Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/868856F81D8D11F09EB7F821C4F9AE02.roa
File: 868856F81D8D11F09EB7F821C4F9AE02.roa (raw, json)
Hash identifier: xH8fVhyi5gA9AtXEqG/kr7MopLbsbCQf7/hvd467HHo=
Subject key identifier: E2:0F:86:EE:D0:C1:2C:A4:6E:92:97:8A:74:9A:B1:C2:AE:37:E5:F6
Certificate issuer: /CN=A91C55CE/serialNumber=828A47D3AC6E6B036011C23323170A9731BAD224
Certificate serial: 7F
Authority key identifier: 82:8A:47:D3:AC:6E:6B:03:60:11:C2:33:23:17:0A:97:31:BA:D2:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gopH06xuawNgEcIzIxcKlzG60iQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/868856F81D8D11F09EB7F821C4F9AE02.roa
Signing time: Sun 20 Apr 2025 02:17:23 +0000
ROA not before: Sun 20 Apr 2025 02:17:23 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 62610
IP address blocks: 45.121.212.0/24 maxlen: 24
45.121.213.0/24 maxlen: 24
45.121.214.0/24 maxlen: 24
103.62.52.0/24 maxlen: 24
103.62.53.0/24 maxlen: 24
103.62.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Apr 2025 05:56:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127 (0x7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C55CE, serialNumber=828A47D3AC6E6B036011C23323170A9731BAD224
Validity
Not Before: Apr 20 02:17:23 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68045933-817f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d3:19:4b:03:08:37:32:6e:b6:36:6f:58:f8:
ae:1b:69:7a:44:4c:e9:8b:2a:5f:06:f7:57:14:73:
66:9b:c0:29:21:f3:8c:28:ef:4c:fc:ae:3a:b0:a7:
38:b1:53:73:f2:74:d2:75:96:8e:f6:aa:f7:ac:d0:
86:c1:d4:11:24:82:0e:93:5a:fe:58:67:34:e4:da:
ef:4e:42:8a:0f:5e:97:1a:25:ed:fd:15:4e:28:d7:
e2:b0:e6:f3:09:d8:be:56:f6:ee:3d:8b:3f:07:fb:
f1:43:6b:7e:10:b4:26:3c:66:da:58:d7:2b:de:46:
3a:4a:22:83:2d:26:8d:59:f4:b6:06:a6:2a:10:11:
f9:6c:ba:36:29:3c:37:37:f1:4a:5e:d9:fa:09:d8:
5b:cb:a3:f4:7b:75:66:a6:d6:23:30:82:a8:b1:6a:
6e:f8:a6:04:0d:30:02:dd:59:db:04:0c:df:bc:3c:
09:d1:35:c7:db:8c:81:83:44:c8:d7:87:1c:13:a0:
55:4a:a3:8f:95:46:f4:72:ff:b7:a9:c5:81:e5:67:
36:f2:7e:8c:8d:f9:54:1d:f9:63:18:a4:54:2a:90:
0c:02:90:9b:ab:89:e8:3c:18:5c:26:53:2d:d1:eb:
fc:05:4d:9d:65:c2:96:00:a2:69:66:42:3e:a1:a0:
b4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:0F:86:EE:D0:C1:2C:A4:6E:92:97:8A:74:9A:B1:C2:AE:37:E5:F6
X509v3 Authority Key Identifier:
keyid:82:8A:47:D3:AC:6E:6B:03:60:11:C2:33:23:17:0A:97:31:BA:D2:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/gopH06xuawNgEcIzIxcKlzG60iQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gopH06xuawNgEcIzIxcKlzG60iQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/868856F81D8D11F09EB7F821C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.121.212.0-45.121.214.255
