Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/11B89CEEF4E211EF9C6B0B6CC4F9AE02.roa
File: 11B89CEEF4E211EF9C6B0B6CC4F9AE02.roa (raw, json)
Hash identifier: akmyKTm13gikpIo4LpD6TsRdsWQgrdycYdJakHBp4wY=
Subject key identifier: 61:C3:A0:FC:85:A5:83:89:0B:96:EC:DA:F1:31:83:55:7F:D8:C1:5F
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0F78
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/11B89CEEF4E211EF9C6B0B6CC4F9AE02.roa
Signing time: Mon 03 Mar 2025 11:37:22 +0000
ROA not before: Mon 03 Mar 2025 11:37:22 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.8.0/24 maxlen: 24
139.190.9.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.13.0/24 maxlen: 24
139.190.14.0/24 maxlen: 24
139.190.15.0/24 maxlen: 24
139.190.17.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.21.0/24 maxlen: 24
139.190.22.0/24 maxlen: 24
139.190.23.0/24 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
139.190.32.0/24 maxlen: 24
139.190.33.0/24 maxlen: 24
139.190.34.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.49.0/24 maxlen: 24
139.190.69.0/24 maxlen: 24
139.190.70.0/24 maxlen: 24
139.190.71.0/24 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.124.0/22 maxlen: 22
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Mar 2025 06:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3960 (0xf78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Mar 3 11:37:22 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67c59472-0fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ba:a9:35:88:7b:86:22:15:4a:12:e5:47:ec:
76:91:5d:9f:d8:08:9c:d4:57:41:4f:de:9f:0f:2c:
1a:2c:d3:60:75:c2:50:d8:94:9b:4c:bb:d5:1e:1d:
fe:ed:d4:d2:e6:5b:ae:00:72:76:a4:0d:11:5b:2c:
e1:98:cd:f4:da:a8:a5:3c:ed:9c:34:9f:3b:8a:64:
3e:7d:53:a5:60:81:cc:11:69:5b:d7:95:3c:bf:6a:
ca:dd:28:69:a7:c3:43:ec:49:f1:b7:f8:e6:63:02:
54:3b:38:07:38:e3:4d:8e:25:3b:b1:2f:ad:79:b7:
93:25:99:40:df:2f:ad:ce:b4:24:8b:82:42:92:cc:
d1:0c:58:7f:45:a5:38:ab:0a:21:b7:45:d7:e4:91:
3b:82:39:64:8a:b2:33:ac:57:07:db:58:f4:42:57:
61:e8:16:64:ec:71:83:fa:e4:51:ff:df:57:27:36:
88:c4:95:5b:a5:16:b8:6e:92:39:4f:07:fa:f2:46:
55:e4:35:66:e1:56:98:b2:0b:c0:d2:37:ea:27:61:
2b:93:75:5f:09:b9:ac:5e:6c:78:89:9e:c2:23:3f:
b5:92:6f:c3:09:1f:df:21:e2:cc:cd:6c:e1:93:a4:
7c:87:15:0c:aa:0d:b5:c6:74:5a:09:12:65:1d:3a:
e4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C3:A0:FC:85:A5:83:89:0B:96:EC:DA:F1:31:83:55:7F:D8:C1:5F
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/11B89CEEF4E211EF9C6B0B6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.8.0/23
