Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/4841ECEC51B311F0B1DF6B79C4F9AE02.roa
File: 4841ECEC51B311F0B1DF6B79C4F9AE02.roa (raw, json)
Hash identifier: C6oLSyKOMAWqSqFP8Dsb1GQYgi/IoPQ9EEn/qnf3Dr4=
Subject key identifier: 78:66:06:3C:0E:87:2D:04:EB:1A:A9:F6:CA:A0:E2:66:29:91:5F:DC
Certificate issuer: /CN=A916807A/serialNumber=729E2F9C1D87C214735078CFD21C638E07157B5D
Certificate serial: 0277
Authority key identifier: 72:9E:2F:9C:1D:87:C2:14:73:50:78:CF:D2:1C:63:8E:07:15:7B:5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cp4vnB2HwhRzUHjP0hxjjgcVe10.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/4841ECEC51B311F0B1DF6B79C4F9AE02.roa
Signing time: Mon 28 Jul 2025 11:50:51 +0000
ROA not before: Mon 28 Jul 2025 11:50:51 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.4.100.0/24 maxlen: 24
103.4.101.0/24 maxlen: 24
202.155.80.0/21 maxlen: 24
202.155.104.0/21 maxlen: 24
202.155.116.0/22 maxlen: 24
202.155.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Aug 2025 16:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 631 (0x277)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916807A, serialNumber=729E2F9C1D87C214735078CFD21C638E07157B5D
Validity
Not Before: Jul 28 11:50:51 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6887641b-f8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4c:0f:8e:7e:db:ac:4d:01:2b:a8:3f:0e:46:
26:ed:fb:ba:a4:38:c6:9e:5a:51:f2:ad:d2:d5:36:
ae:4b:9c:dc:ed:bf:07:28:c9:ca:fb:93:1e:6d:13:
f2:63:42:ee:45:cb:26:ab:7f:9c:03:3b:78:ef:52:
00:98:66:cf:6f:2a:51:c7:7f:1d:41:70:95:34:a8:
22:11:5b:c2:fb:d3:a2:6f:f1:1b:04:27:e5:79:6c:
46:38:f0:a0:ff:9d:c4:b1:02:ca:80:63:32:3e:a4:
78:1b:07:e1:36:23:f7:31:bc:76:90:ed:e9:fe:b6:
4e:3a:ad:cb:4f:fe:1b:da:52:e5:1d:30:12:2a:fd:
45:cc:5f:8e:34:60:e6:40:bc:c2:7d:e0:72:54:04:
d1:df:2c:44:a8:60:55:05:a0:60:6a:6f:33:5f:ad:
55:3e:39:3a:06:a9:f4:dc:12:4c:a9:b4:89:12:fa:
e4:fd:35:b8:df:3e:ae:3f:b1:ed:a4:0e:3f:7c:99:
cc:10:df:30:91:15:28:e6:8d:15:0d:d5:fd:81:6e:
38:04:b0:95:ab:f4:9e:c7:f0:fe:73:80:1a:af:3b:
3b:0a:d9:f1:f9:21:4b:08:1d:b8:06:b0:27:ad:e6:
c1:d9:4f:25:1d:c1:50:f3:c5:39:73:8c:89:4c:91:
ba:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:66:06:3C:0E:87:2D:04:EB:1A:A9:F6:CA:A0:E2:66:29:91:5F:DC
X509v3 Authority Key Identifier:
keyid:72:9E:2F:9C:1D:87:C2:14:73:50:78:CF:D2:1C:63:8E:07:15:7B:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/cp4vnB2HwhRzUHjP0hxjjgcVe10.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cp4vnB2HwhRzUHjP0hxjjgcVe10.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/4841ECEC51B311F0B1DF6B79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.4.100.0/23
