Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/C6C6C77ABD3111EFB429CA4BC4F9AE02.roa
File: C6C6C77ABD3111EFB429CA4BC4F9AE02.roa (raw, json)
Hash identifier: ol2mZkBKzFUgt/lk1wXDZE8Sz19Cp2GfwRpCkuYE2A8=
Subject key identifier: E0:21:FA:2F:F6:27:F6:56:0C:40:9A:12:67:57:79:3E:31:44:CA:2D
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0C87
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/C6C6C77ABD3111EFB429CA4BC4F9AE02.roa
Signing time: Wed 18 Dec 2024 11:18:16 +0000
ROA not before: Wed 18 Dec 2024 11:18:16 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.0.0/21 maxlen: 24
139.190.41.0/24 maxlen: 24
139.190.42.0/24 maxlen: 24
139.190.43.0/24 maxlen: 24
139.190.44.0/24 maxlen: 24
139.190.45.0/24 maxlen: 24
139.190.46.0/24 maxlen: 24
139.190.47.0/24 maxlen: 24
139.190.48.0/24 maxlen: 24
139.190.49.0/24 maxlen: 24
139.190.50.0/24 maxlen: 24
139.190.51.0/24 maxlen: 24
139.190.52.0/24 maxlen: 24
139.190.53.0/24 maxlen: 24
139.190.54.0/24 maxlen: 24
139.190.55.0/24 maxlen: 24
139.190.56.0/22 maxlen: 22
139.190.56.0/24 maxlen: 24
139.190.57.0/24 maxlen: 24
139.190.58.0/24 maxlen: 24
139.190.59.0/24 maxlen: 24
139.190.60.0/24 maxlen: 24
139.190.61.0/24 maxlen: 24
139.190.62.0/24 maxlen: 24
139.190.63.0/24 maxlen: 24
139.190.68.0/22 maxlen: 24
139.190.80.0/21 maxlen: 24
139.190.88.0/21 maxlen: 24
139.190.124.0/24 maxlen: 24
139.190.125.0/24 maxlen: 24
139.190.126.0/24 maxlen: 24
139.190.127.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Dec 2024 09:22:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3207 (0xc87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Dec 18 11:18:16 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6762af78-32fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:64:a7:e0:77:47:12:ee:07:ad:24:a7:5a:83:
38:0e:35:72:13:f6:f9:61:d3:8c:6c:b6:9b:01:45:
98:c5:d8:16:6a:80:cd:4d:46:3b:d9:7d:82:d3:40:
c7:be:d6:67:b7:28:47:7a:c0:d9:b5:a0:28:90:3e:
0f:d8:e3:4c:65:a9:ea:37:50:17:3b:12:85:ba:f0:
ca:46:66:ec:46:05:22:17:6c:1a:6e:1c:6f:e0:5f:
25:c2:2f:76:00:35:59:77:4e:93:95:0f:0a:fd:1e:
47:3f:88:0f:da:ad:5d:e7:36:0a:8d:0b:14:61:0c:
a6:f4:17:0c:3a:f9:19:ee:61:fa:cb:f3:8a:f0:ab:
fc:61:17:a2:2a:2c:f4:5d:3b:01:14:46:df:1b:2a:
6d:30:52:eb:ce:47:cb:f3:a2:67:67:cc:4b:5d:70:
56:f3:35:d2:be:fb:01:6e:1a:e9:0b:13:88:0f:b5:
2d:a2:55:74:ab:3b:a0:74:52:00:c3:21:5e:c4:f3:
f9:d9:49:4f:d5:21:c0:a9:14:cb:b1:b0:c3:08:fc:
95:b8:fe:84:1e:1e:19:00:66:6e:2a:40:0a:5e:84:
65:81:d1:40:fd:f3:63:56:69:40:53:7e:8e:d4:bc:
