Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/65135058B2EF11EFA714C563C4F9AE02.roa
File: 65135058B2EF11EFA714C563C4F9AE02.roa (raw, json)
Hash identifier: 3IF9HOiwqmF8aQspXysxqzNeFw3iwra0aiBg+YPiSks=
Subject key identifier: 34:94:DF:56:A3:D3:05:E6:44:15:BB:42:05:D3:CF:D5:7E:22:EC:7F
Certificate issuer: /CN=A91C55CE/serialNumber=828A47D3AC6E6B036011C23323170A9731BAD224
Certificate serial: 79
Authority key identifier: 82:8A:47:D3:AC:6E:6B:03:60:11:C2:33:23:17:0A:97:31:BA:D2:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gopH06xuawNgEcIzIxcKlzG60iQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/65135058B2EF11EFA714C563C4F9AE02.roa
Signing time: Fri 18 Apr 2025 11:55:10 +0000
ROA not before: Fri 18 Apr 2025 11:55:10 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 62610
IP address blocks: 45.121.212.0/24 maxlen: 24
45.121.213.0/24 maxlen: 24
45.121.214.0/24 maxlen: 24
103.62.52.0/24 maxlen: 24
103.62.53.0/24 maxlen: 24
103.62.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Apr 2025 02:16:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121 (0x79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C55CE, serialNumber=828A47D3AC6E6B036011C23323170A9731BAD224
Validity
Not Before: Apr 18 11:55:10 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68023d9e-b1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b6:e9:a1:c4:8b:ab:e7:90:66:dc:35:d5:5a:
77:10:8c:6c:66:69:f4:fc:d2:af:71:93:a2:2e:ce:
fd:f0:7f:57:d1:ec:00:de:d9:da:f7:ff:46:a4:b4:
b6:32:9f:43:84:68:e4:19:7c:3e:d6:09:b6:06:33:
bd:e9:e6:73:7b:c0:85:32:07:1d:6e:4b:7d:37:fe:
56:20:db:3e:f9:60:d7:9b:0a:89:1b:33:17:a5:51:
96:65:37:06:6e:61:fe:e0:07:ef:36:2b:00:09:b2:
c2:5c:8d:68:8c:8c:0b:1c:e3:c2:d2:d6:9d:d4:a8:
6f:28:9c:4a:f0:69:55:9f:d6:60:65:5d:70:fd:d8:
4d:71:7c:fd:52:8c:3a:f0:79:14:a0:55:97:3d:97:
83:32:f2:b0:18:f2:5b:83:71:ce:22:7c:73:16:be:
66:88:4b:71:c2:a2:6f:91:aa:f6:e9:9c:25:4c:0f:
99:f9:69:ab:41:10:f0:86:bf:39:fb:3e:2c:fc:90:
c9:b8:9f:8f:be:38:7d:af:85:29:5c:64:31:c8:b0:
59:3f:bf:3d:e8:ed:45:5f:9c:16:bd:d2:9e:a3:59:
6b:4a:59:aa:1e:48:f6:dd:0c:d5:0a:9f:0b:97:5f:
a7:22:25:63:3d:ca:7e:de:a8:88:d5:5f:1c:72:67:
9b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:94:DF:56:A3:D3:05:E6:44:15:BB:42:05:D3:CF:D5:7E:22:EC:7F
X509v3 Authority Key Identifier:
keyid:82:8A:47:D3:AC:6E:6B:03:60:11:C2:33:23:17:0A:97:31:BA:D2:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/gopH06xuawNgEcIzIxcKlzG60iQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gopH06xuawNgEcIzIxcKlzG60iQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/65135058B2EF11EFA714C563C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.121.212.0-45.121.214.255
