Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/A19A25B0AE4E11EFA7F59D3AC4F9AE02.roa
File: A19A25B0AE4E11EFA7F59D3AC4F9AE02.roa (raw, json)
Hash identifier: XgJihJAzcQO7SaFtcD0k56+iLso17/9kIdXteXrWjq8=
Subject key identifier: FF:18:1C:78:DD:78:93:63:49:A9:01:C1:0C:DA:23:43:9B:BF:5E:21
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0C48
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/A19A25B0AE4E11EFA7F59D3AC4F9AE02.roa
Signing time: Fri 29 Nov 2024 12:51:57 +0000
ROA not before: Fri 29 Nov 2024 12:51:57 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.0.0/21 maxlen: 24
139.190.56.0/22 maxlen: 22
139.190.68.0/22 maxlen: 22
139.190.80.0/21 maxlen: 21
139.190.88.0/21 maxlen: 21
139.190.124.0/24 maxlen: 24
139.190.125.0/24 maxlen: 24
139.190.126.0/24 maxlen: 24
139.190.127.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 12:16:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3144 (0xc48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Nov 29 12:51:57 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6749b8ed-7e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:44:54:86:0a:df:cb:62:a0:33:22:f2:7a:a7:
7c:53:aa:c2:47:78:a7:ea:85:e9:54:d4:bc:7b:c6:
48:e0:fc:49:92:39:22:4a:d8:8f:b2:f6:12:f0:90:
58:6e:25:14:2d:36:db:bb:e9:53:d7:1f:a0:ad:e8:
0e:67:4a:01:bc:3e:01:c1:52:56:91:7e:dc:8f:ba:
9a:3f:15:6b:16:37:c3:90:6f:cc:8b:94:e7:30:33:
73:0b:7c:cf:4a:fe:38:73:b4:aa:74:c7:84:2e:dc:
2e:5d:f6:63:73:9e:b0:0c:98:73:7d:16:b1:f5:83:
2b:66:aa:22:dd:85:ad:7b:54:bb:27:af:20:a9:c2:
5c:41:bd:af:1b:bd:c1:cb:8e:f7:be:72:06:67:2d:
08:2b:cb:83:eb:4c:7d:36:77:f4:3e:79:26:fd:c5:
95:5a:90:bd:c0:5b:e0:e3:36:5b:38:d3:40:4b:3d:
fd:64:a9:03:f8:e6:0a:10:d7:72:a5:09:9d:6a:d4:
4b:40:1f:75:66:08:a4:d3:42:86:14:5d:20:e1:04:
11:e7:46:d5:7f:a1:b1:91:5b:5e:56:f1:47:36:79:
25:25:12:48:04:38:4c:30:48:67:f4:d7:b9:fc:ad:
5f:61:ad:83:0c:13:63:24:2c:8b:d5:45:35:96:58:
d2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:18:1C:78:DD:78:93:63:49:A9:01:C1:0C:DA:23:43:9B:BF:5E:21
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/A19A25B0AE4E11EFA7F59D3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/21
139.190.56.0/22
139.190.68.0/22
139.190.80.0/20
139.190.124.0/22
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:7e:f1:c9:a2:96:6d:22:40:58:6c:0f:09:a0:15:73:64:bd:
42:50:c7:b4:99:9e:a4:49:9b:1e:17:03:71:be:58:c5:fa:6d:
0c:ac:71:dd:d9:41:2b:ff:76:50:df:e8:c7:82:b3:ae:7c:48:
cb:46:12:ea:0b:3f:b0:a5:9e:0d:76:2f:45:13:32:25:05:da:
5e:27:6c:46:b7:2a:85:a9:50:46:48:0a:7d:52:d0:8e:52:f6:
06:0c:87:a6:05:3d:5c:41:85:a8:58:34:4f:76:1f:a1:ff:eb:
0c:c6:6d:b5:b0:2f:9c:1b:17:76:41:3b:58:fe:6f:81:c7:8f:
70:b8:b2:5f:1f:37:72:a5:68:51:96:2a:b8:0d:d4:f9:31:34:
d0:2e:be:d1:cb:63:74:dc:b6:64:d5:d9:9f:87:8a:95:25:55:
34:c5:3b:7d:20:8a:f2:39:65:f9:9d:43:c2:4a:06:55:08:f0:
d5:cc:12:b4:05:22:8a:89:43:98:56:15:47:16:6f:90:e3:a2:
f4:b0:79:8f:ca:7a:0c:1c:01:b2:c1:87:12:dd:bd:e1:8c:57:
ad:49:e1:77:cf:ac:7e:3b:4b:a1:ae:48:97:ea:a6:73:a9:b1:
2a:91:e0:5f:1a:87:4f:12:67:be:b3:ce:f5:2e:0c:63:a6:7a:
cd:e2:73:75
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICDEgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMTI5MTI1MTU3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ5YjhlZC03ZTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArkRUhgrfy2KgMyLyeqd8U6rCR3in6oXpVNS8e8ZI4PxJkjkiStiPsvYS8JBY
biUULTbbu+lT1x+gregOZ0oBvD4BwVJWkX7cj7qaPxVrFjfDkG/Mi5TnMDNzC3zP
Sv44c7SqdMeELtwuXfZjc56wDJhzfRax9YMrZqoi3YWte1S7J68gqcJcQb2vG73B
y473vnIGZy0IK8uD60x9Nnf0Pnkm/cWVWpC9wFvg4zZbONNASz39ZKkD+OYKENdy
pQmdatRLQB91Zgik00KGFF0g4QQR50bVf6GxkVteVvFHNnklJRJIBDhMMEhn9Ne5
/K1fYa2DDBNjJCyL1UU1lljSdwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFP8YHHjd
eJNjSakBwQzaI0Obv14hMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQTE5QTI1QjBB
RTRFMTFFRkE3RjU5RDNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAOLvgADBAKLvjgDBAKLvkQDBASLvlADBAKLvnwDBACLvu8w
DQYJKoZIhvcNAQELBQADggEBAGt+8cmilm0iQFhsDwmgFXNkvUJQx7SZnqRJmx4X
A3G+WMX6bQyscd3ZQSv/dlDf6MeCs658SMtGEuoLP7Clng12L0UTMiUF2l4nbEa3
KoWpUEZICn1S0I5S9gYMh6YFPVxBhahYNE92H6H/6wzGbbWwL5wbF3ZBO1j+b4HH
j3C4sl8fN3KlaFGWKrgN1PkxNNAuvtHLY3TctmTV2Z+HipUlVTTFO30givI5Zfmd
Q8JKBlUI8NXMErQFIoqJQ5hWFUcWb5DjovSweY/KegwcAbLBhxLdveGMV61J4XfP
rH47S6GuSJfqpnOpsSqR4F8ah08SZ76zzvUuDGOmes3ic3U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:41 2025 by rpki-client