Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B3B998DE093011EFB45BFD7EC4F9AE02.roa
File: B3B998DE093011EFB45BFD7EC4F9AE02.roa (raw, json)
Hash identifier: niLe8hYwAhmPA3ae0Gkl9p5NY5GT2HqGikFHx0xuKbc=
Subject key identifier: AC:15:D8:D4:E5:FB:D3:1C:C6:85:46:05:80:09:BE:AD:81:B1:D0:CA
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0AAC
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B3B998DE093011EFB45BFD7EC4F9AE02.roa
Signing time: Fri 24 May 2024 22:32:14 +0000
ROA not before: Fri 24 May 2024 22:32:14 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 139.190.32.0/22 maxlen: 24
139.190.124.0/22 maxlen: 24
139.190.240.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 19 Aug 2024 10:57:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2732 (0xaac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: May 24 22:32:14 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6651156e-7f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:8e:a4:01:4b:ef:3a:4b:4a:75:f9:e3:93:0b:
52:6c:61:4e:8a:ac:7f:1a:e0:16:5d:11:7c:d2:23:
ad:e5:f8:3a:dc:48:6a:56:41:67:3f:8d:63:e2:94:
64:12:f1:2a:84:de:3b:46:88:fa:71:aa:94:c3:31:
77:f3:f2:39:cf:58:93:e8:a4:f3:6d:a0:7f:53:8c:
11:39:bc:c0:8f:bf:24:89:94:db:74:55:3a:5a:f3:
6f:bc:6c:31:a3:7a:71:cf:4f:b7:f7:e9:dc:7b:74:
22:a8:72:97:65:dd:0a:e6:36:6f:07:c5:de:9d:28:
53:04:1c:52:d4:ab:95:82:9f:e5:e1:1a:55:7b:c5:
5e:92:b9:90:cf:fd:41:cb:c7:13:59:6d:48:f8:0a:
56:1d:23:1d:77:5c:d7:3c:f2:29:03:d6:81:80:0a:
09:1d:0c:77:1f:58:d3:7d:d1:93:2b:88:d8:30:fc:
db:3f:2f:d9:f3:9d:37:2a:f3:99:00:7e:ea:9f:c6:
39:53:15:78:4a:dc:2c:f4:93:bb:53:46:d2:c9:ea:
f0:54:bc:09:e1:88:cf:6c:67:1c:d6:b6:c7:e9:77:
d8:91:cd:b0:79:41:7d:a4:30:20:fa:5d:43:71:9c:
d5:62:50:0e:ba:f5:f7:cd:5d:9d:64:49:51:4c:89:
96:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:15:D8:D4:E5:FB:D3:1C:C6:85:46:05:80:09:BE:AD:81:B1:D0:CA
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B3B998DE093011EFB45BFD7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/22
139.190.124.0/22
139.190.240.0/20
Signature Algorithm: sha256WithRSAEncryption
34:f9:a6:c0:d6:e9:b7:56:c5:13:2f:c1:f9:f7:03:c4:18:1a:
11:30:79:8b:fa:bb:b1:88:08:35:58:98:6a:a9:a2:bc:28:5d:
c8:0f:bc:21:36:a0:f0:9a:5e:47:30:cd:65:03:be:3c:71:06:
9b:7a:de:a8:70:bf:f8:77:94:66:a6:15:6e:0e:30:33:52:7f:
d8:cc:56:de:fa:c2:8d:4d:4a:e5:89:2d:ed:f8:1d:58:c0:4c:
af:6b:57:6c:84:f6:26:2f:61:c8:57:54:29:19:96:85:14:94:
be:a3:ad:61:e9:d6:ac:d9:1f:dc:42:e4:3d:92:d2:83:67:7d:
3f:8a:d1:88:a3:ef:ad:f7:55:7e:dd:72:4b:20:d6:9a:08:98:
1b:c8:dd:d1:80:e4:44:f9:f1:e1:ad:3b:21:29:ee:73:5a:74:
44:3f:09:d7:29:81:9e:22:87:53:be:66:b8:3c:d1:ad:db:01:
c9:d8:66:66:fc:3f:d6:0c:65:30:2b:34:2c:c7:de:23:a8:4a:
25:7c:8b:4d:95:9c:c8:e5:63:6c:7a:b7:39:92:de:22:87:f6:
b7:d0:ad:54:8c:9a:8f:ef:0a:64:f9:21:c2:8d:a6:bf:4d:66:
50:d7:19:b4:14:dc:a9:11:f1:a4:03:5f:e1:90:fb:ef:64:c8:
f3:22:7a:bd
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCqwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwNTI0MjIzMjE0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjUxMTU2ZS03ZjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA746kAUvvOktKdfnjkwtSbGFOiqx/GuAWXRF80iOt5fg63EhqVkFnP41j4pRk
EvEqhN47Roj6caqUwzF38/I5z1iT6KTzbaB/U4wRObzAj78kiZTbdFU6WvNvvGwx
o3pxz0+39+nce3QiqHKXZd0K5jZvB8XenShTBBxS1KuVgp/l4RpVe8VekrmQz/1B
y8cTWW1I+ApWHSMdd1zXPPIpA9aBgAoJHQx3H1jTfdGTK4jYMPzbPy/Z8503KvOZ
AH7qn8Y5UxV4Stws9JO7U0bSyerwVLwJ4YjPbGcc1rbH6XfYkc2weUF9pDAg+l1D
cZzVYlAOuvX3zV2dZElRTImWfQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKwV2NTl
+9McxoVGBYAJvq2BsdDKMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQjNCOTk4REUw
OTMwMTFFRkI0NUJGRDdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAKLviADBAKLvnwDBASLvvAwDQYJKoZIhvcNAQELBQADggEB
ADT5psDW6bdWxRMvwfn3A8QYGhEweYv6u7GICDVYmGqporwoXcgPvCE2oPCaXkcw
zWUDvjxxBpt63qhwv/h3lGamFW4OMDNSf9jMVt76wo1NSuWJLe34HVjATK9rV2yE
9iYvYchXVCkZloUUlL6jrWHp1qzZH9xC5D2S0oNnfT+K0Yij7633VX7dcksg1poI
mBvI3dGA5ET58eGtOyEp7nNadEQ/CdcpgZ4ih1O+Zrg80a3bAcnYZmb8P9YMZTAr
NCzH3iOoSiV8i02VnMjlY2x6tzmS3iKH9rfQrVSMmo/vCmT5IcKNpr9NZlDXGbQU
3KkR8aQDX+GQ++9kyPMier0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:37:26 2025 by rpki-client