Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/053A42B0EDCB11EFB8020851C4F9AE02.roa
File: 053A42B0EDCB11EFB8020851C4F9AE02.roa (raw, json)
Hash identifier: hINAYfrEbIiO7cvc1KuLt7UpFL5MPfeSvIWJoPQidJg=
Subject key identifier: 2B:BD:28:3F:AB:FF:4C:13:F4:BA:7C:16:21:28:FB:7F:F8:D6:94:2D
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0EE1
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/053A42B0EDCB11EFB8020851C4F9AE02.roa
Signing time: Tue 18 Feb 2025 07:48:40 +0000
ROA not before: Tue 18 Feb 2025 07:48:40 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 139.190.8.0/24 maxlen: 24
139.190.13.0/24 maxlen: 24
139.190.15.0/24 maxlen: 24
139.190.17.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 07:16:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3809 (0xee1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Feb 18 07:48:40 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67b43b57-6283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:54:a1:26:f2:b6:25:85:f6:a8:4d:e1:4d:ea:
73:2f:fc:c0:23:7c:5a:2a:4f:83:db:bf:5f:eb:02:
11:66:ca:69:07:49:a9:07:7d:eb:2b:fb:98:57:66:
6c:e3:5a:8f:29:e4:80:f7:d0:76:8f:fd:b8:d5:e0:
ee:b2:ad:7d:ca:82:49:78:91:31:63:bd:a2:6b:a7:
3f:1c:64:f4:3d:d9:29:39:e8:4d:e5:ab:3a:15:36:
82:2b:e3:48:af:ad:91:d4:98:cd:95:af:5d:be:15:
ac:ac:bd:7b:3d:3c:d4:02:5f:23:59:b7:3d:88:e0:
e3:dd:5a:88:de:f1:f0:f8:ee:1f:d5:f0:9a:3b:1b:
84:f8:4a:1a:1d:96:1f:df:16:7c:33:ef:6d:5b:e3:
04:21:77:bc:8c:a2:52:b6:4b:62:ef:87:c3:fe:29:
d1:61:05:e5:18:fd:30:f8:fe:1a:c4:7a:b1:33:7f:
ee:14:c7:78:5e:86:23:61:b7:22:7a:9f:3c:61:1d:
3d:31:9e:20:f2:d3:7f:41:27:82:58:4d:ab:5d:f1:
b2:59:74:57:e6:5e:4e:d4:57:52:88:b3:94:e7:f8:
9c:ae:11:9c:9a:93:19:04:7a:1c:e8:69:2c:5d:58:
4f:9d:89:59:cd:2b:15:f7:04:70:ad:5e:35:1b:35:
9e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BD:28:3F:AB:FF:4C:13:F4:BA:7C:16:21:28:FB:7F:F8:D6:94:2D
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/053A42B0EDCB11EFB8020851C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.8.0/24
139.190.13.0/24
139.190.15.0/24
139.190.17.0/24
139.190.20.0/24
139.190.24.0/22
139.190.30.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:d4:df:5e:b9:f8:09:47:4b:7d:50:6b:8a:3e:de:ae:cc:f6:
2d:4c:f9:22:41:b0:03:e9:f2:61:c5:15:b7:a1:e9:05:f9:5e:
2f:94:b3:a4:c0:11:f7:38:42:aa:c3:91:c4:c7:32:44:bd:f5:
8f:f1:69:97:00:61:a9:6b:a0:1d:50:43:7e:f6:fb:9c:0d:61:
a4:f5:f7:21:df:c6:38:73:18:76:47:dc:1d:98:38:3b:48:ac:
50:76:ee:a0:61:42:86:3d:fe:97:5a:d6:23:8a:b8:d9:bc:24:
5a:95:bb:0a:6f:ee:75:74:a6:91:e6:02:47:da:79:7d:f5:d6:
32:98:64:65:56:7f:a0:ae:17:56:63:f3:72:15:a2:28:0f:9a:
38:f9:a5:d3:b0:e6:4f:01:e4:11:5d:77:21:d7:bb:8c:92:e5:
1f:b3:13:0a:3f:12:df:85:32:93:1e:91:78:ba:dd:88:2e:b7:
d7:c5:5f:b4:b0:b5:5e:ff:fd:50:40:9b:f2:41:39:8a:9c:97:
a0:3f:b3:e7:69:9d:6d:d0:df:47:29:82:ad:d4:5b:4a:48:1f:
89:85:ec:4b:91:01:bc:ac:c0:04:e7:8d:19:f9:2a:a7:22:11:
53:36:75:1b:18:77:da:09:c5:78:3d:40:50:7e:bb:30:fc:f0:
80:dd:88:fc
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICDuEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMjE4MDc0ODQwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0M2I1Ny02MjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1FShJvK2JYX2qE3hTepzL/zAI3xaKk+D279f6wIRZsppB0mpB33rK/uYV2Zs
41qPKeSA99B2j/241eDusq19yoJJeJExY72ia6c/HGT0PdkpOehN5as6FTaCK+NI
r62R1JjNla9dvhWsrL17PTzUAl8jWbc9iODj3VqI3vHw+O4f1fCaOxuE+EoaHZYf
3xZ8M+9tW+MEIXe8jKJStkti74fD/inRYQXlGP0w+P4axHqxM3/uFMd4XoYjYbci
ep88YR09MZ4g8tN/QSeCWE2rXfGyWXRX5l5O1FdSiLOU5/icrhGcmpMZBHoc6Gks
XVhPnYlZzSsV9wRwrV41GzWeNwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFCu9KD+r
/0wT9Lp8FiEo+3/41pQtMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMDUzQTQyQjBF
RENCMTFFRkI4MDIwODUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBACLvggDBACLvg0DBACLvg8DBACLvhEDBACLvhQDBAKLvhgD
BAGLvh4wDQYJKoZIhvcNAQELBQADggEBAKfU3165+AlHS31Qa4o+3q7M9i1M+SJB
sAPp8mHFFbeh6QX5Xi+Us6TAEfc4QqrDkcTHMkS99Y/xaZcAYalroB1QQ372+5wN
YaT19yHfxjhzGHZH3B2YODtIrFB27qBhQoY9/pda1iOKuNm8JFqVuwpv7nV0ppHm
AkfaeX311jKYZGVWf6CuF1Zj83IVoigPmjj5pdOw5k8B5BFddyHXu4yS5R+zEwo/
Et+FMpMekXi63Ygut9fFX7SwtV7//VBAm/JBOYqcl6A/s+dpnW3Q30cpgq3UW0pI
H4mF7EuRAbyswATnjRn5KqciEVM2dRsYd9oJxXg9QFB+uzD88IDdiPw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:29:47 2025 by rpki-client