Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1F7C7AACD88711EF97E3E512C4F9AE02.roa
File: 1F7C7AACD88711EF97E3E512C4F9AE02.roa (raw, json)
Hash identifier: vRDkiLUf35nfCIXIkqmobwMESCQFUwdd5lZxzLAAavY=
Subject key identifier: 7C:C6:94:51:50:12:01:86:F8:B3:EB:D2:28:C7:55:A9:B6:89:D8:3B
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0DAC
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1F7C7AACD88711EF97E3E512C4F9AE02.roa
Signing time: Wed 22 Jan 2025 06:07:13 +0000
ROA not before: Wed 22 Jan 2025 06:07:13 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 329007
IP address blocks: 139.190.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 12:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3500 (0xdac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Jan 22 06:07:13 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67908b11-1ee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3d:b0:8b:8d:1d:b7:ff:87:34:f3:fa:b1:66:
a6:37:c5:aa:55:52:fe:64:e5:76:dc:6d:20:92:32:
12:6d:9d:6f:30:26:bb:54:0d:fd:0a:f0:28:d8:33:
d6:3c:18:34:45:cc:84:13:62:ba:b4:f6:0a:f1:c0:
04:36:8b:9d:51:37:6c:41:dd:1b:e1:3e:e8:e5:16:
83:e5:e1:e5:e8:1f:b1:47:69:9f:90:da:87:2a:a1:
5f:68:65:07:9b:04:08:a6:a4:c8:c5:0f:ac:ba:43:
4f:ed:e0:45:9a:ce:16:b5:6b:ac:53:95:3a:10:5b:
75:e6:49:d3:29:29:c1:c2:68:1d:c1:59:01:29:8a:
49:b4:31:c9:6a:34:1d:c7:dc:8d:07:e1:50:4c:fd:
aa:db:3c:40:ef:f2:4a:5f:94:5a:3e:5a:fa:95:05:
07:c7:c5:0c:93:0a:16:4b:f2:ba:6c:1d:f1:be:fb:
6f:9f:82:d0:d1:11:cb:b4:8f:9c:8a:d7:20:8a:06:
e6:e2:d0:8c:2e:be:83:84:38:d2:63:a6:a3:17:44:
f7:a6:f5:11:f4:17:bb:4a:3e:14:99:fd:0b:dc:fe:
68:8d:d0:39:e4:16:81:da:aa:84:2e:6c:56:a9:83:
5d:c1:0c:ab:0a:ef:49:98:68:49:4a:22:b0:3e:16:
f9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C6:94:51:50:12:01:86:F8:B3:EB:D2:28:C7:55:A9:B6:89:D8:3B
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1F7C7AACD88711EF97E3E512C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.11.0/24
Signature Algorithm: sha256WithRSAEncryption
34:3a:c2:75:aa:7e:e8:ad:88:da:bb:78:65:5d:8a:3a:81:19:
32:b8:2f:3f:7b:09:49:76:12:9e:4d:57:c1:0b:1d:77:eb:d6:
5f:d7:46:43:de:87:8a:b2:e4:2c:4e:ba:d8:9e:0b:e2:d6:b2:
65:f9:fc:68:23:4d:98:ea:c4:cc:39:ff:f6:99:98:a2:71:58:
ef:97:e1:2b:58:84:92:e4:da:d3:60:ec:c2:58:e0:ab:1e:7b:
12:f6:e0:f4:5c:6a:96:50:71:e0:c2:b5:be:3e:e2:fc:d8:b6:
6b:21:e3:ad:c7:c1:81:8c:9e:d9:f6:b6:4a:ad:7e:09:f7:d0:
14:f9:1b:ac:e8:e3:a3:83:06:b5:cc:02:65:18:e2:61:54:8a:
76:46:5a:01:80:66:e0:8a:de:60:2d:73:76:98:d7:d4:4b:71:
76:29:28:6a:77:f0:5c:35:4a:fd:37:05:35:b8:66:f1:7b:a8:
b0:8a:51:b4:dc:17:4f:b5:bf:ba:a9:12:7b:5a:40:59:e1:68:
1a:9e:4f:5b:9d:06:4e:78:8b:73:73:c5:0e:b5:0c:91:57:6b:
d4:26:7b:00:72:8d:e6:b0:b7:dc:fc:97:82:2c:6b:08:62:83:
2e:e6:5d:41:91:c5:c2:ec:de:25:e8:e3:01:cd:20:2d:e6:a4:
6f:ce:04:29
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMTIyMDYwNzEzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkwOGIxMS0xZWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArD2wi40dt/+HNPP6sWamN8WqVVL+ZOV23G0gkjISbZ1vMCa7VA39CvAo2DPW
PBg0RcyEE2K6tPYK8cAENoudUTdsQd0b4T7o5RaD5eHl6B+xR2mfkNqHKqFfaGUH
mwQIpqTIxQ+sukNP7eBFms4WtWusU5U6EFt15knTKSnBwmgdwVkBKYpJtDHJajQd
x9yNB+FQTP2q2zxA7/JKX5RaPlr6lQUHx8UMkwoWS/K6bB3xvvtvn4LQ0RHLtI+c
itcgigbm4tCMLr6DhDjSY6ajF0T3pvUR9Be7Sj4Umf0L3P5ojdA55BaB2qqELmxW
qYNdwQyrCu9JmGhJSiKwPhb5QQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHzGlFFQ
EgGG+LPr0ijHVam2idg7MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMUY3QzdBQUNE
ODg3MTFFRjk3RTNFNTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACLvgswDQYJKoZIhvcNAQELBQADggEBADQ6wnWqfuitiNq7
eGVdijqBGTK4Lz97CUl2Ep5NV8ELHXfr1l/XRkPeh4qy5CxOutieC+LWsmX5/Ggj
TZjqxMw5//aZmKJxWO+X4StYhJLk2tNg7MJY4KseexL24PRcapZQceDCtb4+4vzY
tmsh463HwYGMntn2tkqtfgn30BT5G6zo46ODBrXMAmUY4mFUinZGWgGAZuCK3mAt
c3aY19RLcXYpKGp38Fw1Sv03BTW4ZvF7qLCKUbTcF0+1v7qpEntaQFnhaBqeT1ud
Bk54i3NzxQ61DJFXa9QmewByjeawt9z8l4Isawhigy7mXUGRxcLs3iXo4wHNIC3m
pG/OBCk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:44:15 2025 by rpki-client