Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F264C/241AC7BE0E1811F0B69B8B38C4F9AE02/DFFEA4B47DA811F099EED066C4F9AE02.roa
File: DFFEA4B47DA811F099EED066C4F9AE02.roa (raw, json)
Hash identifier: +Swxw+RWaMzKezJT4sLmr+6sX9zbG1r9DoCRoOjCRH0=
Subject key identifier: CD:FE:EB:72:C9:56:D6:5D:E8:C8:4D:41:66:1C:6A:15:B7:BC:EF:52
Certificate issuer: /CN=A91F264C/serialNumber=EFA423BAF5BFD189316E65031E8CEAF5A3FFA14B
Certificate serial: 50
Authority key identifier: EF:A4:23:BA:F5:BF:D1:89:31:6E:65:03:1E:8C:EA:F5:A3:FF:A1:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/76QjuvW_0YkxbmUDHozq9aP_oUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F264C/241AC7BE0E1811F0B69B8B38C4F9AE02/DFFEA4B47DA811F099EED066C4F9AE02.roa
Signing time: Wed 20 Aug 2025 09:34:31 +0000
ROA not before: Wed 20 Aug 2025 09:34:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141988
IP address blocks: 163.223.220.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Nov 2025 17:36:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80 (0x50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F264C, serialNumber=EFA423BAF5BFD189316E65031E8CEAF5A3FFA14B
Validity
Not Before: Aug 20 09:34:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68a596a7-4b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8b:59:f0:db:08:e3:fa:84:44:26:6e:be:d2:
f5:57:9a:4e:96:db:43:43:3c:88:8a:ef:b4:21:c3:
c9:4b:8d:7f:89:c0:b6:da:55:97:c5:f4:83:71:31:
48:73:72:80:fe:5c:44:c4:5b:9a:fc:53:1e:bc:a5:
e3:3d:9d:9f:39:1c:8c:42:4b:5e:d5:3f:ff:4c:82:
d2:96:e5:f0:33:74:0f:4b:d2:61:f9:2b:e3:3d:f4:
1c:1b:0a:9e:2c:79:27:8b:52:39:43:f4:d0:4e:4f:
9a:bb:27:7f:70:59:0d:f0:89:32:2c:2c:f2:45:fe:
5d:9c:75:dc:f6:ce:b7:41:aa:04:05:9b:42:11:b4:
a2:77:e7:e5:35:26:82:a9:6e:a8:8f:fc:a7:c7:ec:
21:b3:fa:d8:2c:24:24:cd:62:7f:6e:a1:0d:ef:6e:
e1:6c:05:ec:37:ba:65:f8:1b:cf:da:c7:01:44:dd:
0d:5a:fc:a8:1a:be:8c:63:2e:2d:7a:46:2a:3b:37:
32:53:42:d1:71:ef:b1:fc:fe:40:d4:90:7b:c0:2d:
35:cb:1a:e6:d3:9d:fb:dd:bf:8b:37:25:46:d7:da:
12:63:1e:18:51:fe:81:f0:d7:d9:1e:8f:88:29:4a:
d0:e3:6b:e6:22:69:30:f7:d2:3b:7d:8e:ce:78:12:
3f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FE:EB:72:C9:56:D6:5D:E8:C8:4D:41:66:1C:6A:15:B7:BC:EF:52
X509v3 Authority Key Identifier:
keyid:EF:A4:23:BA:F5:BF:D1:89:31:6E:65:03:1E:8C:EA:F5:A3:FF:A1:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F264C/241AC7BE0E1811F0B69B8B38C4F9AE02/76QjuvW_0YkxbmUDHozq9aP_oUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/76QjuvW_0YkxbmUDHozq9aP_oUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F264C/241AC7BE0E1811F0B69B8B38C4F9AE02/DFFEA4B47DA811F099EED066C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.220.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:2e:d1:34:4a:73:6b:69:d2:09:ea:e2:8b:f5:26:a2:09:de:
