Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/285D206C19F111F08D2D3E50C4F9AE02.roa
File: 285D206C19F111F08D2D3E50C4F9AE02.roa (raw, json)
Hash identifier: /C0Hsg06Ema+kuGgCzWfJ5n5SvAF/umV/F30XiclP9o=
Subject key identifier: AD:B8:16:55:C5:A0:A5:CE:E6:D9:37:56:CE:95:56:4D:C4:29:BB:14
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 105B
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/285D206C19F111F08D2D3E50C4F9AE02.roa
Signing time: Mon 28 Apr 2025 07:42:54 +0000
ROA not before: Mon 28 Apr 2025 07:42:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.9.0/24 maxlen: 24
139.190.10.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.12.0/24 maxlen: 24
139.190.13.0/24 maxlen: 24
139.190.14.0/24 maxlen: 24
139.190.15.0/24 maxlen: 24
139.190.17.0/24 maxlen: 24
139.190.18.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.21.0/24 maxlen: 24
139.190.22.0/24 maxlen: 24
139.190.23.0/24 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.28.0/24 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
139.190.32.0/24 maxlen: 24
139.190.33.0/24 maxlen: 24
139.190.34.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.48.0/24 maxlen: 24
139.190.49.0/24 maxlen: 24
139.190.50.0/24 maxlen: 24
139.190.51.0/24 maxlen: 24
139.190.52.0/24 maxlen: 24
139.190.53.0/24 maxlen: 24
139.190.54.0/24 maxlen: 24
139.190.68.0/24 maxlen: 24
139.190.69.0/24 maxlen: 24
139.190.70.0/24 maxlen: 24
139.190.71.0/24 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.124.0/22 maxlen: 22
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 13:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4187 (0x105b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Apr 28 07:42:54 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=680f317d-8164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:06:3b:65:5a:a9:0d:68:94:9c:09:b5:cb:5b:
35:60:0f:94:29:20:9a:d0:64:49:b6:8f:6f:75:30:
1c:97:61:72:e5:73:88:62:ad:1b:d4:9f:53:4a:82:
46:7d:1f:97:b8:99:f3:45:6a:fe:ca:38:f9:93:d9:
1a:df:4c:8d:c4:23:d0:40:b2:79:72:97:0d:43:65:
ec:eb:e0:60:f8:d8:4e:89:27:8e:11:1d:3e:0a:e7:
84:93:8d:fd:46:0b:45:4a:dc:64:42:99:bd:bf:32:
fd:63:4f:2a:d6:cd:2e:e0:a4:f4:14:c0:e1:d3:59:
af:79:55:15:b1:9d:9b:e3:e9:49:fd:c3:0a:1e:35:
78:1a:39:3b:a7:79:8e:d5:cb:84:ea:41:32:ea:6e:
7b:38:1a:2d:c4:8f:53:70:de:e2:05:60:24:7a:49:
32:27:5c:71:80:73:66:9d:f8:bd:37:4d:10:75:9f:
94:87:5f:9c:28:2e:38:4e:ac:85:f1:5c:b2:3b:dd:
38:1a:cd:54:0a:c1:b6:74:2a:7d:37:a2:bd:dc:71:
f4:27:7a:fd:84:3b:71:b3:1e:85:66:1a:82:38:b0:
7d:cd:8c:39:81:7f:1e:ec:99:f0:70:70:8f:9a:8d:
fe:a0:f7:a9:fa:61:b8:b6:1b:36:24:14:e8:6e:6c:
