Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1C3F0AF8CF4511EF8627B15BC4F9AE02.roa
File: 1C3F0AF8CF4511EF8627B15BC4F9AE02.roa (raw, json)
Hash identifier: kB481EQBLek1DRQRfz7ae9eMyoJBBREdMSBQAPRAauY=
Subject key identifier: 26:16:5E:F0:4A:AC:52:3E:D1:77:12:DD:54:EF:40:10:FE:70:3F:55
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0D2D
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1C3F0AF8CF4511EF8627B15BC4F9AE02.roa
Signing time: Mon 13 Jan 2025 05:00:36 +0000
ROA not before: Mon 13 Jan 2025 05:00:36 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.0.0/24 maxlen: 24
139.190.1.0/24 maxlen: 24
139.190.2.0/24 maxlen: 24
139.190.3.0/24 maxlen: 24
139.190.4.0/24 maxlen: 24
139.190.5.0/24 maxlen: 24
139.190.6.0/24 maxlen: 24
139.190.7.0/24 maxlen: 24
139.190.9.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.21.0/24 maxlen: 24
139.190.22.0/24 maxlen: 24
139.190.23.0/24 maxlen: 24
139.190.24.0/24 maxlen: 24
139.190.25.0/24 maxlen: 24
139.190.26.0/24 maxlen: 24
139.190.27.0/24 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.32.0/21 maxlen: 24
139.190.40.0/24 maxlen: 24
139.190.41.0/24 maxlen: 24
139.190.42.0/24 maxlen: 24
139.190.43.0/24 maxlen: 24
139.190.44.0/24 maxlen: 24
139.190.45.0/24 maxlen: 24
139.190.46.0/24 maxlen: 24
139.190.47.0/24 maxlen: 24
139.190.48.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.56.0/22 maxlen: 24
139.190.60.0/24 maxlen: 24
139.190.61.0/24 maxlen: 24
139.190.62.0/24 maxlen: 24
139.190.63.0/24 maxlen: 24
139.190.68.0/22 maxlen: 24
139.190.80.0/24 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.124.0/22 maxlen: 24
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 05:13:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3373 (0xd2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Jan 13 05:00:36 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67849df3-e000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:80:44:ce:06:db:46:b0:9b:71:8a:c1:6f:d4:
1a:e8:72:fa:d9:f9:ac:19:b3:78:41:1c:83:da:5e:
4a:23:ff:1b:82:91:0e:40:d3:6b:85:0a:3c:7a:30:
ff:ec:3f:07:fc:34:5d:98:dd:b1:0c:f9:0c:13:59:
b2:64:54:ec:84:7d:bd:26:83:13:53:8f:79:68:3a:
3d:4c:1a:aa:5f:18:4d:86:ee:2b:1f:7a:85:69:81:
25:a9:4f:c8:50:d1:83:dd:5a:9a:89:4c:3d:dc:b1:
6a:a2:9a:35:1d:f0:e7:68:a5:ff:23:f3:79:6b:53:
d0:39:ef:7f:eb:7f:1a:53:69:df:dc:f2:d5:fa:43:
de:8d:11:c8:c6:f2:71:3d:ff:dc:ff:38:b8:85:3e:
66:ec:04:d9:ec:58:82:f7:d1:19:8c:63:ca:76:42:
49:70:d0:8c:e6:f5:51:29:4d:78:dd:e1:3e:d1:10:
b3:fa:c1:9f:18:45:e7:55:df:5e:fc:7c:c0:84:30:
9f:2e:76:06:ac:f7:9d:88:87:dd:8a:2d:70:57:e5:
e8:be:00:58:a8:f6:8f:b5:3c:d3:9b:67:04:02:30:
f7:21:01:ed:d5:4a:0b:be:9f:20:56:48:22:c0:9e:
