Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9F170BDAAE5011EF9D92323EC4F9AE02.roa
File: 9F170BDAAE5011EF9D92323EC4F9AE02.roa (raw, json)
Hash identifier: CTM5a9I4OrzyOrPun+APU+/sgtB25BS+1OW0h0auxpo=
Subject key identifier: 60:57:6B:B5:E5:18:AA:13:B0:60:90:96:3A:7F:74:FC:48:25:BC:FC
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0C46
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9F170BDAAE5011EF9D92323EC4F9AE02.roa
Signing time: Fri 29 Nov 2024 12:51:16 +0000
ROA not before: Fri 29 Nov 2024 12:51:16 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 139.190.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Dec 2024 12:20:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3142 (0xc46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Nov 29 12:51:16 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6749b8c4-9a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:50:0d:d8:44:04:0d:54:6e:6a:71:f2:be:f6:
8c:ec:3a:b7:da:b7:75:0c:a9:d5:66:3e:cf:66:bc:
9f:60:50:03:b9:3f:9e:b2:75:5b:50:4c:0e:cb:21:
4d:1a:dd:14:5a:10:b2:0a:b9:dd:30:92:44:20:d4:
f2:e6:4d:8a:d9:69:34:f0:b0:c9:9a:02:51:10:2b:
c1:68:37:b9:18:6d:b5:54:c9:a9:93:08:37:ab:0a:
2b:ed:6c:c8:b4:73:f3:b4:9c:40:cd:0e:44:e1:6e:
06:cd:4a:f1:69:76:65:f8:f7:71:c9:90:64:a5:69:
f4:94:22:a9:fe:52:a2:c3:82:45:3a:4c:f7:3c:a4:
5e:1d:01:e2:7d:50:a1:0a:f5:68:f2:a5:c9:2b:c0:
18:96:b9:61:c8:2b:76:24:d6:a3:3f:6a:ba:15:bc:
b2:1d:5f:ef:63:4a:ce:a8:19:ad:88:70:db:12:84:
b7:96:c0:aa:bb:fc:71:f0:0a:4b:12:68:07:bf:74:
69:09:68:11:ff:b4:4a:5e:ca:88:d3:60:f7:e0:ad:
9c:9d:6c:9f:8c:0c:de:14:f7:8b:aa:a8:10:37:46:
a6:c9:fe:b3:ac:8e:e8:ba:f7:6d:1e:89:6f:f1:e0:
0c:51:5c:fe:cd:2b:5c:eb:a8:10:48:99:c2:65:07:
79:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:57:6B:B5:E5:18:AA:13:B0:60:90:96:3A:7F:74:FC:48:25:BC:FC
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9F170BDAAE5011EF9D92323EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/19
Signature Algorithm: sha256WithRSAEncryption
43:4d:41:5b:ab:de:3d:ec:8c:09:78:90:af:a4:c0:9f:ee:a3:
d3:74:33:de:ff:6b:46:35:9c:9d:c0:a8:dc:2e:a3:5f:da:fe:
aa:d3:fe:dd:59:ea:8b:94:33:cc:9c:f3:0c:4c:9e:ec:c3:17:
13:dc:4e:d0:7d:41:8e:85:4d:1f:ef:85:7f:2e:83:36:c7:1c:
7a:e8:d8:b7:d0:2f:d5:e7:b5:cc:ad:78:5e:b5:f4:b4:26:4f:
d6:86:a8:10:32:be:07:af:b5:9e:19:51:9a:6c:3d:f1:78:16:
17:a2:9b:57:8c:be:69:29:2b:d9:58:c2:bd:ab:09:07:6c:80:
a7:83:9b:f3:75:ef:2a:cc:a5:be:37:16:33:96:67:af:83:8b:
2e:cb:41:c6:13:8a:1d:73:6f:53:be:e9:76:bd:75:b1:95:36:
d6:ba:f9:3a:02:42:a3:4c:aa:9f:c5:88:b5:46:e5:3f:de:89:
55:30:ec:2a:70:13:e6:53:ca:04:90:00:f8:b9:b3:cd:88:f1:
99:f3:5c:59:2b:9e:5b:06:de:d0:49:5b:aa:e3:e0:b9:0b:06:
01:5a:72:70:55:68:2c:04:f8:02:47:ac:42:cc:8c:58:c1:24:
e8:d2:e4:04:72:13:df:fe:c2:f2:4a:a8:34:b9:47:8a:4e:86:
b0:d2:b4:e8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDEYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMTI5MTI1MTE2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ5YjhjNC05YTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz1AN2EQEDVRuanHyvvaM7Dq32rd1DKnVZj7PZryfYFADuT+esnVbUEwOyyFN
Gt0UWhCyCrndMJJEINTy5k2K2Wk08LDJmgJRECvBaDe5GG21VMmpkwg3qwor7WzI
tHPztJxAzQ5E4W4GzUrxaXZl+PdxyZBkpWn0lCKp/lKiw4JFOkz3PKReHQHifVCh
CvVo8qXJK8AYlrlhyCt2JNajP2q6FbyyHV/vY0rOqBmtiHDbEoS3lsCqu/xx8ApL
EmgHv3RpCWgR/7RKXsqI02D34K2cnWyfjAzeFPeLqqgQN0amyf6zrI7ouvdtHolv
8eAMUVz+zStc66gQSJnCZQd55QIDAQABo4IClTCCApEwHQYDVR0OBBYEFGBXa7Xl
GKoTsGCQljp/dPxIJbz8MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOUYxNzBCREFB
RTUwMTFFRjlEOTIzMjNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWLviAwDQYJKoZIhvcNAQELBQADggEBAENNQVur3j3sjAl4
kK+kwJ/uo9N0M97/a0Y1nJ3AqNwuo1/a/qrT/t1Z6ouUM8yc8wxMnuzDFxPcTtB9
QY6FTR/vhX8ugzbHHHro2LfQL9XntcyteF619LQmT9aGqBAyvgevtZ4ZUZpsPfF4
Fheim1eMvmkpK9lYwr2rCQdsgKeDm/N17yrMpb43FjOWZ6+Diy7LQcYTih1zb1O+
6Xa9dbGVNta6+ToCQqNMqp/FiLVG5T/eiVUw7CpwE+ZTygSQAPi5s82I8ZnzXFkr
nlsG3tBJW6rj4LkLBgFacnBVaCwE+AJHrELMjFjBJOjS5ARyE9/+wvJKqDS5R4pO
hrDStOg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:31:58 2025 by rpki-client