Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/BECCEE6E2A2D11F09683B13FC4F9AE02.roa
File: BECCEE6E2A2D11F09683B13FC4F9AE02.roa (raw, json)
Hash identifier: caj1OyfV7MU4RVQbh9YJvOX48QIkmtrHVAq/iG3jpCE=
Subject key identifier: B6:AE:AE:3B:B6:71:0C:8A:90:62:A3:9E:6E:C5:20:CE:B9:6C:F3:E5
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 109C
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/BECCEE6E2A2D11F09683B13FC4F9AE02.roa
Signing time: Tue 06 May 2025 05:31:08 +0000
ROA not before: Tue 06 May 2025 05:31:08 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.0.0/24 maxlen: 24
139.190.2.0/24 maxlen: 24
139.190.4.0/22 maxlen: 24
139.190.9.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.21.0/24 maxlen: 24
139.190.22.0/24 maxlen: 24
139.190.23.0/24 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.32.0/24 maxlen: 24
139.190.33.0/24 maxlen: 24
139.190.34.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.48.0/24 maxlen: 24
139.190.49.0/24 maxlen: 24
139.190.50.0/24 maxlen: 24
139.190.51.0/24 maxlen: 24
139.190.52.0/24 maxlen: 24
139.190.53.0/24 maxlen: 24
139.190.54.0/24 maxlen: 24
139.190.68.0/24 maxlen: 24
139.190.69.0/24 maxlen: 24
139.190.70.0/24 maxlen: 24
139.190.71.0/24 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 11:18:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4252 (0x109c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: May 6 05:31:08 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=68199e9c-e86c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1f:00:13:4a:a0:c5:ac:e9:dc:55:84:63:8f:
c0:c8:06:ab:c1:41:2c:87:8a:7e:be:87:fc:35:70:
3c:23:2b:bf:bc:9d:0c:51:d3:68:74:fd:d4:4b:6e:
9e:e3:a8:20:ac:e3:f8:4a:c4:b8:4d:bb:02:67:55:
a0:51:64:55:4c:57:7d:86:25:5f:21:71:e5:f4:fb:
f3:14:20:4d:67:ae:77:b1:71:c7:89:3e:37:10:15:
cc:a9:a6:5d:96:07:7e:06:c2:b6:8f:11:5a:48:2a:
aa:b5:22:2d:8f:db:8a:a4:9d:5f:d5:b5:91:65:37:
7e:aa:15:8a:9b:62:15:5a:cc:86:25:22:74:b2:10:
e2:56:b5:0e:2b:87:6f:81:88:2d:0d:7d:92:27:b7:
55:27:67:2c:e2:ec:da:a0:ac:57:83:ad:e2:0a:c1:
8c:8f:e9:01:9b:f9:45:a7:6c:6e:6f:9d:08:1b:73:
b0:99:45:f1:61:a2:ea:a8:87:d4:2b:99:55:26:5c:
af:c3:66:c1:18:91:c2:59:be:c7:3f:ff:66:79:a7:
f1:d6:85:13:3a:f0:e3:db:11:84:77:21:8e:37:bf:
24:4a:cd:09:1d:ef:a9:ec:42:cf:68:32:e0:ff:41:
d5:19:b1:1b:e7:46:7d:b3:b9:06:0a:81:0d:40:2c:
31:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AE:AE:3B:B6:71:0C:8A:90:62:A3:9E:6E:C5:20:CE:B9:6C:F3:E5
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/BECCEE6E2A2D11F09683B13FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/24
