Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/58CE5D4CD30B11EF9F30D94BC4F9AE02.roa
File: 58CE5D4CD30B11EF9F30D94BC4F9AE02.roa (raw, json)
Hash identifier: zpAoiEfb1V4gqTEvi9Vpc19QqEwk4ekEI4fAUcimINw=
Subject key identifier: A3:E5:04:8A:ED:30:19:D9:04:93:EC:84:76:D2:8A:A1:B6:68:01:0C
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0D66
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/58CE5D4CD30B11EF9F30D94BC4F9AE02.roa
Signing time: Wed 15 Jan 2025 06:39:52 +0000
ROA not before: Wed 15 Jan 2025 06:39:52 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 09:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3430 (0xd66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Jan 15 06:39:52 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67875838-f2a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:30:10:06:31:61:93:2d:01:af:38:14:1a:59:
51:cf:b8:96:e4:82:94:9e:d8:7b:f2:61:8e:a5:36:
e6:9e:9f:03:6f:63:30:26:6e:5c:66:8f:dc:3d:33:
fe:11:51:fc:fd:18:2a:9b:ca:31:04:6d:68:19:c3:
50:d7:1a:91:15:70:97:51:05:a3:62:84:dd:a9:b5:
5d:98:c9:18:bc:49:be:15:52:2f:a9:0f:66:2f:07:
26:6e:2f:7d:a1:dc:03:77:5a:bb:8a:8d:fa:af:0c:
95:44:1f:0c:f4:e0:0a:30:c2:9e:99:5b:20:c0:f0:
d5:73:11:79:22:89:4c:75:b5:3c:3b:2a:28:b8:84:
14:a8:d9:42:2f:57:ad:9e:92:37:ba:be:94:4b:e9:
10:7d:77:8d:aa:30:be:b8:8b:ac:98:9d:78:b5:2e:
58:c9:db:c5:bc:40:dd:96:b9:4e:94:7c:58:1c:8e:
3b:c7:cc:c4:1c:f2:2e:d6:7e:21:da:22:c6:7b:74:
55:b4:21:32:2d:d9:30:e6:4a:a6:af:44:09:f3:fa:
83:aa:82:9c:58:e6:e8:c4:40:b3:6c:15:cc:6e:71:
43:9e:7e:65:64:00:da:16:17:9c:3d:56:ba:d0:24:
91:03:f5:6c:9f:ae:c7:42:38:0a:cc:2d:4c:a3:7d:
4c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E5:04:8A:ED:30:19:D9:04:93:EC:84:76:D2:8A:A1:B6:68:01:0C
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/58CE5D4CD30B11EF9F30D94BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.235.0/24
139.190.238.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:0e:11:2d:99:1c:4a:c9:2f:18:7f:ca:23:1f:4a:40:5a:52:
2a:dd:5f:8b:f4:75:4a:d1:1e:e2:02:40:6c:8b:24:c6:2d:9d:
47:4c:4b:9f:e0:d9:72:25:8b:7e:a3:7d:60:7f:18:a5:49:b9:
46:1c:15:8a:3e:ca:06:34:e5:91:0e:3e:2a:70:2b:2a:1c:d5:
a9:85:9d:7c:e2:0b:14:21:57:9c:46:a5:63:12:c4:d5:c0:04:
79:4f:21:f1:ea:e1:11:e8:ef:83:d6:36:93:3c:5b:49:dd:f7:
2d:15:5b:c4:bf:a8:1e:88:9a:89:b2:c4:6f:03:82:5f:93:ab:
c2:34:e1:cd:c0:38:71:56:4b:ad:82:34:7b:f1:d9:bc:6e:8c:
d1:85:ed:43:3d:62:25:87:6b:a9:78:de:bb:62:06:ee:74:f5:
b4:53:de:aa:c4:0e:b5:9b:84:7b:f2:c0:6d:ec:9d:7a:bf:4d:
da:32:b1:6d:56:f1:1d:bc:f2:e9:44:ca:71:42:49:46:3c:52:
f8:b2:26:e7:31:18:df:b1:0d:2c:08:73:19:42:09:26:e3:cc:
be:22:15:3c:5e:cb:ea:ac:45:28:c8:a3:77:65:3b:61:d5:6a:
fd:21:05:10:a7:4f:8c:93:cb:08:eb:09:3e:35:e1:7c:08:5f:
b7:4a:68:26
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMTE1MDYzOTUyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg3NTgzOC1mMmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyDAQBjFhky0BrzgUGllRz7iW5IKUnth78mGOpTbmnp8Db2MwJm5cZo/cPTP+
EVH8/Rgqm8oxBG1oGcNQ1xqRFXCXUQWjYoTdqbVdmMkYvEm+FVIvqQ9mLwcmbi99
odwDd1q7io36rwyVRB8M9OAKMMKemVsgwPDVcxF5IolMdbU8OyoouIQUqNlCL1et
npI3ur6US+kQfXeNqjC+uIusmJ14tS5YydvFvEDdlrlOlHxYHI47x8zEHPIu1n4h
2iLGe3RVtCEyLdkw5kqmr0QJ8/qDqoKcWOboxECzbBXMbnFDnn5lZADaFhecPVa6
0CSRA/Vsn67HQjgKzC1Mo31MHwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKPlBIrt
MBnZBJPshHbSiqG2aAEMMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNThDRTVENENE
MzBCMTFFRjlGMzBEOTRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBACLvusDBACLvu4wDQYJKoZIhvcNAQELBQADggEBAMwOES2Z
HErJLxh/yiMfSkBaUirdX4v0dUrRHuICQGyLJMYtnUdMS5/g2XIli36jfWB/GKVJ
uUYcFYo+ygY05ZEOPipwKyoc1amFnXziCxQhV5xGpWMSxNXABHlPIfHq4RHo74PW
NpM8W0nd9y0VW8S/qB6ImomyxG8Dgl+Tq8I04c3AOHFWS62CNHvx2bxujNGF7UM9
YiWHa6l43rtiBu509bRT3qrEDrWbhHvywG3snXq/TdoysW1W8R288ulEynFCSUY8
UviyJucxGN+xDSwIcxlCCSbjzL4iFTxey+qsRSjIo3dlO2HVav0hBRCnT4yTywjr
CT414XwIX7dKaCY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:36:23 2025 by rpki-client