103.62.52.0-103.62.54.255
Signature Algorithm: sha256WithRSAEncryption
55:e5:09:ed:e1:d9:7b:5d:37:7b:18:b1:70:97:2f:d9:8e:b2:
8d:28:a1:e6:cc:cf:b9:2d:6e:1a:3e:ef:5d:15:cb:9d:82:64:
3b:b7:8c:45:dc:c3:37:35:22:fe:24:63:f7:15:f5:c8:d0:df:
c1:34:15:c1:6c:56:ef:5e:8a:6c:f2:f7:86:74:a9:af:40:bf:
59:2b:0e:c3:55:f6:02:a7:0e:f6:d3:31:f3:36:a6:cd:13:84:
51:2a:c6:d3:42:72:5a:86:1a:13:20:ed:f2:74:43:f7:9a:56:
37:e3:e2:d3:50:9c:25:39:92:ac:c0:15:96:e6:f4:6d:db:1b:
3c:94:d3:bf:a3:dd:7b:f6:88:e9:13:45:46:fc:2b:a9:96:79:
49:ab:57:f2:96:5b:fc:4a:03:07:b4:0b:6e:b2:af:a5:b2:88:
43:00:82:ea:a6:fb:e8:f0:db:40:da:8f:bd:97:fb:9a:62:9b:
4f:a0:95:56:f1:24:78:ce:29:57:74:96:46:9b:4f:59:7b:d4:
44:dc:f1:2e:50:54:81:fc:b2:99:0b:ee:92:d2:b3:ea:12:97:
e0:0a:06:3f:bd:1c:f5:fc:e7:50:7a:07:c0:cb:21:c5:7d:e8:
25:52:18:03:07:02:4b:a8:38:c8:5e:29:a2:fb:a2:9c:39:f9:
4a:28:17:44
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NTVDRTExMC8GA1UEBRMoODI4QTQ3RDNBQzZFNkIwMzYwMTFDMjMzMjMxNzBBOTcz
MUJBRDIyNDAeFw0yNTA0MTgxMTU1MTBaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MDIzZDllLWIxZGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9tumhxIur55Bm3DXVWncQjGxmafT80q9xk6Iuzv3wf1fR7ADe2dr3/0aktLYy
n0OEaOQZfD7WCbYGM73p5nN7wIUyBx1uS303/lYg2z75YNebCokbMxelUZZlNwZu
Yf7gB+82KwAJssJcjWiMjAsc48LS1p3UqG8onErwaVWf1mBlXXD92E1xfP1SjDrw
eRSgVZc9l4My8rAY8luDcc4ifHMWvmaIS3HCom+RqvbpnCVMD5n5aatBEPCGvzn7
Piz8kMm4n4++OH2vhSlcZDHIsFk/vz3o7UVfnBa90p6jWWtKWaoeSPbdDNUKnwuX
X6ciJWM9yn7eqIjVXxxyZ5uxAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUNJTfVqPT
BeZEFbtCBdPP1X4i7H8wHwYDVR0jBBgwFoAUgopH06xuawNgEcIzIxcKlzG60iQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM1NUNFLzQ1MUE4MjNBOEI3
QjExRUY4MjkwMzI3RkM0RjlBRTAyL2dvcEgwNnh1YXdOZ0VjSXpJeGNLbHpHNjBp
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ29wSDA2eHVhd05nRWNJekl4Y0tsekc2MGlRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NTVDRS80NTFBODIzQThCN0IxMUVGODI5MDMyN0ZDNEY5QUUwMi82NTEzNTA1OEIy
RUYxMUVGQTcxNEM1NjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA1BggrBgEFBQcBBwEB/wQm
MCQwIgQCAAEwHDAMAwQCLXnUAwQALXnWMAwDBAJnPjQDBABnPjYwDQYJKoZIhvcN
AQELBQADggEBAFXlCe3h2XtdN3sYsXCXL9mOso0ooebMz7ktbho+710Vy52CZDu3
jEXcwzc1Iv4kY/cV9cjQ38E0FcFsVu9eimzy94Z0qa9Av1krDsNV9gKnDvbTMfM2
ps0ThFEqxtNCclqGGhMg7fJ0Q/eaVjfj4tNQnCU5kqzAFZbm9G3bGzyU07+j3Xv2
iOkTRUb8K6mWeUmrV/KWW/xKAwe0C26yr6WyiEMAguqm++jw20Daj72X+5pim0+g
lVbxJHjOKVd0lkabT1l71ETc8S5QVIH8spkL7pLSs+oSl+AKBj+9HPX851B6B8DL
IcV96CVSGAMHAkuoOMheKaL7opw5+UooF0Q=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:46:44 2025 by rpki-client