Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/06B5C9F2BE4C11EEA9314929C4F9AE02.roa
File: 06B5C9F2BE4C11EEA9314929C4F9AE02.roa (raw, json)
Hash identifier: C6Ii/dcI3+xSWhfGut4J2i8Et7SCKkZCcXVR4DMh4jA=
Subject key identifier: 20:72:7B:EB:B3:D7:5F:A6:A5:54:47:B9:C1:03:48:23:A0:CF:05:39
Certificate issuer: /CN=A9145456/serialNumber=3FB0A56E20F194C7749879D4D225B3F97E9EBECF
Certificate serial: 074D
Authority key identifier: 3F:B0:A5:6E:20:F1:94:C7:74:98:79:D4:D2:25:B3:F9:7E:9E:BE:CF
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/06B5C9F2BE4C11EEA9314929C4F9AE02.roa
Signing time: Fri 24 Jan 2025 21:40:52 +0000
ROA not before: Fri 24 Jan 2025 21:40:52 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 138915
IP address blocks: 139.135.124.0/24 maxlen: 24
139.135.125.0/24 maxlen: 24
139.135.126.0/23 maxlen: 23
139.135.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 10:07:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1869 (0x74d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145456
Validity
Not Before: Jan 24 21:40:52 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=679408e3-936f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:29:ca:1b:f6:e1:7d:88:8e:37:06:92:17:ac:
21:14:95:3e:89:f3:76:a2:b7:1b:f1:05:d2:f7:54:
64:1d:27:63:33:c3:58:f8:5f:b6:20:f0:57:f0:ac:
03:30:be:9e:d0:b7:40:d1:09:e4:26:a4:31:6d:54:
fb:17:9a:38:16:e5:8e:a1:bf:65:56:7e:9a:cd:31:
9f:da:d6:ae:56:6b:9c:26:63:77:b7:c2:48:21:f5:
7f:6b:d6:ef:9f:0a:d3:bf:ae:09:e8:57:f8:74:ca:
53:55:33:ba:a6:01:24:00:97:79:bb:97:27:ee:a6:
a0:73:5a:50:34:40:c5:c6:67:07:af:3e:c9:7f:e9:
92:c6:04:b6:12:80:23:9b:5d:65:cf:0c:c9:28:9c:
0d:39:8e:da:31:df:ea:b1:63:17:d3:3d:2d:cb:05:
89:59:6c:68:cd:50:6b:4c:ba:3a:a1:6b:f1:00:56:
44:4a:86:ec:af:bf:ac:e7:00:a8:5c:f9:f3:1a:96:
ff:a9:c4:82:a0:b5:14:d4:7c:46:e8:17:c7:07:97:
da:f6:22:a8:b0:50:d5:d0:64:37:cc:c0:c3:d8:4d:
03:5c:4c:75:42:ef:75:7b:99:7e:de:0b:42:79:8b:
ee:61:26:2b:0e:58:50:5a:81:fe:2d:81:87:e4:ad:
76:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:72:7B:EB:B3:D7:5F:A6:A5:54:47:B9:C1:03:48:23:A0:CF:05:39
X509v3 Authority Key Identifier:
keyid:3F:B0:A5:6E:20:F1:94:C7:74:98:79:D4:D2:25:B3:F9:7E:9E:BE:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/P7ClbiDxlMd0mHnU0iWz-X6evs8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/06B5C9F2BE4C11EEA9314929C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.135.124.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:6f:5d:46:14:e2:a7:1d:e0:1b:79:30:24:31:c3:fb:ae:1e:
