Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/75EEEA68977911EF92AD9F77C4F9AE02.roa
File: 75EEEA68977911EF92AD9F77C4F9AE02.roa (raw, json)
Hash identifier: K3MJzbjxtlJGm7Xs56ubaCQegTv5O5aFbS3D3uUdwms=
Subject key identifier: C3:D9:3E:1D:83:32:93:48:6D:F7:10:56:C4:9B:BC:70:3E:5F:15:BE
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0B85
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/75EEEA68977911EF92AD9F77C4F9AE02.roa
Signing time: Thu 31 Oct 2024 11:18:18 +0000
ROA not before: Thu 31 Oct 2024 11:18:18 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Nov 2024 11:38:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2949 (0xb85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Oct 31 11:18:18 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6723677a-e5fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f6:32:ae:fd:ee:a5:0f:18:90:da:d2:86:58:
05:81:e2:91:86:77:fb:db:30:8e:d3:5a:69:d5:1b:
a6:87:4d:54:76:fe:71:2f:1c:d2:a4:2c:04:ab:2c:
a3:f0:2c:3c:31:b3:f0:9f:19:8b:88:b4:c1:a6:f1:
ce:aa:ce:2a:32:1c:3e:06:e2:58:9b:12:c2:7c:56:
f7:92:ca:74:f5:d8:58:3a:b2:70:90:d5:ec:16:99:
74:f1:04:ff:73:7a:cc:47:e1:47:2c:32:de:f9:bc:
27:58:1f:e9:05:76:50:bf:52:c3:c4:93:23:d4:21:
39:b4:66:e3:f8:ce:75:61:d5:07:4c:62:8b:c7:b8:
ff:6b:b2:2d:43:ab:f0:77:99:ce:cd:85:38:d2:b0:
4b:21:90:d0:54:fb:c8:6f:9b:07:bb:9e:10:41:24:
6f:1f:c4:3c:84:18:f4:80:af:b9:ce:02:cc:32:76:
c3:1d:ff:23:2c:4a:0f:ec:bb:12:b7:1d:7d:3d:21:
15:44:bc:4f:a0:4f:be:80:88:f2:c9:f9:92:22:74:
ab:79:68:d1:6c:96:2f:a9:26:95:6b:aa:24:66:0e:
98:04:20:2e:44:18:11:67:83:74:08:90:78:04:c4:
fd:8a:7e:7a:7c:9b:55:ad:a2:c0:a2:98:b4:ac:ef:
77:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D9:3E:1D:83:32:93:48:6D:F7:10:56:C4:9B:BC:70:3E:5F:15:BE
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/75EEEA68977911EF92AD9F77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.235.0/24
139.190.238.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:64:b4:c1:ad:c8:7f:27:06:15:3f:53:95:75:1e:75:72:df:
48:72:22:c9:e6:9c:2a:65:31:eb:d2:8a:08:bf:37:69:fc:c7:
55:48:1f:e3:01:d1:c1:e6:7c:04:06:0b:fd:3b:e1:6e:fb:c6:
05:c2:70:56:77:ab:0d:55:9f:3a:8a:e1:5b:18:63:de:ff:b0:
7b:37:ea:c4:e7:8a:a3:17:e1:29:65:e2:0b:cb:2a:26:a0:26:
2f:bf:22:48:78:60:bc:80:64:62:4e:95:45:2a:5f:22:cd:46:
94:fa:eb:1b:a1:59:71:0c:06:19:b8:d0:59:56:d8:7b:d5:ac:
c1:fe:3a:4b:c9:b5:8e:04:8e:c6:f5:cc:e7:3e:e8:66:e8:6b:
58:76:21:5b:97:e2:ac:26:4c:b0:74:25:9e:4f:b5:e8:de:66:
ad:18:13:b1:0b:26:e0:f4:1e:31:6b:96:60:a1:60:56:bf:be:
06:db:8a:82:0f:7c:19:d4:f2:94:1d:77:4e:5b:3d:5d:9b:80:
89:80:69:e7:5f:25:90:5d:f9:1b:8b:a2:7b:b7:a5:3b:27:cc:
b9:e0:59:c6:73:69:ce:3f:37:44:39:40:92:63:4c:43:7d:eb:
5e:85:16:65:55:db:17:e4:24:6e:45:3b:54:bf:16:7e:3d:34:
f8:19:57:61
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC4UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMDMxMTExODE4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIzNjc3YS1lNWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvvYyrv3upQ8YkNrShlgFgeKRhnf72zCO01pp1Rumh01Udv5xLxzSpCwEqyyj
8Cw8MbPwnxmLiLTBpvHOqs4qMhw+BuJYmxLCfFb3ksp09dhYOrJwkNXsFpl08QT/
c3rMR+FHLDLe+bwnWB/pBXZQv1LDxJMj1CE5tGbj+M51YdUHTGKLx7j/a7ItQ6vw
d5nOzYU40rBLIZDQVPvIb5sHu54QQSRvH8Q8hBj0gK+5zgLMMnbDHf8jLEoP7LsS
tx19PSEVRLxPoE++gIjyyfmSInSreWjRbJYvqSaVa6okZg6YBCAuRBgRZ4N0CJB4
BMT9in56fJtVraLAopi0rO93dQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMPZPh2D
MpNIbfcQVsSbvHA+XxW+MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNzVFRUVBNjg5
Nzc5MTFFRjkyQUQ5Rjc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBACLvusDBACLvu4wDQYJKoZIhvcNAQELBQADggEBAKlktMGt
yH8nBhU/U5V1HnVy30hyIsnmnCplMevSigi/N2n8x1VIH+MB0cHmfAQGC/074W77
xgXCcFZ3qw1VnzqK4VsYY97/sHs36sTniqMX4Sll4gvLKiagJi+/Ikh4YLyAZGJO
lUUqXyLNRpT66xuhWXEMBhm40FlW2HvVrMH+OkvJtY4Ejsb1zOc+6Gboa1h2IVuX
4qwmTLB0JZ5PtejeZq0YE7ELJuD0HjFrlmChYFa/vgbbioIPfBnU8pQdd05bPV2b
gImAaedfJZBd+RuLonu3pTsnzLngWcZzac4/N0Q5QJJjTEN9616FFmVV2xfkJG5F
O1S/Fn49NPgZV2E=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:31:50 2025 by rpki-client