Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B7463F04F2BC11EF90A18036C4F9AE02.roa
File: B7463F04F2BC11EF90A18036C4F9AE02.roa (raw, json)
Hash identifier: KbLVTfFdPQQo2itSpA3x7XQHd+l9vTkYXbSJxyMadrU=
Subject key identifier: 81:8F:14:18:79:13:4A:AA:B5:8A:C5:85:A7:F3:BB:AE:6F:B0:49:64
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0F05
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B7463F04F2BC11EF90A18036C4F9AE02.roa
Signing time: Mon 24 Feb 2025 14:36:21 +0000
ROA not before: Mon 24 Feb 2025 14:36:21 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.8.0/24 maxlen: 24
139.190.9.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.13.0/24 maxlen: 24
139.190.15.0/24 maxlen: 24
139.190.17.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
139.190.32.0/24 maxlen: 24
139.190.33.0/24 maxlen: 24
139.190.34.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.49.0/24 maxlen: 24
139.190.68.0/22 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 14:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3845 (0xf05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Feb 24 14:36:21 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67bc83e5-c02f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f3:64:dc:17:11:9d:47:ac:1c:fc:b4:1f:d1:
d5:79:88:b4:2f:09:41:a9:cf:62:e2:f3:21:5b:1b:
52:32:e8:8a:84:03:66:9e:cf:68:1c:a2:65:be:e1:
20:c5:64:60:66:9b:44:6c:11:5d:1b:b7:a0:73:c7:
61:59:1a:7c:c2:02:3a:fb:f2:f3:06:e1:d0:a6:3e:
63:df:b8:f7:00:68:f7:8b:ea:50:92:78:21:cf:6c:
a8:48:2c:68:f9:09:3a:6d:2c:a6:02:d5:95:32:11:
f8:e3:b9:0f:6b:2e:07:d2:4f:d3:9d:64:56:54:1a:
4d:8d:98:b2:76:a7:ad:78:12:f1:6b:ae:9e:36:34:
4b:b3:54:a7:b9:a0:22:d6:84:b0:76:f3:55:7f:3b:
36:12:03:81:9b:0a:94:7f:bf:69:25:91:b2:ba:79:
84:61:0b:64:2c:ba:20:8a:69:c8:74:11:d7:ea:5d:
29:c5:ec:9f:45:0c:13:9c:84:00:ad:a2:27:6c:15:
52:66:36:88:83:25:fb:be:37:5b:f5:3b:8a:e9:3f:
0b:c7:16:c4:70:4c:83:62:32:97:c6:ed:42:11:76:
08:3b:4a:18:e1:38:b6:80:fe:b1:a1:41:8e:3a:94:
20:b8:c1:f3:5c:99:ef:df:ca:4e:b4:02:a8:55:63:
e4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8F:14:18:79:13:4A:AA:B5:8A:C5:85:A7:F3:BB:AE:6F:B0:49:64
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B7463F04F2BC11EF90A18036C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.8.0/23
139.190.11.0/24
139.190.13.0/24
139.190.15.0/24
139.190.17.0/24
139.190.20.0/24
139.190.24.0/22
139.190.30.0-139.190.34.255
139.190.36.0/22
139.190.49.0/24
139.190.68.0/22
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:22:de:ce:f8:34:4e:df:03:b0:a6:80:91:df:d7:29:c1:22:
46:38:b1:9a:d9:d2:f1:31:e0:a5:e6:56:7b:ab:57:8e:e5:14:
06:dd:b0:30:33:47:9f:a3:71:9b:cb:fb:3f:ba:4e:62:f5:0b:
80:eb:1f:36:21:11:e6:a6:39:b5:06:eb:d7:39:8a:ea:95:ae:
81:d2:58:b7:cc:4b:4a:e1:3c:dd:be:a0:72:94:92:ca:19:2e:
58:7b:b1:d4:06:dc:7c:11:d7:48:65:29:eb:9c:b5:3c:58:cb:
5f:0d:4c:4b:7f:5d:b0:4f:39:23:3b:be:7d:92:4e:b9:81:13:
c0:52:d4:fc:11:fa:97:e7:7e:58:68:67:ea:a4:ef:68:01:93:
10:35:f3:43:7a:c5:c6:52:87:1d:14:92:b4:01:d0:98:99:4e:
16:1d:c6:be:f0:b8:d0:9b:bb:76:96:d0:d1:6b:bf:bb:08:7b:
a3:db:05:e9:1e:af:71:72:cd:dd:64:03:52:c6:86:59:7e:c0:
26:98:ec:3f:5b:16:80:24:c2:8a:94:81:50:8f:b2:f4:97:8e:
d2:61:fb:72:a8:df:60:30:ee:a9:fc:f8:07:b4:31:65:da:fa:
74:c2:46:49:53:b8:8c:55:13:c7:6d:08:62:41:b8:1b:cc:8b:
fd:e2:4b:20
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgICDwUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMjI0MTQzNjIxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JjODNlNS1jMDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu/Nk3BcRnUesHPy0H9HVeYi0LwlBqc9i4vMhWxtSMuiKhANmns9oHKJlvuEg
xWRgZptEbBFdG7egc8dhWRp8wgI6+/LzBuHQpj5j37j3AGj3i+pQknghz2yoSCxo
+Qk6bSymAtWVMhH447kPay4H0k/TnWRWVBpNjZiydqeteBLxa66eNjRLs1SnuaAi
1oSwdvNVfzs2EgOBmwqUf79pJZGyunmEYQtkLLogimnIdBHX6l0pxeyfRQwTnIQA
raInbBVSZjaIgyX7vjdb9TuK6T8LxxbEcEyDYjKXxu1CEXYIO0oY4Ti2gP6xoUGO
OpQguMHzXJnv38pOtAKoVWPk0wIDAQABo4IC3zCCAtswHQYDVR0OBBYEFIGPFBh5
E0qqtYrFhafzu65vsElkMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQjc0NjNGMDRG
MkJDMTFFRjkwQTE4MDM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaQYIKwYBBQUHAQcBAf8E
WjBYMFYEAgABMFADBAGLvggDBACLvgsDBACLvg0DBACLvg8DBACLvhEDBACLvhQD
BAKLvhgwDAMEAYu+HgMEAIu+IgMEAou+JAMEAIu+MQMEAou+RAMEAIu+7zANBgkq
hkiG9w0BAQsFAAOCAQEAoiLezvg0Tt8DsKaAkd/XKcEiRjixmtnS8THgpeZWe6tX
juUUBt2wMDNHn6Nxm8v7P7pOYvULgOsfNiER5qY5tQbr1zmK6pWugdJYt8xLSuE8
3b6gcpSSyhkuWHux1AbcfBHXSGUp65y1PFjLXw1MS39dsE85Izu+fZJOuYETwFLU
/BH6l+d+WGhn6qTvaAGTEDXzQ3rFxlKHHRSStAHQmJlOFh3GvvC40Ju7dpbQ0Wu/
uwh7o9sF6R6vcXLN3WQDUsaGWX7AJpjsP1sWgCTCipSBUI+y9JeO0mH7cqjfYDDu
qfz4B7QxZdr6dMJGSVO4jFUTx20IYkG4G8yL/eJLIA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:08:08 2025 by rpki-client