c3:74:18:6f:a2:a4:72:ad:02:40:bf:b1:54:c1:2a:96:fa:cb:
49:18:c6:aa:85:05:6b:61:91:22:98:30:27:26:30:82:b8:a4:
d5:6f:ab:2b:d6:31:2e:b1:61:a9:0a:6a:f8:6e:43:c7:46:9f:
be:37:3b:cf:ce:a7:e3:f7:81:bc:fc:bf:8d:55:10:69:0d:d9:
7c:37:16:0c:17:9d:66:b4:7a:40:7f:9b:49:e0:7d:7a:5c:90:
e7:d6:0f:89:33:2c:ed:74:c5:96:4c:8a:9c:9a:3d:4e:15:d6:
6a:40:b9:dc:60:61:25:be:1f:2a:f0:96:3c:20:a2:1c:16:38:
93:6f:7e:1b:ee:7c:f0:ab:78:e9:db:a2:b1:ae:8f:f5:ed:dc:
13:d4:0c:b9:60:69:6c:ca:7f:cc:7d:6d:fc:52:25:c3:44:bf:
7f:7f:88:62:9e:86:c1:82:2b:57:d9:dc:86:1a:4a:2e:e8:53:
e5:68:3e:ee:4f:e3:09:04:02:47:1d:c2:79:af:66:92:03:56:
e9:25:8b:28:9c:cd:dc:bb:bd:9d:12:f7:ff:59:12:93:54:83:
4c:f0:36:ed:e7:80:ad:92:32:37:f1:f4:a5:28:11:14:fa:2a:
af:dc:d6:70
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBUDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MjY0QzExMC8GA1UEBRMoRUZBNDIzQkFGNUJGRDE4OTMxNkU2NTAzMUU4Q0VBRjVB
M0ZGQTE0QjAeFw0yNTA4MjAwOTM0MzFaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4YTU5NmE3LTRiODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3i1nw2wjj+oREJm6+0vVXmk6W20NDPIiK77Qhw8lLjX+JwLbaVZfF9INxMUhz
coD+XETEW5r8Ux68peM9nZ85HIxCS17VP/9MgtKW5fAzdA9L0mH5K+M99BwbCp4s
eSeLUjlD9NBOT5q7J39wWQ3wiTIsLPJF/l2cddz2zrdBqgQFm0IRtKJ35+U1JoKp
bqiP/KfH7CGz+tgsJCTNYn9uoQ3vbuFsBew3umX4G8/axwFE3Q1a/KgavoxjLi16
Rio7NzJTQtFx77H8/kDUkHvALTXLGubTnfvdv4s3JUbX2hJjHhhR/oHw19kej4gp
StDja+YiaTD30jt9js54Ej+tAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUzf7rcslW
1l3oyE1BZhxqFbe871IwHwYDVR0jBBgwFoAU76QjuvW/0YkxbmUDHozq9aP/oUsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYyNjRDLzI0MUFDN0JFMEUx
ODExRjBCNjlCOEIzOEM0RjlBRTAyLzc2UWp1dldfMFlreGJtVURIb3pxOWFQX29V
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNzZRanV2V18wWWt4Ym1VREhvenE5YVBfb1VzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MjY0Qy8yNDFBQzdCRTBFMTgxMUYwQjY5QjhCMzhDNEY5QUUwMi9ERkZFQTRCNDdE
QTgxMUYwOTlFRUQwNjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaPf3DANBgkqhkiG9w0BAQsFAAOCAQEAoC7RNEpza2nSCeri
i/Umognew3QYb6Kkcq0CQL+xVMEqlvrLSRjGqoUFa2GRIpgwJyYwgrik1W+rK9Yx
LrFhqQpq+G5Dx0afvjc7z86n4/eBvPy/jVUQaQ3ZfDcWDBedZrR6QH+bSeB9elyQ
59YPiTMs7XTFlkyKnJo9ThXWakC53GBhJb4fKvCWPCCiHBY4k29+G+588Kt46dui
sa6P9e3cE9QMuWBpbMp/zH1t/FIlw0S/f3+IYp6GwYIrV9nchhpKLuhT5Wg+7k/j
CQQCRx3Cea9mkgNW6SWLKJzN3Lu9nRL3/1kSk1SDTPA27eeArZIyN/H0pSgRFPoq
r9zWcA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:02:26 2025 by rpki-client