Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/190B6470D03E11ECAE983D56C4F9AE02.roa
File: 190B6470D03E11ECAE983D56C4F9AE02.roa (raw, json)
Hash identifier: JnFkM+eqatiB/FtGJbt120kmkhL8kcYcukbtXP0XrRY=
Subject key identifier: EA:9A:85:52:E6:57:04:9C:85:46:20:81:71:5C:4D:07:70:E3:3C:23
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0AA7
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/190B6470D03E11ECAE983D56C4F9AE02.roa
Signing time: Fri 24 May 2024 22:32:10 +0000
ROA not before: Fri 24 May 2024 22:32:10 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 5089
IP address blocks: 139.190.20.0/22 maxlen: 22
139.190.24.0/22 maxlen: 22
139.190.224.0/21 maxlen: 24
139.190.232.0/24 maxlen: 24
139.190.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 05:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2727 (0xaa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: May 24 22:32:10 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6651156a-ba49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:60:64:47:23:b9:20:34:38:9b:0e:9c:1e:d2:
99:2e:29:21:d1:8e:cb:8b:67:0b:fb:2a:cd:36:c2:
83:7f:18:68:7e:82:0f:88:7b:22:20:09:66:7d:f6:
49:9c:f2:be:f0:cc:a9:ca:a3:52:f1:a1:ad:cf:61:
26:3a:18:eb:c0:29:b3:5a:e2:f4:b8:2c:10:d9:b1:
de:d3:63:3b:de:77:06:59:60:78:b8:ad:0c:89:7e:
e1:c4:ec:06:14:90:0c:4c:15:5b:17:00:b5:6c:25:
50:93:10:25:22:3e:eb:9a:d5:6a:37:84:c3:f9:6c:
a9:8e:6c:a4:05:e4:87:6a:c3:94:67:fd:79:68:f5:
5c:34:32:0a:8c:90:3b:30:9b:5d:c9:2a:f0:2f:23:
5d:7a:d5:b2:b6:32:44:51:b2:8e:e9:79:12:55:f4:
5f:dc:f0:a2:98:87:ea:a4:15:fe:3a:68:d0:e0:3b:
5c:cf:fe:b1:68:ed:55:2d:0f:23:a6:05:fc:1d:5d:
46:20:fb:8d:ce:57:89:16:fb:24:61:d3:47:0a:27:
e2:a2:89:cc:22:a8:a0:52:40:0d:df:c2:77:e7:e5:
2a:00:c0:69:09:fd:03:22:8f:5d:aa:6e:3e:28:31:
35:9c:5e:94:94:dc:48:b7:0c:85:7c:ec:94:ce:22:
52:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:9A:85:52:E6:57:04:9C:85:46:20:81:71:5C:4D:07:70:E3:3C:23
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/190B6470D03E11ECAE983D56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.20.0-139.190.27.255
139.190.224.0-139.190.233.255
Signature Algorithm: sha256WithRSAEncryption
62:9c:79:50:9f:3e:39:69:f7:d8:22:42:f1:9b:86:34:97:53:
88:e2:76:f5:e1:69:7c:6f:d3:ce:42:5e:19:9e:f2:bd:6f:80:
36:a8:6a:53:d0:1d:bd:e3:b3:a6:24:55:d5:81:fa:1a:73:de:
a5:54:54:00:d7:f3:60:16:0c:d4:3a:ba:64:76:5c:69:49:3c:
cb:88:b0:95:ae:71:c9:45:b5:bb:f9:a2:06:97:ae:63:fc:28:
fc:5d:53:06:bc:58:61:c1:61:10:e1:8b:12:30:e4:86:cd:95:
3d:77:46:f2:f8:9a:00:11:4e:47:34:76:8f:33:a3:05:04:29:
44:d0:e8:a6:1e:4e:52:65:36:99:46:5a:5e:47:ca:41:8c:da:
49:e3:33:5c:45:d6:05:df:3c:9b:17:2d:af:30:13:fd:f3:3a:
54:22:ce:31:a8:d4:0b:4a:18:82:15:d3:9c:25:2c:24:9b:f2:
4e:f4:a5:63:78:ab:90:ca:f2:5b:d7:2e:8c:6b:fb:f8:e1:98:
42:0d:a2:ac:54:c3:07:0e:62:5a:39:0b:c4:08:5b:f2:b8:f9:
84:1f:5f:22:3d:c3:08:b8:0d:e8:48:16:4b:71:f8:9d:85:c3:
7f:07:9a:d5:4c:a5:4d:c4:73:97:b5:f8:40:09:18:3f:9d:37:
be:ac:ca:f5
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICCqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwNTI0MjIzMjEwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjUxMTU2YS1iYTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoGBkRyO5IDQ4mw6cHtKZLikh0Y7Li2cL+yrNNsKDfxhofoIPiHsiIAlmffZJ
nPK+8MypyqNS8aGtz2EmOhjrwCmzWuL0uCwQ2bHe02M73ncGWWB4uK0MiX7hxOwG
FJAMTBVbFwC1bCVQkxAlIj7rmtVqN4TD+WypjmykBeSHasOUZ/15aPVcNDIKjJA7
MJtdySrwLyNdetWytjJEUbKO6XkSVfRf3PCimIfqpBX+OmjQ4Dtcz/6xaO1VLQ8j
pgX8HV1GIPuNzleJFvskYdNHCifioonMIqigUkAN38J35+UqAMBpCf0DIo9dqm4+
KDE1nF6UlNxItwyFfOyUziJSOwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFOqahVLm
VwSchUYggXFcTQdw4zwjMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMTkwQjY0NzBE
MDNFMTFFQ0FFOTgzRDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEAou+FAMEAou+GDAMAwQFi77gAwQBi77oMA0GCSqGSIb3
DQEBCwUAA4IBAQBinHlQnz45affYIkLxm4Y0l1OI4nb14Wl8b9POQl4ZnvK9b4A2
qGpT0B2947OmJFXVgfoac96lVFQA1/NgFgzUOrpkdlxpSTzLiLCVrnHJRbW7+aIG
l65j/Cj8XVMGvFhhwWEQ4YsSMOSGzZU9d0by+JoAEU5HNHaPM6MFBClE0OimHk5S
ZTaZRlpeR8pBjNpJ4zNcRdYF3zybFy2vMBP98zpUIs4xqNQLShiCFdOcJSwkm/JO
9KVjeKuQyvJb1y6Ma/v44ZhCDaKsVMMHDmJaOQvECFvyuPmEH18iPcMIuA3oSBZL
cfidhcN/B5rVTKVNxHOXtfhACRg/nTe+rMr1
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:38:52 2025 by rpki-client