139.190.11.0/24
139.190.13.0-139.190.15.255
139.190.17.0/24
139.190.19.0-139.190.27.255
139.190.29.0-139.190.34.255
139.190.36.0/22
139.190.49.0/24
139.190.69.0-139.190.71.255
139.190.88.0/21
139.190.124.0/22
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:f4:4d:49:8d:58:de:5d:e6:38:a7:b6:48:66:83:35:21:fb:
fb:23:bf:15:6c:2b:d1:8f:9f:d5:04:20:d7:9a:ec:1a:9c:12:
e2:50:1e:60:76:55:fa:9a:b0:67:ad:8e:51:05:aa:40:f3:2b:
78:51:1f:7c:17:ee:a5:4b:91:89:78:f0:97:12:e9:71:88:d4:
c1:7c:9d:74:3a:0c:06:da:1a:ed:3e:8f:c6:2a:ed:19:b9:ea:
07:e2:e4:65:71:7c:36:95:f2:0e:bc:f1:a1:af:9d:de:5c:29:
d2:dc:0f:5a:e2:fd:72:bb:14:4a:5f:e3:6d:65:b6:bf:f3:ee:
1e:84:4e:de:28:6c:4e:37:b0:0e:bf:24:cc:83:da:04:d2:d7:
50:89:e7:2a:aa:2d:a6:27:18:32:e7:d2:9c:b6:1e:de:1e:a8:
3c:9e:17:5a:53:bf:48:18:f0:b1:b5:3e:84:ea:2d:e0:a4:7b:
49:96:70:e8:34:3d:c5:21:63:55:a0:ec:ad:07:bd:69:70:66:
a1:2b:25:8a:a0:2d:e9:97:90:9f:43:af:67:a1:96:60:be:12:
4d:6a:f3:99:b3:64:eb:01:1f:cb:46:d4:0c:01:68:a7:af:02:
ec:96:0b:63:9b:b1:5e:53:a3:a5:61:ba:d7:73:cd:7d:da:4e:
89:98:de:73
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgICD3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMzAzMTEzNzIyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M1OTQ3Mi0wZmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvbqpNYh7hiIVShLlR+x2kV2f2Aic1FdBT96fDywaLNNgdcJQ2JSbTLvVHh3+
7dTS5luuAHJ2pA0RWyzhmM302qilPO2cNJ87imQ+fVOlYIHMEWlb15U8v2rK3Shp
p8ND7Enxt/jmYwJUOzgHOONNjiU7sS+tebeTJZlA3y+tzrQki4JCkszRDFh/RaU4
qwoht0XX5JE7gjlkirIzrFcH21j0Qldh6BZk7HGD+uRR/99XJzaIxJVbpRa4bpI5
Twf68kZV5DVm4VaYsgvA0jfqJ2Erk3VfCbmsXmx4iZ7CIz+1km/DCR/fIeLMzWzh
k6R8hxUMqg21xnRaCRJlHTrkYwIDAQABo4IC/jCCAvowHQYDVR0OBBYEFGHDoPyF
pYOJC5bs2vExg1V/2MFfMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMTFCODlDRUVG
NEUyMTFFRjlDNkIwQjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYcGCCsGAQUFBwEHAQH/
BHgwdjB0BAIAATBuAwQBi74IAwQAi74LMAwDBACLvg0DBASLvgADBACLvhEwDAME
AIu+EwMEAou+GDAMAwQAi74dAwQAi74iAwQCi74kAwQAi74xMAwDBACLvkUDBAOL
vkADBAOLvlgDBAKLvnwDBACLvusDBAGLvu4wDQYJKoZIhvcNAQELBQADggEBAMn0
TUmNWN5d5jintkhmgzUh+/sjvxVsK9GPn9UEINea7BqcEuJQHmB2VfqasGetjlEF
qkDzK3hRH3wX7qVLkYl48JcS6XGI1MF8nXQ6DAbaGu0+j8Yq7Rm56gfi5GVxfDaV
8g688aGvnd5cKdLcD1ri/XK7FEpf421ltr/z7h6ETt4obE43sA6/JMyD2gTS11CJ
5yqqLaYnGDLn0py2Ht4eqDyeF1pTv0gY8LG1PoTqLeCke0mWcOg0PcUhY1Wg7K0H
vWlwZqErJYqgLemXkJ9Dr2ehlmC+Ek1q85mzZOsBH8tG1AwBaKevAuyWC2ObsV5T
o6VhutdzzX3aTomY3nM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:10:43 2025 by rpki-client