Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2364/040566A884CC11EF84EE3E50C4F9AE02/A227F4CC84CC11EFB2C53051C4F9AE02.roa
File: A227F4CC84CC11EFB2C53051C4F9AE02.roa (raw, json)
Hash identifier: xCL7VbACEpLGPMzJlAr4A4F4pPeHjMya8awCZyLgvNQ=
Subject key identifier: 17:31:40:E1:28:FF:9E:2E:6C:CD:91:D3:B4:A1:83:8C:41:A1:C4:46
Certificate issuer: /CN=A91F2364/serialNumber=470CDFD49F5DFF212578DEC5DA21F21DA0B3FAD2
Certificate serial: 60
Authority key identifier: 47:0C:DF:D4:9F:5D:FF:21:25:78:DE:C5:DA:21:F2:1D:A0:B3:FA:D2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Rwzf1J9d_yEleN7F2iHyHaCz-tI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2364/040566A884CC11EF84EE3E50C4F9AE02/A227F4CC84CC11EFB2C53051C4F9AE02.roa
Signing time: Wed 19 Mar 2025 06:24:12 +0000
ROA not before: Wed 19 Mar 2025 06:24:12 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 55933
IP address blocks: 45.248.84.0/22 maxlen: 24
103.224.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Sep 2025 21:12:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96 (0x60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2364, serialNumber=470CDFD49F5DFF212578DEC5DA21F21DA0B3FAD2
Validity
Not Before: Mar 19 06:24:12 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67da630c-6f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d5:bd:ed:d9:a7:f7:4d:61:cd:15:84:e5:f8:
30:be:7a:8b:ef:b1:d7:76:86:a4:a3:2c:ec:eb:84:
c7:35:c8:c4:a2:52:50:3c:98:16:e0:6e:e0:80:f0:
e1:2a:d0:30:30:81:9c:46:7d:ff:44:b3:cb:8d:5e:
70:e4:18:5c:50:a5:8c:84:86:b2:0b:3c:9c:77:a0:
7f:9a:0a:94:87:41:b6:6d:cf:00:70:29:21:6c:b7:
50:1b:aa:8e:bf:2c:6d:06:8a:74:8a:54:54:8e:dd:
ec:13:91:79:02:8f:35:d9:34:44:ac:67:5c:5b:8a:
f7:a5:80:67:7b:4e:19:e0:75:1d:f0:94:c3:5f:ed:
59:a9:51:69:ff:a2:a9:42:50:64:69:8f:c2:49:07:
4f:9c:f9:86:b5:d1:c8:53:9c:41:c5:5f:ef:98:9a:
77:fb:92:5f:0a:c8:10:57:72:a3:54:9d:46:64:91:
1c:67:df:58:c5:ee:dc:12:89:6a:ec:14:27:54:f7:
ef:0e:3a:83:bf:a6:91:8a:6b:45:4d:ae:24:7a:fb:
e9:fb:f2:ba:04:92:dd:98:19:0c:33:4a:f4:b5:99:
ee:46:03:01:69:33:3a:09:3a:d3:1f:90:af:06:44:
c2:31:8e:cd:e5:94:22:34:59:71:3a:43:a3:92:9b:
ea:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:31:40:E1:28:FF:9E:2E:6C:CD:91:D3:B4:A1:83:8C:41:A1:C4:46
X509v3 Authority Key Identifier:
keyid:47:0C:DF:D4:9F:5D:FF:21:25:78:DE:C5:DA:21:F2:1D:A0:B3:FA:D2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2364/040566A884CC11EF84EE3E50C4F9AE02/Rwzf1J9d_yEleN7F2iHyHaCz-tI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Rwzf1J9d_yEleN7F2iHyHaCz-tI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2364/040566A884CC11EF84EE3E50C4F9AE02/A227F4CC84CC11EFB2C53051C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.84.0/22
