Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919941E/EF1FAD18966E11EDB0ECC069C4F9AE02/A0F15DB6426111F08C1BCE3EC4F9AE02.roa
File: A0F15DB6426111F08C1BCE3EC4F9AE02.roa (raw, json)
Hash identifier: L/ok1aviOWipxx1KymLPgEb6hUwErn216ZR4EsM/CLw=
Subject key identifier: C1:54:A9:84:E8:B6:BA:E2:A9:30:9D:B3:85:83:50:E5:12:1F:ED:0E
Certificate issuer: /CN=A919941E/serialNumber=C13764A0A63A7767F3A475D7A81AE8DF18AFE08D
Certificate serial: 01CB
Authority key identifier: C1:37:64:A0:A6:3A:77:67:F3:A4:75:D7:A8:1A:E8:DF:18:AF:E0:8D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wTdkoKY6d2fzpHXXqBro3xiv4I0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919941E/EF1FAD18966E11EDB0ECC069C4F9AE02/A0F15DB6426111F08C1BCE3EC4F9AE02.roa
Signing time: Thu 05 Jun 2025 23:05:53 +0000
ROA not before: Thu 05 Jun 2025 23:05:53 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 56262
IP address blocks: 103.3.80.0/22 maxlen: 22
103.3.80.0/24 maxlen: 24
103.3.81.0/24 maxlen: 24
103.3.82.0/24 maxlen: 24
103.3.83.0/24 maxlen: 24
182.255.40.0/22 maxlen: 22
182.255.40.0/24 maxlen: 24
182.255.41.0/24 maxlen: 24
182.255.42.0/24 maxlen: 24
182.255.43.0/24 maxlen: 24
2400:9d00::/32 maxlen: 34
Validation: Failed, certificate revoked on Fri 06 Jun 2025 00:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 459 (0x1cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919941E, serialNumber=C13764A0A63A7767F3A475D7A81AE8DF18AFE08D
Validity
Not Before: Jun 5 23:05:53 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=684222d1-3860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:98:56:2c:b8:c9:9a:51:f8:a2:0a:bc:fc:83:
74:36:c4:21:d1:82:76:00:c8:eb:1a:02:4f:16:b3:
0a:30:0e:fb:c7:3d:64:cc:e1:dd:83:a9:df:f2:db:
75:b4:ef:53:4d:e4:67:de:73:6e:66:af:f1:1a:83:
78:f5:e9:0f:27:81:de:5d:7e:c3:33:4d:ed:83:9e:
15:10:02:92:90:b6:fa:52:f2:c6:d3:4c:58:2c:ae:
c3:58:46:45:e0:79:a6:cf:88:14:eb:bd:67:4b:6d:
e4:ea:a2:c4:72:e5:ee:5b:a3:d7:95:dd:c9:19:4c:
b5:7c:7c:e0:96:60:be:9a:fe:69:ed:ec:a2:3c:67:
62:9b:ae:be:8c:c1:ca:d8:64:88:13:5d:c8:da:13:
b7:09:0d:40:aa:b3:88:aa:1b:0c:fc:a9:65:6b:eb:
7a:c0:e8:fc:95:50:31:b9:55:96:8f:55:30:32:1d:
87:9b:c0:31:96:51:a0:b6:db:f4:63:69:cf:f8:e2:
3c:99:83:86:87:56:2e:e4:21:6c:e6:a2:d0:cf:ad:
bf:59:5c:d3:82:1b:89:da:06:58:33:ec:0c:b1:f2:
91:09:3d:bc:60:07:80:ae:fb:9e:27:f7:ac:0e:ff:
11:a3:00:84:bf:88:3a:d2:72:d4:3f:aa:40:80:b1:
d3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:54:A9:84:E8:B6:BA:E2:A9:30:9D:B3:85:83:50:E5:12:1F:ED:0E
X509v3 Authority Key Identifier:
keyid:C1:37:64:A0:A6:3A:77:67:F3:A4:75:D7:A8:1A:E8:DF:18:AF:E0:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919941E/EF1FAD18966E11EDB0ECC069C4F9AE02/wTdkoKY6d2fzpHXXqBro3xiv4I0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wTdkoKY6d2fzpHXXqBro3xiv4I0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919941E/EF1FAD18966E11EDB0ECC069C4F9AE02/A0F15DB6426111F08C1BCE3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.3.80.0/22
