Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/460C9D42D23C11EF9B40040BC4F9AE02.roa
File: 460C9D42D23C11EF9B40040BC4F9AE02.roa (raw, json)
Hash identifier: vd/ZjmtOCyYgHJ8IT7INYYibuVZFe7TlB/uxDkrkgYg=
Subject key identifier: C4:ED:D9:BD:51:E7:C0:CE:54:7F:5B:48:AC:6A:0C:6F:52:2E:05:FE
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0D72
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/460C9D42D23C11EF9B40040BC4F9AE02.roa
Signing time: Fri 17 Jan 2025 12:36:37 +0000
ROA not before: Fri 17 Jan 2025 12:36:37 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 329007
IP address blocks: 139.190.11.0/24 maxlen: 24
139.190.32.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 06:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3442 (0xd72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Jan 17 12:36:37 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=678a4ed5-071c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:55:5d:3a:1f:7b:bb:92:e9:62:6c:05:6b:52:
fb:93:95:d5:19:00:b8:a3:b5:bd:a0:ea:38:ef:0d:
c2:1d:9e:05:28:43:2f:bd:6f:d1:ca:0c:b4:bb:4a:
46:e0:e8:51:03:4c:06:48:4d:98:fc:1d:7e:11:2c:
f3:28:d3:ea:39:35:4b:f2:d5:e6:0b:41:bb:33:23:
16:37:54:8c:a9:71:e6:82:be:24:bd:16:69:cb:58:
2b:d1:a8:dc:84:6d:bd:b5:b9:20:a7:62:f2:71:2c:
cd:20:db:92:1d:60:da:b5:b8:a6:a1:0d:33:0e:1f:
c3:0c:7d:2e:fc:0e:75:ec:c4:b9:e7:36:3c:66:2b:
4b:c4:11:47:2d:39:0b:c1:3f:45:de:90:dd:1c:ef:
56:8f:c2:02:dd:2a:e8:aa:e1:67:82:88:f3:c8:ed:
ff:f1:c7:6e:f6:42:3e:74:00:f9:9f:c8:aa:95:ea:
db:9c:2e:3f:a1:b5:ec:09:8b:95:12:44:27:6b:b5:
91:7d:c2:e1:86:df:93:a3:fc:0c:4c:93:8e:d3:03:
96:1d:b9:2d:c2:d4:0b:42:fb:c0:0a:24:25:63:59:
01:96:34:0e:ab:98:2a:a0:54:66:5e:84:eb:8b:d0:
65:e4:29:0c:5f:c7:0c:85:07:72:b1:55:55:7f:28:
cd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:ED:D9:BD:51:E7:C0:CE:54:7F:5B:48:AC:6A:0C:6F:52:2E:05:FE
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/460C9D42D23C11EF9B40040BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.11.0/24
139.190.32.0/22
139.190.52.0/22
Signature Algorithm: sha256WithRSAEncryption
13:7d:f5:4b:f2:4e:3e:0d:d0:7b:74:b8:fe:9f:fb:ce:d2:7d:
62:97:a1:06:11:d9:62:77:5a:29:f8:57:54:73:b2:09:32:2c:
7b:37:8e:ef:ce:22:ef:2e:f0:28:b4:82:45:b8:48:78:ec:fc:
6b:b9:ee:54:39:3d:72:75:7c:3a:71:2d:fe:3e:a9:fc:4f:1c:
d4:8c:ea:dc:b1:c4:59:d8:f2:99:b2:2e:73:dd:09:dd:e3:1d:
b1:8b:95:58:e0:32:e3:74:28:b4:5f:4a:a0:db:8e:44:93:f2:
9e:95:e6:e6:6a:5c:64:26:3d:c8:e7:3a:95:f5:b3:89:8a:38:
fa:93:82:a8:b7:b7:3b:d8:66:c0:f5:0f:b4:ea:53:f8:0b:84:
2e:2c:5d:57:b4:9c:22:61:27:a2:b2:87:28:8a:1a:0d:67:88:
8a:1f:ec:4b:f0:48:8c:44:de:47:f3:97:6b:fb:c5:e0:75:9f:
21:65:46:33:74:c8:66:6c:e6:ab:5c:09:71:4b:3d:d1:12:99:
47:1c:de:31:bb:7a:b9:7e:1e:e6:94:a6:85:fc:26:05:9e:39:
c7:f8:44:4d:41:7a:1c:1d:bc:aa:5d:c0:7a:73:3e:94:66:2d:
d8:e8:42:82:18:67:53:15:4e:ca:14:8a:f5:14:1d:75:d3:74:
ed:fb:8c:71
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMTE3MTIzNjM3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhhNGVkNS0wNzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwFVdOh97u5LpYmwFa1L7k5XVGQC4o7W9oOo47w3CHZ4FKEMvvW/Rygy0u0pG
4OhRA0wGSE2Y/B1+ESzzKNPqOTVL8tXmC0G7MyMWN1SMqXHmgr4kvRZpy1gr0ajc
hG29tbkgp2LycSzNINuSHWDatbimoQ0zDh/DDH0u/A517MS55zY8ZitLxBFHLTkL
wT9F3pDdHO9Wj8IC3SroquFngojzyO3/8cdu9kI+dAD5n8iqlerbnC4/obXsCYuV
EkQna7WRfcLhht+To/wMTJOO0wOWHbktwtQLQvvACiQlY1kBljQOq5gqoFRmXoTr
i9Bl5CkMX8cMhQdysVVVfyjNzwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFMTt2b1R
58DOVH9bSKxqDG9SLgX+MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNDYwQzlENDJE
MjNDMTFFRjlCNDAwNDBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBACLvgsDBAKLviADBAKLvjQwDQYJKoZIhvcNAQELBQADggEB
ABN99UvyTj4N0Ht0uP6f+87SfWKXoQYR2WJ3Win4V1RzsgkyLHs3ju/OIu8u8Ci0
gkW4SHjs/Gu57lQ5PXJ1fDpxLf4+qfxPHNSM6tyxxFnY8pmyLnPdCd3jHbGLlVjg
MuN0KLRfSqDbjkST8p6V5uZqXGQmPcjnOpX1s4mKOPqTgqi3tzvYZsD1D7TqU/gL
hC4sXVe0nCJhJ6KyhyiKGg1niIof7EvwSIxE3kfzl2v7xeB1nyFlRjN0yGZs5qtc
CXFLPdESmUcc3jG7erl+HuaUpoX8JgWeOcf4RE1BehwdvKpdwHpzPpRmLdjoQoIY
Z1MVTsoUivUUHXXTdO37jHE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:39:11 2025 by rpki-client