202.155.80.0/21
202.155.104.0/21
202.155.116.0/22
202.155.124.0/22
Signature Algorithm: sha256WithRSAEncryption
32:e4:60:3d:bd:73:80:28:e1:aa:1e:58:a3:17:78:bd:cc:05:
53:8d:7a:18:e2:31:93:19:ff:a1:93:b4:f3:6e:66:2d:69:06:
17:07:16:23:36:c1:46:02:63:af:8c:62:f3:1a:99:3c:ea:93:
e1:79:b3:ef:86:5e:11:9c:ae:44:5a:82:20:e2:87:e8:2e:67:
1e:94:c0:7e:3c:37:38:bd:19:50:49:ba:1f:a0:ea:bc:68:af:
6c:7a:c7:77:92:c4:0a:97:61:08:6e:3a:92:9d:47:ae:4d:89:
64:ce:1f:13:b2:48:bc:5c:37:c4:2b:92:61:4d:a9:93:15:d4:
8f:43:08:27:ea:6a:46:bc:ba:12:ab:4c:9b:bb:ac:5b:ab:60:
20:a7:f5:18:94:a6:70:4d:cc:a2:9b:19:55:d6:71:8a:42:05:
83:01:e8:cd:61:b2:91:88:fd:14:6f:8a:ce:77:7a:ae:9a:eb:
fe:d5:48:04:81:58:8e:17:52:91:8e:16:c2:af:c9:31:a3:db:
da:61:a9:32:45:26:28:99:60:e9:27:d5:e4:92:5d:ef:b6:b2:
99:55:73:7b:fb:8a:0e:dc:22:92:87:8e:a9:70:4b:64:74:25:
df:02:bb:22:24:b3:ad:a4:05:45:6f:ae:5b:2c:22:dd:77:27:
39:3c:bf:e1
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAncwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjgwN0ExMTAvBgNVBAUTKDcyOUUyRjlDMUQ4N0MyMTQ3MzUwNzhDRkQyMUM2MzhF
MDcxNTdCNUQwHhcNMjUwNzI4MTE1MDUxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODg3NjQxYi1mOGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvkwPjn7brE0BK6g/DkYm7fu6pDjGnlpR8q3S1TauS5zc7b8HKMnK+5MebRPy
Y0LuRcsmq3+cAzt471IAmGbPbypRx38dQXCVNKgiEVvC+9Oib/EbBCfleWxGOPCg
/53EsQLKgGMyPqR4GwfhNiP3Mbx2kO3p/rZOOq3LT/4b2lLlHTASKv1FzF+ONGDm
QLzCfeByVATR3yxEqGBVBaBgam8zX61VPjk6Bqn03BJMqbSJEvrk/TW43z6uP7Ht
pA4/fJnMEN8wkRUo5o0VDdX9gW44BLCVq/Sex/D+c4Aarzs7Ctnx+SFLCB24BrAn
rebB2U8lHcFQ88U5c4yJTJG6owIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFHhmBjwO
hy0E6xqp9sqg4mYpkV/cMB8GA1UdIwQYMBaAFHKeL5wdh8IUc1B4z9IcY44HFXtd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODA3QS8wMjYzQUI0ODNF
ODgxMUVEQTYxQTlCMkFDNEY5QUUwMi9jcDR2bkIySHdoUnpVSGpQMGh4ampnY1Zl
MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NwNHZuQjJId2hSelVIalAwaHhqamdjVmUxMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjgwN0EvMDI2M0FCNDgzRTg4MTFFREE2MUE5QjJBQzRGOUFFMDIvNDg0MUVDRUM1
MUIzMTFGMEIxREY2Qjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAFnBGQDBAPKm1ADBAPKm2gDBALKm3QDBALKm3wwDQYJKoZI
hvcNAQELBQADggEBADLkYD29c4Ao4aoeWKMXeL3MBVONehjiMZMZ/6GTtPNuZi1p
BhcHFiM2wUYCY6+MYvMamTzqk+F5s++GXhGcrkRagiDih+guZx6UwH48Nzi9GVBJ
uh+g6rxor2x6x3eSxAqXYQhuOpKdR65NiWTOHxOySLxcN8QrkmFNqZMV1I9DCCfq
aka8uhKrTJu7rFurYCCn9RiUpnBNzKKbGVXWcYpCBYMB6M1hspGI/RRvis53eq6a
6/7VSASBWI4XUpGOFsKvyTGj29phqTJFJiiZYOkn1eSSXe+2splVc3v7ig7cIpKH
jqlwS2R0Jd8CuyIks62kBUVvrlssIt13Jzk8v+E=
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:21:58 2025 by rpki-client