139.190.2.0/24
139.190.4.0/22
139.190.9.0/24
139.190.19.0/24
139.190.21.0-139.190.23.255
139.190.29.0/24
139.190.32.0-139.190.34.255
139.190.36.0/22
139.190.48.0-139.190.54.255
139.190.68.0/22
139.190.88.0/21
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:61:d9:8d:8b:bd:96:11:b0:f1:eb:d7:4f:df:95:93:e5:a3:
5e:a8:b3:4e:fd:58:09:f2:2d:d3:3c:fe:7b:ea:85:6c:39:27:
4e:e2:13:1c:b0:a8:69:63:a2:df:54:ae:22:2e:62:e4:b6:31:
29:7f:fb:0a:49:8d:cc:44:73:bc:ed:34:0e:23:3c:59:af:9f:
fd:1e:64:b4:21:6f:79:5d:5f:dd:fb:e9:cd:ca:25:ac:f0:a0:
ed:d7:9d:0a:3c:aa:cc:42:ea:aa:4e:5d:7d:7c:be:0e:19:08:
93:5e:e3:30:14:15:fb:52:02:64:5e:2f:fb:bc:9d:08:6f:4b:
4f:b8:3f:74:0f:a0:2a:20:3d:c9:0b:78:57:98:9d:ca:5a:fa:
b5:a6:3b:0e:06:b9:00:03:7c:67:42:cb:79:ff:b1:c6:b4:95:
0f:07:2a:35:06:2e:b3:b4:b6:79:50:a8:3e:d8:7a:f6:20:f6:
a3:fe:9c:e7:78:33:85:7f:6f:01:2e:19:a2:74:39:51:4c:7c:
68:38:59:f9:17:f8:e3:e9:bf:76:3d:2e:67:c1:f9:e5:ef:1a:
73:de:a7:dc:47:69:0e:bb:d9:57:44:1a:7b:89:f0:ae:5a:d4:
cb:00:48:cc:e7:3c:4a:82:a8:f8:2d:66:85:19:71:d5:e1:f3:
d4:d8:11:f2
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgICEJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwNTA2MDUzMTA4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODE5OWU5Yy1lODZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzh8AE0qgxazp3FWEY4/AyAarwUEsh4p+vof8NXA8Iyu/vJ0MUdNodP3US26e
46ggrOP4SsS4TbsCZ1WgUWRVTFd9hiVfIXHl9PvzFCBNZ653sXHHiT43EBXMqaZd
lgd+BsK2jxFaSCqqtSItj9uKpJ1f1bWRZTd+qhWKm2IVWsyGJSJ0shDiVrUOK4dv
gYgtDX2SJ7dVJ2cs4uzaoKxXg63iCsGMj+kBm/lFp2xub50IG3OwmUXxYaLqqIfU
K5lVJlyvw2bBGJHCWb7HP/9meafx1oUTOvDj2xGEdyGON78kSs0JHe+p7ELPaDLg
/0HVGbEb50Z9s7kGCoENQCwx+QIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFLaurju2
cQyKkGKjnm7FIM65bPPlMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQkVDQ0VFNkUy
QTJEMTFGMDk2ODNCMTNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYUGCCsGAQUFBwEHAQH/
BHYwdDByBAIAATBsAwQAi74AAwQAi74CAwQCi74EAwQAi74JAwQAi74TMAwDBACL
vhUDBAOLvhADBACLvh0wDAMEBYu+IAMEAIu+IgMEAou+JDAMAwQEi74wAwQAi742
AwQCi75EAwQDi75YAwQAi77rAwQBi77uMA0GCSqGSIb3DQEBCwUAA4IBAQC0YdmN
i72WEbDx69dP35WT5aNeqLNO/VgJ8i3TPP576oVsOSdO4hMcsKhpY6LfVK4iLmLk
tjEpf/sKSY3MRHO87TQOIzxZr5/9HmS0IW95XV/d++nNyiWs8KDt150KPKrMQuqq
Tl19fL4OGQiTXuMwFBX7UgJkXi/7vJ0Ib0tPuD90D6AqID3JC3hXmJ3KWvq1pjsO
BrkAA3xnQst5/7HGtJUPByo1Bi6ztLZ5UKg+2Hr2IPaj/pzneDOFf28BLhmidDlR
THxoOFn5F/jj6b92PS5nwfnl7xpz3qfcR2kOu9lXRBp7ifCuWtTLAEjM5zxKgqj4
LWaFGXHV4fPU2BHy
-----END CERTIFICATE-----
Generated at Wed May 14 05:59:42 2025 by rpki-client