Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/D02A4DB6C35111EF89CF5274C4F9AE02.roa
File: D02A4DB6C35111EF89CF5274C4F9AE02.roa (raw, json)
Hash identifier: x0IhjxIUrzPj4YXkQU7oU2b4IRLzqcOjxD0YFGdeX3A=
Subject key identifier: 7D:16:D5:8D:42:83:2F:36:53:16:95:C6:75:F8:B7:EF:5C:55:41:78
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0CCD
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/D02A4DB6C35111EF89CF5274C4F9AE02.roa
Signing time: Thu 26 Dec 2024 06:22:42 +0000
ROA not before: Thu 26 Dec 2024 06:22:42 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 329007
IP address blocks: 139.190.0.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 10:39:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3277 (0xccd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Dec 26 06:22:42 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=676cf632-74ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:67:d8:47:cf:97:d6:ad:56:2f:5c:5b:8c:01:
7c:d9:39:69:8d:35:b7:65:5b:17:78:1a:8e:15:d1:
46:09:d8:8c:d0:b7:cc:2a:c3:20:42:b4:64:44:5f:
c6:d8:77:60:ec:9a:bd:b9:f4:3f:22:c0:d2:8e:2a:
12:5c:e9:1d:8a:75:e7:22:58:02:2a:9a:9d:0e:fd:
67:b9:fc:0e:2e:62:6b:33:07:86:6a:7d:ef:15:78:
c8:4f:be:e8:27:85:1b:48:74:15:2c:c9:e1:67:f6:
98:90:80:74:98:ed:5c:33:d9:92:6d:13:96:49:59:
ff:d5:e7:d6:78:b4:7c:57:11:2f:fc:8e:d9:84:f2:
aa:30:6b:2a:a0:e3:54:4e:ad:2a:06:88:f8:41:36:
2a:3f:c1:87:f3:d4:37:0c:5b:33:67:71:d4:b6:76:
1e:bd:d8:18:af:34:f7:26:a3:dd:12:6d:0b:8b:33:
af:31:c8:fe:67:6a:79:a3:9c:3e:ca:65:97:9a:17:
a0:08:10:14:b9:46:70:24:ab:e1:22:ba:7d:f3:e7:
9a:20:9d:19:bb:94:3b:7c:b5:ca:e4:16:26:7c:64:
17:2b:26:bc:87:92:22:69:a5:7c:25:e1:34:3c:73:
85:57:15:7f:f8:44:9b:3b:f9:d5:2d:2a:09:ea:b8:
7f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:16:D5:8D:42:83:2F:36:53:16:95:C6:75:F8:B7:EF:5C:55:41:78
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/D02A4DB6C35111EF89CF5274C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/19
Signature Algorithm: sha256WithRSAEncryption
c8:82:74:60:2b:c5:11:03:9b:89:6f:c2:12:a2:35:a4:e1:f8:
61:b1:ab:8e:6a:de:5d:80:ee:25:df:12:a8:8c:80:ad:56:ac:
bb:2c:c9:9a:71:6b:e0:9b:17:eb:27:ce:7f:8e:67:c8:56:61:
be:f7:1a:f9:53:21:e7:ee:2b:ff:3f:e1:7d:60:be:77:2f:a1:
bf:49:bb:65:fb:58:9b:e5:47:a5:b8:67:19:7b:0a:0c:f4:81:
72:40:e0:0e:2b:84:b7:08:77:8c:47:1d:90:8a:64:74:5a:c2:
7a:1c:83:b5:3d:c4:41:f6:97:8d:a0:f1:85:e0:57:5a:2e:79:
93:08:01:16:c7:e4:0e:f4:af:27:9f:83:90:29:b4:37:a8:d1:
96:40:99:a6:19:20:4f:60:80:d6:53:80:96:a4:48:60:7b:e0:
f9:c1:97:00:89:31:fd:be:d0:35:06:a3:7b:54:e3:bc:83:24:
99:e6:54:85:fd:07:bc:9f:1f:fd:7a:36:a2:3c:eb:f6:b6:12:
d1:60:15:a9:8a:c7:b0:10:5e:67:36:17:fc:c6:2e:27:34:7a:
9a:54:d6:6c:55:3d:e6:2f:3f:67:3d:63:88:13:82:84:a2:5d:
53:a2:27:08:ee:68:5c:3b:6e:71:d7:d5:21:79:89:47:a9:47:
c2:5b:bb:b3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMjI2MDYyMjQyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZjZjYzMi03NGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0GfYR8+X1q1WL1xbjAF82TlpjTW3ZVsXeBqOFdFGCdiM0LfMKsMgQrRkRF/G
2Hdg7Jq9ufQ/IsDSjioSXOkdinXnIlgCKpqdDv1nufwOLmJrMweGan3vFXjIT77o
J4UbSHQVLMnhZ/aYkIB0mO1cM9mSbROWSVn/1efWeLR8VxEv/I7ZhPKqMGsqoONU
Tq0qBoj4QTYqP8GH89Q3DFszZ3HUtnYevdgYrzT3JqPdEm0LizOvMcj+Z2p5o5w+
ymWXmhegCBAUuUZwJKvhIrp98+eaIJ0Zu5Q7fLXK5BYmfGQXKya8h5IiaaV8JeE0
PHOFVxV/+ESbO/nVLSoJ6rh/9QIDAQABo4IClTCCApEwHQYDVR0OBBYEFH0W1Y1C
gy82UxaVxnX4t+9cVUF4MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRDAyQTREQjZD
MzUxMTFFRjg5Q0Y1Mjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWLvgAwDQYJKoZIhvcNAQELBQADggEBAMiCdGArxREDm4lv
whKiNaTh+GGxq45q3l2A7iXfEqiMgK1WrLssyZpxa+CbF+snzn+OZ8hWYb73GvlT
IefuK/8/4X1gvncvob9Ju2X7WJvlR6W4Zxl7Cgz0gXJA4A4rhLcId4xHHZCKZHRa
wnocg7U9xEH2l42g8YXgV1oueZMIARbH5A70ryefg5AptDeo0ZZAmaYZIE9ggNZT
gJakSGB74PnBlwCJMf2+0DUGo3tU47yDJJnmVIX9B7yfH/16NqI86/a2EtFgFamK
x7AQXmc2F/zGLic0eppU1mxVPeYvP2c9Y4gTgoSiXVOiJwjuaFw7bnHX1SF5iUep
R8Jbu7M=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:47:14 2025 by rpki-client