Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/74CF2192F29211EF967B046CC4F9AE02.roa
File: 74CF2192F29211EF967B046CC4F9AE02.roa (raw, json)
Hash identifier: NrP0m7JQLhHimxovg0yOHszbsrSAFopXA/Mf77WaIhk=
Subject key identifier: 4E:B4:7A:99:C0:3C:35:BC:2C:5D:EA:37:FA:0F:D0:DB:3C:74:79:E0
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0F18
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/74CF2192F29211EF967B046CC4F9AE02.roa
Signing time: Tue 25 Feb 2025 05:19:11 +0000
ROA not before: Tue 25 Feb 2025 05:19:11 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 139.190.10.0/24 maxlen: 24
139.190.12.0/24 maxlen: 24
139.190.35.0/24 maxlen: 24
139.190.48.0/24 maxlen: 24
139.190.50.0/24 maxlen: 24
139.190.51.0/24 maxlen: 24
139.190.52.0/24 maxlen: 24
139.190.53.0/24 maxlen: 24
139.190.54.0/24 maxlen: 24
139.190.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 09:20:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3864 (0xf18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Feb 25 05:19:11 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67bd52ce-614c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9e:4a:f1:f9:97:15:fc:ed:7d:39:a1:81:64:
cc:4a:f6:f7:11:a0:75:71:b7:ff:d3:2a:1b:8c:6b:
d5:d9:2b:e2:f7:5f:9f:ac:62:c5:23:7c:9c:aa:90:
4e:e4:cd:24:fd:93:f0:6e:ed:99:0b:d1:3c:12:20:
90:dc:f7:61:25:a1:4c:02:88:da:ff:5d:b3:01:90:
92:be:f2:3a:8b:c9:b9:28:35:38:3e:a9:1b:70:da:
0e:59:81:86:6f:ba:b1:ad:3c:cf:0b:b1:d9:d6:f8:
d8:75:61:fc:e2:19:fc:a1:7d:1c:f3:c7:91:80:38:
3f:a3:65:7e:95:3b:18:31:23:63:9a:39:26:0f:d9:
e6:eb:ea:a6:66:66:4a:88:0e:c5:70:c2:60:c6:55:
68:f9:e8:82:26:6a:1d:1a:e8:42:86:79:8b:37:b1:
06:fb:f6:3f:9c:f8:ea:5a:0d:01:91:db:cd:a1:40:
16:40:ea:37:ff:89:79:eb:f6:c5:9d:5a:88:dd:19:
de:3c:1e:5e:47:4c:58:f8:57:29:ee:3c:9b:12:d5:
2b:fe:c3:f0:4a:00:67:d6:64:4e:95:75:f1:e0:7a:
1b:2d:af:2f:18:78:00:f4:59:fb:83:e6:fa:e7:22:
38:0d:82:33:9e:07:f9:ee:df:24:ba:02:0d:4b:03:
53:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B4:7A:99:C0:3C:35:BC:2C:5D:EA:37:FA:0F:D0:DB:3C:74:79:E0
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/74CF2192F29211EF967B046CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.10.0/24
139.190.12.0/24
139.190.35.0/24
139.190.48.0/24
139.190.50.0-139.190.54.255
139.190.68.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:29:3a:67:f3:85:e7:d3:49:94:ca:85:58:9d:ec:dc:65:32:
d6:18:ae:41:89:73:dc:32:da:4e:c9:d3:ef:05:a3:10:99:c1:
db:ac:07:a9:e4:31:5c:c9:f5:e1:8a:da:ca:2a:84:c0:b4:df:
54:bf:14:33:43:b9:06:9c:8a:c0:e3:0f:dc:7e:50:cf:a9:48:
c7:02:01:8f:8a:c3:72:61:3c:8d:d1:e6:02:43:da:3b:1a:da:
95:09:ff:c2:d0:48:56:88:26:4e:d3:3f:ed:9c:d3:4b:d5:0b:
ce:65:95:cc:f4:ad:ab:cc:62:54:f3:33:cc:18:70:c6:b7:88:
32:19:7c:5e:32:17:02:a3:f6:13:78:86:0e:cf:ba:e6:61:96:
29:b1:5d:c1:4a:c4:41:9b:59:0d:6c:9b:fa:ce:ad:36:36:a1:
42:3b:73:10:c6:e8:cf:d2:6b:4c:3e:39:df:ad:35:e1:ac:d0:
f9:a4:a1:fb:fe:b7:4d:8d:a4:76:19:e4:5e:90:00:d9:42:fd:
f6:bb:ae:d2:91:81:de:f9:a4:32:d7:e6:d7:dc:2c:f2:46:e9:
9b:9d:2f:55:f4:51:67:2f:f6:37:6a:47:6c:f4:b5:7e:a0:77:
b0:35:54:73:a2:3c:b0:6f:8f:a4:7e:2a:6c:13:e6:aa:a0:cf:
c7:8b:f4:ca
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICDxgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMjI1MDUxOTExWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JkNTJjZS02MTRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsp5K8fmXFfztfTmhgWTMSvb3EaB1cbf/0yobjGvV2Svi91+frGLFI3ycqpBO
5M0k/ZPwbu2ZC9E8EiCQ3PdhJaFMAoja/12zAZCSvvI6i8m5KDU4PqkbcNoOWYGG
b7qxrTzPC7HZ1vjYdWH84hn8oX0c88eRgDg/o2V+lTsYMSNjmjkmD9nm6+qmZmZK
iA7FcMJgxlVo+eiCJmodGuhChnmLN7EG+/Y/nPjqWg0BkdvNoUAWQOo3/4l56/bF
nVqI3RnePB5eR0xY+Fcp7jybEtUr/sPwSgBn1mROlXXx4HobLa8vGHgA9Fn7g+b6
5yI4DYIzngf57t8kugINSwNTkQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFE60epnA
PDW8LF3qN/oP0Ns8dHngMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNzRDRjIxOTJG
MjkyMTFFRjk2N0IwNDZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwDBACLvgoDBACLvgwDBACLviMDBACLvjAwDAMEAYu+MgMEAIu+
NgMEAIu+RDANBgkqhkiG9w0BAQsFAAOCAQEATik6Z/OF59NJlMqFWJ3s3GUy1hiu
QYlz3DLaTsnT7wWjEJnB26wHqeQxXMn14YrayiqEwLTfVL8UM0O5BpyKwOMP3H5Q
z6lIxwIBj4rDcmE8jdHmAkPaOxralQn/wtBIVogmTtM/7ZzTS9ULzmWVzPStq8xi
VPMzzBhwxreIMhl8XjIXAqP2E3iGDs+65mGWKbFdwUrEQZtZDWyb+s6tNjahQjtz
EMboz9JrTD4536014azQ+aSh+/63TY2kdhnkXpAA2UL99ruu0pGB3vmkMtfm19ws
8kbpm50vVfRRZy/2N2pHbPS1fqB3sDVUc6I8sG+PpH4qbBPmqqDPx4v0yg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:51:55 2025 by rpki-client