Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/405546AE851A11EDB9312543C4F9AE02.roa
File: 405546AE851A11EDB9312543C4F9AE02.roa (raw, json)
Hash identifier: LtXsnoIsoGelucaOOsmIjFDSUCQZArWY0S7/TiIBRsg=
Subject key identifier: A1:DD:E5:12:00:82:69:68:CB:03:E4:93:A3:1F:42:BF:0C:C2:F9:E4
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0890
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/405546AE851A11EDB9312543C4F9AE02.roa
Signing time: Wed 24 May 2023 23:25:07 +0000
ROA not before: Wed 24 May 2023 23:25:07 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 60458
IP address blocks: 139.190.32.0/22 maxlen: 24
139.190.44.0/22 maxlen: 24
139.190.60.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2192 (0x890)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: May 24 23:25:07 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=646e9cd3-2475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:32:72:a9:41:60:17:2a:3d:fc:2b:09:e1:da:
e0:71:39:a9:43:3e:63:12:78:31:9d:25:1b:5e:7f:
da:51:59:20:50:99:80:f8:70:ef:a2:8b:10:d6:ad:
b0:d7:58:82:3b:1a:e1:64:77:06:94:51:07:81:5a:
16:3e:c4:25:37:bb:dc:b3:1a:7a:cb:24:2b:af:d9:
ba:3c:82:45:5f:f7:42:84:e7:1c:ec:a6:49:43:e9:
17:01:65:ef:e5:88:ec:f1:bc:af:69:5c:8b:a2:68:
68:1f:ab:dc:c1:90:35:0a:5c:90:4f:61:65:de:5b:
4c:1a:31:8b:f5:e6:ad:45:74:23:3a:26:38:81:c6:
39:25:3d:58:ab:fd:35:3d:9e:55:c8:71:55:3c:82:
bb:db:01:66:81:24:0b:28:38:2f:37:51:72:05:37:
dc:19:65:22:46:92:f0:36:54:b2:db:d0:f2:1b:a6:
45:c1:40:cf:ff:20:57:7c:6e:f8:93:63:54:60:4d:
96:a4:34:71:96:ee:89:27:3b:da:84:a4:39:7e:29:
1a:ac:c3:25:bb:cd:0b:c6:5e:b8:02:a0:63:48:a5:
5c:3f:6c:6e:fa:a2:40:1c:8f:cf:d5:c5:b2:a5:8f:
86:dc:88:04:c9:32:b8:23:ac:1e:f3:e3:24:a3:c3:
d1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DD:E5:12:00:82:69:68:CB:03:E4:93:A3:1F:42:BF:0C:C2:F9:E4
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/405546AE851A11EDB9312543C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/22
139.190.44.0/22
139.190.60.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:a9:dc:86:e5:7b:05:86:ba:cf:a9:5a:0f:0f:d7:e7:b7:6f:
34:cf:b2:73:d1:8a:76:0b:e4:1c:d9:ae:15:d4:69:ba:a6:eb:
cb:2f:48:c8:79:ae:8a:97:8f:35:22:c8:58:2e:e8:14:63:38:
49:12:91:98:14:d0:3d:40:d0:9e:0b:09:26:37:62:ea:ec:c7:
be:8a:1b:56:b8:d8:4e:a1:d6:e1:de:6b:50:a6:d2:c3:b4:72:
4d:48:61:aa:59:f2:e5:42:5c:f5:05:22:ff:7e:ba:e9:37:9c:
92:17:f7:6f:ac:a6:36:04:79:09:57:1b:bf:37:de:7d:bb:e7:
de:a0:71:ca:bb:1b:b7:96:cc:34:9f:0b:72:34:66:44:c8:fb:
20:58:0d:91:a1:a2:12:82:6d:73:a4:e8:9e:ae:a5:80:f8:7a:
79:85:e9:fe:c3:e0:53:65:d1:d0:8d:45:e0:5e:b0:50:33:5a:
17:39:6b:ea:99:92:36:18:b0:21:0f:16:c8:94:7b:4c:1e:dd:
7e:64:68:02:c6:e5:6a:be:7e:3d:36:5b:0a:5e:80:12:ae:94:
05:ee:d9:c9:bb:47:c6:28:a8:4c:0c:58:54:40:fd:1e:4b:c2:
f0:5e:48:8f:8c:88:15:55:5d:dd:37:4a:9e:8c:9b:f1:0d:a1:
9d:d5:cb:6b
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCJAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjMwNTI0MjMyNTA3WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZlOWNkMy0yNDc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8zJyqUFgFyo9/CsJ4drgcTmpQz5jEngxnSUbXn/aUVkgUJmA+HDvoosQ1q2w
11iCOxrhZHcGlFEHgVoWPsQlN7vcsxp6yyQrr9m6PIJFX/dChOcc7KZJQ+kXAWXv
5Yjs8byvaVyLomhoH6vcwZA1ClyQT2Fl3ltMGjGL9eatRXQjOiY4gcY5JT1Yq/01
PZ5VyHFVPIK72wFmgSQLKDgvN1FyBTfcGWUiRpLwNlSy29DyG6ZFwUDP/yBXfG74
k2NUYE2WpDRxlu6JJzvahKQ5fikarMMlu80Lxl64AqBjSKVcP2xu+qJAHI/P1cWy
pY+G3IgEyTK4I6we8+Mko8PRLwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKHd5RIA
gmloywPkk6MfQr8MwvnkMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNDA1NTQ2QUU4
NTFBMTFFREI5MzEyNTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAKLviADBAKLviwDBAKLvjwwDQYJKoZIhvcNAQELBQADggEB
AK6p3IblewWGus+pWg8P1+e3bzTPsnPRinYL5BzZrhXUabqm68svSMh5roqXjzUi
yFgu6BRjOEkSkZgU0D1A0J4LCSY3Yursx76KG1a42E6h1uHea1Cm0sO0ck1IYapZ
8uVCXPUFIv9+uuk3nJIX92+spjYEeQlXG7833n27596gccq7G7eWzDSfC3I0ZkTI
+yBYDZGhohKCbXOk6J6upYD4enmF6f7D4FNl0dCNReBesFAzWhc5a+qZkjYYsCEP
FsiUe0we3X5kaALG5Wq+fj02WwpegBKulAXu2cm7R8YoqEwMWFRA/R5LwvBeSI+M
iBVVXd03Sp6Mm/ENoZ3Vy2s=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:38 2023 by rpki-client on console.sobornost.net