Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/69BE4702391E11EFA8F0B445C4F9AE02.roa
File: 69BE4702391E11EFA8F0B445C4F9AE02.roa (raw, json)
Hash identifier: 1iWwSSA4+/jfkuoiD4RU+fiDNcai0qXHxv619zvPeJ4=
Subject key identifier: DE:70:5A:71:27:4F:31:C8:F1:12:C0:A4:67:C0:7E:FD:38:FF:7B:A6
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0B3C
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/69BE4702391E11EFA8F0B445C4F9AE02.roa
Signing time: Wed 18 Sep 2024 10:46:24 +0000
ROA not before: Wed 18 Sep 2024 10:46:24 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.4.0/24 maxlen: 24
139.190.5.0/24 maxlen: 24
139.190.6.0/24 maxlen: 24
139.190.7.0/24 maxlen: 24
139.190.28.0/22 maxlen: 22
139.190.36.0/22 maxlen: 24
139.190.40.0/22 maxlen: 24
139.190.48.0/22 maxlen: 24
139.190.60.0/22 maxlen: 24
139.190.96.0/22 maxlen: 22
139.190.104.0/22 maxlen: 24
139.190.108.0/22 maxlen: 24
139.190.120.0/22 maxlen: 24
139.190.124.0/22 maxlen: 24
139.190.192.0/19 maxlen: 24
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 12:16:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2876 (0xb3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Sep 18 10:46:24 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66eaaf80-89d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:90:4e:a1:97:7e:80:bf:0c:6d:84:17:3d:0e:
99:f0:41:04:37:fe:2f:2d:80:e3:6e:c6:f6:2f:cf:
7a:a0:7e:02:59:e2:60:4d:c7:22:b4:de:1a:2b:72:
c9:f6:ec:b1:0b:d5:a7:2b:2b:5d:d0:ea:ba:77:88:
93:f5:8c:4a:30:06:8a:14:57:8e:f5:33:87:c5:2c:
bc:a8:4e:93:4e:07:4f:13:7e:95:b4:ea:b8:2a:d6:
d0:9e:04:31:4e:eb:33:c3:44:20:9c:29:04:13:de:
56:89:b5:93:19:50:99:7b:51:dd:26:33:17:4f:7b:
f1:fd:7c:77:90:f5:7d:0c:1b:49:02:ba:c1:da:22:
31:f9:80:07:f0:09:64:cc:36:17:d6:3f:b5:a1:b7:
f9:2d:5a:c6:e3:8b:4b:95:85:f1:3a:7f:a1:8a:97:
4e:2c:22:c9:55:55:48:1e:21:34:1e:a7:7d:ea:2c:
dc:24:01:4e:e9:04:91:5a:d4:c1:b3:b0:f3:86:9b:
2b:3f:fe:ba:ab:43:1b:f6:85:ba:91:2f:6e:b0:0e:
a4:23:fd:e9:8b:b3:1a:7f:45:53:06:e5:9b:e6:6e:
3f:7d:b8:7d:e2:a1:0b:34:cf:9a:70:b4:6f:d6:c6:
a2:44:14:e6:23:16:b9:e6:5e:c2:97:69:cd:d7:03:
68:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:70:5A:71:27:4F:31:C8:F1:12:C0:A4:67:C0:7E:FD:38:FF:7B:A6
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/69BE4702391E11EFA8F0B445C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.4.0/22
139.190.28.0/22
139.190.36.0-139.190.43.255
139.190.48.0/22
139.190.60.0/22
139.190.96.0/22
139.190.104.0/21
139.190.120.0/21
139.190.192.0/19
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:46:fc:35:be:e7:5d:8a:22:38:29:75:70:13:8b:7e:8b:1d:
dc:2f:23:bd:3a:3b:ed:3a:ef:99:75:93:8a:31:42:83:1e:88:
5e:b3:b9:7c:08:9c:7e:9e:0e:96:07:65:0e:2f:30:dc:8c:1e:
48:0f:85:8f:f2:81:4e:8e:0f:82:b2:ef:3a:dd:fa:ac:1e:2c:
c7:e7:e3:4e:77:8b:b2:58:24:47:ef:b5:7b:30:11:c8:de:64:
4e:af:b0:0b:40:34:21:51:64:f8:62:64:76:db:d5:3d:69:43:
53:e3:87:34:26:07:93:c4:ee:7d:b5:02:7c:d3:fb:59:07:07:
b1:0d:a3:b1:aa:ad:03:c6:ab:17:67:d9:c7:b3:30:2b:75:00:
59:64:26:88:58:9e:43:09:9c:84:12:bb:56:ce:5f:57:6e:1d:
78:35:3f:54:ae:b7:2c:b9:20:66:1e:6f:71:eb:62:42:1e:46:
ee:f5:55:a8:42:97:d7:0b:63:9f:0e:1b:52:76:67:2a:e2:1d:
16:c5:e3:c0:b8:39:bd:6e:76:47:29:9e:20:3a:58:7b:43:26:
79:72:40:e6:2a:31:43:06:2e:af:9f:8b:bc:ff:80:b8:28:4a:
4a:11:93:ab:de:1e:70:d1:e9:6f:09:1c:8b:c0:fa:d5:43:16:
73:63:9c:bc
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICCzwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwOTE4MTA0NjI0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmVhYWY4MC04OWQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA65BOoZd+gL8MbYQXPQ6Z8EEEN/4vLYDjbsb2L896oH4CWeJgTccitN4aK3LJ
9uyxC9WnKytd0Oq6d4iT9YxKMAaKFFeO9TOHxSy8qE6TTgdPE36VtOq4KtbQngQx
Tuszw0QgnCkEE95WibWTGVCZe1HdJjMXT3vx/Xx3kPV9DBtJArrB2iIx+YAH8Alk
zDYX1j+1obf5LVrG44tLlYXxOn+hipdOLCLJVVVIHiE0Hqd96izcJAFO6QSRWtTB
s7DzhpsrP/66q0Mb9oW6kS9usA6kI/3pi7Maf0VTBuWb5m4/fbh94qELNM+acLRv
1saiRBTmIxa55l7Cl2nN1wNonwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFN5wWnEn
TzHI8RLApGfAfv04/3umMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNjlCRTQ3MDIz
OTFFMTFFRkE4RjBCNDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMFAEAgABMEoDBAKLvgQDBAKLvhwwDAMEAou+JAMEAou+KAMEAou+MAMEAou+
PAMEAou+YAMEA4u+aAMEA4u+eAMEBYu+wAMEAIu+6wMEAYu+7jANBgkqhkiG9w0B
AQsFAAOCAQEAskb8Nb7nXYoiOCl1cBOLfosd3C8jvTo77TrvmXWTijFCgx6IXrO5
fAicfp4OlgdlDi8w3IweSA+Fj/KBTo4PgrLvOt36rB4sx+fjTneLslgkR++1ezAR
yN5kTq+wC0A0IVFk+GJkdtvVPWlDU+OHNCYHk8TufbUCfNP7WQcHsQ2jsaqtA8ar
F2fZx7MwK3UAWWQmiFieQwmchBK7Vs5fV24deDU/VK63LLkgZh5vcetiQh5G7vVV
qEKX1wtjnw4bUnZnKuIdFsXjwLg5vW52RymeIDpYe0MmeXJA5ioxQwYur5+LvP+A
uChKShGTq94ecNHpbwkci8D61UMWc2OcvA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:39:30 2025 by rpki-client