Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5D11DCCEFA6D11EF9EF35D24C4F9AE02.roa
File: 5D11DCCEFA6D11EF9EF35D24C4F9AE02.roa (raw, json)
Hash identifier: QxwWZDLkbzVLbypi4nJI5sGhHXFG6GrP5RM8kH4jZ3I=
Subject key identifier: 0F:59:34:D8:7B:41:74:ED:7B:88:82:A3:8D:E9:06:EB:2A:59:6F:D9
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0FD5
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5D11DCCEFA6D11EF9EF35D24C4F9AE02.roa
Signing time: Thu 20 Mar 2025 07:57:54 +0000
ROA not before: Thu 20 Mar 2025 07:57:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 139.190.17.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Apr 2025 11:52:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4053 (0xfd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Mar 20 07:57:54 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67dbca81-e9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7e:13:8e:00:42:dc:9a:89:f5:e4:39:ce:f3:
d3:f5:07:70:17:0a:74:dc:9c:8d:c7:57:71:b2:ec:
5a:c7:5f:8f:b6:d5:a3:3e:5b:ce:5e:bc:86:b9:06:
54:c3:99:f9:47:05:13:b9:72:00:15:d5:d1:08:f1:
c0:a3:a4:b0:fd:c6:4b:56:10:c4:d9:a3:2c:88:42:
b5:2d:cf:08:ea:85:82:13:30:5f:8f:74:ba:9f:9b:
18:32:ca:15:1f:96:0b:b0:a1:59:69:09:47:17:78:
f3:df:c5:af:01:4e:d6:66:9d:6e:32:9e:96:f8:ee:
43:2a:2f:86:bc:a4:63:75:f6:d6:81:fd:47:f6:c2:
0b:92:c6:ca:65:a4:44:f1:cc:e1:83:6a:4d:37:11:
2c:dc:88:d4:56:73:39:11:99:e9:62:aa:87:c0:7f:
6c:4b:e3:8a:d7:fc:ac:9b:2b:f0:c0:03:96:72:67:
6e:ce:df:72:a9:ec:38:e8:3c:cc:51:c2:d8:06:2c:
3c:c0:ed:22:9e:bd:87:bb:cb:1b:17:de:33:81:b0:
e3:50:ab:b9:42:6c:27:15:91:df:5a:ce:62:0a:c6:
00:e5:f2:eb:31:6b:e2:33:9c:6c:15:a0:1f:e6:a8:
7b:fa:57:3f:f4:bc:03:2d:ec:6e:bf:e5:07:9f:c2:
ed:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:59:34:D8:7B:41:74:ED:7B:88:82:A3:8D:E9:06:EB:2A:59:6F:D9
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5D11DCCEFA6D11EF9EF35D24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.17.0/24
139.190.19.0-139.190.20.255
139.190.24.0/22
139.190.35.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:7b:72:d4:cb:fb:4f:83:a8:df:cb:7d:2e:b2:29:c9:f1:f7:
85:aa:52:6b:15:39:98:86:b8:5e:5b:15:81:e4:af:bf:0d:0a:
3c:2f:26:a9:4a:3c:75:12:d8:9f:b1:44:eb:9b:f3:e1:d1:50:
82:e1:08:97:9c:00:b9:c0:93:c1:0e:18:a5:b2:80:c5:69:73:
22:65:55:19:fd:d0:1b:b1:80:62:16:55:09:66:62:0c:20:f0:
02:c7:0d:dd:c5:81:3e:3c:e7:5c:3c:90:f1:45:95:81:2f:43:
7d:60:0a:a7:b1:40:a9:42:e4:a4:10:3d:4b:35:6c:67:9e:c2:
e8:7f:73:ab:9d:cd:63:18:7c:d7:a2:a6:3e:30:6e:7f:d1:b4:
13:72:b0:af:90:83:36:ec:7c:8b:ec:5f:3d:2d:56:4a:95:9e:
7b:f9:eb:cd:09:5e:82:82:bb:8a:38:b0:a9:22:24:b2:30:7d:
68:19:63:2b:80:b5:e4:41:02:c7:cb:7b:c8:24:20:82:c4:e8:
8e:b5:50:0f:32:1d:c4:18:b3:fa:e4:ea:20:25:8e:13:88:5f:
fa:c8:f1:de:1c:8e:9a:7a:ec:7f:01:e5:02:39:bd:e9:e7:cb:
d9:fc:01:58:18:44:6c:d5:2e:d0:30:b9:01:40:ad:76:be:7c:
f9:38:e5:71
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICD9UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMzIwMDc1NzU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RiY2E4MS1lOWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq34TjgBC3JqJ9eQ5zvPT9QdwFwp03JyNx1dxsuxax1+PttWjPlvOXryGuQZU
w5n5RwUTuXIAFdXRCPHAo6Sw/cZLVhDE2aMsiEK1Lc8I6oWCEzBfj3S6n5sYMsoV
H5YLsKFZaQlHF3jz38WvAU7WZp1uMp6W+O5DKi+GvKRjdfbWgf1H9sILksbKZaRE
8czhg2pNNxEs3IjUVnM5EZnpYqqHwH9sS+OK1/ysmyvwwAOWcmduzt9yqew46DzM
UcLYBiw8wO0inr2Hu8sbF94zgbDjUKu5QmwnFZHfWs5iCsYA5fLrMWviM5xsFaAf
5qh7+lc/9LwDLexuv+UHn8LtVQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFA9ZNNh7
QXTte4iCo43pBusqWW/ZMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNUQxMURDQ0VG
QTZEMTFFRjlFRjM1RDI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBACLvhEwDAMEAIu+EwMEAIu+FAMEAou+GAMEAIu+IzANBgkq
hkiG9w0BAQsFAAOCAQEAinty1Mv7T4Oo38t9LrIpyfH3hapSaxU5mIa4XlsVgeSv
vw0KPC8mqUo8dRLYn7FE65vz4dFQguEIl5wAucCTwQ4YpbKAxWlzImVVGf3QG7GA
YhZVCWZiDCDwAscN3cWBPjznXDyQ8UWVgS9DfWAKp7FAqULkpBA9SzVsZ57C6H9z
q53NYxh816KmPjBuf9G0E3Kwr5CDNux8i+xfPS1WSpWee/nrzQlegoK7ijiwqSIk
sjB9aBljK4C15EECx8t7yCQggsTojrVQDzIdxBiz+uTqICWOE4hf+sjx3hyOmnrs
fwHlAjm96efL2fwBWBhEbNUu0DC5AUCtdr58+TjlcQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:49:28 2025 by rpki-client