Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/C87A727C2F8411EBA83F6F6DC4F9AE02.roa
File: C87A727C2F8411EBA83F6F6DC4F9AE02.roa (raw, json)
Hash identifier: /SRmihftHKIhHGbmPbmMSdEKRwwhlOXr3oiEzfKgqYY=
Subject key identifier: 37:32:8D:EE:FE:81:BD:25:78:E4:34:88:8B:18:21:4D:B4:AB:B1:FA
Certificate issuer: /CN=A91B5486/serialNumber=2E304A3D92499D9D7D338A3EA02F7C5348425B17
Certificate serial: 0928
Authority key identifier: 2E:30:4A:3D:92:49:9D:9D:7D:33:8A:3E:A0:2F:7C:53:48:42:5B:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LjBKPZJJnZ19M4o-oC98U0hCWxc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/C87A727C2F8411EBA83F6F6DC4F9AE02.roa
Signing time: Wed 26 Mar 2025 20:30:54 +0000
ROA not before: Wed 26 Mar 2025 20:30:54 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 140951
IP address blocks: 45.248.200.0/22 maxlen: 24
103.23.168.0/24 maxlen: 24
103.23.169.0/24 maxlen: 24
103.23.170.0/24 maxlen: 24
103.23.171.0/24 maxlen: 24
103.217.160.0/24 maxlen: 24
103.217.161.0/24 maxlen: 24
103.217.162.0/23 maxlen: 23
103.217.162.0/24 maxlen: 24
103.217.163.0/24 maxlen: 24
103.242.73.0/24 maxlen: 24
103.242.74.0/24 maxlen: 24
103.242.75.0/24 maxlen: 24
220.158.134.0/24 maxlen: 24
2401:47c0:1e00::/40 maxlen: 40
2401:47c0:1f00::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 31 Mar 2025 04:44:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2344 (0x928)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5486, serialNumber=2E304A3D92499D9D7D338A3EA02F7C5348425B17
Validity
Not Before: Mar 26 20:30:54 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e463fe-2a61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:eb:f4:d0:36:e8:f9:05:0e:da:8c:45:68:9d:
eb:f8:f1:9b:6e:ce:5d:23:64:77:6b:52:65:83:b3:
1c:09:c6:d7:d1:04:0e:74:05:7f:2f:8d:63:e4:ed:
d3:71:17:4e:33:7b:89:1a:0c:ed:14:2e:1a:53:a1:
d5:2d:94:85:dc:08:b1:f0:ea:43:9a:46:f6:44:ee:
02:bf:fb:9a:ef:e1:73:62:b3:21:e8:20:42:0a:7e:
e4:5f:7b:5a:56:6b:1c:cd:b9:6a:33:e3:35:65:c8:
c9:9f:49:4c:5b:2e:b7:31:0a:6d:31:0f:1a:de:f0:
79:b5:f9:7d:b5:0e:6a:c9:fc:83:3d:82:11:c9:02:
44:58:3e:f9:8e:f1:8a:70:fb:86:d9:83:56:2a:d6:
8e:34:0a:cd:ad:8b:cf:10:88:9d:d3:78:ee:25:79:
1a:d8:01:bc:56:5a:43:86:3e:a7:3f:30:70:d6:3f:
c6:29:17:03:90:ae:e6:2c:0b:d4:46:61:87:bf:9a:
8c:82:06:9d:bb:b7:34:4d:9b:57:ff:b7:0b:f3:79:
d8:b7:f2:2f:88:b1:92:a0:d7:34:7a:91:9d:cb:6f:
46:f5:85:a5:17:5c:7f:88:ef:c5:35:30:ec:be:4a:
d5:6b:48:bd:3d:78:2d:a5:6b:7a:8b:ba:7b:de:40:
0f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:32:8D:EE:FE:81:BD:25:78:E4:34:88:8B:18:21:4D:B4:AB:B1:FA
X509v3 Authority Key Identifier:
keyid:2E:30:4A:3D:92:49:9D:9D:7D:33:8A:3E:A0:2F:7C:53:48:42:5B:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/LjBKPZJJnZ19M4o-oC98U0hCWxc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LjBKPZJJnZ19M4o-oC98U0hCWxc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/C87A727C2F8411EBA83F6F6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.200.0/22
