Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9E1DC9ECD7EC11EF9729B263C4F9AE02.roa
File: 9E1DC9ECD7EC11EF9729B263C4F9AE02.roa (raw, json)
Hash identifier: P6vAzj5PGWIN/rLrJ8N8Zv0G63v/WgeY93SOWCEFYBg=
Subject key identifier: 44:09:5E:72:F6:9B:BC:B8:DE:3E:15:73:6B:06:06:73:B9:01:D4:06
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0DFD
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9E1DC9ECD7EC11EF9729B263C4F9AE02.roa
Signing time: Tue 04 Feb 2025 11:58:28 +0000
ROA not before: Tue 04 Feb 2025 11:58:28 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.8.0/24 maxlen: 24
139.190.9.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.13.0/24 maxlen: 24
139.190.15.0/24 maxlen: 24
139.190.17.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.21.0/24 maxlen: 24
139.190.22.0/24 maxlen: 24
139.190.23.0/24 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
139.190.32.0/22 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.48.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.68.0/22 maxlen: 24
139.190.88.0/21 maxlen: 24
139.190.124.0/22 maxlen: 24
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Feb 2025 10:16:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3581 (0xdfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Feb 4 11:58:28 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67a200e4-2ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:cc:44:a0:96:0d:70:68:93:f6:c8:4f:56:45:
2c:45:6d:0b:e4:54:db:cf:49:d3:74:36:80:b7:42:
45:05:19:7d:e6:f2:46:79:71:61:5c:f9:52:36:c2:
28:89:1b:b5:45:24:aa:65:69:5a:74:6f:16:38:19:
96:ef:c1:81:91:09:f1:38:b2:95:d7:43:20:31:55:
a2:7c:9d:dd:2a:62:31:e6:d6:a5:22:c5:c7:7c:28:
4a:35:d4:21:b7:fc:29:37:f2:79:9d:57:d1:af:e8:
cf:fa:27:a7:2b:64:8d:be:7b:19:b7:53:ba:24:15:
8b:2c:62:f8:54:ea:e4:76:27:65:91:aa:76:cd:67:
46:2a:2a:a9:26:56:7a:7b:11:1f:9c:06:df:d3:34:
ef:04:8a:21:bd:b4:a6:80:ba:3c:18:1d:06:52:f2:
b3:8c:45:9e:71:bd:dd:6e:3b:e9:23:98:81:18:ef:
c9:bb:79:87:8a:84:6d:cc:6b:10:a7:b9:66:cf:a6:
00:d5:4b:5b:80:34:64:04:6f:9b:34:be:a8:cc:c8:
0f:82:30:aa:9a:55:7e:3a:e3:50:16:24:9b:41:69:
9b:8e:81:8d:af:8a:85:62:20:0d:d8:d0:11:4d:2e:
5b:93:6d:1b:c4:11:b3:96:52:f2:23:1f:6d:00:1f:
68:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:09:5E:72:F6:9B:BC:B8:DE:3E:15:73:6B:06:06:73:B9:01:D4:06
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9E1DC9ECD7EC11EF9729B263C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.8.0/23
139.190.11.0/24
139.190.13.0/24
139.190.15.0/24
139.190.17.0/24
139.190.19.0-139.190.27.255
139.190.29.0-139.190.39.255
139.190.48.0/21
139.190.68.0/22
139.190.88.0/21
139.190.124.0/22
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
32:aa:43:6b:6c:f5:bc:0e:8f:28:cc:27:d3:63:bf:f6:31:35:
f4:c3:c3:b6:c9:79:e7:5e:d6:95:b7:73:cd:52:91:21:fa:89:
38:3d:b7:5e:8a:6f:24:df:34:8f:ff:9d:71:fa:17:9e:e4:03:
cd:84:06:fa:cf:e5:8d:55:bd:3f:23:de:af:02:0b:49:00:59:
fe:6d:7e:f5:8d:61:19:8b:0c:63:54:d5:40:28:76:c4:08:a7:
fa:fc:a1:34:35:24:07:1e:32:b1:9c:7c:a6:5f:4f:37:6e:4a:
1c:b7:1c:48:4f:6a:0f:40:2a:61:70:0d:6d:c3:b8:16:5e:f3:
42:27:14:56:b9:9d:23:6f:21:51:78:56:5d:1d:c1:23:b2:f3:
5f:fb:19:d5:c4:ee:84:d1:b6:b5:99:b5:40:e0:25:2b:d6:2a:
6f:07:b8:81:6e:ec:16:28:9f:d4:47:2b:47:ed:ff:30:c9:c4:
3b:c2:da:c9:db:ae:b3:86:03:3b:29:19:c2:17:29:64:cd:55:
69:df:9f:ac:62:5b:09:11:8e:09:21:7d:7c:85:2f:3a:1e:ed:
ec:df:54:5b:0d:fb:0b:72:b6:3c:e3:df:51:21:96:cb:97:d5:
fa:7d:3f:8c:93:f9:68:d1:09:85:c6:4f:db:38:99:f0:ec:41:
5a:1d:69:9d
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgICDf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMjA0MTE1ODI4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyMDBlNC0yYWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5MxEoJYNcGiT9shPVkUsRW0L5FTbz0nTdDaAt0JFBRl95vJGeXFhXPlSNsIo
iRu1RSSqZWladG8WOBmW78GBkQnxOLKV10MgMVWifJ3dKmIx5talIsXHfChKNdQh
t/wpN/J5nVfRr+jP+ienK2SNvnsZt1O6JBWLLGL4VOrkdidlkap2zWdGKiqpJlZ6
exEfnAbf0zTvBIohvbSmgLo8GB0GUvKzjEWecb3dbjvpI5iBGO/Ju3mHioRtzGsQ
p7lmz6YA1UtbgDRkBG+bNL6ozMgPgjCqmlV+OuNQFiSbQWmbjoGNr4qFYiAN2NAR
TS5bk20bxBGzllLyIx9tAB9o9wIDAQABo4IC7TCCAukwHQYDVR0OBBYEFEQJXnL2
m7y43j4Vc2sGBnO5AdQGMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOUUxREM5RUNE
N0VDMTFFRjk3MjlCMjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdwYIKwYBBQUHAQcBAf8E
aDBmMGQEAgABMF4DBAGLvggDBACLvgsDBACLvg0DBACLvg8DBACLvhEwDAMEAIu+
EwMEAou+GDAMAwQAi74dAwQDi74gAwQDi74wAwQCi75EAwQDi75YAwQCi758AwQA
i77rAwQBi77uMA0GCSqGSIb3DQEBCwUAA4IBAQAyqkNrbPW8Do8ozCfTY7/2MTX0
w8O2yXnnXtaVt3PNUpEh+ok4Pbdeim8k3zSP/51x+hee5APNhAb6z+WNVb0/I96v
AgtJAFn+bX71jWEZiwxjVNVAKHbECKf6/KE0NSQHHjKxnHymX083bkoctxxIT2oP
QCphcA1tw7gWXvNCJxRWuZ0jbyFReFZdHcEjsvNf+xnVxO6E0ba1mbVA4CUr1ipv
B7iBbuwWKJ/URytH7f8wycQ7wtrJ266zhgM7KRnCFylkzVVp35+sYlsJEY4JIX18
hS86Hu3s31RbDfsLcrY8499RIZbLl9X6fT+Mk/lo0QmFxk/bOJnw7EFaHWmd
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:33:27 2025 by rpki-client