Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/0D0F7742E85A11EFBBA76F70C4F9AE02.roa
File: 0D0F7742E85A11EFBBA76F70C4F9AE02.roa (raw, json)
Hash identifier: f+DEaPaMmP6/IlnBcGPKp3LF/7ATLCNmfpES/u40fac=
Subject key identifier: 99:52:E2:54:B0:1A:25:DB:DB:8E:EC:E2:8F:F1:71:AD:CD:13:F3:C4
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0E5A
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/0D0F7742E85A11EFBBA76F70C4F9AE02.roa
Signing time: Tue 11 Feb 2025 09:33:19 +0000
ROA not before: Tue 11 Feb 2025 09:33:19 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 139.190.9.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.21.0/24 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 08:57:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3674 (0xe5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Feb 11 09:33:19 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67ab195f-434f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:46:50:df:a4:35:41:5f:e0:82:d3:bd:ca:27:
12:be:de:53:54:5e:e4:cf:96:89:72:4d:63:f8:90:
72:68:2e:53:7c:d9:2d:5a:ff:86:cd:cb:81:49:55:
1b:5f:3b:b3:87:e0:63:1a:0c:01:19:94:09:4c:de:
6a:b5:44:f4:3c:eb:4d:07:26:d4:8c:c6:39:29:9c:
c2:d0:26:e5:7b:45:a8:b1:78:f0:2a:f8:cd:27:9a:
42:b5:d5:85:4a:7d:77:fd:45:13:13:42:3d:38:9e:
dd:49:93:b3:05:80:e7:f6:87:f0:29:b2:87:fc:a9:
fb:9a:3b:42:d1:84:e0:19:48:0a:ea:9c:ed:28:04:
7a:70:ef:94:f5:12:27:7c:83:54:ed:80:1a:26:5d:
76:14:4d:32:cb:0f:25:76:4f:87:3a:b3:8c:2c:9b:
93:b0:fd:b5:2e:43:f7:d8:34:29:63:ce:3c:97:7d:
e3:90:0c:c6:fd:2c:84:d3:9e:75:a3:c7:ad:39:f5:
28:0e:73:eb:ce:94:23:52:31:47:f1:92:e7:f5:ed:
3b:b6:a5:52:f7:04:83:45:29:f4:cc:bf:12:49:91:
07:85:b8:72:85:17:d8:3b:5e:cd:dc:77:2f:da:ca:
2c:d9:cb:73:69:2a:53:b9:c8:2c:70:de:b7:a3:06:
02:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:52:E2:54:B0:1A:25:DB:DB:8E:EC:E2:8F:F1:71:AD:CD:13:F3:C4
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/0D0F7742E85A11EFBBA76F70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.9.0/24
139.190.19.0/24
139.190.21.0/24
139.190.29.0/24
139.190.235.0/24
139.190.238.0/24
Signature Algorithm: sha256WithRSAEncryption
61:d0:64:44:32:c0:23:74:0d:29:b5:fd:5d:37:2b:7d:b9:bd:
4f:b2:8b:bb:07:5e:ef:d9:c2:6a:53:cb:39:3d:e7:e0:8d:0c:
8d:65:bb:e8:cc:90:6b:45:22:15:f5:ef:ee:3e:3f:aa:27:05:
07:a6:7e:68:44:67:b3:e7:cd:87:9e:f4:b3:c3:78:cb:95:e1:
3d:74:7b:0d:0a:5a:dd:b6:6f:cd:7e:b4:df:14:37:01:47:b0:
8a:58:1b:be:ad:70:bd:d9:2c:9e:2c:c6:2e:a5:64:a9:9d:e8:
d5:9a:8e:76:12:46:40:64:42:5c:00:af:1a:f4:c2:4e:7e:5d:
5f:ed:b5:6c:e6:11:aa:d7:43:1b:8d:b3:d3:c3:37:d8:01:06:
02:bc:a2:d7:06:59:b5:0d:96:9d:e8:87:3d:43:c6:3f:2b:fa:
92:44:f4:5b:85:d1:43:a2:d1:df:19:9d:ce:0a:a3:35:bb:66:
47:79:35:eb:f3:20:93:81:03:3d:d9:3f:95:61:5d:c8:44:05:
e8:30:8d:0c:78:1b:80:6b:45:c6:f2:83:43:62:ef:ac:80:62:
dc:a1:34:ae:7b:c8:39:c5:25:1d:c3:c9:c0:fb:ff:d7:1d:25:
76:f8:b6:51:ce:2b:28:ae:64:67:72:47:8a:f8:3c:0c:e8:aa:
9b:d3:9a:51
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICDlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMjExMDkzMzE5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FiMTk1Zi00MzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxUZQ36Q1QV/ggtO9yicSvt5TVF7kz5aJck1j+JByaC5TfNktWv+GzcuBSVUb
Xzuzh+BjGgwBGZQJTN5qtUT0POtNBybUjMY5KZzC0Cble0WosXjwKvjNJ5pCtdWF
Sn13/UUTE0I9OJ7dSZOzBYDn9ofwKbKH/Kn7mjtC0YTgGUgK6pztKAR6cO+U9RIn
fINU7YAaJl12FE0yyw8ldk+HOrOMLJuTsP21LkP32DQpY848l33jkAzG/SyE0551
o8etOfUoDnPrzpQjUjFH8ZLn9e07tqVS9wSDRSn0zL8SSZEHhbhyhRfYO17N3Hcv
2sos2ctzaSpTucgscN63owYCYQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFJlS4lSw
GiXb247s4o/xca3NE/PEMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMEQwRjc3NDJF
ODVBMTFFRkJCQTc2RjcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBACLvgkDBACLvhMDBACLvhUDBACLvh0DBACLvusDBACLvu4w
DQYJKoZIhvcNAQELBQADggEBAGHQZEQywCN0DSm1/V03K325vU+yi7sHXu/ZwmpT
yzk95+CNDI1lu+jMkGtFIhX17+4+P6onBQemfmhEZ7PnzYee9LPDeMuV4T10ew0K
Wt22b81+tN8UNwFHsIpYG76tcL3ZLJ4sxi6lZKmd6NWajnYSRkBkQlwArxr0wk5+
XV/ttWzmEarXQxuNs9PDN9gBBgK8otcGWbUNlp3ohz1Dxj8r+pJE9FuF0UOi0d8Z
nc4KozW7Zkd5NevzIJOBAz3ZP5VhXchEBegwjQx4G4BrRcbyg0Ni76yAYtyhNK57
yDnFJR3DycD7/9cdJXb4tlHOKyiuZGdyR4r4PAzoqpvTmlE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:43:53 2025 by rpki-client