MTdEMTFGMEJBQTNENTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E
VzBVMDAEAgABMCoDBAI7mdgDBAFnDEwDBAJnUVQDBAFnrZoDBAFnrf4DBAFnuHAD
BAFnupIwIQQCAAIwGwMHACABDfBbQAMHACABDfBbwAMHACABDfCQwDANBgkqhkiG
9w0BAQsFAAOCAQEAt/N1Iolod9iPXgF9FONdJpw0qcHFKljrjLr25fKK8uvVU9PF
mT48OZq1FmRRJmzCCSZ2ZGau5nEsvVZttsqOPeA1+1yqBwQj1jP1mCSHkT271n9P
nUO0bIZCiEudloN8N0mLwLUJMx4tiqujz2DhB1VapVVoqEbEZ+dkextuHRends/g
zqHnV8faAVHioR3E52386GaCzbuCWoMGLcLyO3FwYAX38m5+avMRWDPbY6r34kDy
Elr2pSzku9qr+xm/tBL4rAmKkLJPGRTV91NVt3OzRxuT8PIBLl9jXMjEUBw4aTep
eRW8em8ciALV1gdPzsF8Dxu0T5W+5bfx/LGqyg==
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:52:38 2025 by rpki-client