Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E1FA/A2D5EE5E45A311F095EFFD48C4F9AE02/2D02B05845A411F0AFF2D349C4F9AE02.roa
File: 2D02B05845A411F0AFF2D349C4F9AE02.roa (raw, json)
Hash identifier: lRcDyQplw2p47VOOVYK6hGfuGDlxCDXoacX4LIKfOZs=
Subject key identifier: 34:D9:61:F2:26:5E:8D:B7:26:9B:03:5E:30:5C:E3:41:58:6E:D0:70
Certificate issuer: /CN=A917E1FA/serialNumber=C912B054CA43A934C1775733D84BF16E4856BEF0
Certificate serial: 02
Authority key identifier: C9:12:B0:54:CA:43:A9:34:C1:77:57:33:D8:4B:F1:6E:48:56:BE:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yRKwVMpDqTTBd1cz2EvxbkhWvvA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E1FA/A2D5EE5E45A311F095EFFD48C4F9AE02/2D02B05845A411F0AFF2D349C4F9AE02.roa
Signing time: Tue 10 Jun 2025 02:39:48 +0000
ROA not before: Tue 10 Jun 2025 02:39:48 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 137474
IP address blocks: 202.93.248.0/22 maxlen: 23
Validation: Failed, certificate revoked on Thu 12 Jun 2025 00:58:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E1FA, serialNumber=C912B054CA43A934C1775733D84BF16E4856BEF0
Validity
Not Before: Jun 10 02:39:48 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=68479af4-912d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:44:56:ea:58:f3:4c:b0:d5:7f:2f:45:28:
c8:f8:0d:70:77:9a:c2:7e:8f:95:95:23:e5:3e:ba:
1a:ca:a7:15:96:dc:0a:19:55:8b:01:48:d2:28:5d:
c2:e3:5f:61:21:c5:5f:fd:98:ab:5c:73:44:d6:12:
3c:7b:a4:90:9c:fc:86:46:69:67:0f:36:09:21:f5:
47:82:35:cc:10:84:f8:ab:b8:cd:cc:72:4d:d2:5c:
de:91:50:89:48:1f:a0:68:ba:0c:46:ee:0f:76:6a:
21:e8:75:83:7e:48:9a:5c:dc:56:6d:c8:70:3b:24:
bb:37:cb:3e:8f:6e:8d:fe:c9:de:1d:e0:2b:cb:e4:
50:bb:74:9f:d2:24:82:de:90:77:db:6e:ae:a5:26:
a9:ae:b6:76:8e:e3:df:de:b3:2c:64:05:04:03:96:
c3:33:0f:9f:71:83:00:4a:b8:e3:9a:c5:72:05:cc:
93:a9:39:82:9b:e1:c2:fd:56:21:bd:05:45:c8:b0:
80:66:c6:e4:39:8b:a2:bb:2c:a9:05:de:d4:6b:07:
08:88:91:d6:77:bf:60:dc:32:f3:a9:31:5a:10:58:
1e:db:2d:a8:bc:cc:b0:70:89:7a:8a:22:14:60:2d:
ab:14:0d:9e:b3:38:76:72:bf:24:a1:3c:62:13:91:
e2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D9:61:F2:26:5E:8D:B7:26:9B:03:5E:30:5C:E3:41:58:6E:D0:70
X509v3 Authority Key Identifier:
keyid:C9:12:B0:54:CA:43:A9:34:C1:77:57:33:D8:4B:F1:6E:48:56:BE:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E1FA/A2D5EE5E45A311F095EFFD48C4F9AE02/yRKwVMpDqTTBd1cz2EvxbkhWvvA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yRKwVMpDqTTBd1cz2EvxbkhWvvA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E1FA/A2D5EE5E45A311F095EFFD48C4F9AE02/2D02B05845A411F0AFF2D349C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.93.248.0/22
