Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/C06BE6FEF2BE11EFBEEFA73BC4F9AE02.roa
File: C06BE6FEF2BE11EFBEEFA73BC4F9AE02.roa (raw, json)
Hash identifier: I0qhu9nM1RNb4e3EYRqCoijpMTIX4LWbWL1zdZyjwHA=
Subject key identifier: CA:36:02:4F:8A:28:11:F8:53:AC:72:6A:15:FA:F5:7B:4F:28:D0:56
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0F0F
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/C06BE6FEF2BE11EFBEEFA73BC4F9AE02.roa
Signing time: Mon 24 Feb 2025 14:58:42 +0000
ROA not before: Mon 24 Feb 2025 14:58:42 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.8.0/24 maxlen: 24
139.190.9.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.13.0/24 maxlen: 24
139.190.15.0/24 maxlen: 24
139.190.17.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
139.190.32.0/24 maxlen: 24
139.190.33.0/24 maxlen: 24
139.190.34.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.49.0/24 maxlen: 24
139.190.69.0/24 maxlen: 24
139.190.70.0/24 maxlen: 24
139.190.71.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 05:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3855 (0xf0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Feb 24 14:58:42 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67bc8921-b81e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d7:b8:dd:3a:23:bd:4d:af:98:bf:25:08:87:
99:9d:3f:f3:c7:a0:f5:b9:bf:93:45:30:c9:fd:fd:
31:08:32:6e:cb:b7:89:9e:9a:42:7d:63:5f:10:88:
e6:a8:1b:46:85:49:e5:5d:cd:13:5e:2f:4c:23:30:
a3:26:7b:58:9d:fe:49:e6:24:06:38:2c:52:b5:af:
4d:41:87:03:2b:51:63:97:bb:44:33:11:4d:7d:ae:
8d:47:6f:80:d1:ea:a5:7f:92:37:59:4e:de:95:39:
1b:01:30:1d:9a:ad:b2:43:99:5e:bd:93:1b:c0:03:
0f:2c:fe:30:cd:59:56:06:d5:15:8e:d8:2e:1e:af:
c9:f0:83:4a:52:16:fb:96:76:e3:a6:d7:00:a4:26:
fe:b8:90:51:a6:8e:32:e2:ce:40:ac:f0:34:45:e5:
06:7c:bb:67:31:5d:a7:39:7f:3c:2c:8c:a3:e8:0e:
28:b6:63:10:fc:b4:35:81:87:75:7e:15:af:46:1e:
1a:d0:2a:03:7d:8f:66:05:c2:02:5f:42:b4:05:63:
91:7b:15:e7:04:08:2d:1c:f9:d5:63:dd:43:74:15:
b1:17:4c:65:17:fc:fc:26:bb:fc:01:bb:8b:d4:2f:
9a:21:58:f7:9c:e1:db:42:08:ab:dd:3b:6e:19:9b:
e9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:36:02:4F:8A:28:11:F8:53:AC:72:6A:15:FA:F5:7B:4F:28:D0:56
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/C06BE6FEF2BE11EFBEEFA73BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.8.0/23
139.190.11.0/24
139.190.13.0/24
139.190.15.0/24
139.190.17.0/24
139.190.20.0/24
139.190.24.0/22
139.190.30.0-139.190.34.255
139.190.36.0/22
139.190.49.0/24
139.190.69.0-139.190.71.255
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
64:dc:f0:b1:6a:e0:c0:4c:27:f2:9b:8c:4a:8e:62:c9:5b:ab:
5f:02:b6:e5:dd:8b:b4:f6:92:5f:ca:1e:cb:98:ea:fa:3d:24:
46:7e:3c:af:76:57:12:cb:60:11:38:ac:df:56:47:77:ac:b3:
3c:5f:9a:9e:5b:88:ee:04:f7:26:35:24:51:8b:43:99:c5:12:
e2:5d:5d:8e:15:79:f2:6a:4a:13:2e:af:3b:14:85:b6:4d:1b:
bd:68:04:be:f8:cc:d6:16:f5:87:52:0a:4f:00:bf:df:68:ae:
50:dc:0e:1c:8c:61:bf:87:7f:99:51:1e:24:78:23:e3:8d:9c:
d3:f4:ac:3b:84:c9:04:0c:03:a1:9f:fb:87:90:17:20:3d:e3:
ea:17:84:31:66:d5:4e:79:df:bb:31:94:07:07:96:24:bb:19:
90:3b:ad:c9:ad:a7:77:6a:41:21:e2:86:11:72:ac:c1:08:2d:
05:9c:31:7f:3e:8a:1d:50:30:4d:d0:b4:66:eb:8b:a8:88:c1:
12:d5:24:4d:20:56:1b:f1:68:fd:0d:b6:f9:88:08:8b:f7:4f:
4e:ae:cc:ab:b0:0f:39:3d:3e:b7:3f:e8:85:ab:8a:1d:4b:0b:
a6:9f:b8:28:cc:ff:81:91:cc:78:7a:6a:07:ed:e3:24:c6:00:
29:34:8b:dd
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICDw8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMjI0MTQ1ODQyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JjODkyMS1iODFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1te43TojvU2vmL8lCIeZnT/zx6D1ub+TRTDJ/f0xCDJuy7eJnppCfWNfEIjm
qBtGhUnlXc0TXi9MIzCjJntYnf5J5iQGOCxSta9NQYcDK1Fjl7tEMxFNfa6NR2+A
0eqlf5I3WU7elTkbATAdmq2yQ5levZMbwAMPLP4wzVlWBtUVjtguHq/J8INKUhb7
lnbjptcApCb+uJBRpo4y4s5ArPA0ReUGfLtnMV2nOX88LIyj6A4otmMQ/LQ1gYd1
fhWvRh4a0CoDfY9mBcICX0K0BWORexXnBAgtHPnVY91DdBWxF0xlF/z8Jrv8AbuL
1C+aIVj3nOHbQgir3TtuGZvpSQIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFMo2Ak+K
KBH4U6xyahX69XtPKNBWMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQzA2QkU2RkVG
MkJFMTFFRkJFRUZBNzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcQYIKwYBBQUHAQcBAf8E
YjBgMF4EAgABMFgDBAGLvggDBACLvgsDBACLvg0DBACLvg8DBACLvhEDBACLvhQD
BAKLvhgwDAMEAYu+HgMEAIu+IgMEAou+JAMEAIu+MTAMAwQAi75FAwQDi75AAwQA
i77vMA0GCSqGSIb3DQEBCwUAA4IBAQBk3PCxauDATCfym4xKjmLJW6tfArbl3Yu0
9pJfyh7LmOr6PSRGfjyvdlcSy2AROKzfVkd3rLM8X5qeW4juBPcmNSRRi0OZxRLi
XV2OFXnyakoTLq87FIW2TRu9aAS++MzWFvWHUgpPAL/faK5Q3A4cjGG/h3+ZUR4k
eCPjjZzT9Kw7hMkEDAOhn/uHkBcgPePqF4QxZtVOed+7MZQHB5YkuxmQO63Jrad3
akEh4oYRcqzBCC0FnDF/PoodUDBN0LRm64uoiMES1SRNIFYb8Wj9Dbb5iAiL909O
rsyrsA85PT63P+iFq4odSwumn7gozP+Bkcx4emoH7eMkxgApNIvd
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:24:58 2025 by rpki-client