Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/35E4224817FF11EFB9509066C4F9AE02.roa
File: 35E4224817FF11EFB9509066C4F9AE02.roa (raw, json)
Hash identifier: Sa7lcIhOL0SRJP0VPUbWjNl05x16mNo0yOrUzkCxryI=
Subject key identifier: 35:90:33:4A:11:87:ED:5C:8C:81:F8:C4:49:F5:E4:16:8B:29:C0:07
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0AA5
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/35E4224817FF11EFB9509066C4F9AE02.roa
Signing time: Fri 24 May 2024 22:32:08 +0000
ROA not before: Fri 24 May 2024 22:32:08 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 139.190.0.0/22 maxlen: 22
139.190.8.0/22 maxlen: 22
139.190.12.0/22 maxlen: 22
139.190.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 04 Sep 2024 05:23:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2725 (0xaa5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: May 24 22:32:08 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66511568-97ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b1:ac:33:f3:ae:2a:22:c7:69:63:1b:77:67:
fa:66:19:64:84:f0:1d:e1:97:2f:a1:30:54:09:3d:
2c:fc:91:1d:db:5a:36:33:59:1e:26:1f:6a:3b:35:
77:50:22:75:fa:74:56:bb:d3:f4:cc:e1:1a:1a:4d:
e8:0d:4a:2b:d9:f2:49:6c:80:0c:85:5e:bd:0f:10:
32:62:61:12:bc:41:bd:23:5e:e1:f0:6b:01:3d:55:
d2:13:ba:70:75:f4:dc:23:26:6c:b1:f3:15:85:7f:
2b:af:b2:60:67:02:b0:d9:de:41:19:61:40:fd:a5:
0a:3d:3f:55:57:93:55:95:3f:96:74:8c:b3:11:bd:
6b:d3:22:ea:e8:c6:85:8c:dd:62:20:17:0d:c9:2e:
d4:f9:76:d8:e8:00:81:b6:ed:e9:0b:a9:b9:46:de:
74:e6:40:f2:86:2d:e3:ab:79:4b:3c:3d:d1:33:c0:
27:33:2a:d1:a3:98:b9:4f:b1:57:fb:dc:cc:fa:a7:
78:5c:52:08:ca:39:ce:3d:42:c4:d8:d2:f5:19:f2:
1e:fe:2e:c0:91:30:7a:2a:92:ac:0f:10:90:b1:14:
4e:87:80:92:b4:b3:0f:08:f9:59:45:94:b7:91:92:
f9:16:1b:94:94:7b:dc:c5:a8:89:71:05:60:94:43:
e6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:90:33:4A:11:87:ED:5C:8C:81:F8:C4:49:F5:E4:16:8B:29:C0:07
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/35E4224817FF11EFB9509066C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/22
139.190.8.0-139.190.19.255
Signature Algorithm: sha256WithRSAEncryption
38:91:13:7a:12:28:e0:84:d1:35:a4:db:9b:9f:72:73:b9:f3:
a2:21:43:b8:6e:87:ae:fb:f9:db:a3:36:14:16:10:ef:dd:31:
48:74:c4:e6:39:4c:84:0d:d7:f1:da:c0:50:f7:14:64:cf:c8:
33:61:63:c3:82:d9:00:be:29:79:bc:16:50:a0:38:f2:79:dd:
39:5a:49:e2:1e:b8:b7:04:1f:23:9b:af:df:ea:2f:8a:de:e3:
4f:cb:79:f4:78:fa:e4:db:9c:16:a9:a7:40:61:7c:8e:8f:f3:
8a:c2:cb:32:24:f4:b9:f6:21:54:82:30:5c:e4:a8:4c:17:3e:
78:d2:58:bd:11:24:27:33:67:05:ff:88:20:f3:4d:1b:d4:87:
4f:07:fd:a5:f3:ca:e4:b8:a9:76:c6:f8:8a:31:0f:6f:a8:1c:
b0:33:02:b3:29:a0:7e:f0:7e:22:72:db:11:8d:75:33:8e:91:
cd:95:1e:d0:18:1c:5f:84:7f:0c:fb:6a:60:41:c9:9d:9f:4f:
0f:d4:04:da:51:b6:9e:6b:55:8f:e8:7f:08:ad:5a:82:39:21:
f5:f3:34:49:9a:fe:0b:ea:01:8b:ed:91:85:e4:3b:54:2d:a0:
af:17:0c:ac:82:b5:00:b3:bf:71:97:6e:3b:b4:e4:d0:0c:b1:
75:af:e6:d4
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCqUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwNTI0MjIzMjA4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjUxMTU2OC05N2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA77GsM/OuKiLHaWMbd2f6ZhlkhPAd4ZcvoTBUCT0s/JEd21o2M1keJh9qOzV3
UCJ1+nRWu9P0zOEaGk3oDUor2fJJbIAMhV69DxAyYmESvEG9I17h8GsBPVXSE7pw
dfTcIyZssfMVhX8rr7JgZwKw2d5BGWFA/aUKPT9VV5NVlT+WdIyzEb1r0yLq6MaF
jN1iIBcNyS7U+XbY6ACBtu3pC6m5Rt505kDyhi3jq3lLPD3RM8AnMyrRo5i5T7FX
+9zM+qd4XFIIyjnOPULE2NL1GfIe/i7AkTB6KpKsDxCQsRROh4CStLMPCPlZRZS3
kZL5FhuUlHvcxaiJcQVglEPmCQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFDWQM0oR
h+1cjIH4xEn15BaLKcAHMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMzVFNDIyNDgx
N0ZGMTFFRkI5NTA5MDY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAKLvgAwDAMEA4u+CAMEAou+EDANBgkqhkiG9w0BAQsFAAOC
AQEAOJETehIo4ITRNaTbm59yc7nzoiFDuG6Hrvv526M2FBYQ790xSHTE5jlMhA3X
8drAUPcUZM/IM2Fjw4LZAL4pebwWUKA48nndOVpJ4h64twQfI5uv3+ovit7jT8t5
9Hj65NucFqmnQGF8jo/zisLLMiT0ufYhVIIwXOSoTBc+eNJYvREkJzNnBf+IIPNN
G9SHTwf9pfPK5Lipdsb4ijEPb6gcsDMCsymgfvB+InLbEY11M46RzZUe0BgcX4R/
DPtqYEHJnZ9PD9QE2lG2nmtVj+h/CK1agjkh9fM0SZr+C+oBi+2RheQ7VC2grxcM
rIK1ALO/cZduO7Tk0Ayxda/m1A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:17 2025 by rpki-client