Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/A37112BA16ED11F0B635C562C4F9AE02.roa
File: A37112BA16ED11F0B635C562C4F9AE02.roa (raw, json)
Hash identifier: rZFiavbY0PAbr2H7+gTs3U67Eq+r4u4v2zqFhLKgsN8=
Subject key identifier: 0F:3F:25:83:4D:9F:07:A1:C8:03:E9:6F:02:A8:A4:C4:33:DF:C3:97
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 07A5
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/A37112BA16ED11F0B635C562C4F9AE02.roa
Signing time: Fri 11 Apr 2025 16:21:42 +0000
ROA not before: Fri 11 Apr 2025 16:21:42 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 10103
IP address blocks: 43.252.209.0/24 maxlen: 24
103.225.196.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Jun 2025 07:49:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1957 (0x7a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Apr 11 16:21:42 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67f94196-78c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:dc:ee:f1:2e:ea:bf:97:d2:14:70:c6:f0:bc:
e8:7e:e7:3b:d4:bb:4d:82:d7:f5:f3:e9:20:c8:bb:
0f:3f:ab:0f:6b:58:50:ea:ed:89:65:08:b5:da:a1:
00:c4:c5:e4:94:d0:de:1f:c1:3b:39:f6:d3:dc:0a:
2b:5f:44:02:84:d8:90:e3:89:1a:cc:64:76:e2:7b:
5a:48:7c:91:69:df:9c:d3:a7:e6:51:e7:02:56:42:
37:82:45:34:bf:72:ae:79:ed:e5:ad:b7:1c:3b:6c:
e3:70:bf:e1:77:4d:cf:38:ea:cb:d0:76:a9:8f:84:
ba:5a:30:c6:ae:ff:bd:14:85:dd:1e:60:a2:83:90:
14:8f:09:cd:be:52:65:1f:26:ac:73:c7:fb:6f:66:
fa:a5:84:4f:6a:47:71:8b:53:bf:60:3a:81:22:f8:
6d:2e:18:56:a1:62:22:30:af:bd:29:7d:f5:af:bc:
2c:e8:14:bb:4f:03:a5:2a:da:a7:80:ea:78:0d:58:
3d:11:02:d2:ed:7b:38:f9:9d:68:6a:3c:c3:be:b3:
0f:a3:82:25:9e:a3:ab:42:9b:0a:b6:38:09:e5:ff:
0d:7d:1a:87:59:78:4b:7f:3f:d6:56:ae:46:1d:98:
9b:79:98:7c:ec:69:30:43:ed:6e:00:11:86:6e:88:
c3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3F:25:83:4D:9F:07:A1:C8:03:E9:6F:02:A8:A4:C4:33:DF:C3:97
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/A37112BA16ED11F0B635C562C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.209.0/24
103.225.196.0/24
103.234.54.0/24
150.107.1.0-150.107.2.255
Signature Algorithm: sha256WithRSAEncryption
61:46:b8:0a:e6:71:14:72:5e:88:44:4b:ca:0e:28:17:3a:00:
fc:86:37:80:dd:65:68:ec:0a:07:39:93:0a:4a:66:b9:bc:d6:
ce:02:aa:a9:8f:91:f5:29:61:aa:e3:84:73:2b:d7:81:1d:c9:
89:f3:39:0a:5f:4c:22:ff:c9:a0:03:eb:d5:32:8d:e4:5e:89:
b0:ee:23:56:b0:d4:0b:b2:01:95:32:5f:7f:f0:89:9f:60:cb:
e8:1a:cb:56:98:2e:64:cc:ac:69:6e:e5:1b:6a:4b:cf:d1:55:
1c:28:a6:19:5e:d0:19:de:cc:de:9d:9f:57:dd:cf:2c:38:7b:
e4:d7:74:7e:86:aa:02:67:af:06:f4:23:18:3c:fc:d6:ae:ee:
06:d6:b2:ed:60:34:80:d0:f5:01:16:88:0d:b4:27:bc:cd:05:
68:62:73:78:70:f5:6e:c5:1b:73:90:83:19:26:f0:62:84:d1:
5f:f8:b8:8c:32:3c:c7:85:0d:b2:f2:fe:c6:7f:88:23:75:b5:
f9:09:a5:45:be:46:5a:6a:e1:e8:02:f1:95:f7:b6:e3:66:8f:
67:da:db:fa:0e:1d:c3:bf:6f:7c:45:8d:ad:0a:f3:40:35:36:
bd:af:35:64:2a:14:6a:c1:54:5b:27:e8:4a:50:d5:ff:8a:5e:
3e:95:8e:a4
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICB6UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwNDExMTYyMTQyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y5NDE5Ni03OGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Nzu8S7qv5fSFHDG8Lzofuc71LtNgtf18+kgyLsPP6sPa1hQ6u2JZQi12qEA
xMXklNDeH8E7OfbT3AorX0QChNiQ44kazGR24ntaSHyRad+c06fmUecCVkI3gkU0
v3Kuee3lrbccO2zjcL/hd03POOrL0Hapj4S6WjDGrv+9FIXdHmCig5AUjwnNvlJl
Hyasc8f7b2b6pYRPakdxi1O/YDqBIvhtLhhWoWIiMK+9KX31r7ws6BS7TwOlKtqn
gOp4DVg9EQLS7Xs4+Z1oajzDvrMPo4IlnqOrQpsKtjgJ5f8NfRqHWXhLfz/WVq5G
HZibeZh87GkwQ+1uABGGbojD2wIDAQABo4ICrzCCAqswHQYDVR0OBBYEFA8/JYNN
nwehyAPpbwKopMQz38OXMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQTM3MTEyQkEx
NkVEMTFGMEI2MzVDNTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAAr/NEDBABn4cQDBABn6jYwDAMEAJZrAQMEAJZrAjANBgkq
hkiG9w0BAQsFAAOCAQEAYUa4CuZxFHJeiERLyg4oFzoA/IY3gN1laOwKBzmTCkpm
ubzWzgKqqY+R9SlhquOEcyvXgR3JifM5Cl9MIv/JoAPr1TKN5F6JsO4jVrDUC7IB
lTJff/CJn2DL6BrLVpguZMysaW7lG2pLz9FVHCimGV7QGd7M3p2fV93PLDh75Nd0
foaqAmevBvQjGDz81q7uBtay7WA0gND1ARaIDbQnvM0FaGJzeHD1bsUbc5CDGSbw
YoTRX/i4jDI8x4UNsvL+xn+II3W1+QmlRb5GWmrh6ALxlfe242aPZ9rb+g4dw79v
fEWNrQrzQDU2va81ZCoUasFUWyfoSlDV/4pePpWOpA==
-----END CERTIFICATE-----
Generated at Wed Jun 18 15:27:09 2025 by rpki-client