Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/85A7464CE40811EDB3805122C4F9AE02.roa
File: 85A7464CE40811EDB3805122C4F9AE02.roa (raw, json)
Hash identifier: R1nsBECysBYb3lPEAvgVoJZpQ7eq+u0r8kzch+zWYm4=
Subject key identifier: 20:47:09:8A:C1:A7:FA:03:1A:FF:50:40:37:41:2D:AA:82:7B:50:AF
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0903
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/85A7464CE40811EDB3805122C4F9AE02.roa
Signing time: Mon 18 Sep 2023 07:53:35 +0000
ROA not before: Mon 18 Sep 2023 07:53:35 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 139.190.36.0/22 maxlen: 24
139.190.40.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.108.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2307 (0x903)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Sep 18 07:53:35 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=650801ff-9009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e6:7a:c6:ac:e6:c1:d4:21:4b:73:84:71:e1:
d7:2c:d4:be:eb:e8:e8:bd:8d:8f:d0:12:c6:bb:c6:
01:e7:07:2d:64:8b:d1:2a:aa:56:7b:69:ca:27:ce:
74:71:51:d7:9f:f3:dc:95:39:c1:00:72:af:93:fd:
3d:82:36:cd:af:48:99:72:bb:ba:88:83:06:ad:81:
1f:c4:d2:5b:ac:c2:7a:de:e7:b2:b8:1c:dc:cc:f0:
7b:f8:83:9d:4d:2f:17:1d:63:de:c8:67:0d:1c:80:
e4:a4:df:70:0e:2f:67:ad:bf:0a:6a:a8:c2:9d:38:
12:10:be:6d:17:4f:f4:a2:03:ed:65:7f:8d:c8:84:
3c:e5:14:14:18:c1:e8:f0:d1:c4:fc:cd:35:31:f5:
3c:b7:39:28:3d:34:46:02:51:a0:2d:f6:b7:ca:67:
f7:a0:f3:27:47:3d:51:b0:72:76:84:5a:da:3a:9e:
f0:1b:00:4c:7e:ed:8e:1b:fb:33:a6:fb:41:01:f4:
ff:6b:6c:fc:1e:cb:e1:e6:d5:7c:6b:d2:bf:4b:c4:
b6:4b:9f:67:ad:f9:9f:c2:35:12:0e:fa:cc:1d:4a:
2e:79:d4:58:1f:cd:99:b8:7c:03:9d:35:6e:67:35:
ba:c5:52:d3:4c:39:c9:01:02:1d:c0:ae:e4:c1:2c:
11:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:47:09:8A:C1:A7:FA:03:1A:FF:50:40:37:41:2D:AA:82:7B:50:AF
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/85A7464CE40811EDB3805122C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.36.0-139.190.43.255
139.190.52.0/22
139.190.108.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:3c:4d:f3:27:b5:ab:83:3b:94:8e:df:dc:6a:eb:f0:0d:83:
43:7d:83:3d:7a:59:14:be:c3:8a:80:e6:87:dd:58:3d:17:3e:
c6:cd:e0:7d:4d:14:c7:6b:2b:ad:b7:e6:80:07:92:79:32:75:
88:dc:59:cd:4f:d2:a2:0f:34:0c:a1:de:f3:4e:de:a8:0e:57:
65:a2:97:7c:a9:ff:52:0d:58:b2:95:37:b8:60:ca:f6:8b:c5:
04:9f:1e:a3:69:d6:ec:33:5b:06:db:b0:05:94:52:38:99:c0:
24:07:55:91:56:b7:8a:55:6e:c8:e4:e6:4d:a7:ed:62:9b:55:
f4:4a:75:3d:89:03:78:98:db:7f:87:d4:9b:22:a6:c6:f1:1f:
f8:41:22:38:b8:cd:d6:65:41:44:78:93:58:d2:db:ce:bb:37:
2c:f2:06:cb:f7:c9:9b:93:2a:ea:39:44:1b:98:99:e6:07:0a:
06:a7:10:32:26:8b:ba:b4:f1:b3:3c:79:56:14:a8:db:f0:6a:
78:13:d2:43:9a:01:0f:5a:52:36:02:b2:32:fd:3a:26:bb:6d:
76:02:8c:4d:f6:26:22:df:a8:0a:89:1a:11:7e:ba:8b:cc:09:
22:ed:26:30:bd:84:3b:23:29:f5:a6:fc:ee:10:52:79:5c:85:
2c:5f:3b:07
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCQMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjMwOTE4MDc1MzM1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA4MDFmZi05MDA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAquZ6xqzmwdQhS3OEceHXLNS+6+jovY2P0BLGu8YB5wctZIvRKqpWe2nKJ850
cVHXn/PclTnBAHKvk/09gjbNr0iZcru6iIMGrYEfxNJbrMJ63ueyuBzczPB7+IOd
TS8XHWPeyGcNHIDkpN9wDi9nrb8KaqjCnTgSEL5tF0/0ogPtZX+NyIQ85RQUGMHo
8NHE/M01MfU8tzkoPTRGAlGgLfa3ymf3oPMnRz1RsHJ2hFraOp7wGwBMfu2OG/sz
pvtBAfT/a2z8Hsvh5tV8a9K/S8S2S59nrfmfwjUSDvrMHUouedRYH82ZuHwDnTVu
ZzW6xVLTTDnJAQIdwK7kwSwRlwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFCBHCYrB
p/oDGv9QQDdBLaqCe1CvMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvODVBNzQ2NENF
NDA4MTFFREIzODA1MTIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAou+JAMEAou+KAMEAou+NAMEAou+bDANBgkqhkiG9w0B
AQsFAAOCAQEAfDxN8ye1q4M7lI7f3Grr8A2DQ32DPXpZFL7DioDmh91YPRc+xs3g
fU0Ux2srrbfmgAeSeTJ1iNxZzU/Sog80DKHe807eqA5XZaKXfKn/Ug1YspU3uGDK
9ovFBJ8eo2nW7DNbBtuwBZRSOJnAJAdVkVa3ilVuyOTmTaftYptV9Ep1PYkDeJjb
f4fUmyKmxvEf+EEiOLjN1mVBRHiTWNLbzrs3LPIGy/fJm5Mq6jlEG5iZ5gcKBqcQ
MiaLurTxszx5VhSo2/BqeBPSQ5oBD1pSNgKyMv06JrttdgKMTfYmIt+oCokaEX66
i8wJIu0mML2EOyMp9ab87hBSeVyFLF87Bw==
-----END CERTIFICATE-----
Generated at Tue Sep 26 05:44:59 2023 by rpki-client on console-fra.rpki-client.org