f6:de:9a:4e:2e:5b:87:fc:96:8d:43:fa:8a:e8:64:
2e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:21:FA:2F:F6:27:F6:56:0C:40:9A:12:67:57:79:3E:31:44:CA:2D
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/C6C6C77ABD3111EFB429CA4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/21
139.190.41.0-139.190.63.255
139.190.68.0/22
139.190.80.0/20
139.190.124.0/22
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:1a:0c:f2:37:b6:41:f4:66:a7:ca:06:f5:0c:29:dc:c9:f1:
c4:da:3c:bf:86:32:a8:fe:70:5b:2a:cd:ee:95:c5:f3:39:4b:
5c:de:c4:16:b0:df:85:b2:16:45:53:e2:93:89:1f:55:a7:12:
f0:2b:dd:ab:b7:a1:0e:c8:7f:05:21:e2:07:ae:d7:f2:65:c3:
c0:1f:12:ca:4f:63:c3:ca:d7:78:fc:e3:58:e4:a2:b2:92:c2:
c6:25:44:49:4e:28:d9:ff:c1:68:30:2b:28:85:34:30:d2:98:
51:79:6b:5d:ad:7b:19:25:de:75:9d:cb:73:ad:48:8e:88:67:
bc:03:c7:52:c6:58:d2:ea:d0:c9:3c:09:c7:f0:87:2f:c4:73:
28:6f:1d:71:c5:6c:94:b4:1a:43:d6:98:cf:11:a6:66:b4:16:
89:44:aa:e6:f4:ff:39:4a:11:6a:70:cc:6a:d9:2e:3c:55:c1:
4a:94:6a:ce:d0:d3:bf:bd:f8:5c:c9:32:76:5c:a0:a7:f2:35:
38:4a:06:dd:d3:f3:17:d4:5c:75:30:81:21:61:23:4b:13:dc:
a0:ee:30:a2:14:f3:8c:4c:98:39:f1:0e:c5:70:86:25:bd:41:
c2:77:6c:56:86:97:38:1c:1b:02:e5:eb:15:ad:55:c8:64:ce:
37:8b:46:56
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICDIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMjE4MTExODE2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyYWY3OC0zMmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4WSn4HdHEu4HrSSnWoM4DjVyE/b5YdOMbLabAUWYxdgWaoDNTUY72X2C00DH
vtZntyhHesDZtaAokD4P2ONMZanqN1AXOxKFuvDKRmbsRgUiF2wabhxv4F8lwi92
ADVZd06TlQ8K/R5HP4gP2q1d5zYKjQsUYQym9BcMOvkZ7mH6y/OK8Kv8YReiKiz0
XTsBFEbfGyptMFLrzkfL86JnZ8xLXXBW8zXSvvsBbhrpCxOID7UtolV0qzugdFIA
wyFexPP52UlP1SHAqRTLsbDDCPyVuP6EHh4ZAGZuKkAKXoRlgdFA/fNjVmlAU36O
1Lz23ppOLluH/JaNQ/qK6GQuuwIDAQABo4ICuzCCArcwHQYDVR0OBBYEFOAh+i/2
J/ZWDECaEmdXeT4xRMotMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQzZDNkM3N0FC
RDMxMTFFRkI0MjlDQTRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwDBAOLvgAwDAMEAIu+KQMEBou+AAMEAou+RAMEBIu+UAMEAou+
fAMEAIu+7zANBgkqhkiG9w0BAQsFAAOCAQEA2BoM8je2QfRmp8oG9Qwp3MnxxNo8
v4YyqP5wWyrN7pXF8zlLXN7EFrDfhbIWRVPik4kfVacS8Cvdq7ehDsh/BSHiB67X
8mXDwB8Syk9jw8rXePzjWOSispLCxiVESU4o2f/BaDArKIU0MNKYUXlrXa17GSXe
dZ3Lc61IjohnvAPHUsZY0urQyTwJx/CHL8RzKG8dccVslLQaQ9aYzxGmZrQWiUSq
5vT/OUoRanDMatkuPFXBSpRqztDTv734XMkydlygp/I1OEoG3dPzF9RcdTCBIWEj
SxPcoO4wohTzjEyYOfEOxXCGJb1BwndsVoaXOBwbAuXrFa1VyGTON4tGVg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:35:43 2025 by rpki-client