Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/621656F62F0F11F0B5C79F71C4F9AE02.roa
File: 621656F62F0F11F0B5C79F71C4F9AE02.roa (raw, json)
Hash identifier: /W1UuqSkUzoqbuOA7VHnXskBxIxqls7J1eku+b51LTQ=
Subject key identifier: 31:28:8F:A1:1C:70:BD:4B:39:B5:3E:36:C8:B8:84:59:6F:2F:BA:54
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BAA5
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/621656F62F0F11F0B5C79F71C4F9AE02.roa
Signing time: Mon 12 May 2025 08:59:17 +0000
ROA not before: Mon 12 May 2025 08:59:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 750
IP address blocks: 103.38.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 May 2025 18:23:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47781 (0xbaa5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 12 08:59:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6821b864-6368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:97:71:cf:9d:58:52:dc:b5:9f:ef:0e:29:65:
5f:57:6d:eb:7d:53:e8:0e:4c:85:43:42:d7:43:30:
ce:36:e3:be:00:a2:f8:f1:87:4d:3d:3e:06:e7:da:
ce:bd:aa:80:e9:71:ee:67:67:42:1b:a3:6b:c6:5d:
ae:01:78:de:67:ad:46:dd:54:25:a5:f9:28:2f:2a:
f5:f5:4a:c1:a4:2c:c7:5a:22:5c:84:58:62:23:9d:
cc:51:16:e2:c6:17:e8:3b:69:90:e0:4c:1c:b1:46:
78:60:f4:64:39:8d:3b:18:12:54:79:95:6c:35:23:
e0:94:ff:62:25:ff:71:ff:50:3e:48:5e:f3:9c:4e:
56:33:cf:6c:60:c5:86:39:3f:92:7f:1b:07:f6:51:
cf:2b:ab:28:df:b1:26:48:0b:d2:fb:79:53:94:e1:
f9:a0:0f:9c:10:77:a4:be:31:35:cb:b1:b5:63:bc:
5a:e7:a4:04:b9:f3:a5:33:b5:08:29:6e:a4:f3:74:
ba:1a:9e:02:2c:74:a5:85:8b:e2:64:e8:d5:a3:44:
ce:00:c2:26:5b:b6:cd:b5:47:ba:82:45:a1:34:6d:
07:7e:a2:bf:7a:cf:a9:61:71:59:b6:ef:e4:9f:e3:
82:ed:52:e7:10:a8:c4:fe:77:9c:5c:19:f8:9c:f2:
40:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:28:8F:A1:1C:70:BD:4B:39:B5:3E:36:C8:B8:84:59:6F:2F:BA:54
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/621656F62F0F11F0B5C79F71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.38.150.0/24
Signature Algorithm: sha256WithRSAEncryption
10:f5:08:c9:c7:6d:f7:1a:f1:4f:65:5b:77:0d:a8:6f:d2:4c:
f5:7b:55:1a:e5:7f:99:42:69:38:49:7b:b6:08:07:bd:7e:f6:
d2:45:c3:93:e7:7a:26:f8:d1:19:b9:9c:a5:0e:33:9e:35:6a:
c4:bc:0b:8d:12:a5:b4:5c:a2:78:ab:a9:60:21:38:71:af:fc:
c5:56:08:58:05:f1:b2:35:e1:b7:03:4f:7e:30:5a:96:c3:bc:
90:d8:ee:2d:ca:0d:4f:62:52:44:1e:ae:40:bb:10:bb:4d:71:
83:ed:27:57:f4:45:d4:b4:ba:13:e5:d4:9d:9c:84:a2:f6:7b:
ac:ee:a1:d8:26:58:46:22:fb:cf:d7:76:a0:4f:61:95:99:50:
a1:f2:cd:42:9f:a6:43:45:79:bd:13:d3:82:07:c5:29:a9:8f:
61:76:e6:2b:f9:94:c9:3c:96:1d:d7:e4:13:c5:c9:fb:7f:49:
58:5c:9f:60:7f:84:a4:e6:36:fa:ac:bd:11:81:73:e3:68:d7:
5d:93:53:7c:cc:f0:9e:16:af:e0:03:3b:0c:01:7a:01:b9:84:
ae:ad:33:a1:27:c6:ef:54:80:e1:04:e1:77:97:c2:8f:36:da:
e3:4b:cb:3e:b4:53:83:6d:c1:77:e1:10:67:89:1f:8e:61:1b:
d9:86:f9:02
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDALqlMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUxMjA4NTkxN1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgyMWI4NjQtNjM2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6Xcc+dWFLctZ/vDillX1dt631T6A5MhUNC10MwzjbjvgCi+PGHTT0+Bufa
zr2qgOlx7mdnQhuja8ZdrgF43metRt1UJaX5KC8q9fVKwaQsx1oiXIRYYiOdzFEW
4sYX6DtpkOBMHLFGeGD0ZDmNOxgSVHmVbDUj4JT/YiX/cf9QPkhe85xOVjPPbGDF
hjk/kn8bB/ZRzyurKN+xJkgL0vt5U5Th+aAPnBB3pL4xNcuxtWO8WuekBLnzpTO1
CClupPN0uhqeAix0pYWL4mTo1aNEzgDCJlu2zbVHuoJFoTRtB36iv3rPqWFxWbbv
5J/jgu1S5xCoxP53nFwZ+JzyQJsCAwEAAaOCApUwggKRMB0GA1UdDgQWBBQxKI+h
HHC9Szm1PjbIuIRZby+6VDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzYyMTY1NkY2
MkYwRjExRjBCNUM3OUY3MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAZyaWMA0GCSqGSIb3DQEBCwUAA4IBAQAQ9QjJx233GvFP
ZVt3Dahv0kz1e1Ua5X+ZQmk4SXu2CAe9fvbSRcOT53om+NEZuZylDjOeNWrEvAuN
EqW0XKJ4q6lgIThxr/zFVghYBfGyNeG3A09+MFqWw7yQ2O4tyg1PYlJEHq5AuxC7
TXGD7SdX9EXUtLoT5dSdnISi9nus7qHYJlhGIvvP13agT2GVmVCh8s1Cn6ZDRXm9
E9OCB8UpqY9hduYr+ZTJPJYd1+QTxcn7f0lYXJ9gf4Sk5jb6rL0RgXPjaNddk1N8
zPCeFq/gAzsMAXoBuYSurTOhJ8bvVIDhBOF3l8KPNtrjS8s+tFODbcF34RBniR+O
YRvZhvkC
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:41:17 2025 by rpki-client