Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/7BF4F4E2BBA611EF8900FC2EC4F9AE02.roa
File: 7BF4F4E2BBA611EF8900FC2EC4F9AE02.roa (raw, json)
Hash identifier: kn/PUUVfV3Bzk3jjRelcsKJQpYMUol0BAsdS/fRsaI0=
Subject key identifier: B5:10:79:E6:7D:90:CE:3C:9E:EA:A1:61:CA:E8:F1:B6:E3:CE:96:D9
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0C69
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/7BF4F4E2BBA611EF8900FC2EC4F9AE02.roa
Signing time: Mon 16 Dec 2024 12:08:39 +0000
ROA not before: Mon 16 Dec 2024 12:08:39 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 329007
IP address blocks: 139.190.32.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 23 Dec 2024 07:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3177 (0xc69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Dec 16 12:08:39 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67601847-92b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:62:5b:98:97:49:00:69:9a:44:69:1e:11:aa:
a8:5c:d6:c4:ad:5e:20:22:4e:9a:a8:57:97:79:c8:
56:01:ec:94:87:3e:f5:58:7c:c4:07:2f:28:2c:28:
1d:96:cc:92:34:b6:18:6b:ca:ca:48:dc:78:82:d0:
ee:4d:b4:25:9a:4a:ca:95:2e:3d:e5:d2:52:b8:6a:
c5:14:94:33:96:b5:42:29:7d:5d:4e:d6:be:d7:6f:
56:39:4c:4e:31:8e:17:c1:ab:0c:f5:91:20:30:78:
4f:b2:a1:75:e4:d4:51:16:26:a2:6a:b7:d3:76:95:
3b:d8:0d:ca:cd:32:14:69:f7:c9:f3:79:30:5b:a7:
09:5f:a4:14:a1:40:a6:a1:73:b3:f1:5f:e5:a2:f5:
d5:6e:46:ec:91:3d:ce:69:c0:29:69:6c:39:80:6e:
81:ab:f3:f7:b6:73:30:43:23:dd:2b:1b:8e:61:02:
d7:68:fb:32:ea:5a:62:69:ee:e9:e8:86:f4:7e:0c:
55:a0:90:1c:4e:91:46:a2:5b:03:e0:31:2c:60:1a:
34:62:29:fd:12:6d:a2:4c:b9:4d:2f:56:cd:53:7f:
96:81:12:ba:54:74:cf:12:bf:60:91:6c:4f:c0:8f:
68:ca:c8:da:29:8e:ab:e6:f9:6f:00:79:f9:1f:fa:
79:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:10:79:E6:7D:90:CE:3C:9E:EA:A1:61:CA:E8:F1:B6:E3:CE:96:D9
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/7BF4F4E2BBA611EF8900FC2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:3e:d2:2b:69:89:d3:3c:d4:d6:bf:03:c2:a8:3b:4e:ba:cb:
58:e4:9e:18:50:c8:f2:01:13:42:50:ca:57:d1:4d:c2:6d:e5:
39:de:ec:40:0e:13:53:4e:2f:bc:9c:70:c3:4b:45:73:23:a5:
7e:64:8b:58:80:03:2e:5e:64:c6:7c:91:7c:87:1e:18:22:aa:
c6:19:82:f9:17:c8:6f:0b:08:0c:42:0d:a9:ec:d6:bf:cf:12:
91:67:75:d9:a7:85:a4:64:e8:2a:aa:44:55:85:82:05:19:0c:
c5:72:5f:79:d8:e6:91:b9:ed:4e:38:f5:63:20:9b:e8:7d:bb:
b8:31:64:38:42:22:dc:53:3f:c2:74:24:61:0d:f3:82:67:ba:
45:71:91:95:35:93:37:c7:49:37:37:11:d2:ba:0b:d8:a1:d0:
8c:2c:2f:97:a3:1a:8a:d8:c7:11:0c:23:4a:76:e8:81:6d:c2:
17:a1:13:db:b3:d3:31:71:36:c4:a5:c5:b4:48:41:6d:6a:13:
8f:96:57:5d:e7:91:5e:08:48:ba:35:6f:39:10:10:65:c2:91:
45:09:fa:03:7d:ce:c0:5a:62:b9:fe:df:8c:67:a8:dc:18:af:
6a:4e:94:ea:fb:7b:b7:e7:4b:36:ed:cc:7f:67:0d:97:eb:6b:
4e:6b:37:e2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDGkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMjE2MTIwODM5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYwMTg0Ny05MmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr2JbmJdJAGmaRGkeEaqoXNbErV4gIk6aqFeXechWAeyUhz71WHzEBy8oLCgd
lsySNLYYa8rKSNx4gtDuTbQlmkrKlS495dJSuGrFFJQzlrVCKX1dTta+129WOUxO
MY4XwasM9ZEgMHhPsqF15NRRFiaiarfTdpU72A3KzTIUaffJ83kwW6cJX6QUoUCm
oXOz8V/lovXVbkbskT3OacApaWw5gG6Bq/P3tnMwQyPdKxuOYQLXaPsy6lpiae7p
6Ib0fgxVoJAcTpFGolsD4DEsYBo0Yin9Em2iTLlNL1bNU3+WgRK6VHTPEr9gkWxP
wI9oysjaKY6r5vlvAHn5H/p5hwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLUQeeZ9
kM48nuqhYcro8bbjzpbZMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvN0JGNEY0RTJC
QkE2MTFFRjg5MDBGQzJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAOLviAwDQYJKoZIhvcNAQELBQADggEBAJ0+0itpidM81Na/
A8KoO066y1jknhhQyPIBE0JQylfRTcJt5Tne7EAOE1NOL7yccMNLRXMjpX5ki1iA
Ay5eZMZ8kXyHHhgiqsYZgvkXyG8LCAxCDans1r/PEpFnddmnhaRk6CqqRFWFggUZ
DMVyX3nY5pG57U449WMgm+h9u7gxZDhCItxTP8J0JGEN84JnukVxkZU1kzfHSTc3
EdK6C9ih0IwsL5ejGorYxxEMI0p26IFtwhehE9uz0zFxNsSlxbRIQW1qE4+WV13n
kV4ISLo1bzkQEGXCkUUJ+gN9zsBaYrn+34xnqNwYr2pOlOr7e7fnSzbtzH9nDZfr
a05rN+I=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:40 2025 by rpki-client