Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9FB66842D77D11EE90D4B40AC4F9AE02.roa
File: 9FB66842D77D11EE90D4B40AC4F9AE02.roa (raw, json)
Hash identifier: 2CSOrQzHKQshsSU76qf4hcoE4TkR1Oin50a++ATQ188=
Subject key identifier: 32:04:BF:A5:84:A5:1E:D1:E2:6E:95:F1:9B:9F:5F:20:6A:D7:7A:D0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C14B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9FB66842D77D11EE90D4B40AC4F9AE02.roa
Signing time: Wed 30 Jul 2025 09:55:19 +0000
ROA not before: Wed 30 Jul 2025 09:55:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 103.54.236.0/24 maxlen: 24
103.94.140.0/24 maxlen: 24
103.94.240.0/22 maxlen: 24
103.96.100.0/22 maxlen: 24
103.166.180.0/24 maxlen: 24
103.167.152.0/23 maxlen: 24
103.233.120.0/24 maxlen: 24
163.61.117.0/24 maxlen: 24
203.78.131.0/24 maxlen: 24
2001:df6:9580::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 08 Aug 2025 10:23:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49483 (0xc14b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 30 09:55:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6889ec07-f5af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ca:05:6e:f8:3c:19:3e:06:5b:9a:60:5e:3c:
06:55:14:db:9f:db:a2:91:9a:80:c6:ae:3f:1b:15:
99:75:95:eb:70:14:f2:e7:9b:3d:97:ed:c9:a4:b5:
9b:b5:25:45:c0:92:2e:9a:66:fe:b3:d5:5d:b1:27:
50:27:ae:c1:1e:87:0c:ad:e8:8e:dc:53:d5:e8:d1:
f5:81:af:90:25:1f:11:d6:b5:d1:c3:d7:49:8e:0b:
fb:f0:c5:bc:4e:ab:87:86:33:00:4c:3e:b3:3a:b6:
c5:2a:8d:9d:7b:c2:a1:36:d7:b1:4e:ff:d6:32:65:
ba:30:52:89:b3:3f:4e:6b:aa:eb:16:bb:9a:2a:88:
cf:18:ed:cb:7e:b6:e5:7c:ee:9f:de:f1:c0:b7:5b:
0d:71:ab:c9:10:6f:ec:39:48:c9:4f:9b:5f:f3:71:
3e:e5:eb:93:3f:ee:b2:ab:09:de:61:97:df:f1:b9:
05:5f:59:29:3d:ea:38:47:ac:e0:3f:f2:ec:ca:e0:
ca:fb:2d:70:c4:53:9c:16:c4:1e:67:62:82:6f:1c:
e4:a4:e6:18:ca:df:1f:3a:44:f2:c8:f6:7f:84:47:
10:a1:6f:d9:d0:33:fe:43:0b:51:d6:a5:00:c7:97:
d6:0f:72:c6:28:dc:09:6d:88:8b:4c:b8:80:c1:12:
6c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:04:BF:A5:84:A5:1E:D1:E2:6E:95:F1:9B:9F:5F:20:6A:D7:7A:D0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9FB66842D77D11EE90D4B40AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.236.0/24
103.94.140.0/24
103.94.240.0/22
103.96.100.0/22
103.166.180.0/24
103.167.152.0/23
103.233.120.0/24
163.61.117.0/24
203.78.131.0/24
IPv6:
2001:df6:9580::/48
Signature Algorithm: sha256WithRSAEncryption
6a:a0:e8:48:df:94:7c:43:ee:38:29:86:75:9a:79:3f:e0:85:
d1:a6:b9:9d:b6:d1:15:52:02:bf:01:aa:a2:a0:ca:37:13:7e:
22:5f:c8:a3:23:14:9c:a9:0e:09:72:39:2b:cb:f5:bb:7b:5f:
ee:a5:8d:a6:03:89:6e:d1:3d:b2:ec:f6:96:5f:4a:72:8a:22:
92:00:f6:5e:44:e6:95:12:b0:b6:0c:4f:c6:44:cf:4e:eb:5a:
69:de:6f:df:08:49:36:9f:5c:ed:18:29:9f:ce:c2:a0:e5:28:
9a:02:7f:f0:2e:27:f9:d5:14:61:3d:0e:c0:90:18:0b:a5:59:
fe:b5:b3:55:49:de:7a:35:a6:e2:ce:3b:50:a6:a0:42:bb:48:
fd:72:44:fa:0a:80:1e:c9:d5:00:78:44:75:5c:d1:5f:98:de:
b5:b6:f7:75:19:28:dd:40:ea:b4:44:ce:96:4c:02:a6:a7:e5:
94:26:6a:f3:89:ea:aa:bc:30:fd:a3:38:a3:9d:a8:1e:ce:77:
96:36:e2:95:ae:f9:37:ca:e9:b7:f6:6f:ac:43:e8:38:c5:4c:
42:29:16:b1:a7:1d:3c:21:55:94:58:7c:16:95:56:86:ae:5f:
e9:10:e0:bc:89:6a:31:ed:8c:ef:c5:ab:fc:25:61:1c:b9:40:
7d:7c:0f:9b
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgIDAMFLMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDczMDA5NTUxOVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjg4OWVjMDctZjVhZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLKBW74PBk+BluaYF48BlUU25/bopGagMauPxsVmXWV63AU8uebPZftyaS1
m7UlRcCSLppm/rPVXbEnUCeuwR6HDK3ojtxT1ejR9YGvkCUfEda10cPXSY4L+/DF
vE6rh4YzAEw+szq2xSqNnXvCoTbXsU7/1jJlujBSibM/Tmuq6xa7miqIzxjty362
5Xzun97xwLdbDXGryRBv7DlIyU+bX/NxPuXrkz/usqsJ3mGX3/G5BV9ZKT3qOEes
4D/y7MrgyvstcMRTnBbEHmdigm8c5KTmGMrfHzpE8sj2f4RHEKFv2dAz/kMLUdal
AMeX1g9yxijcCW2Ii0y4gMESbMECAwEAAaOCAtYwggLSMB0GA1UdDgQWBBQyBL+l
hKUe0eJulfGbn18gatd60DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzlGQjY2ODQy
RDc3RDExRUU5MEQ0QjQwQUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGAGCCsGAQUFBwEHAQH/
BFEwTzA8BAIAATA2AwQAZzbsAwQAZ16MAwQCZ17wAwQCZ2BkAwQAZ6a0AwQBZ6eY
AwQAZ+l4AwQAoz11AwQAy06DMA8EAgACMAkDBwAgAQ32lYAwDQYJKoZIhvcNAQEL
BQADggEBAGqg6EjflHxD7jgphnWaeT/ghdGmuZ220RVSAr8BqqKgyjcTfiJfyKMj
FJypDglyOSvL9bt7X+6ljaYDiW7RPbLs9pZfSnKKIpIA9l5E5pUSsLYMT8ZEz07r
Wmneb98ISTafXO0YKZ/OwqDlKJoCf/AuJ/nVFGE9DsCQGAulWf61s1VJ3no1puLO
O1CmoEK7SP1yRPoKgB7J1QB4RHVc0V+Y3rW293UZKN1A6rREzpZMAqan5ZQmavOJ
6qq8MP2jOKOdqB7Od5Y24pWu+TfK6bf2b6xD6DjFTEIpFrGnHTwhVZRYfBaVVoau
X+kQ4LyJajHtjO/Fq/wlYRy5QH18D5s=
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:03:17 2025 by rpki-client