Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/87DEA64E442311F0B4331B50C4F9AE02.roa
File: 87DEA64E442311F0B4331B50C4F9AE02.roa (raw, json)
Hash identifier: +GnaG9yn8zmoLYWGQCf6fJEI4/jw2nnKL4mMgwkPB3A=
Subject key identifier: 9C:29:5C:22:85:37:43:45:A7:3B:C0:F2:E6:9C:1B:6A:D9:A6:51:15
Certificate issuer: /CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52
Certificate serial: 18F5
Authority key identifier: BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/87DEA64E442311F0B4331B50C4F9AE02.roa
Signing time: Sun 08 Jun 2025 04:46:24 +0000
ROA not before: Sun 08 Jun 2025 04:46:24 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 137703
IP address blocks: 103.99.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jun 2025 14:16:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6389 (0x18f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91590E3, serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52
Validity
Not Before: Jun 8 04:46:24 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=684515a0-90da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a9:75:3e:ab:6c:32:c8:ea:cc:f7:52:ef:cd:
6a:e0:a0:ff:20:87:52:fa:2b:f9:06:b0:c0:af:22:
28:71:04:c8:42:08:e7:20:10:c9:91:fa:cd:b5:a8:
b7:a1:5e:e0:ce:8d:47:9e:94:a8:d6:b3:6b:c8:06:
4d:c1:b8:e0:7f:33:cc:b6:14:40:3c:c7:cc:04:33:
05:a5:a7:a5:ff:2e:c0:5c:64:e3:b5:7a:72:f2:0a:
f6:a7:e0:4f:23:6e:4f:c5:ec:6e:61:8d:bb:db:c7:
78:ab:f8:2e:e8:9f:45:5e:cf:c4:92:ca:4c:1a:d7:
f6:e0:cc:be:de:7c:8b:fe:62:5f:a9:51:ec:f7:42:
6a:56:a7:cb:33:65:4b:72:85:60:26:2b:e4:a8:c4:
93:e4:0e:a6:91:c8:a7:1d:38:e0:ff:b7:e6:98:ac:
46:1d:f6:a9:3a:e9:04:f2:b6:58:1c:70:8d:c3:64:
42:7d:ec:aa:91:25:b7:28:75:a8:11:66:d7:3b:bd:
d1:f8:57:b5:43:32:3c:b0:34:f4:ac:75:c2:1c:41:
1e:f3:69:33:d3:b4:df:29:7a:4a:f3:3a:b5:b4:5d:
86:cc:81:e5:38:df:47:e7:df:87:02:31:c4:be:b5:
bf:cf:41:d5:43:a4:08:44:c5:3c:75:f1:b6:3b:74:
4a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:29:5C:22:85:37:43:45:A7:3B:C0:F2:E6:9C:1B:6A:D9:A6:51:15
X509v3 Authority Key Identifier:
keyid:BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/87DEA64E442311F0B4331B50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.248.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:96:27:3e:b3:74:95:b1:ed:e1:d6:16:8d:8f:a9:13:e5:a8:
d9:29:a2:d3:ba:90:c3:98:11:d9:47:57:5b:99:88:e9:d4:dd:
d6:93:09:82:d4:10:d7:88:bf:b1:31:87:14:bf:62:ad:a7:fb:
c1:ff:af:2b:5e:8a:23:fc:7b:1c:aa:8e:61:91:b8:5b:ee:8a:
31:ec:74:85:fd:88:54:68:b0:8d:12:07:65:94:e6:84:c4:bf:
d2:c6:6f:1d:b3:85:47:45:e0:08:1f:fc:ae:41:e2:b3:2f:bf:
92:17:6b:8f:c2:e0:d0:de:30:2a:db:93:44:bd:a4:cc:1b:4f:
2e:12:90:21:15:a5:44:95:3c:1b:05:f4:1c:a0:3b:ba:1b:cb:
28:b3:fd:a9:bf:00:42:61:e9:5a:8d:d9:87:ea:3d:5d:6f:a1:
39:43:aa:63:89:7e:f5:93:c2:b7:35:fe:b5:f1:16:71:26:69:
a2:35:75:a8:2a:a9:4a:66:b9:56:f4:9c:dc:a7:78:2b:06:fb:
5e:a5:7c:e4:cd:05:ed:12:d1:80:b0:69:b2:86:0e:41:dc:75:
d2:02:93:f3:1a:28:74:ad:7b:c9:4c:19:1e:c5:c6:f4:53:e7:
08:7a:33:71:81:4f:5d:33:e8:24:0c:d5:a6:f3:28:a3:05:ac:
eb:53:c7:9d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTkwRTMxMTAvBgNVBAUTKEJCOTc2QTU5OEU1RUNCMDVFMzdGQUMwMEE1Qjc4ODhF
NTdGNTFDNTIwHhcNMjUwNjA4MDQ0NjI0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQ1MTVhMC05MGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA16l1PqtsMsjqzPdS781q4KD/IIdS+iv5BrDAryIocQTIQgjnIBDJkfrNtai3
oV7gzo1HnpSo1rNryAZNwbjgfzPMthRAPMfMBDMFpael/y7AXGTjtXpy8gr2p+BP
I25PxexuYY2728d4q/gu6J9FXs/EkspMGtf24My+3nyL/mJfqVHs90JqVqfLM2VL
coVgJivkqMST5A6mkcinHTjg/7fmmKxGHfapOukE8rZYHHCNw2RCfeyqkSW3KHWo
EWbXO73R+Fe1QzI8sDT0rHXCHEEe82kz07TfKXpK8zq1tF2GzIHlON9H59+HAjHE
vrW/z0HVQ6QIRMU8dfG2O3RKXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJwpXCKF
N0NFpzvA8uacG2rZplEVMB8GA1UdIwQYMBaAFLuXalmOXssF43+sAKW3iI5X9RxS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTBFMy9EQTE4QjE4NDlB
NDkxMUU3OUE5RjMwMzBDNEY5QUUwMi91NWRxV1k1ZXl3WGpmNndBcGJlSWpsZjFI
RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U1ZHFXWTVleXdYamY2d0FwYmVJamxmMUhGSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTkwRTMvREExOEIxODQ5QTQ5MTFFNzlBOUYzMDMwQzRGOUFFMDIvODdERUE2NEU0
NDIzMTFGMEI0MzMxQjUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnY/gwDQYJKoZIhvcNAQELBQADggEBAB2WJz6zdJWx7eHW
Fo2PqRPlqNkpotO6kMOYEdlHV1uZiOnU3daTCYLUENeIv7ExhxS/Yq2n+8H/ryte
iiP8exyqjmGRuFvuijHsdIX9iFRosI0SB2WU5oTEv9LGbx2zhUdF4Agf/K5B4rMv
v5IXa4/C4NDeMCrbk0S9pMwbTy4SkCEVpUSVPBsF9BygO7obyyiz/am/AEJh6VqN
2YfqPV1voTlDqmOJfvWTwrc1/rXxFnEmaaI1dagqqUpmuVb0nNyneCsG+16lfOTN
Be0S0YCwabKGDkHcddICk/MaKHSte8lMGR7FxvRT5wh6M3GBT10z6CQM1abzKKMF
rOtTx50=
-----END CERTIFICATE-----
Generated at Sat Jun 21 02:57:09 2025 by rpki-client