Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/80FAA9AED16E11EF967E4D49C4F9AE02.roa
File: 80FAA9AED16E11EF967E4D49C4F9AE02.roa (raw, json)
Hash identifier: r9y5C/YUoogFUDTsOPwqHnT1/dOoNeWzmD8JztVtmWE=
Subject key identifier: C9:2B:83:E8:00:D0:9B:E5:84:F1:F2:58:EE:D8:85:22:EE:CD:8F:85
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0D38
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/80FAA9AED16E11EF967E4D49C4F9AE02.roa
Signing time: Mon 13 Jan 2025 05:23:21 +0000
ROA not before: Mon 13 Jan 2025 05:23:21 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.9.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.21.0/24 maxlen: 24
139.190.22.0/24 maxlen: 24
139.190.23.0/24 maxlen: 24
139.190.24.0/24 maxlen: 24
139.190.25.0/24 maxlen: 24
139.190.26.0/24 maxlen: 24
139.190.27.0/24 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.32.0/21 maxlen: 24
139.190.40.0/24 maxlen: 24
139.190.41.0/24 maxlen: 24
139.190.42.0/24 maxlen: 24
139.190.43.0/24 maxlen: 24
139.190.44.0/24 maxlen: 24
139.190.45.0/24 maxlen: 24
139.190.46.0/24 maxlen: 24
139.190.47.0/24 maxlen: 24
139.190.48.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.56.0/22 maxlen: 24
139.190.60.0/24 maxlen: 24
139.190.61.0/24 maxlen: 24
139.190.62.0/24 maxlen: 24
139.190.63.0/24 maxlen: 24
139.190.68.0/22 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.124.0/22 maxlen: 24
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 09:08:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3384 (0xd38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Jan 13 05:23:21 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6784a349-e1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:67:98:23:ce:e3:46:59:89:d0:2a:b5:9d:5a:
40:8f:b1:d9:d8:88:88:59:fb:c7:60:a8:4b:85:05:
cf:c4:81:b5:21:f3:f0:42:ea:e2:94:a8:fd:41:40:
1f:23:f9:db:e5:72:ff:38:23:5c:50:a7:3c:17:39:
41:87:2e:56:26:0f:57:0c:47:58:5d:bf:2d:98:fe:
2a:e9:2c:41:61:fa:c3:e8:34:99:51:c3:44:4d:21:
19:a3:c5:84:b9:85:71:2d:8a:14:c5:81:f9:9b:ad:
85:51:9e:71:71:66:81:13:a1:c8:d1:53:b4:ed:b8:
b8:60:07:cf:52:62:6c:3e:de:c5:8a:ba:3d:23:d3:
70:bf:57:65:3a:0f:41:bf:f8:bc:7e:14:71:04:c5:
9e:69:7a:fa:62:ee:12:ed:a5:9d:1d:aa:54:9a:c3:
3b:44:a7:55:1a:74:08:13:0a:a3:6b:6d:e7:2f:6f:
5c:09:2b:ca:95:0e:37:b7:dd:cb:a6:d1:4b:a7:9d:
3b:42:12:08:3c:49:1f:22:d4:37:0b:17:73:1d:1e:
35:e4:c6:ae:83:3d:8a:af:32:99:23:6e:90:ae:2c:
70:c7:9e:e8:e5:29:21:69:42:c0:3e:19:ad:4d:e4:
74:ad:f4:b5:cd:bb:8a:9f:7a:05:5c:a3:a6:c5:37:
2a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2B:83:E8:00:D0:9B:E5:84:F1:F2:58:EE:D8:85:22:EE:CD:8F:85
