Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/48DBC234F4DB11EFAC0A7D1AC4F9AE02.roa
File: 48DBC234F4DB11EFAC0A7D1AC4F9AE02.roa (raw, json)
Hash identifier: 1juWVEJdpVvxcysPlxjTYHdeM8Sy9YBTQMd85ckDhFc=
Subject key identifier: 12:0A:4F:D5:C6:00:EA:29:D3:6B:E7:14:81:3E:F1:12:AD:AE:47:5A
Certificate issuer: /CN=A9191E08/serialNumber=33B6953295801038F017FA65D470781A5CC772C0
Certificate serial: 033A
Authority key identifier: 33:B6:95:32:95:80:10:38:F0:17:FA:65:D4:70:78:1A:5C:C7:72:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M7aVMpWAEDjwF_pl1HB4GlzHcsA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/48DBC234F4DB11EFAC0A7D1AC4F9AE02.roa
Signing time: Tue 20 May 2025 09:26:48 +0000
ROA not before: Tue 20 May 2025 09:26:48 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 153494
IP address blocks: 45.122.136.0/23 maxlen: 24
45.122.138.0/24 maxlen: 24
45.122.139.0/24 maxlen: 24
103.63.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 14:09:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 826 (0x33a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191E08, serialNumber=33B6953295801038F017FA65D470781A5CC772C0
Validity
Not Before: May 20 09:26:48 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=682c4ad8-2829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fe:9d:c0:09:75:e7:e9:6e:00:8f:bf:ad:8b:
6b:6d:81:79:9c:5b:aa:8b:dd:1a:51:a2:10:90:88:
d0:3a:9d:75:92:12:c6:d5:f0:e2:df:11:47:b1:e8:
78:e0:60:df:d1:e1:eb:a8:d8:8f:29:a0:13:02:1b:
a0:8f:22:96:aa:f4:5a:02:1b:f7:b2:7d:a7:90:16:
69:50:4e:bc:c2:1a:29:df:11:3a:ef:25:7f:5d:19:
30:91:02:f5:7d:3c:58:94:bd:9e:ee:e7:db:60:f7:
9d:7e:2d:9d:14:52:c2:dc:27:aa:4f:83:0e:1f:7a:
99:78:1b:23:e1:04:ab:f2:0a:ed:3a:5a:64:b0:04:
ce:7a:a1:b8:d2:48:34:9a:63:37:32:38:fd:dc:6e:
97:fc:4b:6a:4d:37:0c:08:17:16:8d:c3:18:ab:ca:
8b:97:43:cb:24:4a:47:c1:68:ae:a7:60:37:0e:7c:
c1:75:2a:f5:a8:a8:d3:2f:61:71:10:c9:ee:f0:07:
1d:91:ba:4b:0a:04:dd:69:1e:a7:70:a9:b3:d9:26:
e1:3d:41:49:05:9b:df:10:06:e1:43:a3:51:03:fd:
7c:02:3b:8f:8e:78:29:70:b0:62:9b:43:83:ba:b7:
18:ec:db:6d:6b:99:12:6d:a6:cf:95:aa:17:d2:46:
83:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0A:4F:D5:C6:00:EA:29:D3:6B:E7:14:81:3E:F1:12:AD:AE:47:5A
X509v3 Authority Key Identifier:
keyid:33:B6:95:32:95:80:10:38:F0:17:FA:65:D4:70:78:1A:5C:C7:72:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/M7aVMpWAEDjwF_pl1HB4GlzHcsA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M7aVMpWAEDjwF_pl1HB4GlzHcsA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/48DBC234F4DB11EFAC0A7D1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.122.136.0/22
