Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/EFDB9362F82211EFBDC7ED60C4F9AE02.roa
File: EFDB9362F82211EFBDC7ED60C4F9AE02.roa (raw, json)
Hash identifier: t81CJ3FojLB9d2Kk4qcw78RgS4/ggL2WKR3G+lHCBgA=
Subject key identifier: 92:44:E6:B0:EF:9A:AC:38:5E:9A:F7:23:AC:3F:79:5E:62:CC:F6:51
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0F63
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/EFDB9362F82211EFBDC7ED60C4F9AE02.roa
Signing time: Mon 03 Mar 2025 11:30:41 +0000
ROA not before: Mon 03 Mar 2025 11:30:41 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 139.190.17.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.24.0/22 maxlen: 22
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 11:31:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Mar 3 11:30:41 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67c592e1-0193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9d:dc:36:ae:b4:ed:b7:bc:a8:a5:95:10:9d:
93:02:12:43:d8:a1:17:f5:4f:e6:56:0f:50:ba:4e:
23:25:da:ec:7c:56:ad:e8:e3:c9:c9:72:76:20:7f:
42:e7:84:e4:dc:f0:bf:10:8e:53:54:64:52:9a:79:
9d:4c:54:49:25:bd:ea:b5:3e:72:f1:96:50:11:d0:
c3:4c:7c:04:61:4b:4f:bb:9f:68:1e:05:44:0e:3b:
0a:d9:b0:20:15:27:c0:0f:dd:e8:1a:ca:94:c9:65:
cb:e8:10:2d:fc:d6:6f:92:8d:7b:e7:1c:ae:5d:0d:
b4:2c:5a:68:82:cd:34:6a:7e:a7:cf:bf:c5:68:d2:
13:a6:0d:1a:4d:a5:e9:37:43:6d:fd:0f:14:28:20:
0c:79:95:48:52:bf:b9:b3:5b:12:97:16:62:19:88:
52:bd:cd:81:7e:0a:57:6d:d7:2f:0f:34:21:3c:73:
1d:04:2a:a1:87:32:1b:27:3d:44:9e:18:df:ac:67:
59:de:9a:38:74:35:4e:0b:73:aa:87:6c:0d:e4:aa:
e9:57:d9:24:84:cb:62:88:db:8d:d4:0d:1a:ce:cc:
2b:3e:68:f4:17:ee:be:9e:6f:75:55:c4:07:83:c2:
ab:fa:7b:e3:42:75:1d:d8:45:d6:f2:04:56:48:1d:
f3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:44:E6:B0:EF:9A:AC:38:5E:9A:F7:23:AC:3F:79:5E:62:CC:F6:51
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/EFDB9362F82211EFBDC7ED60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.17.0/24
139.190.20.0/24
139.190.24.0/22
139.190.30.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:01:c1:21:f3:23:e5:dd:70:d3:f9:06:cb:6a:39:e4:3e:e2:
ee:1f:c3:b9:54:50:5c:55:c4:99:10:eb:04:68:99:b0:63:45:
68:e2:dd:88:28:f1:8f:32:6d:10:43:bf:3b:00:5c:1a:7a:4e:
d7:b0:95:51:98:25:54:45:ef:9c:aa:85:2d:18:f1:40:e7:07:
13:05:5b:9c:58:c2:90:f7:4e:1d:96:19:0a:cf:dc:ec:68:05:
45:d5:df:44:47:89:1f:d9:13:c6:54:8b:91:ff:37:13:d3:ad:
7d:3a:04:be:19:2d:1c:46:e0:e2:d4:f3:f0:d1:bb:21:f1:1a:
d7:20:9b:78:10:5d:02:62:4d:45:83:e4:df:ee:a5:fb:33:50:
78:f4:0b:28:0f:49:60:2f:c8:11:32:d6:3d:c8:73:74:8e:6a:
55:dd:54:a5:9b:da:c7:2b:3b:fc:7f:7d:32:a0:5a:fe:2e:29:
8b:16:47:c2:aa:d2:18:32:40:bc:98:56:c2:fd:fb:8c:16:14:
60:cd:2e:91:37:75:ca:ea:40:68:19:89:14:3d:81:e1:c1:ee:
66:88:b3:56:1b:da:19:42:a6:79:b4:b1:0e:a6:51:33:d1:fd:
5b:e0:c5:60:b8:61:ea:a0:6f:51:02:43:a0:56:ce:fe:06:1d:
f5:89:8b:0e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMzAzMTEzMDQxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M1OTJlMS0wMTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs53cNq607be8qKWVEJ2TAhJD2KEX9U/mVg9Quk4jJdrsfFat6OPJyXJ2IH9C
54Tk3PC/EI5TVGRSmnmdTFRJJb3qtT5y8ZZQEdDDTHwEYUtPu59oHgVEDjsK2bAg
FSfAD93oGsqUyWXL6BAt/NZvko175xyuXQ20LFpogs00an6nz7/FaNITpg0aTaXp
N0Nt/Q8UKCAMeZVIUr+5s1sSlxZiGYhSvc2BfgpXbdcvDzQhPHMdBCqhhzIbJz1E
nhjfrGdZ3po4dDVOC3Oqh2wN5KrpV9kkhMtiiNuN1A0azswrPmj0F+6+nm91VcQH
g8Kr+nvjQnUd2EXW8gRWSB3ziwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFJJE5rDv
mqw4Xpr3I6w/eV5izPZRMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRUZEQjkzNjJG
ODIyMTFFRkJEQzdFRDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBACLvhEDBACLvhQDBAKLvhgDBAGLvh4wDQYJKoZIhvcNAQEL
BQADggEBAH4BwSHzI+XdcNP5BstqOeQ+4u4fw7lUUFxVxJkQ6wRombBjRWji3Ygo
8Y8ybRBDvzsAXBp6TtewlVGYJVRF75yqhS0Y8UDnBxMFW5xYwpD3Th2WGQrP3Oxo
BUXV30RHiR/ZE8ZUi5H/NxPTrX06BL4ZLRxG4OLU8/DRuyHxGtcgm3gQXQJiTUWD
5N/upfszUHj0CygPSWAvyBEy1j3Ic3SOalXdVKWb2scrO/x/fTKgWv4uKYsWR8Kq
0hgyQLyYVsL9+4wWFGDNLpE3dcrqQGgZiRQ9geHB7maIs1Yb2hlCpnm0sQ6mUTPR
/VvgxWC4Yeqgb1ECQ6BWzv4GHfWJiw4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:34:51 2025 by rpki-client