Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/DBC4D24817FF11EF80ACAB67C4F9AE02.roa
File: DBC4D24817FF11EF80ACAB67C4F9AE02.roa (raw, json)
Hash identifier: JEMZBz2WBen0HmeAyspt8uojl14q+3NJgAMn9M+5G9k=
Subject key identifier: 38:09:D9:51:4C:64:A4:8B:61:AC:1D:DB:BD:34:62:21:C6:B1:14:D5
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0AA2
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/DBC4D24817FF11EF80ACAB67C4F9AE02.roa
Signing time: Fri 24 May 2024 22:32:05 +0000
ROA not before: Fri 24 May 2024 22:32:05 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 1273
IP address blocks: 139.190.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jul 2024 06:06:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2722 (0xaa2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: May 24 22:32:05 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66511565-e1bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a7:91:3c:22:21:f8:7b:39:cc:4d:7f:52:86:
c4:78:b6:0a:a4:43:23:01:ee:c8:0f:11:24:09:21:
58:08:54:e7:26:df:8f:35:16:ef:cc:e3:21:b1:d7:
82:28:8e:44:01:55:07:12:9d:1e:68:3a:6f:a0:0b:
a9:7c:f3:b8:1d:a0:b9:84:cb:3a:0a:7e:c9:7f:3f:
e7:e2:ac:58:40:1c:58:eb:14:5f:f5:f2:ef:50:17:
17:2d:29:e1:f8:58:12:12:b9:91:f7:aa:19:3f:b7:
ae:df:ea:26:3c:b7:e1:c3:07:18:a5:d6:d5:eb:ce:
eb:29:17:51:91:31:09:5b:2e:1a:2f:44:04:60:75:
10:c2:8b:6c:07:64:05:87:bc:53:b0:37:da:df:3d:
74:51:c6:12:1f:3c:c5:e5:f4:de:ec:d3:81:3c:6d:
99:16:c4:f2:9b:47:94:75:b9:6a:6c:ed:b4:bd:27:
e2:62:17:b4:64:19:29:61:1e:45:7b:4a:95:cc:d6:
cf:8b:23:e4:c2:b0:50:45:44:a6:83:7b:44:07:b1:
c8:65:54:97:c9:f6:f1:40:47:22:ea:9f:e8:96:6f:
f0:e2:d7:72:61:a2:9c:a4:fb:f6:7c:10:ff:eb:4f:
be:c6:72:85:a5:b0:04:bb:6e:95:68:87:1d:92:5c:
93:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:09:D9:51:4C:64:A4:8B:61:AC:1D:DB:BD:34:62:21:C6:B1:14:D5
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/DBC4D24817FF11EF80ACAB67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.28.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:34:92:f3:fc:5f:5e:1b:3b:dc:ee:ec:df:a4:f4:2c:9d:e5:
12:ee:b3:44:7f:8a:76:d4:8a:ad:da:a2:cf:e8:62:8b:25:82:
17:8e:93:b7:d0:d8:c1:df:53:15:61:b7:8f:72:f4:d8:cb:51:
4e:c1:f7:4c:60:20:47:4f:cc:31:95:bf:ed:76:cc:5f:ec:a8:
f8:1c:22:64:b8:99:49:b5:3a:2a:40:fe:f8:88:fd:f4:82:16:
2a:55:7c:c9:33:cf:b2:8d:94:8b:b6:fd:ec:8d:c9:f5:ee:35:
0a:d5:00:2e:00:42:a2:94:37:d6:f1:97:95:9c:34:4f:bc:ab:
e3:ea:43:ff:e5:eb:6b:4c:b7:d1:e4:53:d3:59:2b:8f:07:4f:
d5:03:9d:23:8a:6e:3e:01:f2:fd:fe:53:46:6e:52:a9:34:1d:
31:1e:84:87:16:07:eb:ee:aa:b7:9b:a6:46:44:4c:24:f5:fe:
9e:bf:49:e4:0d:9f:0b:97:fb:57:05:24:8c:98:07:4d:46:57:
6e:ec:d7:a1:91:17:ce:da:73:4b:81:e8:d9:9f:31:f7:a0:21:
46:d0:66:a7:7e:93:d5:15:ea:d5:8c:f2:e8:f7:32:7e:d7:aa:
c7:a0:90:02:04:4a:ed:8e:38:16:82:cb:0c:ad:68:d8:f3:90:
e7:34:40:89
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwNTI0MjIzMjA1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjUxMTU2NS1lMWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlqeRPCIh+Hs5zE1/UobEeLYKpEMjAe7IDxEkCSFYCFTnJt+PNRbvzOMhsdeC
KI5EAVUHEp0eaDpvoAupfPO4HaC5hMs6Cn7Jfz/n4qxYQBxY6xRf9fLvUBcXLSnh
+FgSErmR96oZP7eu3+omPLfhwwcYpdbV687rKRdRkTEJWy4aL0QEYHUQwotsB2QF
h7xTsDfa3z10UcYSHzzF5fTe7NOBPG2ZFsTym0eUdblqbO20vSfiYhe0ZBkpYR5F
e0qVzNbPiyPkwrBQRUSmg3tEB7HIZVSXyfbxQEci6p/olm/w4tdyYaKcpPv2fBD/
60++xnKFpbAEu26VaIcdklyTAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDgJ2VFM
ZKSLYawd2700YiHGsRTVMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvREJDNEQyNDgx
N0ZGMTFFRjgwQUNBQjY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKLvhwwDQYJKoZIhvcNAQELBQADggEBAC40kvP8X14bO9zu
7N+k9Cyd5RLus0R/inbUiq3aos/oYoslgheOk7fQ2MHfUxVht49y9NjLUU7B90xg
IEdPzDGVv+12zF/sqPgcImS4mUm1OipA/viI/fSCFipVfMkzz7KNlIu2/eyNyfXu
NQrVAC4AQqKUN9bxl5WcNE+8q+PqQ//l62tMt9HkU9NZK48HT9UDnSOKbj4B8v3+
U0ZuUqk0HTEehIcWB+vuqrebpkZETCT1/p6/SeQNnwuX+1cFJIyYB01GV27s16GR
F87ac0uB6NmfMfegIUbQZqd+k9UV6tWM8uj3Mn7XqsegkAIESu2OOBaCywytaNjz
kOc0QIk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:38:40 2025 by rpki-client