Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5F526B7C0F7E11F0A9F5EE5BC4F9AE02.roa
File: 5F526B7C0F7E11F0A9F5EE5BC4F9AE02.roa (raw, json)
Hash identifier: 6xfZkGlEqFn4WIIEvs+odMsGdVpeFzlcQ5dx6lAOEoY=
Subject key identifier: AC:49:C9:CD:4A:8E:ED:29:05:87:00:F2:52:65:AA:3E:10:C5:73:57
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0765
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5F526B7C0F7E11F0A9F5EE5BC4F9AE02.roa
Signing time: Wed 02 Apr 2025 04:53:09 +0000
ROA not before: Wed 02 Apr 2025 04:53:09 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 64021
IP address blocks: 43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.225.198.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 15:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1893 (0x765)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Apr 2 04:53:09 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67ecc2b5-f014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:30:fa:6e:71:05:00:e7:ba:6f:82:bc:b8:27:
39:db:6d:51:3f:50:1f:df:dc:43:60:e7:5c:fa:16:
e1:e5:8a:1a:d3:9b:9f:8d:30:16:46:e9:0d:73:90:
30:b4:23:e4:e1:00:da:82:9e:81:39:5d:82:40:64:
5e:9b:1c:c1:a6:d6:a2:60:e2:07:1a:38:25:43:41:
3c:ab:a0:1b:0d:17:b7:75:83:68:65:9f:7e:c8:3d:
57:fc:19:4d:e8:4d:46:52:c3:ed:a3:20:ee:5f:75:
8f:81:02:da:db:89:d3:29:59:32:2f:76:72:fc:60:
a2:1b:81:2a:10:23:d6:ea:5f:07:2f:78:34:27:ea:
74:db:8e:9f:5f:3d:cd:1d:05:8c:aa:cb:8e:7f:20:
73:38:19:75:d3:5a:ac:25:45:98:70:47:65:bd:e1:
03:c8:8f:13:73:80:8d:cb:07:5d:04:58:96:f0:a1:
b0:20:7e:20:25:5e:a4:a1:98:b2:a0:05:58:9e:f3:
16:14:41:79:57:66:17:40:08:55:07:2b:99:f1:93:
3c:76:d3:e4:55:de:a8:cd:39:09:92:b8:1a:6f:f2:
c6:05:1d:9f:d2:95:de:69:c3:24:b3:90:9a:5f:d8:
28:cb:13:07:57:ce:5d:dc:ae:09:46:70:2d:7f:0e:
46:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:49:C9:CD:4A:8E:ED:29:05:87:00:F2:52:65:AA:3E:10:C5:73:57
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5F526B7C0F7E11F0A9F5EE5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.209.0-43.252.210.255
103.225.198.0/24
103.228.64.0/24
103.234.54.0/24
150.107.1.0-150.107.3.255
Signature Algorithm: sha256WithRSAEncryption
5e:5c:af:04:a1:55:29:cb:21:01:2a:13:5d:42:d1:e2:2f:27:
25:d7:be:58:df:1d:35:c3:ac:03:59:1a:4c:4f:a9:84:13:d7:
bf:af:d3:a0:04:3e:82:14:36:b9:1d:93:66:92:2a:76:2d:4c:
81:91:b5:43:14:84:0e:60:0c:6b:f5:14:c2:14:a4:94:96:73:
63:2a:01:6b:2d:93:8f:83:c3:81:31:5b:9d:78:0a:d6:3f:4c:
ec:f9:d9:fd:99:62:0d:8b:68:21:ae:30:4c:af:87:37:a6:b4:
5e:d8:47:91:5c:a9:d9:9b:40:b2:2d:12:bf:f7:c8:d0:42:4f:
c5:fe:d5:2b:b1:ad:e3:40:17:fd:16:e3:82:99:07:ec:65:bc:
16:c5:f6:93:3c:3f:9c:6c:8a:26:f6:4a:c2:9d:37:ce:b2:58:
5d:c1:9c:d5:c2:5d:fe:a9:5a:8b:8f:79:c9:b1:e9:91:98:07:
ab:15:46:97:a3:3f:62:6f:9d:dd:bf:20:9f:a7:66:71:6f:ce:
38:99:7c:8f:ed:14:76:41:7a:6c:7f:e6:d2:96:3f:96:88:61:
d7:f7:fa:d1:0d:47:98:4c:89:e3:01:f5:09:c0:a3:74:e8:2e:
7f:b2:cd:fc:d0:99:22:ea:25:96:5c:f1:b5:bb:55:ab:e9:d9:
21:4f:8c:5b
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICB2UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwNDAyMDQ1MzA5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VjYzJiNS1mMDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxjD6bnEFAOe6b4K8uCc5221RP1Af39xDYOdc+hbh5Yoa05ufjTAWRukNc5Aw
tCPk4QDagp6BOV2CQGRemxzBptaiYOIHGjglQ0E8q6AbDRe3dYNoZZ9+yD1X/BlN
6E1GUsPtoyDuX3WPgQLa24nTKVkyL3Zy/GCiG4EqECPW6l8HL3g0J+p0246fXz3N
HQWMqsuOfyBzOBl101qsJUWYcEdlveEDyI8Tc4CNywddBFiW8KGwIH4gJV6koZiy
oAVYnvMWFEF5V2YXQAhVByuZ8ZM8dtPkVd6ozTkJkrgab/LGBR2f0pXeacMks5Ca
X9goyxMHV85d3K4JRnAtfw5G7QIDAQABo4ICvTCCArkwHQYDVR0OBBYEFKxJyc1K
ju0pBYcA8lJlqj4QxXNXMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvNUY1MjZCN0Mw
RjdFMTFGMEE5RjVFRTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4wDAMEACv80QMEACv80gMEAGfhxgMEAGfkQAMEAGfqNjAMAwQA
lmsBAwQClmsAMA0GCSqGSIb3DQEBCwUAA4IBAQBeXK8EoVUpyyEBKhNdQtHiLycl
175Y3x01w6wDWRpMT6mEE9e/r9OgBD6CFDa5HZNmkip2LUyBkbVDFIQOYAxr9RTC
FKSUlnNjKgFrLZOPg8OBMVudeArWP0zs+dn9mWINi2ghrjBMr4c3prRe2EeRXKnZ
m0CyLRK/98jQQk/F/tUrsa3jQBf9FuOCmQfsZbwWxfaTPD+cbIom9krCnTfOslhd
wZzVwl3+qVqLj3nJsemRmAerFUaXoz9ib53dvyCfp2Zxb844mXyP7RR2QXpsf+bS
lj+WiGHX9/rRDUeYTInjAfUJwKN06C5/ss380Jki6iWWXPG1u1Wr6dkhT4xb
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:06:32 2025 by rpki-client