ea:1b:a0:c8:af:68:b7:be:05:f0:ed:22:e1:8c:6d:61:1f:b0:
72:d8:1c:9f:b7:0e:4b:05:40:de:67:cd:65:5b:62:6e:89:b8:
3e:31:af:f3:19:6f:4d:2c:79:a9:a8:1f:da:b6:4c:ed:f5:d1:
20:fa:67:6f:50:e5:bc:35:d1:73:74:3e:25:7a:15:0b:26:39:
6d:f8:14:19:5d:56:46:b0:ae:a8:7b:0b:59:e5:be:04:ac:f7:
04:3c:dd:f5:57:09:9f:5e:1a:8c:b8:c6:2c:20:66:53:6e:7e:
2a:d1:58:f6:1b:63:7d:38:63:9e:75:b8:88:2f:29:c9:71:ff:
b3:a5:53:b4:9f:34:8a:e9:13:4f:42:2b:ca:ea:b1:b4:4b:25:
55:56:cd:57:c6:09:4b:1b:45:76:cf:90:0a:3e:42:0d:98:b6:
1c:a1:86:73:15:6b:fe:64:53:90:56:a3:43:24:b6:cb:f8:72:
59:78:47:39:ad:fc:e9:c5:0d:12:47:60:a6:58:f9:7a:04:2b:
c0:a7:27:b6:19:6a:39:76:0e:97:54:8a:52:1e:5d:b4:47:bc:
33:9c:27:6d:11:d7:85:7d:dd:b5:60:87:ea:52:5d:e8:9c:f5:
2d:8b:30:ce
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU0NTYxMTAvBgNVBAUTKDNGQjBBNTZFMjBGMTk0Qzc3NDk4NzlENEQyMjVCM0Y5
N0U5RUJFQ0YwHhcNMjUwMTI0MjE0MDUyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0MDhlMy05MzZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvynKG/bhfYiONwaSF6whFJU+ifN2orcb8QXS91RkHSdjM8NY+F+2IPBX8KwD
ML6e0LdA0QnkJqQxbVT7F5o4FuWOob9lVn6azTGf2tauVmucJmN3t8JIIfV/a9bv
nwrTv64J6Ff4dMpTVTO6pgEkAJd5u5cn7qagc1pQNEDFxmcHrz7Jf+mSxgS2EoAj
m11lzwzJKJwNOY7aMd/qsWMX0z0tywWJWWxozVBrTLo6oWvxAFZESobsr7+s5wCo
XPnzGpb/qcSCoLUU1HxG6BfHB5fa9iKosFDV0GQ3zMDD2E0DXEx1Qu91e5l+3gtC
eYvuYSYrDlhQWoH+LYGH5K12PwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCBye+uz
11+mpVRHucEDSCOgzwU5MB8GA1UdIwQYMBaAFD+wpW4g8ZTHdJh51NIls/l+nr7P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ1Ni83NzE5QzcxMDMw
NjYxMUVCODUyNTEzNTVDNEY5QUUwMi9QN0NsYmlEeGxNZDBtSG5VMGlXei1YNmV2
czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1A3Q2xiaUR4bE1kMG1IblUwaVd6LVg2ZXZzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU0NTYvNzcxOUM3MTAzMDY2MTFFQjg1MjUxMzU1QzRGOUFFMDIvMDZCNUM5RjJC
RTRDMTFFRUE5MzE0OTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKLh3wwDQYJKoZIhvcNAQELBQADggEBADpvXUYU4qcd4Bt5
MCQxw/uuHuoboMivaLe+BfDtIuGMbWEfsHLYHJ+3DksFQN5nzWVbYm6JuD4xr/MZ
b00seamoH9q2TO310SD6Z29Q5bw10XN0PiV6FQsmOW34FBldVkawrqh7C1nlvgSs
9wQ83fVXCZ9eGoy4xiwgZlNufirRWPYbY304Y551uIgvKclx/7OlU7SfNIrpE09C
K8rqsbRLJVVWzVfGCUsbRXbPkAo+Qg2YthyhhnMVa/5kU5BWo0Mktsv4cll4Rzmt
/OnFDRJHYKZY+XoEK8CnJ7YZajl2DpdUilIeXbRHvDOcJ20R14V93bVgh+pSXeic
9S2LMM4=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:34:30 2025 by rpki-client