103.62.52.0-103.62.54.255
Signature Algorithm: sha256WithRSAEncryption
d5:00:ae:33:1d:39:f3:a4:fe:63:59:81:8c:d4:3e:04:7a:13:
7f:e4:7d:38:97:34:51:8e:0b:6a:91:f3:6d:e8:60:17:03:82:
f0:bb:6c:be:df:61:84:3b:df:f5:67:d1:63:a7:df:78:10:4c:
17:11:00:b7:0d:85:ac:86:e0:09:5a:00:97:e8:aa:be:fe:79:
c5:01:8f:88:df:54:f6:f6:7b:8f:5a:7d:15:53:ea:24:5d:b9:
94:94:ce:38:ec:2e:d7:08:30:b7:4c:27:c6:13:72:0f:63:07:
e5:7e:01:d5:7b:aa:70:1c:7e:0c:70:b7:78:3a:e0:f7:86:bc:
dc:e4:22:be:e0:13:74:b8:8f:6d:f6:20:bb:f1:a8:95:05:bd:
d0:0b:94:26:0c:74:49:72:bd:20:10:e4:f6:1e:db:f8:71:9c:
81:90:b0:e7:55:d9:b0:9c:e7:32:56:75:ed:67:10:c1:73:d7:
fe:4a:41:68:75:df:62:d2:37:39:ff:76:7e:1b:a8:11:6a:9a:
b4:40:37:49:ad:c2:0e:aa:51:5b:28:c4:d1:4c:59:1f:52:36:
0b:d9:c9:87:fd:82:63:49:d6:ac:58:df:41:b1:f8:ea:b0:95:
3f:2e:2a:7c:19:07:c0:b9:b9:2c:3c:f3:04:5c:ba:91:bb:de:
80:c3:0f:48
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIBfzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NTVDRTExMC8GA1UEBRMoODI4QTQ3RDNBQzZFNkIwMzYwMTFDMjMzMjMxNzBBOTcz
MUJBRDIyNDAeFw0yNTA0MjAwMjE3MjNaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MDQ1OTMzLTgxN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDC0xlLAwg3Mm62Nm9Y+K4baXpETOmLKl8G91cUc2abwCkh84wo70z8rjqwpzix
U3PydNJ1lo72qves0IbB1BEkgg6TWv5YZzTk2u9OQooPXpcaJe39FU4o1+Kw5vMJ
2L5W9u49iz8H+/FDa34QtCY8ZtpY1yveRjpKIoMtJo1Z9LYGpioQEflsujYpPDc3
8Upe2foJ2FvLo/R7dWam1iMwgqixam74pgQNMALdWdsEDN+8PAnRNcfbjIGDRMjX
hxwToFVKo4+VRvRy/7epxYHlZzbyfoyN+VQd+WMYpFQqkAwCkJurieg8GFwmUy3R
6/wFTZ1lwpYAomlmQj6hoLSPAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQU4g+G7tDB
LKRukpeKdJqxwq435fYwHwYDVR0jBBgwFoAUgopH06xuawNgEcIzIxcKlzG60iQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM1NUNFLzQ1MUE4MjNBOEI3
QjExRUY4MjkwMzI3RkM0RjlBRTAyL2dvcEgwNnh1YXdOZ0VjSXpJeGNLbHpHNjBp
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ29wSDA2eHVhd05nRWNJekl4Y0tsekc2MGlRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NTVDRS80NTFBODIzQThCN0IxMUVGODI5MDMyN0ZDNEY5QUUwMi84Njg4NTZGODFE
OEQxMUYwOUVCN0Y4MjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA1BggrBgEFBQcBBwEB/wQm
MCQwIgQCAAEwHDAMAwQCLXnUAwQALXnWMAwDBAJnPjQDBABnPjYwDQYJKoZIhvcN
AQELBQADggEBANUArjMdOfOk/mNZgYzUPgR6E3/kfTiXNFGOC2qR823oYBcDgvC7
bL7fYYQ73/Vn0WOn33gQTBcRALcNhayG4AlaAJfoqr7+ecUBj4jfVPb2e49afRVT
6iRduZSUzjjsLtcIMLdMJ8YTcg9jB+V+AdV7qnAcfgxwt3g64PeGvNzkIr7gE3S4
j232ILvxqJUFvdALlCYMdElyvSAQ5PYe2/hxnIGQsOdV2bCc5zJWde1nEMFz1/5K
QWh132LSNzn/dn4bqBFqmrRAN0mtwg6qUVsoxNFMWR9SNgvZyYf9gmNJ1qxY30Gx
+OqwlT8uKnwZB8C5uSw88wRcupG73oDDD0g=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:49:57 2025 by rpki-client