Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5E33E734160411F0B1C61658C4F9AE02.roa
File: 5E33E734160411F0B1C61658C4F9AE02.roa (raw, json)
Hash identifier: Eg5yp7X0zVgxplD4chBtbbF72viGRkTsedIvqZvapGM=
Subject key identifier: B0:66:8B:F4:35:7E:0F:2A:12:79:4D:72:C7:E9:3B:53:98:DC:FE:4C
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 1079
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5E33E734160411F0B1C61658C4F9AE02.roa
Signing time: Wed 30 Apr 2025 13:44:00 +0000
ROA not before: Wed 30 Apr 2025 13:44:00 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 139.190.13.0/24 maxlen: 24
139.190.15.0/24 maxlen: 24
139.190.17.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.24.0/22 maxlen: 22
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
139.190.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 03:28:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4217 (0x1079)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Apr 30 13:44:00 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=68122920-0df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:26:a6:94:37:36:4a:6b:8c:e2:aa:84:bf:23:
06:15:09:ac:37:53:12:61:a2:05:0e:a3:63:df:70:
b8:0a:89:1e:66:b3:4b:22:46:4b:c0:8b:48:d7:70:
41:a7:af:6c:89:ef:46:99:ce:b8:72:db:aa:b7:71:
c2:a6:25:81:8c:04:6e:8d:8d:95:1f:7f:aa:76:60:
0b:a2:56:84:49:b2:ff:13:0b:7f:e2:b0:a7:f2:6a:
9f:14:04:e1:d6:99:06:74:88:15:89:c7:b1:c6:dd:
19:45:e3:6f:49:29:e7:98:d7:ee:f9:fc:78:8c:5c:
dc:63:a7:d7:91:a9:8b:ca:cb:ea:f6:23:67:41:16:
0e:ee:e3:4e:38:21:aa:5b:3a:dc:1d:cc:93:7b:12:
38:5a:af:f8:af:34:f5:6a:e3:3c:c2:f2:1d:d7:0a:
98:ae:cb:f5:09:46:27:16:8e:0c:87:6e:54:00:29:
48:c3:a0:d5:21:7b:a1:87:bb:94:65:d4:23:67:67:
96:02:48:fd:16:76:fa:c5:88:20:23:c5:4a:39:7d:
dc:a1:07:68:20:90:26:08:0d:eb:ab:b8:93:6c:54:
ea:fd:29:aa:a1:1f:fb:47:ff:1f:e9:d5:cc:4e:e0:
75:2d:d8:28:17:eb:39:cd:b3:d3:1c:b3:96:72:1f:
2f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:66:8B:F4:35:7E:0F:2A:12:79:4D:72:C7:E9:3B:53:98:DC:FE:4C
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5E33E734160411F0B1C61658C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.13.0/24
139.190.15.0/24
139.190.17.0/24
139.190.20.0/24
139.190.24.0/22
139.190.30.0/23
139.190.35.0/24
Signature Algorithm: sha256WithRSAEncryption
57:15:21:71:e3:d3:b4:46:b4:17:07:09:89:09:12:23:f8:7b:
db:83:7f:e7:4f:c2:61:3b:03:f0:ef:72:16:d9:1d:68:c7:a7:
2d:35:86:c7:cd:74:e4:fa:68:c6:fe:ef:d6:ea:58:7f:2f:82:
4c:e0:e9:32:00:19:6c:1b:4f:a6:2c:f2:10:be:49:af:f2:05:
4d:97:9b:7f:d4:4e:5c:98:59:ba:ca:d4:d5:1d:b3:74:d1:38:
66:55:4b:06:7a:4a:d1:39:ce:38:dd:90:9e:58:93:b7:ab:89:
44:e4:a1:b4:f2:d6:60:39:e0:62:1d:d0:b9:b9:66:d0:71:60:
14:21:1a:46:d6:18:5f:59:42:59:5b:29:87:6c:db:42:2f:11:
78:b3:a2:70:62:5d:5a:58:76:ea:2e:2b:2f:1d:c9:4e:57:23:
44:ae:9b:2d:d4:0e:89:97:a5:5d:27:1c:f0:6c:31:5c:cf:e2:
83:e3:26:6e:8b:a1:7d:6d:40:07:3a:09:be:5c:bc:b0:c6:55:
9a:a0:2a:b9:1a:f7:96:64:14:48:c4:12:47:f6:36:0c:e6:ac:
28:1b:16:04:2b:00:c8:3e:3a:a0:19:37:92:9a:d6:0e:6a:ea:
56:0e:ea:04:53:19:4e:85:44:f7:32:ca:0d:89:a4:ba:df:f6:
5a:35:ae:80
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICEHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwNDMwMTM0NDAwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEyMjkyMC0wZGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2yamlDc2SmuM4qqEvyMGFQmsN1MSYaIFDqNj33C4CokeZrNLIkZLwItI13BB
p69sie9Gmc64ctuqt3HCpiWBjARujY2VH3+qdmALolaESbL/Ewt/4rCn8mqfFATh
1pkGdIgVicexxt0ZReNvSSnnmNfu+fx4jFzcY6fXkamLysvq9iNnQRYO7uNOOCGq
WzrcHcyTexI4Wq/4rzT1auM8wvId1wqYrsv1CUYnFo4Mh25UAClIw6DVIXuhh7uU
ZdQjZ2eWAkj9Fnb6xYggI8VKOX3coQdoIJAmCA3rq7iTbFTq/SmqoR/7R/8f6dXM
TuB1LdgoF+s5zbPTHLOWch8vNQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFLBmi/Q1
fg8qEnlNcsfpO1OY3P5MMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNUUzM0U3MzQx
NjA0MTFGMEIxQzYxNjU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBACLvg0DBACLvg8DBACLvhEDBACLvhQDBAKLvhgDBAGLvh4D
BACLviMwDQYJKoZIhvcNAQELBQADggEBAFcVIXHj07RGtBcHCYkJEiP4e9uDf+dP
wmE7A/DvchbZHWjHpy01hsfNdOT6aMb+79bqWH8vgkzg6TIAGWwbT6Ys8hC+Sa/y
BU2Xm3/UTlyYWbrK1NUds3TROGZVSwZ6StE5zjjdkJ5Yk7eriUTkobTy1mA54GId
0Lm5ZtBxYBQhGkbWGF9ZQllbKYds20IvEXizonBiXVpYduouKy8dyU5XI0Sumy3U
DomXpV0nHPBsMVzP4oPjJm6LoX1tQAc6Cb5cvLDGVZqgKrka95ZkFEjEEkf2Ngzm
rCgbFgQrAMg+OqAZN5Ka1g5q6lYO6gRTGU6FRPcyyg2JpLrf9lo1roA=
-----END CERTIFICATE-----
Generated at Wed May 14 09:27:06 2025 by rpki-client