Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/2CDF4BD2F37311EF9E35B62FC4F9AE02.roa
File: 2CDF4BD2F37311EF9E35B62FC4F9AE02.roa (raw, json)
Hash identifier: O9XzbA3y/hF5dSk0nkbojZi1xSnwHIorM8YE+23iB5o=
Subject key identifier: C3:26:76:3F:F2:95:1D:7B:80:0C:B2:50:E1:34:CF:37:29:D0:CB:D6
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0F31
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/2CDF4BD2F37311EF9E35B62FC4F9AE02.roa
Signing time: Wed 26 Feb 2025 11:21:34 +0000
ROA not before: Wed 26 Feb 2025 11:21:34 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.9.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.14.0/24 maxlen: 24
139.190.32.0/24 maxlen: 24
139.190.33.0/24 maxlen: 24
139.190.34.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.49.0/24 maxlen: 24
139.190.69.0/24 maxlen: 24
139.190.70.0/24 maxlen: 24
139.190.71.0/24 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.124.0/22 maxlen: 22
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 08:08:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3889 (0xf31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Feb 26 11:21:34 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67bef93e-408a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6c:fa:12:df:23:be:e6:ec:fb:0b:91:51:25:
25:75:c3:93:04:23:11:6c:40:f6:69:68:be:5d:97:
72:0b:ac:a3:36:06:93:08:eb:77:ea:09:7b:33:ce:
94:49:fe:57:51:1d:b6:9f:aa:f9:3c:9b:fe:d7:d5:
7e:1e:9c:69:a1:33:f9:b3:3f:22:4b:e1:28:87:8b:
1e:26:55:e5:58:87:8e:b7:2c:85:47:fa:b1:69:f3:
81:3b:a9:dd:fc:99:2a:cd:f6:64:8c:7b:22:9f:91:
37:11:a9:1c:3a:82:18:b4:27:39:03:06:83:c4:2c:
d8:28:d2:e9:93:fe:d1:28:4b:90:70:27:3a:ba:d4:
65:c2:61:6b:77:b0:23:82:96:87:87:dc:34:e7:5c:
ad:4e:e8:d1:b8:5d:85:42:4e:70:cc:4e:a9:24:92:
9f:32:d5:e6:bb:a2:ed:77:db:2f:a3:a2:9c:cb:88:
da:7e:13:10:24:5a:bd:62:0a:4e:2f:0d:f0:77:68:
cf:8f:33:1e:52:d9:31:48:7a:da:bc:37:76:23:3b:
0e:5c:4c:f3:b1:e4:7a:77:83:68:f2:d6:58:43:47:
ed:6e:3a:4d:15:00:26:a5:f3:40:7f:4d:cc:b3:b3:
13:62:1b:c5:07:60:92:08:b1:89:19:d3:fa:8c:15:
2c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:26:76:3F:F2:95:1D:7B:80:0C:B2:50:E1:34:CF:37:29:D0:CB:D6
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/2CDF4BD2F37311EF9E35B62FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.9.0/24
139.190.11.0/24
139.190.14.0/24
139.190.32.0-139.190.34.255
139.190.36.0/22
139.190.49.0/24
139.190.69.0-139.190.71.255
139.190.88.0/21
139.190.124.0/22
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:99:50:38:06:cd:5e:e4:e4:cb:3e:7d:a3:f8:31:48:a8:f7:
b4:af:07:b8:24:c7:97:a3:89:aa:21:7a:eb:47:31:8e:f1:e9:
d5:8e:b2:72:55:db:55:70:f2:7d:2c:29:1d:09:5d:bc:7d:a3:
ab:ac:ed:c0:49:7f:d5:ec:13:b9:7b:16:7e:d1:4d:10:30:f9:
c9:9d:17:52:5c:56:1b:a4:a6:2e:1f:ab:7c:36:fd:11:fd:6f:
7d:91:6e:94:7b:43:43:de:ee:01:30:d9:6a:09:d1:64:04:4f:
d4:e2:5b:ff:9f:14:ca:c8:10:4f:5a:d1:a9:5d:6d:a2:47:06:
cd:46:80:63:06:c5:c0:28:4b:51:1b:51:ce:5a:d5:36:d7:21:
9f:3c:fd:b9:c3:11:76:27:a5:79:0a:65:cd:07:74:79:f2:1d:
42:a6:d4:74:e8:3e:e1:2f:a4:ee:f4:9d:87:53:33:be:ed:9c:
15:21:16:de:8f:3b:c3:ec:37:ff:7f:89:f2:ac:6f:38:4e:c6:
12:81:ee:1e:5d:ed:6d:d2:78:86:4a:b9:f3:57:63:f9:98:f9:
13:13:f1:bb:8d:5d:2d:f4:89:8e:4c:6e:5f:7a:92:78:76:c6:
61:eb:ce:58:a2:1f:a1:cb:9b:8d:34:ab:b0:4d:ae:21:a8:e5:
d3:4f:1d:c7
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgICDzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMjI2MTEyMTM0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JlZjkzZS00MDhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx2z6Et8jvubs+wuRUSUldcOTBCMRbED2aWi+XZdyC6yjNgaTCOt36gl7M86U
Sf5XUR22n6r5PJv+19V+HpxpoTP5sz8iS+Eoh4seJlXlWIeOtyyFR/qxafOBO6nd
/JkqzfZkjHsin5E3EakcOoIYtCc5AwaDxCzYKNLpk/7RKEuQcCc6utRlwmFrd7Aj
gpaHh9w051ytTujRuF2FQk5wzE6pJJKfMtXmu6Ltd9svo6Kcy4jafhMQJFq9YgpO
Lw3wd2jPjzMeUtkxSHravDd2IzsOXEzzseR6d4No8tZYQ0ftbjpNFQAmpfNAf03M
s7MTYhvFB2CSCLGJGdP6jBUskwIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFMMmdj/y
lR17gAyyUOE0zzcp0MvWMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMkNERjRCRDJG
MzczMTFFRjlFMzVCNjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZQYIKwYBBQUHAQcBAf8E
VjBUMFIEAgABMEwDBACLvgkDBACLvgsDBACLvg4wDAMEBYu+IAMEAIu+IgMEAou+
JAMEAIu+MTAMAwQAi75FAwQDi75AAwQDi75YAwQCi758AwQAi77vMA0GCSqGSIb3
DQEBCwUAA4IBAQC9mVA4Bs1e5OTLPn2j+DFIqPe0rwe4JMeXo4mqIXrrRzGO8enV
jrJyVdtVcPJ9LCkdCV28faOrrO3ASX/V7BO5exZ+0U0QMPnJnRdSXFYbpKYuH6t8
Nv0R/W99kW6Ue0ND3u4BMNlqCdFkBE/U4lv/nxTKyBBPWtGpXW2iRwbNRoBjBsXA
KEtRG1HOWtU21yGfPP25wxF2J6V5CmXNB3R58h1CptR06D7hL6Tu9J2HUzO+7ZwV
IRbejzvD7Df/f4nyrG84TsYSge4eXe1t0niGSrnzV2P5mPkTE/G7jV0t9ImOTG5f
epJ4dsZh685Yoh+hy5uNNKuwTa4hqOXTTx3H
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:42:12 2025 by rpki-client