Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/BF7E5750660D11F08BFD107CC4F9AE02.roa
File: BF7E5750660D11F08BFD107CC4F9AE02.roa (raw, json)
Hash identifier: /is8u0t+v3A2v+6+g0RpDAZRd2FgOUJOIzxsy6o4J5w=
Subject key identifier: CA:DA:89:26:DE:BF:A5:F1:41:6C:2D:E7:B0:B5:60:A4:E9:CC:FB:22
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0D9E
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/BF7E5750660D11F08BFD107CC4F9AE02.roa
Signing time: Mon 21 Jul 2025 08:40:33 +0000
ROA not before: Mon 21 Jul 2025 08:40:33 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 398704
IP address blocks: 111.92.128.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.137.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.144.0/24 maxlen: 24
111.92.145.0/24 maxlen: 24
111.92.146.0/24 maxlen: 24
111.92.147.0/24 maxlen: 24
111.92.148.0/24 maxlen: 24
111.92.149.0/24 maxlen: 24
111.92.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Aug 2025 17:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3486 (0xd9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Jul 21 08:40:33 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=687dfd01-85bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6f:90:e5:9e:41:e9:11:86:f5:39:55:3b:c1:
67:54:fc:fb:6a:97:81:f0:6a:d7:ef:ad:32:8c:9c:
21:0b:d1:51:2e:07:e4:d7:73:2b:cf:17:6c:c8:a5:
f1:6d:1b:08:84:8b:42:b8:fc:95:93:c1:7b:c5:64:
36:97:33:3d:5e:66:9f:f6:d2:f5:4c:01:56:d2:65:
51:47:75:01:0a:bb:96:cb:24:11:ad:05:4c:f4:11:
2e:38:56:b4:45:ac:39:6a:03:39:af:af:c6:a3:9f:
2d:b6:0a:6b:7d:f5:ea:d4:f6:8c:73:92:0b:e6:0c:
d0:b4:a3:e3:33:fd:ca:ee:3e:f6:6d:b3:51:04:db:
7a:fe:08:4c:a7:84:51:db:39:b9:9c:46:a9:98:4f:
0f:a1:b1:c6:c9:2e:2d:01:c7:ea:9c:63:d6:2b:fb:
e0:93:6e:50:b6:fe:ae:b7:11:c5:1b:ba:a6:8e:b3:
46:a8:3f:72:47:2f:d0:fd:06:5c:59:11:b4:7d:38:
b0:60:59:a1:ce:68:d7:d8:d5:b0:d3:67:b8:e4:2a:
87:8f:c6:2a:1e:a8:74:0d:84:71:ce:a0:42:41:89:
4a:39:9b:f9:2b:ec:5f:e1:a6:fb:9c:23:02:0e:9f:
b0:96:ec:ca:11:0d:5f:66:e1:9f:f2:25:a1:1f:62:
d8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:DA:89:26:DE:BF:A5:F1:41:6C:2D:E7:B0:B5:60:A4:E9:CC:FB:22
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/BF7E5750660D11F08BFD107CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.92.128.0/24
111.92.132.0/24
111.92.136.0/23
111.92.141.0/24
111.92.143.0-111.92.149.255
111.92.151.0/24
Signature Algorithm: sha256WithRSAEncryption
58:93:39:1a:01:7a:11:04:3d:7d:f8:73:e1:e2:07:24:a0:b6:
2d:ed:33:14:6c:0d:27:d8:7d:8a:0e:53:13:00:85:63:b4:35:
c6:d1:3c:c3:1e:71:d6:94:e5:ce:96:44:20:c8:43:ee:99:f6:
e1:28:74:5c:3a:0e:b8:01:34:d0:21:c6:ba:30:8b:f4:d7:06:
98:d3:e3:53:2b:26:5e:94:88:39:fb:fa:38:92:ac:e5:6a:6c:
fa:2a:e2:7d:a4:a4:30:ba:18:9b:eb:6e:ae:ab:49:b1:36:46:
37:9a:b1:92:b3:8d:36:f0:23:4b:d3:b8:47:22:5c:5b:30:89:
e7:80:45:7b:26:a9:86:5f:cc:92:cb:9f:3a:9c:f0:6c:c1:1a:
41:61:6c:9c:48:51:07:d5:f4:2e:06:f6:dd:f0:e2:0c:c5:4b:
b0:6e:f9:4b:d1:a3:eb:02:a0:d6:5b:91:68:06:da:5d:fb:c3:
ce:cd:6f:b8:87:3a:cc:a0:ab:ca:75:cb:91:c0:10:81:67:18:
fb:f4:bd:ba:10:a1:8e:34:10:6e:85:5b:01:fb:1b:e4:a0:7c:
b5:0c:ea:6f:24:c9:58:e2:a8:7e:26:07:98:7b:1b:c2:1a:c4:
1c:d2:22:5d:a6:f3:01:f6:44:07:1a:4f:84:f4:c3:a0:2b:01:
60:05:eb:48
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICDZ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwNzIxMDg0MDMzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODdkZmQwMS04NWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzm+Q5Z5B6RGG9TlVO8FnVPz7apeB8GrX760yjJwhC9FRLgfk13MrzxdsyKXx
bRsIhItCuPyVk8F7xWQ2lzM9Xmaf9tL1TAFW0mVRR3UBCruWyyQRrQVM9BEuOFa0
Raw5agM5r6/Go58ttgprffXq1PaMc5IL5gzQtKPjM/3K7j72bbNRBNt6/ghMp4RR
2zm5nEapmE8PobHGyS4tAcfqnGPWK/vgk25Qtv6utxHFG7qmjrNGqD9yRy/Q/QZc
WRG0fTiwYFmhzmjX2NWw02e45CqHj8YqHqh0DYRxzqBCQYlKOZv5K+xf4ab7nCMC
Dp+wluzKEQ1fZuGf8iWhH2LYJwIDAQABo4ICuzCCArcwHQYDVR0OBBYEFMraiSbe
v6XxQWwt57C1YKTpzPsiMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQkY3RTU3NTA2
NjBEMTFGMDhCRkQxMDdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwDBABvXIADBABvXIQDBAFvXIgDBABvXI0wDAMEAG9cjwMEAW9c
lAMEAG9clzANBgkqhkiG9w0BAQsFAAOCAQEAWJM5GgF6EQQ9ffhz4eIHJKC2Le0z
FGwNJ9h9ig5TEwCFY7Q1xtE8wx5x1pTlzpZEIMhD7pn24Sh0XDoOuAE00CHGujCL
9NcGmNPjUysmXpSIOfv6OJKs5Wps+irifaSkMLoYm+turqtJsTZGN5qxkrONNvAj
S9O4RyJcWzCJ54BFeyaphl/MksufOpzwbMEaQWFsnEhRB9X0Lgb23fDiDMVLsG75
S9Gj6wKg1luRaAbaXfvDzs1vuIc6zKCrynXLkcAQgWcY+/S9uhChjjQQboVbAfsb
5KB8tQzqbyTJWOKofiYHmHsbwhrEHNIiXabzAfZEBxpPhPTDoCsBYAXrSA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:27:30 2025 by rpki-client