Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/6851C30E154011F0BC5D1B22C4F9AE02.roa
File: 6851C30E154011F0BC5D1B22C4F9AE02.roa (raw, json)
Hash identifier: Zfe5VgK9AA7J1kwlbRufcE1V8dZQp13BRmya6V3mIaY=
Subject key identifier: E7:13:F2:F7:9F:99:0C:20:CC:39:FD:29:06:DB:BE:6D:77:98:A5:65
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0FF4
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/6851C30E154011F0BC5D1B22C4F9AE02.roa
Signing time: Wed 09 Apr 2025 12:46:43 +0000
ROA not before: Wed 09 Apr 2025 12:46:43 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 397373
IP address blocks: 139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 10:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4084 (0xff4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Apr 9 12:46:43 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67f66c33-3a36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:f0:d9:31:42:27:93:0b:2f:f3:48:39:05:ca:
7c:2c:e4:0d:62:d6:8e:40:a4:54:cd:6c:17:cf:a6:
da:4b:22:64:a3:27:b5:db:6b:9a:7f:0d:30:4d:d6:
6d:15:1b:0b:04:59:b0:a7:bd:94:00:f5:8e:fc:51:
43:bb:76:21:d7:d9:5a:f9:2b:98:fd:28:db:c5:15:
f7:05:59:0e:c7:f2:80:45:a5:34:67:70:0a:0c:66:
23:2b:fa:e0:d7:71:62:f5:20:b0:03:13:6b:80:4f:
b6:03:03:e9:c4:14:5e:e4:af:bb:f2:27:40:ca:71:
30:c3:d9:7a:aa:43:38:b1:3f:4d:44:f6:82:25:8a:
ee:fe:21:08:0e:1d:49:72:50:6c:14:28:35:89:84:
54:e5:6b:ed:61:d2:7f:0b:1c:e3:28:7a:74:10:32:
2a:a6:fe:e0:b3:d0:29:2e:29:ba:a1:a5:ec:06:70:
00:ef:81:4c:89:a9:d3:5b:de:8f:dd:67:c2:e8:45:
06:1e:c4:b4:15:f4:9b:5a:e8:58:2d:6d:1d:6f:4d:
43:60:73:4b:b9:e5:82:fb:63:9f:aa:02:69:8b:a6:
4a:ac:14:aa:04:c8:86:72:ef:70:79:1c:35:2e:14:
04:a7:ba:57:c3:7b:d7:eb:aa:8b:02:84:42:77:b0:
57:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:13:F2:F7:9F:99:0C:20:CC:39:FD:29:06:DB:BE:6D:77:98:A5:65
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/6851C30E154011F0BC5D1B22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.235.0/24
139.190.238.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:f3:33:27:67:86:39:dd:1c:aa:f7:ec:a6:99:31:01:29:59:
a5:ba:bd:f9:31:a6:50:5d:d4:80:9f:2f:05:3f:1b:ad:eb:b4:
73:17:e1:ea:68:33:50:53:69:63:9d:71:dc:fb:95:cb:3d:bd:
e9:73:97:ff:cb:50:6f:86:16:60:e4:a0:f8:80:82:91:73:ea:
49:55:09:8b:0c:29:06:08:54:38:57:bf:9f:93:22:a7:b7:d6:
d7:d5:b2:9a:4a:f3:ab:52:6a:bd:c2:64:8a:8e:3c:d3:87:e2:
c3:63:f2:fd:5b:20:8a:b1:49:31:6d:5e:c5:cf:69:4d:b2:0e:
4d:7e:9b:f0:13:b0:39:cc:d0:d4:35:62:ff:b3:97:c1:79:35:
f1:37:a2:56:8d:c3:b3:aa:2a:ac:b5:c9:1d:7b:e5:a4:46:fb:
83:ca:c3:93:7b:4c:68:c2:21:0e:9d:62:aa:f4:74:c7:5b:a1:
45:8a:77:19:b2:22:61:d9:46:5a:04:b7:a7:30:14:e2:0d:e5:
69:dc:61:eb:c4:bf:3f:e2:94:6b:b3:f0:2a:75:8b:b1:d8:67:
11:57:6c:0d:53:b7:72:37:70:9f:ca:55:4b:61:d4:90:a3:6e:
d4:3c:8b:70:9a:c3:6c:e6:97:29:3e:12:ca:52:0a:d4:5f:e1:
5c:08:21:8e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICD/QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwNDA5MTI0NjQzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y2NmMzMy0zYTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8vDZMUInkwsv80g5Bcp8LOQNYtaOQKRUzWwXz6baSyJkoye122uafw0wTdZt
FRsLBFmwp72UAPWO/FFDu3Yh19la+SuY/SjbxRX3BVkOx/KARaU0Z3AKDGYjK/rg
13Fi9SCwAxNrgE+2AwPpxBRe5K+78idAynEww9l6qkM4sT9NRPaCJYru/iEIDh1J
clBsFCg1iYRU5WvtYdJ/CxzjKHp0EDIqpv7gs9ApLim6oaXsBnAA74FMianTW96P
3WfC6EUGHsS0FfSbWuhYLW0db01DYHNLueWC+2OfqgJpi6ZKrBSqBMiGcu9weRw1
LhQEp7pXw3vX66qLAoRCd7BXPQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOcT8vef
mQwgzDn9KQbbvm13mKVlMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNjg1MUMzMEUx
NTQwMTFGMEJDNUQxQjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBACLvusDBACLvu4wDQYJKoZIhvcNAQELBQADggEBAIzzMydn
hjndHKr37KaZMQEpWaW6vfkxplBd1ICfLwU/G63rtHMX4epoM1BTaWOdcdz7lcs9
velzl//LUG+GFmDkoPiAgpFz6klVCYsMKQYIVDhXv5+TIqe31tfVsppK86tSar3C
ZIqOPNOH4sNj8v1bIIqxSTFtXsXPaU2yDk1+m/ATsDnM0NQ1Yv+zl8F5NfE3olaN
w7OqKqy1yR175aRG+4PKw5N7TGjCIQ6dYqr0dMdboUWKdxmyImHZRloEt6cwFOIN
5WncYevEvz/ilGuz8Cp1i7HYZxFXbA1Tt3I3cJ/KVUth1JCjbtQ8i3Caw2zmlyk+
EspSCtRf4VwIIY4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:31:01 2025 by rpki-client