Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4BDB3B70CCC911EF8BDD3E35C4F9AE02.roa
File: 4BDB3B70CCC911EF8BDD3E35C4F9AE02.roa (raw, json)
Hash identifier: PfpdJv+PFIZsuCVUx7wIxtWwOX8x/eAYrekmGhvxiqQ=
Subject key identifier: EB:C0:63:45:CB:91:BA:9A:75:DD:3A:C3:03:71:F5:30:25:8B:ED:D4
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0CE7
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4BDB3B70CCC911EF8BDD3E35C4F9AE02.roa
Signing time: Tue 07 Jan 2025 07:31:19 +0000
ROA not before: Tue 07 Jan 2025 07:31:19 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 329007
IP address blocks: 139.190.80.0/21 maxlen: 24
139.190.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 11:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3303 (0xce7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Jan 7 07:31:19 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=677cd847-172e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a4:04:14:be:77:e9:eb:18:07:d6:23:74:81:
bf:22:af:18:72:6b:22:46:fc:c0:a6:0c:5e:2b:da:
71:4e:a8:45:d8:5a:0d:2e:76:08:c6:a1:80:d6:19:
ce:d4:76:68:a6:10:74:e1:02:bf:87:57:cc:db:bc:
c7:d6:47:80:eb:2e:27:dc:df:12:ed:da:4f:de:16:
92:6d:e0:dd:49:e4:b5:90:40:04:01:85:c9:2d:7c:
25:81:64:8b:bd:b5:7e:7b:05:65:db:a7:65:4a:4a:
e4:e5:5a:1a:ce:ed:c9:c2:77:18:69:dc:94:b2:40:
ba:ce:eb:bd:18:ab:77:e2:67:a6:a4:82:86:44:7e:
26:22:a2:4a:67:d0:01:d8:bb:ad:32:f1:8a:9e:aa:
fc:2d:13:bf:b8:2b:69:6a:46:23:52:ab:2e:bc:63:
f2:86:47:c5:e7:2b:da:39:ad:3e:5a:16:fc:07:0b:
6f:69:db:b3:89:ed:e7:b1:f2:6b:35:c8:d5:21:d7:
d2:86:07:c6:d3:ba:9c:12:5c:ef:2a:65:8c:c6:03:
cd:d0:6a:fc:68:5f:28:76:cd:87:09:bf:f8:65:b1:
49:6d:0d:19:04:5a:f6:68:3f:79:27:75:52:9c:08:
0a:a2:08:b0:f6:7f:e5:6f:23:ce:a0:24:36:cb:fa:
ae:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C0:63:45:CB:91:BA:9A:75:DD:3A:C3:03:71:F5:30:25:8B:ED:D4
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4BDB3B70CCC911EF8BDD3E35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.80.0/20
Signature Algorithm: sha256WithRSAEncryption
b5:21:11:ff:41:da:54:4e:21:92:5e:ee:80:5b:4a:7f:b7:1a:
61:b5:71:a8:4b:33:5d:eb:fb:48:c6:1c:c6:2e:95:42:1a:0e:
24:4e:c6:d4:d8:c4:18:11:56:65:a6:8f:ac:4e:10:33:14:0f:
5e:e3:d2:5b:97:6a:68:f5:14:94:48:45:48:1c:93:73:59:64:
9d:8e:1e:99:82:22:a1:e3:0c:48:c0:f2:d9:1e:36:74:8d:1f:
dc:04:e0:9d:82:45:32:ae:f1:0c:c9:74:28:c3:92:5e:36:05:
2d:ff:83:9f:c9:02:0a:99:56:ce:d1:c8:5f:47:cd:55:fe:29:
8c:d5:ae:47:3d:f1:eb:67:8a:44:ad:bf:ab:3c:65:c2:72:66:
ee:88:45:27:11:4d:24:66:b7:4f:a3:a0:d5:15:bd:94:76:8e:
b0:1d:91:4a:83:af:8e:ba:21:19:aa:23:a3:6f:60:5e:d6:1f:
65:09:6c:46:ec:ed:3b:56:e5:a9:20:65:c7:83:c5:9d:8c:e5:
29:b9:e8:57:6a:67:29:29:18:b0:b7:d7:90:12:78:02:22:2f:
ae:f0:df:75:0a:51:7c:a9:ef:f0:14:8d:1e:bc:24:5f:e3:c0:
19:84:70:d9:7b:24:82:06:07:82:b4:ef:b4:ac:af:20:5d:d9:
34:46:a0:fe
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDOcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMTA3MDczMTE5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjZDg0Ny0xNzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoaQEFL536esYB9YjdIG/Iq8YcmsiRvzApgxeK9pxTqhF2FoNLnYIxqGA1hnO
1HZophB04QK/h1fM27zH1keA6y4n3N8S7dpP3haSbeDdSeS1kEAEAYXJLXwlgWSL
vbV+ewVl26dlSkrk5Voazu3JwncYadyUskC6zuu9GKt34mempIKGRH4mIqJKZ9AB
2LutMvGKnqr8LRO/uCtpakYjUqsuvGPyhkfF5yvaOa0+Whb8Bwtvaduzie3nsfJr
NcjVIdfShgfG07qcElzvKmWMxgPN0Gr8aF8ods2HCb/4ZbFJbQ0ZBFr2aD95J3VS
nAgKogiw9n/lbyPOoCQ2y/quMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOvAY0XL
kbqadd06wwNx9TAli+3UMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNEJEQjNCNzBD
Q0M5MTFFRjhCREQzRTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBASLvlAwDQYJKoZIhvcNAQELBQADggEBALUhEf9B2lROIZJe
7oBbSn+3GmG1cahLM13r+0jGHMYulUIaDiROxtTYxBgRVmWmj6xOEDMUD17j0luX
amj1FJRIRUgck3NZZJ2OHpmCIqHjDEjA8tkeNnSNH9wE4J2CRTKu8QzJdCjDkl42
BS3/g5/JAgqZVs7RyF9HzVX+KYzVrkc98etnikStv6s8ZcJyZu6IRScRTSRmt0+j
oNUVvZR2jrAdkUqDr466IRmqI6NvYF7WH2UJbEbs7TtW5akgZceDxZ2M5Sm56Fdq
ZykpGLC315ASeAIiL67w33UKUXyp7/AUjR68JF/jwBmEcNl7JIIGB4K077SsryBd
2TRGoP4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:41:29 2025 by rpki-client