Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/CB328B18180011EFA1B53D26C4F9AE02.roa
File: CB328B18180011EFA1B53D26C4F9AE02.roa (raw, json)
Hash identifier: ftsjve4rIBSArIKseur5LmXeeMzaJjft1HZLqD0H6BU=
Subject key identifier: 44:73:66:C8:ED:1E:B1:51:73:C0:A8:91:8C:43:2A:A9:6E:D8:5C:1E
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0AE7
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/CB328B18180011EFA1B53D26C4F9AE02.roa
Signing time: Thu 11 Jul 2024 07:31:42 +0000
ROA not before: Thu 11 Jul 2024 07:31:42 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 6079
IP address blocks: 139.190.32.0/22 maxlen: 24
139.190.44.0/22 maxlen: 22
139.190.116.0/22 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 05:18:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2791 (0xae7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Jul 11 07:31:42 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=668f8a5e-517c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a0:1d:12:6d:23:1f:ad:80:0e:9b:cf:de:fc:
d8:79:52:e0:74:27:d3:bf:9a:3b:04:3f:c4:80:1a:
33:ae:eb:3e:95:72:cd:a9:20:32:6c:3b:8c:ed:a1:
fd:bf:d6:28:b8:a2:64:9c:9f:d2:60:51:b7:c2:1e:
63:3b:1b:ce:c7:d1:9a:78:24:99:01:f6:61:ac:8b:
01:53:bb:7d:89:2a:43:7a:c1:06:a9:6b:33:35:81:
0f:62:13:88:94:6b:c6:3f:c2:ec:c9:5c:90:46:a9:
37:c0:69:d0:fe:9e:e8:ca:db:fd:3d:7d:f8:55:ea:
9b:d2:c1:c2:86:08:98:bf:da:7b:cf:2d:25:62:13:
63:67:f7:4f:68:08:4a:db:c1:06:b3:b8:5b:38:09:
8e:7e:4f:72:4c:b6:79:3a:34:0e:b1:d7:83:53:66:
08:e7:b2:ee:1b:51:78:bb:93:3a:6c:6c:e8:7c:a7:
8e:43:0e:72:a2:e5:28:09:75:ad:d5:f3:22:98:40:
07:26:43:d0:fd:24:83:19:b7:8a:4b:bd:ee:e8:f1:
dd:41:50:c1:5f:c5:a1:1b:fe:8e:b7:ca:29:85:4d:
47:6f:cc:aa:ee:dc:83:94:d8:e2:00:27:de:1a:ad:
91:95:ab:36:16:7d:e9:4d:8e:b0:b2:df:f8:de:f1:
60:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:73:66:C8:ED:1E:B1:51:73:C0:A8:91:8C:43:2A:A9:6E:D8:5C:1E
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/CB328B18180011EFA1B53D26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/22
139.190.44.0/22
139.190.116.0/22
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:6a:74:d7:12:b1:6e:25:21:2c:d4:ee:66:e2:1f:67:f4:01:
ed:12:a2:d4:14:b3:73:90:90:0c:04:9f:88:07:8c:36:2a:d8:
8e:77:86:5c:28:41:28:0d:d5:31:72:46:be:92:77:82:70:5c:
b9:fb:ec:8f:e4:0c:f6:c2:29:19:7d:c1:0b:a2:ae:11:73:cd:
82:3f:68:bb:98:cd:58:a6:32:3c:32:27:19:63:c1:28:b1:31:
78:e2:d8:73:bd:73:7b:71:9a:89:82:9d:e9:61:a1:08:bc:72:
7b:57:3b:ea:34:09:c6:8a:c9:93:fd:30:7b:c5:20:96:04:36:
3c:16:a9:bb:7e:39:3a:91:3f:04:50:bd:ed:8b:29:76:b5:1a:
1a:8e:dc:1a:c0:dd:7c:70:96:ad:fd:0e:2f:b0:fd:b4:5e:49:
b2:2c:10:ce:74:15:59:e3:9c:5a:b2:e1:e3:ea:cc:1e:8c:aa:
27:a5:61:02:05:51:5f:6c:96:f1:3e:3d:76:54:df:60:72:44:
ca:db:15:82:05:12:d5:d8:52:19:ba:e3:ca:2a:b4:c2:f0:84:
8a:bc:70:1f:d7:fb:c5:25:43:76:06:8d:53:b9:1e:13:9c:ce:
35:9b:50:95:2a:15:89:e4:c7:31:5b:5b:06:6e:60:f1:86:8e:
5e:24:cc:66
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCucwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwNzExMDczMTQyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhmOGE1ZS01MTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApaAdEm0jH62ADpvP3vzYeVLgdCfTv5o7BD/EgBozrus+lXLNqSAybDuM7aH9
v9YouKJknJ/SYFG3wh5jOxvOx9GaeCSZAfZhrIsBU7t9iSpDesEGqWszNYEPYhOI
lGvGP8LsyVyQRqk3wGnQ/p7oytv9PX34Veqb0sHChgiYv9p7zy0lYhNjZ/dPaAhK
28EGs7hbOAmOfk9yTLZ5OjQOsdeDU2YI57LuG1F4u5M6bGzofKeOQw5youUoCXWt
1fMimEAHJkPQ/SSDGbeKS73u6PHdQVDBX8WhG/6Ot8ophU1Hb8yq7tyDlNjiACfe
Gq2Rlas2Fn3pTY6wst/43vFggwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFERzZsjt
HrFRc8CokYxDKqlu2FweMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQ0IzMjhCMTgx
ODAwMTFFRkExQjUzRDI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAKLviADBAKLviwDBAKLvnQDBACLvu8wDQYJKoZIhvcNAQEL
BQADggEBAFtqdNcSsW4lISzU7mbiH2f0Ae0SotQUs3OQkAwEn4gHjDYq2I53hlwo
QSgN1TFyRr6Sd4JwXLn77I/kDPbCKRl9wQuirhFzzYI/aLuYzVimMjwyJxljwSix
MXji2HO9c3txmomCnelhoQi8cntXO+o0CcaKyZP9MHvFIJYENjwWqbt+OTqRPwRQ
ve2LKXa1GhqO3BrA3Xxwlq39Di+w/bReSbIsEM50FVnjnFqy4ePqzB6MqielYQIF
UV9slvE+PXZU32ByRMrbFYIFEtXYUhm648oqtMLwhIq8cB/X+8UlQ3YGjVO5HhOc
zjWbUJUqFYnkxzFbWwZuYPGGjl4kzGY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:31:59 2025 by rpki-client