a5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B8:16:55:C5:A0:A5:CE:E6:D9:37:56:CE:95:56:4D:C4:29:BB:14
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/285D206C19F111F08D2D3E50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.9.0-139.190.15.255
139.190.17.0-139.190.34.255
139.190.36.0/22
139.190.48.0-139.190.54.255
139.190.68.0/22
139.190.88.0/21
139.190.124.0/22
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
54:5c:e6:07:b2:89:56:fe:5f:ba:45:58:f0:d6:81:91:f3:bf:
eb:f4:19:73:f9:86:b5:13:a1:1a:b0:74:6a:35:63:dc:61:6f:
7e:0c:c7:8c:5e:7b:e7:9c:ba:c4:ef:dc:b2:c0:88:61:3a:45:
dd:ef:16:e8:97:01:03:df:80:03:41:42:22:d3:b4:b8:da:ad:
14:6b:4e:02:63:55:dc:a9:4e:fd:bf:2f:9b:95:84:9c:94:92:
e1:57:03:c3:a9:b2:d9:3b:5d:5b:7e:4f:c5:7b:f3:e2:7b:a0:
aa:4f:2e:4c:43:0b:84:c9:70:c3:af:4d:5b:f3:30:05:ad:6a:
f8:ee:cb:d1:fe:ad:f9:3f:47:fa:2c:c8:ce:49:7e:1f:f6:75:
b3:08:1f:41:0a:a2:63:ee:73:9e:d0:21:29:e6:25:7e:fd:60:
05:fd:64:97:1c:3b:20:df:31:63:35:4e:ca:03:b3:16:d8:49:
aa:09:92:f1:47:ba:71:53:8b:d9:69:9c:1d:0a:d0:a5:60:a6:
b2:7e:88:98:2b:45:ff:3e:4c:d5:2c:a9:2e:17:fa:dc:1c:8d:
95:b3:27:3e:c6:0a:c2:69:97:43:be:a1:04:f0:f5:3e:21:8a:
d3:89:14:b0:a2:5a:11:c0:31:f2:10:d2:86:73:b8:87:90:b8:
07:ea:78:e2
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICEFswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwNDI4MDc0MjU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODBmMzE3ZC04MTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwQY7ZVqpDWiUnAm1y1s1YA+UKSCa0GRJto9vdTAcl2Fy5XOIYq0b1J9TSoJG
fR+XuJnzRWr+yjj5k9ka30yNxCPQQLJ5cpcNQ2Xs6+Bg+NhOiSeOER0+CueEk439
RgtFStxkQpm9vzL9Y08q1s0u4KT0FMDh01mveVUVsZ2b4+lJ/cMKHjV4Gjk7p3mO
1cuE6kEy6m57OBotxI9TcN7iBWAkekkyJ1xxgHNmnfi9N00QdZ+Uh1+cKC44TqyF
8VyyO904Gs1UCsG2dCp9N6K93HH0J3r9hDtxsx6FZhqCOLB9zYw5gX8e7JnwcHCP
mo3+oPep+mG4ths2JBTobmylLQIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFK24FlXF
oKXO5tk3Vs6VVk3EKbsUMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMjg1RDIwNkMx
OUYxMTFGMDhEMkQzRTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMFQEAgABME4wDAMEAIu+CQMEBIu+ADAMAwQAi74RAwQAi74iAwQCi74kMAwD
BASLvjADBACLvjYDBAKLvkQDBAOLvlgDBAKLvnwDBACLvusDBAGLvu4wDQYJKoZI
hvcNAQELBQADggEBAFRc5geyiVb+X7pFWPDWgZHzv+v0GXP5hrUToRqwdGo1Y9xh
b34Mx4xee+ecusTv3LLAiGE6Rd3vFuiXAQPfgANBQiLTtLjarRRrTgJjVdypTv2/
L5uVhJyUkuFXA8Opstk7XVt+T8V78+J7oKpPLkxDC4TJcMOvTVvzMAWtavjuy9H+
rfk/R/osyM5Jfh/2dbMIH0EKomPuc57QISnmJX79YAX9ZJccOyDfMWM1TsoDsxbY
SaoJkvFHunFTi9lpnB0K0KVgprJ+iJgrRf8+TNUsqS4X+twcjZWzJz7GCsJpl0O+
oQTw9T4hitOJFLCiWhHAMfIQ0oZzuIeQuAfqeOI=
-----END CERTIFICATE-----
Generated at Wed May 14 05:56:13 2025 by rpki-client