Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1B7BBE5ECF4511EF8627B15BC4F9AE02.roa
File: 1B7BBE5ECF4511EF8627B15BC4F9AE02.roa (raw, json)
Hash identifier: YKgVi36iJflT0GmCWzGoHJ1YedvFubUvsjjHCLuCKO4=
Subject key identifier: 35:A9:14:7F:27:B9:EF:56:E7:3E:E2:1F:0E:46:0A:2D:3C:9A:1C:AB
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0D28
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1B7BBE5ECF4511EF8627B15BC4F9AE02.roa
Signing time: Fri 10 Jan 2025 11:21:59 +0000
ROA not before: Fri 10 Jan 2025 11:21:59 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 214111
IP address blocks: 139.190.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 05:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3368 (0xd28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Jan 10 11:21:59 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=678102d7-8049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:aa:09:84:b6:97:76:43:42:e2:64:72:45:8b:
4d:c2:1a:e2:97:fd:46:ec:bb:5d:cb:6f:ed:dc:19:
41:55:67:d3:6d:da:d6:bf:3c:e3:12:53:fb:3c:b6:
54:ff:06:af:b9:28:e1:f7:e4:12:33:ba:d7:30:d4:
c4:63:c6:a8:7f:02:20:30:23:7f:77:e9:40:9f:58:
0b:29:46:78:23:c6:36:fc:8c:05:07:71:30:f9:34:
00:47:eb:6e:86:48:1d:53:29:49:90:96:ad:7e:53:
21:2c:32:1d:8d:7b:cf:a4:5a:e4:0b:df:44:10:db:
b1:df:f1:c6:4b:61:e1:7c:6e:ed:50:d3:71:61:40:
6e:3e:f8:38:84:6a:d6:d1:1f:12:bd:f4:2e:90:ee:
91:6e:b7:37:9b:ac:44:64:e8:87:f7:45:a8:c1:53:
1e:5b:68:93:25:65:94:36:94:69:8a:e7:3a:ab:df:
65:e9:5f:d8:37:82:e2:b5:e5:84:8b:8e:05:37:7f:
6d:bf:82:8a:45:e0:db:92:4f:58:1b:bc:11:ce:cf:
4e:e8:e1:92:49:03:65:d8:b8:4d:b9:e0:9e:66:03:
e2:f2:e4:fb:ee:a0:ed:e2:a1:a7:3f:81:3b:1e:5f:
6b:ae:9b:c6:2f:51:71:c7:fc:19:9f:48:d9:f3:66:
db:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A9:14:7F:27:B9:EF:56:E7:3E:E2:1F:0E:46:0A:2D:3C:9A:1C:AB
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1B7BBE5ECF4511EF8627B15BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.80.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:e7:4e:88:07:a4:ae:bc:53:9f:ab:ab:a7:8c:99:f4:56:b0:
b3:04:86:6a:c3:9b:10:06:3c:21:24:a5:8c:9d:00:b2:1b:c6:
a8:e0:5b:a2:e6:a6:0a:21:a2:76:4c:ce:81:73:22:66:2b:cc:
c7:92:62:bf:88:68:29:a5:c4:b9:5b:8d:d5:1b:74:5a:b3:e4:
60:07:70:2d:ba:78:0e:53:d9:25:fb:ba:80:99:51:45:9e:17:
c4:bc:7b:4c:f9:af:62:e5:e8:24:6b:80:2a:ec:7c:66:84:74:
ae:83:a6:02:b5:45:f2:77:37:35:37:6b:f2:ac:a1:65:2f:33:
88:d9:03:b6:bc:eb:8f:29:3a:24:49:b6:d7:d3:1a:b6:ef:5e:
4b:01:f5:ab:94:e4:ab:c7:52:c7:0e:9b:34:a1:4f:5a:37:9d:
f5:b7:1a:32:5f:d3:98:c0:10:39:7c:c4:0e:80:0f:32:b9:ef:
10:52:4d:04:83:e7:5a:64:4b:21:65:88:70:99:7a:63:ea:d7:
58:20:b5:c2:c0:6b:54:f9:68:4e:f1:c3:ef:53:eb:72:7b:2a:
6d:e2:7a:0c:46:b4:0b:8d:58:d8:ab:da:6e:f6:85:d4:3c:46:
04:0c:17:87:55:09:45:50:02:c3:44:e2:d6:bb:af:aa:e8:28:
06:01:27:12
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDSgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMTEwMTEyMTU5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzgxMDJkNy04MDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxKoJhLaXdkNC4mRyRYtNwhril/1G7Ltdy2/t3BlBVWfTbdrWvzzjElP7PLZU
/wavuSjh9+QSM7rXMNTEY8aofwIgMCN/d+lAn1gLKUZ4I8Y2/IwFB3Ew+TQAR+tu
hkgdUylJkJatflMhLDIdjXvPpFrkC99EENux3/HGS2HhfG7tUNNxYUBuPvg4hGrW
0R8SvfQukO6Rbrc3m6xEZOiH90WowVMeW2iTJWWUNpRpiuc6q99l6V/YN4LiteWE
i44FN39tv4KKReDbkk9YG7wRzs9O6OGSSQNl2LhNueCeZgPi8uT77qDt4qGnP4E7
Hl9rrpvGL1Fxx/wZn0jZ82bbbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDWpFH8n
ue9W5z7iHw5GCi08mhyrMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMUI3QkJFNUVD
RjQ1MTFFRjg2MjdCMTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACLvlAwDQYJKoZIhvcNAQELBQADggEBAKjnTogHpK68U5+r
q6eMmfRWsLMEhmrDmxAGPCEkpYydALIbxqjgW6LmpgohonZMzoFzImYrzMeSYr+I
aCmlxLlbjdUbdFqz5GAHcC26eA5T2SX7uoCZUUWeF8S8e0z5r2Ll6CRrgCrsfGaE
dK6DpgK1RfJ3NzU3a/KsoWUvM4jZA7a8648pOiRJttfTGrbvXksB9auU5KvHUscO
mzShT1o3nfW3GjJf05jAEDl8xA6ADzK57xBSTQSD51pkSyFliHCZemPq11ggtcLA
a1T5aE7xw+9T63J7Km3iegxGtAuNWNir2m72hdQ8RgQMF4dVCUVQAsNE4ta7r6ro
KAYBJxI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:42:40 2025 by rpki-client