Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B266255CEDCC11EF8731DD53C4F9AE02.roa
File: B266255CEDCC11EF8731DD53C4F9AE02.roa (raw, json)
Hash identifier: FPl8/HNVtEguwZbEAiZS0v9pj009Ej0K0V47W+Bpuh4=
Subject key identifier: 86:94:2B:ED:F0:8D:42:70:3A:FD:58:1D:70:2A:40:EB:B7:5F:AD:4B
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0EDF
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B266255CEDCC11EF8731DD53C4F9AE02.roa
Signing time: Tue 18 Feb 2025 07:48:09 +0000
ROA not before: Tue 18 Feb 2025 07:48:09 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.9.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.32.0/22 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.48.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.68.0/22 maxlen: 24
139.190.88.0/21 maxlen: 24
139.190.124.0/22 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 07:17:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3807 (0xedf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Feb 18 07:48:09 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67b43b39-ab39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5d:be:2e:74:93:f1:46:06:3d:b7:9f:30:51:
a2:54:6d:78:47:c1:c1:ee:09:f1:0b:f2:85:df:de:
09:cd:51:42:54:e3:69:bd:3f:99:1e:bf:aa:88:f5:
ae:81:0a:ad:08:ea:5d:ef:f1:60:fc:cb:b4:9c:2b:
47:60:1c:59:82:06:15:f3:04:7f:a3:bd:bb:cd:d0:
a9:47:82:73:38:19:b8:7a:5e:ea:63:74:7e:fb:a9:
83:55:7c:fd:b4:ba:95:c4:6c:a1:14:fa:29:20:97:
ef:7e:66:4b:75:ff:50:85:b7:0e:ec:21:e3:34:2e:
85:1e:74:61:a5:26:cd:8d:c1:53:fe:a9:b4:47:87:
76:9b:59:44:db:78:e0:8a:1c:74:27:cd:3a:29:f9:
30:79:76:61:c5:a8:70:51:74:18:eb:8c:dc:8d:52:
01:85:f2:d1:5b:ac:89:c7:40:4e:d1:a0:1a:81:12:
68:46:5a:5e:0b:2e:5b:2b:83:1c:fb:bd:bf:82:5f:
f9:da:73:89:a2:84:54:34:dd:d8:30:27:48:13:f1:
43:29:89:20:64:48:74:2f:fa:28:25:4a:d3:4b:cd:
d7:3f:88:b7:6b:67:3c:f0:49:90:63:78:36:de:84:
33:96:21:8e:02:7b:27:d7:46:ec:09:be:30:84:e9:
42:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:94:2B:ED:F0:8D:42:70:3A:FD:58:1D:70:2A:40:EB:B7:5F:AD:4B
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B266255CEDCC11EF8731DD53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.9.0/24
139.190.11.0/24
139.190.32.0/21
139.190.48.0/21
139.190.68.0/22
139.190.88.0/21
139.190.124.0/22
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
79:c5:31:09:0a:39:ac:d8:6d:7e:70:da:7f:17:76:14:48:d2:
7f:d3:91:d1:44:3e:f7:0b:91:32:64:8d:ac:c6:42:d3:46:46:
af:b5:7a:2d:5a:5e:0e:7a:85:78:ce:9a:94:c9:fe:9c:f4:55:
bc:db:93:74:d9:11:b3:17:3b:f7:28:30:27:e0:59:6e:2a:e0:
12:fe:cf:bc:79:ce:9e:89:2b:6f:03:78:fa:2c:94:67:21:59:
00:b4:4e:14:68:96:73:83:22:51:f5:34:8c:86:31:c6:e0:3f:
6d:ad:5a:6c:b2:69:cf:ff:48:4c:32:e3:2a:aa:f2:92:d2:c6:
26:6d:2f:d7:89:aa:58:90:81:08:34:52:59:50:96:3f:22:65:
25:9c:8e:bf:e4:fa:6c:75:8c:9a:f4:bd:fb:ad:50:1f:36:a6:
71:8f:78:78:5d:91:ab:e4:39:25:f8:a3:c5:4b:b9:15:55:35:
3c:e8:80:f7:90:0c:8a:ed:fd:60:66:a0:42:32:d4:f0:c3:0d:
4b:59:26:73:8d:1d:bf:88:89:54:16:ea:30:ca:9f:87:88:f5:
b8:c0:1b:c4:95:d1:e4:a4:72:e8:b0:6e:5a:91:a2:b3:26:03:
ca:d7:90:62:6b:08:93:dc:22:85:66:0c:1d:77:27:1b:96:5e:
39:f2:2c:f3
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICDt8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMjE4MDc0ODA5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0M2IzOS1hYjM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzF2+LnST8UYGPbefMFGiVG14R8HB7gnxC/KF394JzVFCVONpvT+ZHr+qiPWu
gQqtCOpd7/Fg/Mu0nCtHYBxZggYV8wR/o727zdCpR4JzOBm4el7qY3R++6mDVXz9
tLqVxGyhFPopIJfvfmZLdf9QhbcO7CHjNC6FHnRhpSbNjcFT/qm0R4d2m1lE23jg
ihx0J806KfkweXZhxahwUXQY64zcjVIBhfLRW6yJx0BO0aAagRJoRlpeCy5bK4Mc
+72/gl/52nOJooRUNN3YMCdIE/FDKYkgZEh0L/ooJUrTS83XP4i3a2c88EmQY3g2
3oQzliGOAnsn10bsCb4whOlCEwIDAQABo4ICvzCCArswHQYDVR0OBBYEFIaUK+3w
jUJwOv1YHXAqQOu3X61LMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQjI2NjI1NUNF
RENDMTFFRjg3MzFERDUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBACLvgkDBACLvgsDBAOLviADBAOLvjADBAKLvkQDBAOLvlgD
BAKLvnwDBACLvu8wDQYJKoZIhvcNAQELBQADggEBAHnFMQkKOazYbX5w2n8XdhRI
0n/TkdFEPvcLkTJkjazGQtNGRq+1ei1aXg56hXjOmpTJ/pz0Vbzbk3TZEbMXO/co
MCfgWW4q4BL+z7x5zp6JK28DePoslGchWQC0ThRolnODIlH1NIyGMcbgP22tWmyy
ac//SEwy4yqq8pLSxiZtL9eJqliQgQg0UllQlj8iZSWcjr/k+mx1jJr0vfutUB82
pnGPeHhdkavkOSX4o8VLuRVVNTzogPeQDIrt/WBmoEIy1PDDDUtZJnONHb+IiVQW
6jDKn4eI9bjAG8SV0eSkcuiwblqRorMmA8rXkGJrCJPcIoVmDB13JxuWXjnyLPM=
-----END CERTIFICATE-----
Generated at Tue Feb 25 03:43:17 2025 by rpki-client on console.sobornost.net