Signature Algorithm: sha256WithRSAEncryption
71:87:de:6e:79:3f:96:44:71:63:f2:47:fb:7c:44:9d:4f:d9:
6b:90:d6:20:e0:a5:23:b5:ee:28:6e:32:33:0c:fb:09:b6:c2:
a8:13:53:2a:62:5e:15:f0:cd:d8:82:c9:a2:e2:ae:ed:6c:01:
1f:89:de:90:e0:13:f0:2c:94:b5:ea:d0:2d:ce:aa:83:05:9c:
9b:1c:89:1b:e4:be:d8:e1:3e:44:13:e7:c3:43:94:87:79:de:
3f:fa:46:4f:27:81:04:c4:7b:8d:24:73:93:91:a0:d2:68:d6:
6f:8a:0b:8c:5c:8b:06:b3:47:70:d4:af:c5:ff:35:ab:64:36:
b4:0a:a2:fa:b2:ba:73:9d:1e:92:f6:cf:02:9a:51:18:3b:68:
6a:f0:a5:ca:11:14:05:85:74:b3:53:a4:88:8e:7b:be:18:8e:
58:cd:92:c0:bc:de:db:c9:e2:fe:1e:da:23:9b:6a:b5:08:eb:
4f:52:45:bd:4f:b1:23:73:56:d2:a3:e4:e9:2c:a4:d0:c0:a5:
d6:8a:30:8e:15:65:7b:71:a6:44:d7:e6:c9:47:99:1c:a1:44:
5a:91:32:c3:26:0b:96:30:55:66:68:70:60:7c:a4:a6:c1:be:
bf:d8:1b:21:32:db:3e:45:f7:e2:3b:97:b5:b2:cc:48:5e:31:
a2:3a:5f:51
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RTFGQTExMC8GA1UEBRMoQzkxMkIwNTRDQTQzQTkzNEMxNzc1NzMzRDg0QkYxNkU0
ODU2QkVGMDAeFw0yNTA2MTAwMjM5NDhaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4NDc5YWY0LTkxMmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDK2kRW6ljzTLDVfy9FKMj4DXB3msJ+j5WVI+U+uhrKpxWW3AoZVYsBSNIoXcLj
X2EhxV/9mKtcc0TWEjx7pJCc/IZGaWcPNgkh9UeCNcwQhPiruM3Mck3SXN6RUIlI
H6BougxG7g92aiHodYN+SJpc3FZtyHA7JLs3yz6Pbo3+yd4d4CvL5FC7dJ/SJILe
kHfbbq6lJqmutnaO49/esyxkBQQDlsMzD59xgwBKuOOaxXIFzJOpOYKb4cL9ViG9
BUXIsIBmxuQ5i6K7LKkF3tRrBwiIkdZ3v2DcMvOpMVoQWB7bLai8zLBwiXqKIhRg
LasUDZ6zOHZyvyShPGITkeInAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNNlh8iZe
jbcmmwNeMFzjQVhu0HAwHwYDVR0jBBgwFoAUyRKwVMpDqTTBd1cz2EvxbkhWvvAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFMUZBL0EyRDVFRTVFNDVB
MzExRjA5NUVGRkQ0OEM0RjlBRTAyL3lSS3dWTXBEcVRUQmQxY3oyRXZ4YmtoV3Z2
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveVJLd1ZNcERxVFRCZDFjejJFdnhia2hXdnZBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RTFGQS9BMkQ1RUU1RTQ1QTMxMUYwOTVFRkZENDhDNEY5QUUwMi8yRDAyQjA1ODQ1
QTQxMUYwQUZGMkQzNDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAspd+DANBgkqhkiG9w0BAQsFAAOCAQEAcYfebnk/lkRxY/JH
+3xEnU/Za5DWIOClI7XuKG4yMwz7CbbCqBNTKmJeFfDN2ILJouKu7WwBH4nekOAT
8CyUterQLc6qgwWcmxyJG+S+2OE+RBPnw0OUh3neP/pGTyeBBMR7jSRzk5Gg0mjW
b4oLjFyLBrNHcNSvxf81q2Q2tAqi+rK6c50ekvbPAppRGDtoavClyhEUBYV0s1Ok
iI57vhiOWM2SwLze28ni/h7aI5tqtQjrT1JFvU+xI3NW0qPk6Syk0MCl1oowjhVl
e3GmRNfmyUeZHKFEWpEywyYLljBVZmhwYHykpsG+v9gbITLbPkX34juXtbLMSF4x
ojpfUQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 04:57:56 2025 by rpki-client