c4:29:1e:2e:be:57:e0:d9:39:f8:1e:f4:5e:14:56:
db:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:16:5E:F0:4A:AC:52:3E:D1:77:12:DD:54:EF:40:10:FE:70:3F:55
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1C3F0AF8CF4511EF8627B15BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/21
139.190.9.0/24
139.190.19.0/24
139.190.21.0-139.190.27.255
139.190.29.0/24
139.190.32.0/19
139.190.68.0/22
139.190.80.0/24
139.190.88.0/21
139.190.124.0/22
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
98:16:84:99:2c:90:6b:e1:43:34:68:a9:7a:a3:4d:d9:6d:46:
16:fa:92:c8:dc:74:a9:d5:10:d4:ac:db:9a:2d:17:4e:5e:e7:
c9:73:f4:1a:31:23:db:2a:ab:55:33:54:c9:af:5c:b4:96:c7:
ae:9a:97:ac:26:f0:18:57:c5:08:14:b7:a8:21:4f:89:cb:f1:
52:18:1a:4b:43:a7:57:0b:17:69:57:71:d1:f5:ef:1a:27:d3:
c1:e4:d7:4e:52:74:42:8c:ad:f4:50:7d:bc:b3:03:d8:d1:b2:
d3:f5:58:f7:e8:cc:ce:71:0c:28:38:16:4f:84:6c:53:f1:93:
a8:5b:39:dd:1d:7a:73:37:e3:4b:96:bc:7e:43:e8:0b:7f:a6:
5f:3b:47:0d:8a:bb:b2:da:84:8a:b8:9c:ab:3a:cd:83:63:c5:
1c:e6:8b:5d:de:ca:64:98:dd:19:bb:1a:6e:f6:df:60:e1:4d:
be:26:fc:3a:e3:33:f7:3c:69:90:6d:2b:78:7e:ad:cb:30:cc:
31:df:23:05:ae:2b:97:03:7f:d4:be:52:20:21:7c:a3:1e:a1:
19:ca:f2:d9:ca:98:dc:3f:55:30:ec:68:95:9a:2d:90:35:a8:
38:d3:3e:2d:02:ab:f7:25:c5:45:dd:de:dd:c8:d6:7a:3d:75:
4e:5d:f0:06
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgICDS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMTEzMDUwMDM2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg0OWRmMy1lMDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt4BEzgbbRrCbcYrBb9Qa6HL62fmsGbN4QRyD2l5KI/8bgpEOQNNrhQo8ejD/
7D8H/DRdmN2xDPkME1myZFTshH29JoMTU495aDo9TBqqXxhNhu4rH3qFaYElqU/I
UNGD3VqaiUw93LFqopo1HfDnaKX/I/N5a1PQOe9/638aU2nf3PLV+kPejRHIxvJx
Pf/c/zi4hT5m7ATZ7FiC99EZjGPKdkJJcNCM5vVRKU143eE+0RCz+sGfGEXnVd9e
/HzAhDCfLnYGrPediIfdii1wV+XovgBYqPaPtTzTm2cEAjD3IQHt1UoLvp8gVkgi
wJ7EKR4uvlfg2Tn4HvReFFbbrQIDAQABo4IC3zCCAtswHQYDVR0OBBYEFCYWXvBK
rFI+0XcS3VTvQBD+cD9VMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMUMzRjBBRjhD
RjQ1MTFFRjg2MjdCMTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaQYIKwYBBQUHAQcBAf8E
WjBYMFYEAgABMFADBAOLvgADBACLvgkDBACLvhMwDAMEAIu+FQMEAou+GAMEAIu+
HQMEBYu+IAMEAou+RAMEAIu+UAMEA4u+WAMEAou+fAMEAIu+6wMEAYu+7jANBgkq
hkiG9w0BAQsFAAOCAQEAmBaEmSyQa+FDNGipeqNN2W1GFvqSyNx0qdUQ1Kzbmi0X
Tl7nyXP0GjEj2yqrVTNUya9ctJbHrpqXrCbwGFfFCBS3qCFPicvxUhgaS0OnVwsX
aVdx0fXvGifTweTXTlJ0Qoyt9FB9vLMD2NGy0/VY9+jMznEMKDgWT4RsU/GTqFs5
3R16czfjS5a8fkPoC3+mXztHDYq7stqEiricqzrNg2PFHOaLXd7KZJjdGbsabvbf
YOFNvib8OuMz9zxpkG0reH6tyzDMMd8jBa4rlwN/1L5SICF8ox6hGcry2cqY3D9V
MOxolZotkDWoONM+LQKr9yXFRd3e3cjWej11Tl3wBg==
-----END CERTIFICATE-----
Generated at Mon Jan 13 09:29:58 2025 by rpki-client on console.sobornost.net