Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/03F9590C9C2911EF87C83426C4F9AE02.roa
File: 03F9590C9C2911EF87C83426C4F9AE02.roa (raw, json)
Hash identifier: MR2ogE8Dz6X3E+7gZniPnwVvj4o6SfEstQh7l6aiSVo=
Subject key identifier: 1C:DF:A6:85:D1:0E:A1:5B:ED:B0:29:0C:12:C6:71:65:5A:24:C2:A5
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0BA8
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/03F9590C9C2911EF87C83426C4F9AE02.roa
Signing time: Wed 06 Nov 2024 10:25:37 +0000
ROA not before: Wed 06 Nov 2024 10:25:37 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 397373
IP address blocks: 139.190.32.0/20 maxlen: 24
139.190.48.0/20 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Nov 2024 12:45:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2984 (0xba8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Nov 6 10:25:37 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=672b4421-805f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:22:7b:86:74:82:5b:a3:58:ed:97:59:28:41:
f6:42:66:21:36:7b:2b:45:46:94:fa:ae:12:68:d5:
a3:63:c5:02:e3:51:50:ba:81:b0:9c:d5:73:e8:23:
a1:f9:05:d6:b5:0c:e2:c7:eb:67:b1:4d:21:b4:86:
0f:95:f3:1a:d1:f2:f8:e6:ea:3a:94:a6:64:db:ec:
c9:b6:54:f5:36:7f:d8:32:a2:35:69:cf:5b:02:d3:
04:a9:23:2f:04:29:8c:be:21:4c:e9:16:ac:1b:ec:
ab:8a:23:bd:13:52:6b:59:b8:17:4b:0f:9a:e7:0e:
28:e2:1a:e9:ee:d5:af:7d:9b:68:fe:ff:e4:12:d8:
99:fa:01:ab:85:e1:0a:7e:ef:02:66:8a:3f:8e:fe:
de:15:df:7d:33:47:91:e6:04:28:05:f0:c2:33:22:
f5:1a:10:f5:af:6d:3a:4e:b8:08:53:92:05:39:7c:
ac:a6:49:6a:7e:45:8d:78:51:f0:d5:e3:dd:e5:4e:
dd:4f:1c:52:83:49:d7:aa:fb:fe:8e:fb:be:c3:1d:
c9:da:e1:f2:88:c8:d3:3e:80:f8:62:c5:ef:16:57:
02:bd:f9:09:78:77:d9:44:46:9e:31:18:f3:18:bb:
b6:b3:b4:3a:42:92:c2:84:2e:b1:1c:24:ab:68:33:
f8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DF:A6:85:D1:0E:A1:5B:ED:B0:29:0C:12:C6:71:65:5A:24:C2:A5
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/03F9590C9C2911EF87C83426C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/19
Signature Algorithm: sha256WithRSAEncryption
88:de:be:4f:c7:9b:ae:b1:3d:19:d8:6f:1e:ab:b6:47:64:ba:
81:35:f4:96:79:59:1e:df:ff:e8:fd:5a:c4:c4:0b:fe:ef:13:
01:b9:8f:58:ae:a5:f4:17:08:e2:b2:e8:6a:e6:41:e2:cd:9b:
13:80:7d:97:ba:1e:de:90:1d:20:2a:db:f8:75:a1:8a:1a:8d:
d6:c5:85:f0:8f:50:93:29:0e:8f:97:de:b6:3f:2c:6b:6b:a5:
64:3c:cb:16:87:94:a0:68:5b:4f:93:bd:57:46:a2:cd:89:30:
9c:f8:45:c6:79:4e:52:c1:58:78:f6:f9:b1:4b:8d:0a:2b:f6:
3d:19:ef:54:4f:8b:a2:52:fe:ab:43:1a:3d:f7:cb:1d:97:94:
99:58:f6:cb:8f:40:9d:c5:eb:0f:98:3c:cb:5d:7a:2f:64:56:
0c:76:96:27:95:c5:5b:dd:c8:a6:7f:f6:84:2f:18:d1:55:51:
4c:92:4b:f5:ac:ff:ad:80:55:89:0b:d9:fe:aa:44:a6:f0:09:
b8:98:9d:96:57:e6:7b:87:e9:63:42:84:64:87:43:ff:7b:80:
2e:b1:fe:36:74:f0:d0:01:e3:30:50:f1:ec:1e:98:a8:c6:8b:
86:6f:43:e5:fe:54:98:2e:ac:5c:bb:68:2e:f6:25:64:97:4a:
60:e0:f9:d4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMTA2MTAyNTM3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiNDQyMS04MDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqCJ7hnSCW6NY7ZdZKEH2QmYhNnsrRUaU+q4SaNWjY8UC41FQuoGwnNVz6COh
+QXWtQzix+tnsU0htIYPlfMa0fL45uo6lKZk2+zJtlT1Nn/YMqI1ac9bAtMEqSMv
BCmMviFM6RasG+yriiO9E1JrWbgXSw+a5w4o4hrp7tWvfZto/v/kEtiZ+gGrheEK
fu8CZoo/jv7eFd99M0eR5gQoBfDCMyL1GhD1r206TrgIU5IFOXyspklqfkWNeFHw
1ePd5U7dTxxSg0nXqvv+jvu+wx3J2uHyiMjTPoD4YsXvFlcCvfkJeHfZREaeMRjz
GLu2s7Q6QpLChC6xHCSraDP4JQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBzfpoXR
DqFb7bApDBLGcWVaJMKlMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMDNGOTU5MEM5
QzI5MTFFRjg3QzgzNDI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWLviAwDQYJKoZIhvcNAQELBQADggEBAIjevk/Hm66xPRnY
bx6rtkdkuoE19JZ5WR7f/+j9WsTEC/7vEwG5j1iupfQXCOKy6GrmQeLNmxOAfZe6
Ht6QHSAq2/h1oYoajdbFhfCPUJMpDo+X3rY/LGtrpWQ8yxaHlKBoW0+TvVdGos2J
MJz4RcZ5TlLBWHj2+bFLjQor9j0Z71RPi6JS/qtDGj33yx2XlJlY9suPQJ3F6w+Y
PMtdei9kVgx2lieVxVvdyKZ/9oQvGNFVUUySS/Ws/62AVYkL2f6qRKbwCbiYnZZX
5nuH6WNChGSHQ/97gC6x/jZ08NAB4zBQ8ewemKjGi4ZvQ+X+VJgurFy7aC72JWSX
SmDg+dQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:26:49 2025 by rpki-client