Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/8CFB0600C11E11EF80A34C33C4F9AE02.roa
File: 8CFB0600C11E11EF80A34C33C4F9AE02.roa (raw, json)
Hash identifier: svpVEodlyO0VKkx7f6Ug7LriR1qe5iPeJbcdXod4rfc=
Subject key identifier: B8:35:89:DA:3F:36:7F:80:BF:FA:46:E6:79:1D:F7:85:B7:17:38:C5
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0CBB
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/8CFB0600C11E11EF80A34C33C4F9AE02.roa
Signing time: Tue 24 Dec 2024 10:55:15 +0000
ROA not before: Tue 24 Dec 2024 10:55:15 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 329007
IP address blocks: 139.190.0.0/22 maxlen: 22
139.190.4.0/24 maxlen: 24
139.190.5.0/24 maxlen: 24
139.190.6.0/24 maxlen: 24
139.190.7.0/24 maxlen: 24
139.190.8.0/22 maxlen: 22
139.190.12.0/22 maxlen: 22
139.190.16.0/22 maxlen: 22
139.190.20.0/22 maxlen: 22
139.190.24.0/22 maxlen: 22
139.190.28.0/22 maxlen: 22
139.190.48.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.56.0/22 maxlen: 24
139.190.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Dec 2024 06:08:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3259 (0xcbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Dec 24 10:55:15 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=676a9312-ca8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6b:4d:ce:de:64:8f:c2:1a:99:bb:65:d3:e0:
b1:3b:7b:28:7b:f3:06:9d:04:49:f8:31:5b:31:20:
df:82:b8:b2:66:fb:04:79:1f:41:a6:33:df:15:7e:
37:36:e5:89:5e:d9:92:b9:40:85:0c:c0:b5:94:79:
48:36:cc:cf:83:41:16:9c:8f:ce:2f:70:90:a7:9f:
27:ee:f6:83:37:28:c1:ea:8a:ad:8b:0d:a7:30:9f:
0c:9f:89:87:3a:6e:b0:2a:c5:b7:47:d1:02:fa:30:
1d:cf:0a:cd:6e:01:4c:e3:1e:9a:b0:f9:84:af:d5:
54:5e:3a:43:21:24:48:f1:00:ba:1a:e8:05:b2:59:
b9:4a:3d:b9:64:c1:bc:98:0d:b2:aa:19:37:be:fa:
62:64:57:7a:fa:86:13:88:a7:4c:19:7a:61:68:37:
d2:d9:84:07:76:22:0e:db:90:2e:12:a2:35:61:e9:
f5:13:d3:de:82:3d:5e:80:2d:38:10:e1:33:6b:92:
f7:83:9e:ef:4b:9d:11:8b:d0:47:f9:02:fa:ef:8b:
4d:a7:99:14:ce:0f:d3:9d:62:a5:9a:0f:a7:fb:3f:
c2:9d:f9:bb:44:83:9a:d1:1c:f4:84:80:d7:f4:95:
6a:7a:f4:38:52:cf:cb:b9:b6:54:0e:eb:48:24:64:
26:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:35:89:DA:3F:36:7F:80:BF:FA:46:E6:79:1D:F7:85:B7:17:38:C5
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/8CFB0600C11E11EF80A34C33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/19
139.190.48.0-139.190.59.255
139.190.124.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:d7:0b:91:bd:c3:40:a8:62:19:dd:82:3b:c3:d9:20:24:d2:
c9:44:53:75:47:de:95:cf:22:39:0e:7b:a3:37:53:77:fd:1b:
c2:44:8d:de:dc:78:7f:8e:c0:b3:81:fc:38:cd:46:cc:14:61:
c9:36:13:c0:e4:8f:d7:ae:a2:bf:0f:69:a5:e3:1c:d8:dc:b0:
f5:5b:32:d0:09:fd:9c:eb:8d:6a:3a:4c:16:bd:34:f6:65:80:
20:1a:32:3e:27:6f:23:25:f5:52:10:86:f9:15:8f:ed:a8:92:
40:94:b6:2e:d0:4d:06:04:c2:a4:b0:8f:61:c9:19:94:cf:4e:
d7:9c:55:4f:ed:1b:95:af:37:8c:26:a1:b2:3f:8e:42:89:4c:
a9:63:b8:65:da:9c:33:ec:ea:36:35:4c:ce:8f:ef:af:6a:7b:
a7:07:b4:1f:4b:61:01:c1:2b:de:cc:bc:28:c3:cd:be:34:54:
dc:23:fb:fd:0f:c1:8b:3c:e2:00:51:92:26:3c:64:ff:61:dd:
c3:89:e7:da:41:0b:c8:ce:67:58:65:a2:d9:82:b8:00:dd:b3:
ae:da:de:6e:41:ec:04:4d:38:56:3c:4c:f6:6c:df:6d:c0:ce:
37:0a:21:d3:55:89:32:f1:09:22:2c:6f:69:f1:65:80:20:e3:
cf:e2:90:3b
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICDLswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMjI0MTA1NTE1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZhOTMxMi1jYThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt2tNzt5kj8Iambtl0+CxO3soe/MGnQRJ+DFbMSDfgriyZvsEeR9BpjPfFX43
NuWJXtmSuUCFDMC1lHlINszPg0EWnI/OL3CQp58n7vaDNyjB6oqtiw2nMJ8Mn4mH
Om6wKsW3R9EC+jAdzwrNbgFM4x6asPmEr9VUXjpDISRI8QC6GugFslm5Sj25ZMG8
mA2yqhk3vvpiZFd6+oYTiKdMGXphaDfS2YQHdiIO25AuEqI1Yen1E9Pegj1egC04
EOEza5L3g57vS50Ri9BH+QL674tNp5kUzg/TnWKlmg+n+z/Cnfm7RIOa0Rz0hIDX
9JVqevQ4Us/LubZUDutIJGQmQwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFLg1ido/
Nn+Av/pG5nkd94W3FzjFMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOENGQjA2MDBD
MTFFMTFFRjgwQTM0QzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAWLvgAwDAMEBIu+MAMEAou+OAMEAou+fDANBgkqhkiG9w0B
AQsFAAOCAQEAzdcLkb3DQKhiGd2CO8PZICTSyURTdUfelc8iOQ57ozdTd/0bwkSN
3tx4f47As4H8OM1GzBRhyTYTwOSP166ivw9ppeMc2Nyw9Vsy0An9nOuNajpMFr00
9mWAIBoyPidvIyX1UhCG+RWP7aiSQJS2LtBNBgTCpLCPYckZlM9O15xVT+0bla83
jCahsj+OQolMqWO4ZdqcM+zqNjVMzo/vr2p7pwe0H0thAcEr3sy8KMPNvjRU3CP7
/Q/BizziAFGSJjxk/2Hdw4nn2kELyM5nWGWi2YK4AN2zrtrebkHsBE04VjxM9mzf
bcDONwoh01WJMvEJIixvafFlgCDjz+KQOw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:33:45 2025 by rpki-client