103.63.4.0/22
Signature Algorithm: sha256WithRSAEncryption
60:73:60:17:43:fb:10:54:3a:62:94:8e:d6:fb:e3:8e:7c:a1:
32:46:24:ca:c0:78:6d:b5:ad:35:76:65:24:86:86:5f:64:8f:
c0:1a:63:af:8b:fd:11:10:fd:40:39:c4:71:cf:57:c5:55:9d:
4a:09:4b:9e:04:61:1d:59:ec:bb:89:ba:5b:35:3c:63:99:b1:
56:77:ca:52:65:c6:3f:cd:ce:f8:4f:eb:41:3c:5b:db:1b:29:
69:76:be:75:5b:58:80:18:1c:21:d7:b2:70:70:ad:a2:da:f7:
eb:90:96:02:a8:c4:74:d0:74:c7:5b:c9:80:9d:58:16:d9:37:
2d:40:e5:16:db:33:04:65:03:86:c7:26:54:b3:0c:33:9e:20:
1d:16:19:aa:f2:8c:6b:f8:51:a4:4d:8a:c6:4d:6c:0a:e3:83:
80:95:4c:71:79:65:20:39:80:15:e4:b1:2e:17:98:1d:e3:93:
70:99:3d:63:0c:07:c1:fb:b5:b2:47:3e:d0:1c:2b:26:24:d0:
f3:5d:2a:7e:ca:96:3e:f5:68:64:84:b3:d9:92:ca:98:34:df:
5a:5f:81:af:be:79:b8:03:56:df:33:34:6d:1f:db:04:3e:b8:
17:5f:ef:fb:6d:f0:e3:2e:b8:0e:64:d8:df:f0:94:39:84:2c:
02:aa:24:be
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAzowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTFFMDgxMTAvBgNVBAUTKDMzQjY5NTMyOTU4MDEwMzhGMDE3RkE2NUQ0NzA3ODFB
NUNDNzcyQzAwHhcNMjUwNTIwMDkyNjQ4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJjNGFkOC0yODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwv6dwAl15+luAI+/rYtrbYF5nFuqi90aUaIQkIjQOp11khLG1fDi3xFHseh4
4GDf0eHrqNiPKaATAhugjyKWqvRaAhv3sn2nkBZpUE68whop3xE67yV/XRkwkQL1
fTxYlL2e7ufbYPedfi2dFFLC3CeqT4MOH3qZeBsj4QSr8grtOlpksATOeqG40kg0
mmM3Mjj93G6X/EtqTTcMCBcWjcMYq8qLl0PLJEpHwWiup2A3DnzBdSr1qKjTL2Fx
EMnu8AcdkbpLCgTdaR6ncKmz2SbhPUFJBZvfEAbhQ6NRA/18AjuPjngpcLBim0OD
urcY7Ntta5kSbabPlaoX0kaDEQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBIKT9XG
AOop02vnFIE+8RKtrkdaMB8GA1UdIwQYMBaAFDO2lTKVgBA48Bf6ZdRweBpcx3LA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUUwOC85RUM2MzFFQ0M2
MDkxMUVDQjQ2MEVDNTdDNEY5QUUwMi9NN2FWTXBXQUVEandGX3BsMUhCNEdsekhj
c0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL003YVZNcFdBRURqd0ZfcGwxSEI0R2x6SGNzQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTFFMDgvOUVDNjMxRUNDNjA5MTFFQ0I0NjBFQzU3QzRGOUFFMDIvNDhEQkMyMzRG
NERCMTFFRkFDMEE3RDFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIteogDBAJnPwQwDQYJKoZIhvcNAQELBQADggEBAGBzYBdD
+xBUOmKUjtb74458oTJGJMrAeG21rTV2ZSSGhl9kj8AaY6+L/REQ/UA5xHHPV8VV
nUoJS54EYR1Z7LuJuls1PGOZsVZ3ylJlxj/NzvhP60E8W9sbKWl2vnVbWIAYHCHX
snBwraLa9+uQlgKoxHTQdMdbyYCdWBbZNy1A5RbbMwRlA4bHJlSzDDOeIB0WGary
jGv4UaRNisZNbArjg4CVTHF5ZSA5gBXksS4XmB3jk3CZPWMMB8H7tbJHPtAcKyYk
0PNdKn7Klj71aGSEs9mSypg031pfga++ebgDVt8zNG0f2wQ+uBdf7/tt8OMuuA5k
2N/wlDmELAKqJL4=
-----END CERTIFICATE-----
Generated at Fri Jun 20 20:49:54 2025 by rpki-client