Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9B935EEE6A7D11EFA3717E50C4F9AE02.roa
File: 9B935EEE6A7D11EFA3717E50C4F9AE02.roa (raw, json)
Hash identifier: +zVmoe+kVTStvCv0ril3UhT3gch52RhsIfF+BJNpQlw=
Subject key identifier: 8F:C8:6A:88:B9:31:60:E0:56:95:3A:F2:22:20:F8:BF:01:9D:51:4F
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0B15
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9B935EEE6A7D11EFA3717E50C4F9AE02.roa
Signing time: Wed 04 Sep 2024 05:21:58 +0000
ROA not before: Wed 04 Sep 2024 05:21:58 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 6079
IP address blocks: 139.190.32.0/22 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 06:22:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2837 (0xb15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Sep 4 05:21:58 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66d7ee76-67a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:eb:32:56:3b:ef:27:a5:a0:81:ff:58:e9:28:
c0:50:b1:1f:04:f3:17:d6:f6:3e:9f:71:d7:f4:9b:
2b:ef:81:e1:fa:53:cf:51:1a:c8:c2:06:76:af:38:
6e:50:b6:94:0d:07:d6:08:f3:b9:9e:f6:91:b5:3f:
1c:3d:fe:96:03:26:9e:0a:db:3b:3e:2c:64:70:65:
51:a4:c2:49:2e:be:41:7d:82:5b:4f:a8:aa:b6:cf:
7d:fb:32:18:ae:7e:b8:78:2d:68:7d:e5:ff:e1:67:
b0:10:9c:f9:8e:f9:5e:ad:c8:57:5d:99:b7:9d:17:
73:08:9e:64:f9:e7:f8:d4:1d:56:f0:98:44:60:32:
d4:a7:31:21:c0:e4:14:97:55:a7:06:d2:fd:c6:f3:
74:b9:37:7c:3d:80:29:e9:f0:9d:7d:2c:f4:c0:2b:
ae:f4:72:1b:62:e8:a1:7a:94:f3:13:ff:87:b1:cb:
6f:9e:7b:32:53:c6:de:fc:58:4f:7a:e9:71:4a:50:
4e:a8:1f:7c:fd:ff:47:c0:72:ca:ee:ab:e4:2b:5e:
82:5b:a7:2b:34:aa:94:4d:16:8b:a5:e2:ce:e6:9d:
00:94:cc:5a:28:9e:ec:b4:ea:20:17:f5:6d:48:d3:
bc:a7:fb:02:4b:68:6a:08:8a:1b:8b:32:5c:9e:52:
2b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C8:6A:88:B9:31:60:E0:56:95:3A:F2:22:20:F8:BF:01:9D:51:4F
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9B935EEE6A7D11EFA3717E50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/22
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:e6:04:f2:fc:65:0d:0e:e1:82:d2:4a:b3:7a:18:e9:ce:0d:
78:d5:39:b5:04:71:52:ed:37:71:36:8b:cf:6d:d4:d5:ed:24:
87:68:76:9c:5d:03:ae:78:d2:57:30:2a:f6:aa:7e:b6:f3:e8:
52:fa:c8:cd:5c:16:b2:70:65:70:d1:10:47:55:5e:ef:63:90:
a0:3b:e4:ec:32:1b:79:d6:58:ab:ca:26:2a:51:ba:c7:03:0e:
4c:27:cd:9b:bf:f1:a5:2e:c5:d3:c2:03:fa:fb:f2:7b:97:01:
cf:b4:94:80:22:4a:b9:c8:c1:01:a7:dd:d5:38:4b:37:5c:5b:
45:79:c0:1d:40:fc:db:97:c8:c3:16:46:de:82:e2:84:e2:57:
f3:ff:24:af:20:ca:98:d0:eb:71:6e:6c:c2:19:bb:5b:65:01:
05:48:dd:24:f9:9a:09:8c:17:b7:82:90:b1:92:8f:05:19:b1:
87:74:d1:64:04:29:c0:d3:1c:35:81:b9:4f:e2:b6:1b:95:62:
f8:28:ee:0d:29:54:13:a2:da:16:84:79:f5:ae:e4:f1:da:77:
51:52:86:34:3f:15:c5:52:24:dd:de:46:0e:53:0a:4c:21:c3:
e3:3b:bb:b7:cd:ff:fc:04:fb:83:a7:39:7d:85:3e:cd:7b:17:
d2:83:31:57
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCxUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwOTA0MDUyMTU4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ3ZWU3Ni02N2EzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAousyVjvvJ6Wggf9Y6SjAULEfBPMX1vY+n3HX9Jsr74Hh+lPPURrIwgZ2rzhu
ULaUDQfWCPO5nvaRtT8cPf6WAyaeCts7PixkcGVRpMJJLr5BfYJbT6iqts99+zIY
rn64eC1ofeX/4WewEJz5jvlerchXXZm3nRdzCJ5k+ef41B1W8JhEYDLUpzEhwOQU
l1WnBtL9xvN0uTd8PYAp6fCdfSz0wCuu9HIbYuihepTzE/+HsctvnnsyU8be/FhP
eulxSlBOqB98/f9HwHLK7qvkK16CW6crNKqUTRaLpeLO5p0AlMxaKJ7stOogF/Vt
SNO8p/sCS2hqCIobizJcnlIrTQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFI/Iaoi5
MWDgVpU68iIg+L8BnVFPMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOUI5MzVFRUU2
QTdEMTFFRkEzNzE3RTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAKLviADBACLvu8wDQYJKoZIhvcNAQELBQADggEBAKbmBPL8
ZQ0O4YLSSrN6GOnODXjVObUEcVLtN3E2i89t1NXtJIdodpxdA6540lcwKvaqfrbz
6FL6yM1cFrJwZXDREEdVXu9jkKA75OwyG3nWWKvKJipRuscDDkwnzZu/8aUuxdPC
A/r78nuXAc+0lIAiSrnIwQGn3dU4SzdcW0V5wB1A/NuXyMMWRt6C4oTiV/P/JK8g
ypjQ63FubMIZu1tlAQVI3ST5mgmMF7eCkLGSjwUZsYd00WQEKcDTHDWBuU/ithuV
Yvgo7g0pVBOi2haEefWu5PHad1FShjQ/FcVSJN3eRg5TCkwhw+M7u7fN//wE+4On
OX2FPs17F9KDMVc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:39:44 2025 by rpki-client