Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/555C78A243DA11F09D1A767DC4F9AE02.roa
File: 555C78A243DA11F09D1A767DC4F9AE02.roa (raw, json)
Hash identifier: PsoPFdhcp6OtMPXJhcqsciGCIcStepo+LWV3Epahg3w=
Subject key identifier: B7:BA:C5:B5:60:1C:D3:42:F6:45:63:D1:75:FA:6E:7C:3D:10:32:A1
Certificate issuer: /CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52
Certificate serial: 18F2
Authority key identifier: BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/555C78A243DA11F09D1A767DC4F9AE02.roa
Signing time: Sat 07 Jun 2025 20:02:26 +0000
ROA not before: Sat 07 Jun 2025 20:02:26 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 137703
IP address blocks: 103.99.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Jun 2025 04:45:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6386 (0x18f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91590E3, serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52
Validity
Not Before: Jun 7 20:02:26 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=68449ad2-0f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:38:2a:14:e7:4b:79:28:8a:77:10:c6:7e:41:
74:09:e8:cd:36:d4:86:40:32:8d:6b:c4:dc:60:7d:
13:3e:a4:07:8c:c9:83:a7:04:89:ad:c9:f0:eb:ed:
e4:4d:6e:fc:cb:36:ab:d9:a1:ae:a5:d8:cc:e3:b9:
3b:32:30:e7:7c:fd:01:02:dc:58:04:01:de:d0:e0:
46:2c:b8:30:a3:f7:dc:5f:af:5a:94:f2:f2:24:f6:
9d:e5:6d:35:27:e4:c9:f6:c3:7e:dc:c1:a3:9d:84:
bf:5d:86:ac:ea:d8:90:a0:a9:af:b4:88:9e:a0:d9:
ea:f7:0a:91:3f:2d:fd:af:96:ec:68:2d:45:19:6e:
30:17:35:fd:ca:1e:c3:61:9f:24:3c:37:17:60:45:
e7:56:fd:37:a2:bc:0f:0f:66:3b:01:61:93:2a:a8:
1c:2a:3d:b2:54:ff:fa:7a:85:17:ce:09:52:64:08:
2d:f3:78:3e:4c:26:d1:c9:d3:c5:9e:04:d5:4e:e4:
39:dc:ec:20:e0:ca:fb:1b:07:8d:b6:ad:0e:7f:0b:
d4:f7:7b:4d:e3:6c:d8:01:25:8a:1c:26:4f:29:06:
b2:13:c5:38:de:57:1a:4d:89:f2:bc:c2:1e:c3:24:
1a:0d:c1:24:cd:ea:d3:dd:05:03:49:78:e1:e6:f4:
8e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:BA:C5:B5:60:1C:D3:42:F6:45:63:D1:75:FA:6E:7C:3D:10:32:A1
X509v3 Authority Key Identifier:
keyid:BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/555C78A243DA11F09D1A767DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.248.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:5a:c8:dc:a3:6c:75:73:e7:8a:b6:cb:a2:5c:08:9b:5b:18:
75:e3:bf:4d:b7:50:47:39:ac:b1:4a:58:72:f1:0b:9c:3b:aa:
16:64:fd:00:f3:5c:9d:f1:e6:8d:ac:ce:cf:19:f2:bd:db:aa:
53:48:d5:f2:c0:2a:c8:2e:4e:84:c4:50:95:2e:94:66:86:25:
94:d8:56:13:31:a7:1f:b8:73:c0:26:1b:b5:66:9d:1e:d6:10:
83:36:82:5f:9b:12:55:61:07:e8:b5:66:91:18:47:b4:25:c1:
1a:99:3d:64:88:60:1a:81:aa:e0:86:da:d9:bf:55:cd:54:49:
d2:97:e8:70:08:2e:44:bc:13:28:62:a7:e3:4a:58:57:c2:11:
96:2c:0a:df:bf:94:c2:26:d4:f2:81:fe:c7:63:be:c9:81:f4:
b1:3f:75:6b:9f:d0:01:ca:bf:cd:3c:62:16:b3:d7:b8:cb:22:
93:b6:3d:b2:97:02:84:2d:0f:fe:4d:6d:2d:fb:85:d2:78:af:
42:f0:ce:55:19:0e:7c:75:d6:fa:d8:ea:81:4e:e1:7c:a6:6a:
10:07:d1:8a:4f:f2:cc:f5:09:87:21:be:29:b5:c8:8d:bd:89:
02:35:7b:60:96:0f:88:2b:b9:fc:c6:71:46:87:f4:d0:4d:5e:
b7:2a:e1:0e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGPIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTkwRTMxMTAvBgNVBAUTKEJCOTc2QTU5OEU1RUNCMDVFMzdGQUMwMEE1Qjc4ODhF
NTdGNTFDNTIwHhcNMjUwNjA3MjAwMjI2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQ0OWFkMi0wZjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzgqFOdLeSiKdxDGfkF0CejNNtSGQDKNa8TcYH0TPqQHjMmDpwSJrcnw6+3k
TW78yzar2aGupdjM47k7MjDnfP0BAtxYBAHe0OBGLLgwo/fcX69alPLyJPad5W01
J+TJ9sN+3MGjnYS/XYas6tiQoKmvtIieoNnq9wqRPy39r5bsaC1FGW4wFzX9yh7D
YZ8kPDcXYEXnVv03orwPD2Y7AWGTKqgcKj2yVP/6eoUXzglSZAgt83g+TCbRydPF
ngTVTuQ53Owg4Mr7GweNtq0OfwvU93tN42zYASWKHCZPKQayE8U43lcaTYnyvMIe
wyQaDcEkzerT3QUDSXjh5vSOGQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLe6xbVg
HNNC9kVj0XX6bnw9EDKhMB8GA1UdIwQYMBaAFLuXalmOXssF43+sAKW3iI5X9RxS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTBFMy9EQTE4QjE4NDlB
NDkxMUU3OUE5RjMwMzBDNEY5QUUwMi91NWRxV1k1ZXl3WGpmNndBcGJlSWpsZjFI
RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U1ZHFXWTVleXdYamY2d0FwYmVJamxmMUhGSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTkwRTMvREExOEIxODQ5QTQ5MTFFNzlBOUYzMDMwQzRGOUFFMDIvNTU1Qzc4QTI0
M0RBMTFGMDlEMUE3NjdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnY/gwDQYJKoZIhvcNAQELBQADggEBAItayNyjbHVz54q2
y6JcCJtbGHXjv023UEc5rLFKWHLxC5w7qhZk/QDzXJ3x5o2szs8Z8r3bqlNI1fLA
KsguToTEUJUulGaGJZTYVhMxpx+4c8AmG7VmnR7WEIM2gl+bElVhB+i1ZpEYR7Ql
wRqZPWSIYBqBquCG2tm/Vc1USdKX6HAILkS8Eyhip+NKWFfCEZYsCt+/lMIm1PKB
/sdjvsmB9LE/dWuf0AHKv808Yhaz17jLIpO2PbKXAoQtD/5NbS37hdJ4r0LwzlUZ
Dnx11vrY6oFO4XymahAH0YpP8sz1CYchvim1yI29iQI1e2CWD4grufzGcUaH9NBN
Xrcq4Q4=
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:48:26 2025 by rpki-client