Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B2E8D82E9CFC11EF92434648C4F9AE02.roa
File: B2E8D82E9CFC11EF92434648C4F9AE02.roa (raw, json)
Hash identifier: S/A9KnkkQNyrj4qz523UDIz35Ir8IRvdb3ZRIMvIloo=
Subject key identifier: 97:B5:AC:3F:BC:75:8F:E4:11:EE:FD:BD:A4:59:B2:03:B4:63:57:D3
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0BC8
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B2E8D82E9CFC11EF92434648C4F9AE02.roa
Signing time: Thu 14 Nov 2024 10:56:47 +0000
ROA not before: Thu 14 Nov 2024 10:56:47 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 139.190.64.0/19 maxlen: 19
139.190.96.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 08:35:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3016 (0xbc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Nov 14 10:56:47 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6735d76e-6fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:71:06:bd:e4:ed:8c:8d:67:32:9a:de:ef:2b:
95:80:c8:a1:49:25:40:93:ff:86:b2:c2:9c:ea:ea:
13:a9:c2:68:c9:d0:8d:b8:d1:ae:fa:82:cf:58:05:
c6:a5:f8:b4:b5:a7:f1:e8:41:68:2c:82:8a:9e:ce:
35:a0:8c:af:80:b7:ee:26:57:0e:6d:59:23:46:c8:
cd:f0:7b:7e:e7:7a:ef:f0:6a:9e:8d:9f:b1:dc:03:
ea:ae:93:2f:6e:af:26:c7:c7:30:fa:ab:7f:09:67:
f8:d5:c0:8f:d2:69:c4:13:a5:3d:51:64:12:2d:9c:
13:76:d0:54:16:27:f0:0b:54:be:ad:a7:d9:ba:a9:
e6:98:ad:12:c6:86:b0:3b:42:72:a9:e5:fb:d5:7b:
4c:6b:e1:62:f5:7c:d7:0d:b4:fe:ed:cc:ee:11:be:
50:c1:f1:fe:56:c6:cc:c4:8a:c6:c2:77:17:60:0c:
58:58:3a:83:09:0a:db:ae:35:7b:06:9c:6b:66:ea:
48:7f:c2:70:4a:49:61:e2:f2:45:b6:c2:a4:e6:20:
b8:d2:5a:65:3d:63:a6:bb:5b:a5:3b:5d:50:70:b6:
b8:16:92:52:11:23:8e:48:6f:48:82:33:be:77:3e:
44:6e:e6:6a:9d:a7:2b:45:97:07:55:f4:42:d7:0a:
6e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B5:AC:3F:BC:75:8F:E4:11:EE:FD:BD:A4:59:B2:03:B4:63:57:D3
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B2E8D82E9CFC11EF92434648C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8d:f1:58:dc:a9:9e:36:25:e0:70:f2:f9:88:f4:f1:ff:ce:5f:
c2:e6:f3:f6:d0:6f:c3:9f:bc:a3:43:d5:59:eb:42:09:62:a5:
6b:b0:96:8e:42:d3:27:2e:96:76:37:be:81:f4:4d:37:55:14:
13:21:5e:10:9d:23:d5:41:1c:86:54:37:85:a1:53:90:e7:57:
e1:84:f6:7d:c4:95:9c:f1:eb:1f:ce:77:c8:95:8f:0e:f8:24:
33:b8:6d:70:70:9a:de:88:47:e4:35:a2:2b:ea:40:40:c3:47:
70:7d:3c:2a:d6:cc:dd:c8:37:a7:d4:ed:43:4a:5a:b1:7a:65:
fb:3f:3f:25:d6:3e:bd:4b:ff:cb:95:f0:09:98:b1:41:38:6a:
d8:fe:9b:38:a3:cb:55:f2:a7:17:23:8f:f4:bf:1d:19:ce:9f:
6e:03:56:34:17:eb:04:1d:f6:a5:88:fc:53:05:20:49:6f:1b:
f1:4a:bc:0b:4e:d0:ac:4b:bd:da:ef:3d:24:06:88:4c:9a:2e:
40:9a:ed:25:40:46:bc:a0:ef:e0:a4:8b:63:66:4c:aa:cc:2f:
a3:bb:0c:f6:da:a7:10:af:d8:68:b5:75:7b:61:e6:81:ec:c9:
3f:6e:9a:0a:23:18:12:cb:31:94:e0:b5:1f:e3:7a:1f:b5:23:
01:2b:ae:7a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC8gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMTE0MTA1NjQ3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM1ZDc2ZS02ZmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxXEGveTtjI1nMpre7yuVgMihSSVAk/+GssKc6uoTqcJoydCNuNGu+oLPWAXG
pfi0tafx6EFoLIKKns41oIyvgLfuJlcObVkjRsjN8Ht+53rv8GqejZ+x3APqrpMv
bq8mx8cw+qt/CWf41cCP0mnEE6U9UWQSLZwTdtBUFifwC1S+rafZuqnmmK0Sxoaw
O0JyqeX71XtMa+Fi9XzXDbT+7czuEb5QwfH+VsbMxIrGwncXYAxYWDqDCQrbrjV7
BpxrZupIf8JwSklh4vJFtsKk5iC40lplPWOmu1ulO11QcLa4FpJSESOOSG9IgjO+
dz5EbuZqnacrRZcHVfRC1wpuTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJe1rD+8
dY/kEe79vaRZsgO0Y1fTMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQjJFOEQ4MkU5
Q0ZDMTFFRjkyNDM0NjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAaLvkAwDQYJKoZIhvcNAQELBQADggEBAI3xWNypnjYl4HDy
+Yj08f/OX8Lm8/bQb8OfvKND1VnrQglipWuwlo5C0yculnY3voH0TTdVFBMhXhCd
I9VBHIZUN4WhU5DnV+GE9n3ElZzx6x/Od8iVjw74JDO4bXBwmt6IR+Q1oivqQEDD
R3B9PCrWzN3IN6fU7UNKWrF6Zfs/PyXWPr1L/8uV8AmYsUE4atj+mzijy1Xypxcj
j/S/HRnOn24DVjQX6wQd9qWI/FMFIElvG/FKvAtO0KxLvdrvPSQGiEyaLkCa7SVA
Rryg7+Cki2NmTKrML6O7DPbapxCv2Gi1dXth5oHsyT9umgojGBLLMZTgtR/jeh+1
IwErrno=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:39 2025 by rpki-client