103.224.80.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:0e:6e:28:26:cf:3f:b8:47:bb:8c:ef:f1:0e:77:7e:1b:fb:
a5:94:81:60:55:74:6b:f5:7d:96:d7:c8:4e:0e:b0:72:84:41:
58:a1:80:2e:6d:cf:9e:48:19:95:e4:2e:a9:60:41:52:c4:07:
11:ca:bf:ce:84:33:a8:35:cd:2a:2b:11:cf:da:60:01:ec:30:
53:b0:55:90:fb:08:48:bf:5e:e2:0e:c7:0c:6d:0e:09:e6:c2:
80:3e:62:59:35:b7:48:ae:cc:66:82:ed:13:18:8a:e3:a0:4d:
62:ba:54:3f:7d:ae:7e:10:53:9a:85:0c:2a:ea:71:d2:5a:a5:
67:2a:49:f3:b4:1a:d8:31:f2:95:5f:55:51:52:97:a9:c6:5a:
f2:3e:72:3b:16:2a:8c:22:cc:21:97:d1:dd:33:73:85:f9:a1:
77:c6:b2:76:3c:88:a9:9e:1e:18:2f:90:27:a8:78:86:5d:78:
59:b3:30:e1:0f:e0:41:e5:93:25:0d:74:b9:f3:64:c7:7d:a9:
06:c5:bd:84:98:b9:2a:45:19:f4:04:e9:bc:5f:db:68:39:24:
ae:62:2a:10:2b:39:5b:a6:4d:46:c1:f4:58:60:4e:8a:05:c8:
ff:9d:0e:2e:7b:ce:8a:eb:60:67:04:bc:0e:93:5f:98:05:87:
64:82:c8:85
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBYDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MjM2NDExMC8GA1UEBRMoNDcwQ0RGRDQ5RjVERkYyMTI1NzhERUM1REEyMUYyMURB
MEIzRkFEMjAeFw0yNTAzMTkwNjI0MTJaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZGE2MzBjLTZmODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDH1b3t2af3TWHNFYTl+DC+eovvsdd2hqSjLOzrhMc1yMSiUlA8mBbgbuCA8OEq
0DAwgZxGff9Es8uNXnDkGFxQpYyEhrILPJx3oH+aCpSHQbZtzwBwKSFst1Abqo6/
LG0GinSKVFSO3ewTkXkCjzXZNESsZ1xbivelgGd7ThngdR3wlMNf7VmpUWn/oqlC
UGRpj8JJB0+c+Ya10chTnEHFX++Ymnf7kl8KyBBXcqNUnUZkkRxn31jF7twSiWrs
FCdU9+8OOoO/ppGKa0VNriR6++n78roEkt2YGQwzSvS1me5GAwFpMzoJOtMfkK8G
RMIxjs3llCI0WXE6Q6OSm+pbAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUFzFA4Sj/
ni5szZHTtKGDjEGhxEYwHwYDVR0jBBgwFoAURwzf1J9d/yEleN7F2iHyHaCz+tIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYyMzY0LzA0MDU2NkE4ODRD
QzExRUY4NEVFM0U1MEM0RjlBRTAyL1J3emYxSjlkX3lFbGVON0YyaUh5SGFDei10
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUnd6ZjFKOWRfeUVsZU43RjJpSHlIYUN6LXRJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MjM2NC8wNDA1NjZBODg0Q0MxMUVGODRFRTNFNTBDNEY5QUUwMi9BMjI3RjRDQzg0
Q0MxMUVGQjJDNTMwNTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAi34VAMEAmfgUDANBgkqhkiG9w0BAQsFAAOCAQEADQ5uKCbP
P7hHu4zv8Q53fhv7pZSBYFV0a/V9ltfITg6wcoRBWKGALm3PnkgZleQuqWBBUsQH
Ecq/zoQzqDXNKisRz9pgAewwU7BVkPsISL9e4g7HDG0OCebCgD5iWTW3SK7MZoLt
ExiK46BNYrpUP32ufhBTmoUMKupx0lqlZypJ87Qa2DHylV9VUVKXqcZa8j5yOxYq
jCLMIZfR3TNzhfmhd8aydjyIqZ4eGC+QJ6h4hl14WbMw4Q/gQeWTJQ10ufNkx32p
BsW9hJi5KkUZ9ATpvF/baDkkrmIqECs5W6ZNRsH0WGBOigXI/50OLnvOiutgZwS8
DpNfmAWHZILIhQ==
-----END CERTIFICATE-----
Generated at Fri Sep 5 08:57:12 2025 by rpki-client