182.255.40.0/22
IPv6:
2400:9d00::/32
Signature Algorithm: sha256WithRSAEncryption
ce:6f:ef:2b:3f:69:fa:4c:f8:b1:0f:d3:5d:84:ae:52:ad:02:
11:d8:54:b4:39:30:67:76:dc:da:c8:0a:46:40:7d:ff:7c:b2:
99:79:fa:f1:71:ff:a6:97:ed:e3:0f:c2:ea:3f:47:aa:0c:a6:
9e:cd:ff:f3:17:cc:c1:7a:5f:d3:57:8a:87:f2:a6:95:f5:bf:
1e:73:63:4c:68:06:07:da:15:a9:63:b6:b8:82:02:3e:34:06:
df:09:a7:68:aa:14:f7:ab:3f:4e:bc:54:31:97:ab:c3:cc:00:
de:08:38:16:3f:63:e9:be:77:97:24:ac:9a:d8:c4:47:aa:ad:
64:24:d2:ba:80:f4:76:3a:44:61:8a:36:0f:74:76:4b:97:f5:
f7:28:6e:a6:5b:83:93:dc:2c:ed:fd:00:43:3d:97:49:78:62:
09:20:cd:cd:5f:e5:10:f0:70:87:4c:c4:84:e1:d2:79:85:0a:
95:70:da:1e:38:3b:01:e9:bf:7b:75:f9:90:f7:19:2e:e2:4e:
d9:d4:32:3c:6d:6b:5c:06:1d:8a:88:16:b5:00:14:3c:12:cf:
59:a9:75:dd:12:55:52:62:0f:d9:f8:84:c4:24:5f:ea:cb:f8:
79:e7:2c:96:22:71:e9:e2:cf:74:f5:00:9b:d2:d6:ac:2f:cf:
fe:63:81:a5
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAcswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk0MUUxMTAvBgNVBAUTKEMxMzc2NEEwQTYzQTc3NjdGM0E0NzVEN0E4MUFFOERG
MThBRkUwOEQwHhcNMjUwNjA1MjMwNTUzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQyMjJkMS0zODYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwJhWLLjJmlH4ogq8/IN0NsQh0YJ2AMjrGgJPFrMKMA77xz1kzOHdg6nf8tt1
tO9TTeRn3nNuZq/xGoN49ekPJ4HeXX7DM03tg54VEAKSkLb6UvLG00xYLK7DWEZF
4Hmmz4gU671nS23k6qLEcuXuW6PXld3JGUy1fHzglmC+mv5p7eyiPGdim66+jMHK
2GSIE13I2hO3CQ1AqrOIqhsM/Klla+t6wOj8lVAxuVWWj1UwMh2Hm8AxllGgttv0
Y2nP+OI8mYOGh1Yu5CFs5qLQz62/WVzTghuJ2gZYM+wMsfKRCT28YAeArvueJ/es
Dv8RowCEv4g60nLUP6pAgLHTRQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMFUqYTo
trriqTCds4WDUOUSH+0OMB8GA1UdIwQYMBaAFME3ZKCmOndn86R116ga6N8Yr+CN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTQxRS9FRjFGQUQxODk2
NkUxMUVEQjBFQ0MwNjlDNEY5QUUwMi93VGRrb0tZNmQyZnpwSFhYcUJybzN4aXY0
STAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dUZGtvS1k2ZDJmenBIWFhxQnJvM3hpdjRJMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTk0MUUvRUYxRkFEMTg5NjZFMTFFREIwRUNDMDY5QzRGOUFFMDIvQTBGMTVEQjY0
MjYxMTFGMDhDMUJDRTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnA1ADBAK2/ygwDQQCAAIwBwMFACQAnQAwDQYJKoZIhvcN
AQELBQADggEBAM5v7ys/afpM+LEP012ErlKtAhHYVLQ5MGd23NrICkZAff98spl5
+vFx/6aX7eMPwuo/R6oMpp7N//MXzMF6X9NXiofyppX1vx5zY0xoBgfaFaljtriC
Aj40Bt8Jp2iqFPerP068VDGXq8PMAN4IOBY/Y+m+d5ckrJrYxEeqrWQk0rqA9HY6
RGGKNg90dkuX9fcobqZbg5PcLO39AEM9l0l4Ygkgzc1f5RDwcIdMxITh0nmFCpVw
2h44OwHpv3t1+ZD3GS7iTtnUMjxta1wGHYqIFrUAFDwSz1mpdd0SVVJiD9n4hMQk
X+rL+HnnLJYiceniz3T1AJvS1qwvz/5jgaU=
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:56:46 2025 by rpki-client