Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/8FEAA54E2FBC11EFAE8A5A1AC4F9AE02.roa
File: 8FEAA54E2FBC11EFAE8A5A1AC4F9AE02.roa (raw, json)
Hash identifier: YM0O5C/hcKbUmnjQVntJIBfNxj7Bs6RYEEF10x8guFk=
Subject key identifier: EF:4E:87:63:8F:F4:7F:08:48:20:3C:30:86:96:D3:43:87:25:1A:B9
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0AC9
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/8FEAA54E2FBC11EFAE8A5A1AC4F9AE02.roa
Signing time: Fri 21 Jun 2024 10:57:10 +0000
ROA not before: Fri 21 Jun 2024 10:57:10 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 139.190.5.0/24 maxlen: 24
139.190.6.0/24 maxlen: 24
139.190.7.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.40.0/22 maxlen: 24
139.190.48.0/22 maxlen: 24
139.190.96.0/22 maxlen: 24
139.190.104.0/22 maxlen: 24
139.190.108.0/22 maxlen: 24
139.190.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 11:24:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2761 (0xac9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Jun 21 10:57:10 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66755c85-9a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:94:ea:60:b6:4e:45:dd:5d:37:7a:e8:aa:d1:
89:c9:99:17:4a:23:60:ee:5f:39:2f:51:c7:dd:96:
05:73:1d:8f:d1:1a:95:50:ad:71:03:45:e5:60:eb:
a6:91:51:ed:52:46:7c:bd:8d:2e:63:d5:c1:53:09:
25:ad:ef:25:19:ea:80:b8:f2:c2:ef:82:18:0a:1a:
f5:1c:0b:15:67:71:dd:86:52:59:8b:0a:0d:ca:04:
4b:2b:f0:ee:5c:08:4f:b8:3b:3a:e9:64:0d:35:d9:
df:03:d7:4d:90:b8:bf:02:c0:cb:21:2d:83:6b:98:
9e:9f:39:00:be:4a:60:12:b9:e6:48:f0:86:ef:2b:
38:13:12:93:77:15:9d:02:9a:40:77:c5:43:55:d5:
b5:67:0f:39:16:ec:b4:35:f7:ff:b8:9c:95:69:42:
d6:03:e9:71:b0:e7:9e:48:ff:aa:d0:74:2a:c0:d2:
6e:f2:79:fb:06:a7:76:13:b2:7c:26:c5:b6:38:3e:
b9:83:0e:06:eb:8b:38:df:e4:98:39:32:46:98:24:
9e:49:1f:72:4d:83:e1:28:82:9d:ac:d6:ec:32:83:
5d:40:f9:08:86:7c:48:49:8a:35:3d:cd:53:6b:f5:
14:a8:23:57:80:75:ea:8d:f4:60:77:ea:2b:54:49:
58:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4E:87:63:8F:F4:7F:08:48:20:3C:30:86:96:D3:43:87:25:1A:B9
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/8FEAA54E2FBC11EFAE8A5A1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.5.0-139.190.7.255
139.190.36.0-139.190.43.255
139.190.48.0/22
139.190.96.0/22
139.190.104.0/21
139.190.120.0/22
Signature Algorithm: sha256WithRSAEncryption
68:76:c2:66:00:bb:d9:43:2f:47:02:da:52:7e:ca:99:1c:ab:
c6:84:e7:e0:d0:e1:db:ee:40:8b:d1:f9:29:07:d9:30:47:1c:
aa:aa:fb:1c:52:bb:db:e4:f6:0a:4a:ee:9f:6c:4a:3f:6f:aa:
2d:5d:9c:e9:4e:29:05:58:5b:cc:de:18:cb:9f:6e:37:6d:fb:
30:df:8e:8d:48:95:49:4c:e5:6e:d6:77:e1:56:59:8b:de:b4:
94:27:b5:65:e6:34:79:c9:68:8d:fd:05:ba:e2:b1:23:e0:38:
8e:a9:a5:0a:b4:7a:d0:83:d3:d3:6a:48:8f:0d:b7:70:cb:15:
fe:21:f2:bd:77:b0:09:c2:32:91:a5:ce:54:65:cd:65:76:ed:
85:61:91:0a:d0:27:74:0c:86:e6:92:a9:77:8c:ac:5a:0b:ae:
15:3f:32:f2:4f:df:f2:87:59:95:b2:de:68:a1:78:59:60:65:
f1:07:78:61:8c:fd:f6:cd:14:3d:fa:9d:bd:09:9b:3d:95:1b:
10:c8:a0:78:c2:07:39:d6:d6:b1:c4:a5:8d:58:98:7e:68:99:
bd:ed:1f:75:99:c1:9a:aa:31:83:ef:03:dd:fc:9f:43:41:45:
90:34:cc:41:23:76:43:79:51:f5:ea:be:cc:5e:9a:10:4e:69:
8d:36:40:2e
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICCskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwNjIxMTA1NzEwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc1NWM4NS05YTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3ZTqYLZORd1dN3roqtGJyZkXSiNg7l85L1HH3ZYFcx2P0RqVUK1xA0XlYOum
kVHtUkZ8vY0uY9XBUwklre8lGeqAuPLC74IYChr1HAsVZ3HdhlJZiwoNygRLK/Du
XAhPuDs66WQNNdnfA9dNkLi/AsDLIS2Da5ienzkAvkpgErnmSPCG7ys4ExKTdxWd
AppAd8VDVdW1Zw85Fuy0Nff/uJyVaULWA+lxsOeeSP+q0HQqwNJu8nn7Bqd2E7J8
JsW2OD65gw4G64s43+SYOTJGmCSeSR9yTYPhKIKdrNbsMoNdQPkIhnxISYo1Pc1T
a/UUqCNXgHXqjfRgd+orVElYrQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFO9Oh2OP
9H8ISCA8MIaW00OHJRq5MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOEZFQUE1NEUy
RkJDMTFFRkFFOEE1QTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MDoEAgABMDQwDAMEAIu+BQMEA4u+ADAMAwQCi74kAwQCi74oAwQCi74wAwQC
i75gAwQDi75oAwQCi754MA0GCSqGSIb3DQEBCwUAA4IBAQBodsJmALvZQy9HAtpS
fsqZHKvGhOfg0OHb7kCL0fkpB9kwRxyqqvscUrvb5PYKSu6fbEo/b6otXZzpTikF
WFvM3hjLn243bfsw346NSJVJTOVu1nfhVlmL3rSUJ7Vl5jR5yWiN/QW64rEj4DiO
qaUKtHrQg9PTakiPDbdwyxX+IfK9d7AJwjKRpc5UZc1ldu2FYZEK0Cd0DIbmkql3
jKxaC64VPzLyT9/yh1mVst5ooXhZYGXxB3hhjP32zRQ9+p29CZs9lRsQyKB4wgc5
1taxxKWNWJh+aJm97R91mcGaqjGD7wPd/J9DQUWQNMxBI3ZDeVH16r7MXpoQTmmN
NkAu
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:38 2025 by rpki-client