Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/198B4C3C29C111F08A05830AC4F9AE02.roa
File: 198B4C3C29C111F08A05830AC4F9AE02.roa (raw, json)
Hash identifier: A+1czOkqV538djtGCIv/gWYO207Ki69cpkLNzaJssv4=
Subject key identifier: BA:54:38:4C:04:88:4A:E6:1D:FD:58:78:3D:95:D0:9E:DB:99:64:55
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 108D
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/198B4C3C29C111F08A05830AC4F9AE02.roa
Signing time: Mon 05 May 2025 14:56:18 +0000
ROA not before: Mon 05 May 2025 14:56:18 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 60721
IP address blocks: 139.190.24.0/22 maxlen: 22
139.190.28.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 May 2025 13:17:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4237 (0x108d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: May 5 14:56:18 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6818d192-1078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8a:1f:38:66:18:48:fe:2d:b2:14:b9:3e:36:
26:17:b2:8b:f9:a1:9d:b5:88:f7:49:a2:29:90:85:
71:fb:8e:9e:60:70:e5:2c:f8:e0:b8:fc:ef:df:33:
c2:ed:70:db:df:a3:c7:e1:f1:7c:b6:68:d9:f8:c0:
10:ed:9c:75:eb:bc:18:da:5e:09:8c:66:ef:0c:f0:
ff:13:25:dc:03:92:30:3d:eb:7e:3e:13:c5:d2:cb:
37:1c:e4:7d:66:64:af:93:36:b9:cf:95:49:ca:1e:
94:eb:a9:16:29:c0:2f:f3:ef:50:da:bb:6d:6a:6b:
5e:f6:68:6d:39:90:00:ab:fb:67:2b:90:08:13:4f:
8f:f1:2c:61:da:d0:34:49:a1:a3:2b:95:c9:ed:1c:
a6:5f:13:2d:2b:df:d9:0d:9c:55:18:7b:74:cb:09:
21:83:9d:a1:d9:59:24:4b:52:e3:8e:ea:62:b4:0e:
fd:be:1b:42:c3:cb:a7:f7:72:5e:f8:d0:72:15:9c:
85:db:30:8b:88:d9:ad:50:14:c1:52:ff:40:77:2d:
52:ba:6b:33:3b:f1:f1:b2:75:b6:41:e3:a5:c8:ac:
de:72:92:19:b8:10:c2:9d:06:e4:fe:a7:0c:ae:a6:
3c:92:1b:d2:5f:b1:b4:17:84:7b:16:62:9a:aa:db:
ab:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:54:38:4C:04:88:4A:E6:1D:FD:58:78:3D:95:D0:9E:DB:99:64:55
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/198B4C3C29C111F08A05830AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.24.0-139.190.28.255
139.190.31.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:05:59:c2:33:8f:21:a1:49:62:ef:f8:05:24:b7:45:be:fe:
57:6e:c9:7f:bc:e9:3e:4d:de:d0:ea:44:63:76:50:ce:24:93:
6c:96:07:46:f6:a2:c9:40:3e:6b:a1:0f:b0:2a:cd:a1:6e:d5:
62:13:c6:76:2b:d3:03:05:86:4f:45:fa:1e:0e:4f:b7:27:7c:
36:f4:b3:14:2b:f0:96:4e:73:94:fa:0b:d7:d5:45:f4:42:b6:
a2:ab:1d:d5:3a:19:a9:3f:70:11:b4:d8:8e:94:91:41:64:1d:
ae:56:ec:85:29:2a:14:87:7f:f7:c3:1e:1b:52:a9:1c:e5:2f:
26:f4:6b:4c:23:0f:cc:c3:7b:72:e9:f6:8a:44:d5:29:e3:7c:
3f:f2:76:08:52:7a:db:0c:93:f7:ea:18:ca:5f:ea:07:be:91:
4f:0c:d0:4d:39:0b:71:44:b7:7c:77:b2:12:62:46:35:f1:ea:
3b:82:df:ba:11:0c:51:bf:99:c1:af:c1:ff:d4:a6:f4:57:a8:
4a:1d:e4:12:7d:5e:0d:c1:ff:71:05:8e:6c:f6:39:56:c8:ef:
01:30:bf:72:e4:f9:f9:37:d5:13:ed:58:a6:a8:6a:36:97:d3:
a5:32:70:91:d2:d0:2a:2f:fc:1c:36:81:66:60:d4:53:e2:55:
5b:a4:d5:e9
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICEI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwNTA1MTQ1NjE4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODE4ZDE5Mi0xMDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvoofOGYYSP4tshS5PjYmF7KL+aGdtYj3SaIpkIVx+46eYHDlLPjguPzv3zPC
7XDb36PH4fF8tmjZ+MAQ7Zx167wY2l4JjGbvDPD/EyXcA5IwPet+PhPF0ss3HOR9
ZmSvkza5z5VJyh6U66kWKcAv8+9Q2rttamte9mhtOZAAq/tnK5AIE0+P8Sxh2tA0
SaGjK5XJ7RymXxMtK9/ZDZxVGHt0ywkhg52h2VkkS1LjjupitA79vhtCw8un93Je
+NByFZyF2zCLiNmtUBTBUv9Ady1SumszO/HxsnW2QeOlyKzecpIZuBDCnQbk/qcM
rqY8khvSX7G0F4R7FmKaqtur3wIDAQABo4ICozCCAp8wHQYDVR0OBBYEFLpUOEwE
iErmHf1YeD2V0J7bmWRVMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMTk4QjRDM0My
OUMxMTFGMDhBMDU4MzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEA4u+GAMEAIu+HAMEAIu+HzANBgkqhkiG9w0BAQsFAAOC
AQEAygVZwjOPIaFJYu/4BSS3Rb7+V27Jf7zpPk3e0OpEY3ZQziSTbJYHRvaiyUA+
a6EPsCrNoW7VYhPGdivTAwWGT0X6Hg5Ptyd8NvSzFCvwlk5zlPoL19VF9EK2oqsd
1ToZqT9wEbTYjpSRQWQdrlbshSkqFId/98MeG1KpHOUvJvRrTCMPzMN7cun2ikTV
KeN8P/J2CFJ62wyT9+oYyl/qB76RTwzQTTkLcUS3fHeyEmJGNfHqO4LfuhEMUb+Z
wa/B/9Sm9FeoSh3kEn1eDcH/cQWObPY5VsjvATC/cuT5+TfVE+1YpqhqNpfTpTJw
kdLQKi/8HDaBZmDUU+JVW6TV6Q==
-----END CERTIFICATE-----
Generated at Wed May 14 06:16:14 2025 by rpki-client