Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1FD91490E85B11EFAC5EF810C4F9AE02.roa
File: 1FD91490E85B11EFAC5EF810C4F9AE02.roa (raw, json)
Hash identifier: RZbvM2LXon/qjTZxFhUT6bFTzwx7FP7D19zxMEG5IsA=
Subject key identifier: D5:20:34:1C:CE:B5:A6:81:F7:C7:2A:9E:31:2B:1E:61:7E:90:14:40
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0EA2
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1FD91490E85B11EFAC5EF810C4F9AE02.roa
Signing time: Mon 17 Feb 2025 06:11:46 +0000
ROA not before: Mon 17 Feb 2025 06:11:46 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.8.0/24 maxlen: 24
139.190.9.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.13.0/24 maxlen: 24
139.190.15.0/24 maxlen: 24
139.190.17.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.21.0/24 maxlen: 24
139.190.22.0/24 maxlen: 24
139.190.23.0/24 maxlen: 24
139.190.24.0/24 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
139.190.32.0/22 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.48.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.68.0/22 maxlen: 24
139.190.88.0/21 maxlen: 24
139.190.124.0/22 maxlen: 24
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Feb 2025 07:28:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3746 (0xea2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Feb 17 06:11:46 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67b2d321-359a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d5:c0:a3:1d:96:53:4b:2c:d1:15:c9:f6:d0:
80:3c:8c:56:cf:5d:7c:7c:99:f9:bb:26:93:ae:b8:
c3:45:9a:11:65:ef:f5:4c:61:52:46:25:80:7d:b7:
1b:b5:cd:a2:a0:9e:c3:ed:a3:f3:9c:7e:58:2e:d5:
2b:65:f4:b4:2f:df:fe:88:5c:3d:41:ee:b6:28:de:
87:ae:cd:ea:e2:45:ba:8a:ad:14:5c:6d:32:42:ae:
bb:92:ce:5c:18:b1:af:87:91:a1:26:8e:bc:ec:93:
8c:18:d6:e6:4e:56:1a:90:67:0f:56:d1:ff:28:65:
fe:b2:82:5e:a6:b4:31:88:22:71:80:10:47:78:de:
35:3a:f7:83:fe:f8:64:52:6e:64:59:05:5c:ce:d1:
c8:3e:4f:9c:f9:21:be:a8:02:37:b4:43:0d:dd:86:
35:ea:4a:83:36:8e:8d:26:a0:77:c9:43:ea:5d:2e:
05:78:2a:21:e9:25:11:e8:f4:3f:3f:56:67:a8:28:
0e:d9:37:b5:13:ff:f6:9a:80:44:1f:72:d9:14:ba:
5d:d0:e0:31:1b:5c:2a:d1:84:6e:75:3c:7c:ce:d6:
b1:00:17:7f:5a:89:c1:e7:63:d5:fa:76:5c:5b:20:
25:31:be:dc:e5:d5:54:0a:bb:94:39:bc:c2:40:41:
3e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:20:34:1C:CE:B5:A6:81:F7:C7:2A:9E:31:2B:1E:61:7E:90:14:40
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1FD91490E85B11EFAC5EF810C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.8.0/23
139.190.11.0/24
139.190.13.0/24
139.190.15.0/24
139.190.17.0/24
139.190.19.0-139.190.24.255
139.190.29.0-139.190.39.255
139.190.48.0/21
139.190.68.0/22
139.190.88.0/21
139.190.124.0/22
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:92:44:63:a1:1b:02:1e:33:b3:44:49:87:a3:ed:6b:92:dd:
d1:2c:19:99:5d:04:07:36:73:b6:9c:bd:1c:e6:fa:bf:63:df:
74:7d:1f:c9:04:8b:59:43:b0:40:6e:50:73:71:14:2c:81:55:
36:39:25:a9:e8:a1:1c:a9:33:99:a8:b0:5f:82:8a:67:6c:9f:
40:cd:41:0e:0e:4b:77:24:ae:1f:d6:c4:58:78:fc:a6:f7:91:
f1:b0:4c:b6:6a:54:b0:72:d9:4b:eb:e7:36:d6:64:44:d6:3b:
f3:28:b2:9d:e5:92:3f:7f:4c:15:83:e0:16:ac:1a:27:36:a8:
87:9e:bc:c4:65:99:e5:a5:25:7d:41:7f:08:40:49:fc:29:d4:
e8:8a:a2:f8:d9:69:e4:8a:30:04:34:6c:91:94:7a:e9:d2:54:
67:ff:67:ac:84:09:f1:da:dc:c9:2d:87:7f:f8:8c:ff:2d:75:
92:b3:a8:c0:9d:14:9c:82:6e:a7:eb:5e:5c:67:ae:01:a4:6f:
f7:cf:fa:a4:b8:2c:5e:65:73:dc:df:e6:88:1f:14:1a:b6:fb:
eb:54:6b:2c:50:9c:d0:65:7b:fb:03:67:85:6a:2d:ce:ce:1f:
4b:e2:de:5b:2c:a8:b0:0e:f9:35:d8:7a:a5:de:ff:56:45:d1:
bd:eb:1e:64
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgICDqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMjE3MDYxMTQ2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2IyZDMyMS0zNTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAstXAox2WU0ss0RXJ9tCAPIxWz118fJn5uyaTrrjDRZoRZe/1TGFSRiWAfbcb
tc2ioJ7D7aPznH5YLtUrZfS0L9/+iFw9Qe62KN6Hrs3q4kW6iq0UXG0yQq67ks5c
GLGvh5GhJo687JOMGNbmTlYakGcPVtH/KGX+soJeprQxiCJxgBBHeN41OveD/vhk
Um5kWQVcztHIPk+c+SG+qAI3tEMN3YY16kqDNo6NJqB3yUPqXS4FeCoh6SUR6PQ/
P1ZnqCgO2Te1E//2moBEH3LZFLpd0OAxG1wq0YRudTx8ztaxABd/WonB52PV+nZc
WyAlMb7c5dVUCruUObzCQEE+VwIDAQABo4IC7TCCAukwHQYDVR0OBBYEFNUgNBzO
taaB98cqnjErHmF+kBRAMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMUZEOTE0OTBF
ODVCMTFFRkFDNUVGODEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdwYIKwYBBQUHAQcBAf8E
aDBmMGQEAgABMF4DBAGLvggDBACLvgsDBACLvg0DBACLvg8DBACLvhEwDAMEAIu+
EwMEAIu+GDAMAwQAi74dAwQDi74gAwQDi74wAwQCi75EAwQDi75YAwQCi758AwQA
i77rAwQBi77uMA0GCSqGSIb3DQEBCwUAA4IBAQAtkkRjoRsCHjOzREmHo+1rkt3R
LBmZXQQHNnO2nL0c5vq/Y990fR/JBItZQ7BAblBzcRQsgVU2OSWp6KEcqTOZqLBf
gopnbJ9AzUEODkt3JK4f1sRYePym95HxsEy2alSwctlL6+c21mRE1jvzKLKd5ZI/
f0wVg+AWrBonNqiHnrzEZZnlpSV9QX8IQEn8KdToiqL42WnkijAENGyRlHrp0lRn
/2eshAnx2tzJLYd/+Iz/LXWSs6jAnRScgm6n615cZ64BpG/3z/qkuCxeZXPc3+aI
HxQatvvrVGssUJzQZXv7A2eFai3Ozh9L4t5bLKiwDvk12Hql3v9WRdG96x5k
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:33:50 2025 by rpki-client