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/80FAA9AED16E11EF967E4D49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.9.0/24
139.190.19.0/24
139.190.21.0-139.190.27.255
139.190.29.0/24
139.190.32.0/19
139.190.68.0/22
139.190.88.0/21
139.190.124.0/22
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
d5:ca:84:fa:9a:0f:9a:5b:40:a0:6c:52:65:ca:6d:39:d9:20:
17:d9:a2:ac:dc:ad:97:ae:c8:d7:db:d0:13:4d:ee:fa:62:64:
8d:02:f2:b1:ed:9e:68:46:96:60:4a:c1:67:81:78:b3:bd:e2:
4f:7e:34:35:60:33:77:bc:a5:c5:b5:12:10:48:80:5c:38:cb:
5c:1c:5f:f8:be:d0:f2:e6:be:c5:c8:c3:f0:e4:82:1f:3e:f3:
e8:86:c2:bd:d2:28:a8:2e:9f:14:d8:22:71:eb:22:82:d1:84:
c1:ed:8b:e8:7d:7f:52:53:ed:8b:54:6a:c8:2d:27:6a:17:79:
ca:aa:36:4a:1b:81:6f:34:7a:cd:98:e0:f3:d1:5e:6d:8d:f0:
b9:2b:a4:e0:a5:63:12:21:4a:87:fa:76:44:57:36:78:f0:f8:
60:4b:d4:f9:10:86:73:93:8a:64:9f:5c:43:d7:37:cf:bc:9d:
84:23:a7:c9:67:8f:b2:08:0f:21:7c:38:54:b7:dc:48:79:b9:
10:85:29:a0:d2:9c:ef:fa:b7:d3:77:3d:9a:a7:ec:df:de:50:
e6:7d:81:20:17:02:f6:de:4e:97:7d:49:a8:e9:b2:8c:4e:8b:
10:10:c1:54:5a:1d:f2:74:84:83:c1:db:81:f4:a7:72:f3:98:
55:99:fd:4d
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICDTgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMTEzMDUyMzIxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg0YTM0OS1lMWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/meYI87jRlmJ0Cq1nVpAj7HZ2IiIWfvHYKhLhQXPxIG1IfPwQurilKj9QUAf
I/nb5XL/OCNcUKc8FzlBhy5WJg9XDEdYXb8tmP4q6SxBYfrD6DSZUcNETSEZo8WE
uYVxLYoUxYH5m62FUZ5xcWaBE6HI0VO07bi4YAfPUmJsPt7Firo9I9Nwv1dlOg9B
v/i8fhRxBMWeaXr6Yu4S7aWdHapUmsM7RKdVGnQIEwqja23nL29cCSvKlQ43t93L
ptFLp507QhIIPEkfItQ3CxdzHR415Maugz2KrzKZI26Qrixwx57o5SkhaULAPhmt
TeR0rfS1zbuKn3oFXKOmxTcqdQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFMkrg+gA
0JvlhPHyWO7YhSLuzY+FMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvODBGQUE5QUVE
MTZFMTFFRjk2N0U0RDQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMEoEAgABMEQDBACLvgkDBACLvhMwDAMEAIu+FQMEAou+GAMEAIu+HQMEBYu+
IAMEAou+RAMEA4u+WAMEAou+fAMEAIu+6wMEAYu+7jANBgkqhkiG9w0BAQsFAAOC
AQEA1cqE+poPmltAoGxSZcptOdkgF9mirNytl67I19vQE03u+mJkjQLyse2eaEaW
YErBZ4F4s73iT340NWAzd7ylxbUSEEiAXDjLXBxf+L7Q8ua+xcjD8OSCHz7z6IbC
vdIoqC6fFNgicesigtGEwe2L6H1/UlPti1RqyC0nahd5yqo2ShuBbzR6zZjg89Fe
bY3wuSuk4KVjEiFKh/p2RFc2ePD4YEvU+RCGc5OKZJ9cQ9c3z7ydhCOnyWePsggP
IXw4VLfcSHm5EIUpoNKc7/q303c9mqfs395Q5n2BIBcC9t5Ol31JqOmyjE6LEBDB
VFod8nSEg8HbgfSncvOYVZn9TQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:36:08 2025 by rpki-client