103.23.168.0/22
103.217.160.0/22
103.242.73.0-103.242.75.255
220.158.134.0/24
IPv6:
2401:47c0:1e00::/39
Signature Algorithm: sha256WithRSAEncryption
7f:5d:46:86:58:05:79:e9:f7:8d:16:26:f4:59:77:ff:0d:94:
e9:3d:99:ec:a9:95:c6:2e:40:66:1e:ce:2c:ae:c5:d3:69:a6:
06:37:0c:dd:fd:f9:91:28:a9:41:2f:a8:2e:c7:f9:af:12:24:
70:27:fe:80:be:9e:b0:f4:58:15:fe:33:68:be:4f:90:2a:a3:
b6:96:03:35:78:a3:18:57:51:b5:63:97:49:41:45:54:ee:31:
e6:af:3c:6a:59:92:e9:45:46:ce:08:c4:5d:f8:cb:5d:5b:6b:
dc:df:e4:d1:a5:fa:87:66:2b:28:4f:e1:8f:af:94:a0:6e:39:
b2:79:63:b4:42:38:ad:c1:e5:e5:e8:3a:40:2b:58:4f:a4:b6:
8a:33:5d:05:31:a7:c1:99:6a:dc:38:1a:50:9d:3b:b7:ac:a9:
fd:62:00:fd:74:52:06:6c:57:83:3f:36:be:e3:f1:08:6b:30:
d8:b5:2c:99:aa:c7:5c:98:14:49:5d:2f:bb:8c:42:c4:41:a3:
fc:e2:85:71:3c:33:72:ae:4f:01:14:1b:43:cc:ec:75:19:9b:
b4:6a:de:14:97:85:dd:91:ed:c5:93:af:07:ff:4b:11:d9:2e:
44:3b:55:be:11:aa:22:24:20:0c:97:2a:94:7d:b7:c2:00:f7:
60:87:bf:ad
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICCSgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU0ODYxMTAvBgNVBAUTKDJFMzA0QTNEOTI0OTlEOUQ3RDMzOEEzRUEwMkY3QzUz
NDg0MjVCMTcwHhcNMjUwMzI2MjAzMDU0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0NjNmZS0yYTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5ev00Dbo+QUO2oxFaJ3r+PGbbs5dI2R3a1Jlg7McCcbX0QQOdAV/L41j5O3T
cRdOM3uJGgztFC4aU6HVLZSF3Aix8OpDmkb2RO4Cv/ua7+FzYrMh6CBCCn7kX3ta
VmsczblqM+M1ZcjJn0lMWy63MQptMQ8a3vB5tfl9tQ5qyfyDPYIRyQJEWD75jvGK
cPuG2YNWKtaONArNrYvPEIid03juJXka2AG8VlpDhj6nPzBw1j/GKRcDkK7mLAvU
RmGHv5qMggadu7c0TZtX/7cL83nYt/IviLGSoNc0epGdy29G9YWlF1x/iO/FNTDs
vkrVa0i9PXgtpWt6i7p73kAPiQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFDcyje7+
gb0leOQ0iIsYIU20q7H6MB8GA1UdIwQYMBaAFC4wSj2SSZ2dfTOKPqAvfFNIQlsX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTQ4Ni84NTZBMjQ5Q0E5
ODIxMUVBOTMyREVDNTRDNEY5QUUwMi9MakJLUFpKSm5aMTlNNG8tb0M5OFUwaENX
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xqQktQWkpKbloxOU00by1vQzk4VTBoQ1d4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU0ODYvODU2QTI0OUNBOTgyMTFFQTkzMkRFQzU0QzRGOUFFMDIvQzg3QTcyN0My
Rjg0MTFFQkE4M0Y2RjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MCwEAgABMCYDBAIt+MgDBAJnF6gDBAJn2aAwDAMEAGfySQMEAmfySAMEANye
hjAOBAIAAjAIAwYBJAFHwB4wDQYJKoZIhvcNAQELBQADggEBAH9dRoZYBXnp940W
JvRZd/8NlOk9meyplcYuQGYeziyuxdNppgY3DN39+ZEoqUEvqC7H+a8SJHAn/oC+
nrD0WBX+M2i+T5Aqo7aWAzV4oxhXUbVjl0lBRVTuMeavPGpZkulFRs4IxF34y11b
a9zf5NGl+odmKyhP4Y+vlKBuObJ5Y7RCOK3B5eXoOkArWE+ktoozXQUxp8GZatw4
GlCdO7esqf1iAP10UgZsV4M/Nr7j8QhrMNi1LJmqx1yYFEldL7uMQsRBo/zihXE8
M3KuTwEUG0PM7HUZm7Rq3hSXhd2R7cWTrwf/SxHZLkQ7Vb4RqiIkIAyXKpR9t8IA
92CHv60=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:57:46 2025 by rpki-client