Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/867A155E038811EF8DC37D4AC4F9AE02.roa
File: 867A155E038811EF8DC37D4AC4F9AE02.roa (raw, json)
Hash identifier: hraPfLOagqe5kW6+RKjSVT6v8xfnGn8gtiZB1CG0e4Y=
Subject key identifier: 12:72:49:98:DB:7D:13:11:8B:6E:1C:63:A2:8E:82:0A:C0:48:EC:C5
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0A39
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/867A155E038811EF8DC37D4AC4F9AE02.roa
Signing time: Fri 26 Apr 2024 05:06:45 +0000
ROA not before: Fri 26 Apr 2024 05:06:45 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.0.0/22 maxlen: 24
139.190.8.0/22 maxlen: 24
139.190.12.0/22 maxlen: 24
139.190.16.0/22 maxlen: 24
139.190.20.0/22 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.28.0/22 maxlen: 24
139.190.44.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.56.0/22 maxlen: 24
139.190.100.0/22 maxlen: 24
139.190.112.0/22 maxlen: 24
139.190.116.0/22 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Apr 2024 11:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2617 (0xa39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Apr 26 05:06:45 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=662b3664-7aaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:33:5f:9b:66:e2:7d:e0:08:4a:5d:06:04:92:
25:f4:45:cb:3d:1b:97:9f:11:66:28:9a:70:18:c5:
06:90:e7:ed:aa:de:5f:9e:fa:88:e2:a2:28:f3:6a:
08:ee:3c:65:99:27:cf:80:35:cc:72:21:d6:d8:d3:
6e:2b:b1:70:87:b7:77:dc:6c:54:8f:60:b8:a3:7a:
df:a9:7b:73:02:3d:dd:8b:d4:ae:d9:01:30:2f:75:
f3:68:fb:13:a9:44:b9:e6:05:bc:33:9f:9c:31:5f:
9f:6f:6e:5a:81:09:69:a5:48:bd:c5:5f:b0:ae:50:
21:f3:ff:d7:99:2b:b5:55:0e:b6:e5:7d:fa:68:a8:
b1:13:47:e8:de:ce:9d:32:0c:ea:b6:70:2f:8c:f5:
71:6c:8b:a7:d3:0d:58:82:96:10:e2:41:52:b4:69:
e0:d3:c3:ab:7b:b8:e7:26:6c:ae:df:07:a2:a2:3c:
b6:23:00:d5:b3:98:85:f8:09:12:56:01:5f:c2:95:
e5:fd:47:8d:56:5e:5b:54:bc:9d:94:74:d5:c5:80:
f7:7b:84:fa:4c:89:02:a7:1a:cb:74:8d:a6:1a:4e:
7e:b7:d9:41:92:09:21:f8:56:d6:24:1d:3c:5b:0b:
c1:5f:b5:28:1d:f8:8c:b2:66:c5:78:e5:f9:32:c5:
26:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:72:49:98:DB:7D:13:11:8B:6E:1C:63:A2:8E:82:0A:C0:48:EC:C5
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/867A155E038811EF8DC37D4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/22
139.190.8.0-139.190.31.255
139.190.44.0/22
139.190.52.0-139.190.59.255
139.190.100.0/22
139.190.112.0/21
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
09:6c:0d:6e:8a:97:87:fa:eb:7d:eb:90:99:92:24:1b:c1:98:
fd:da:0f:55:ff:1f:9e:c9:ff:2e:f7:ff:96:d4:68:3b:2c:53:
a8:20:e3:14:6d:7d:14:91:11:b1:0d:59:3e:62:d3:1a:13:46:
5f:b6:22:b8:c1:32:1a:4b:04:5f:ed:8e:17:f5:48:55:c3:20:
b5:3d:13:6b:f4:02:b1:e4:79:69:b7:b8:e8:e0:64:28:d1:87:
bd:6c:a0:a6:3d:a6:9e:7f:3c:52:e6:2a:f0:94:74:64:d6:72:
67:60:69:8c:39:3e:84:fe:b7:92:cd:c3:d5:d3:2d:15:49:ff:
64:3e:7f:69:35:67:8a:bf:7a:6c:9b:c6:5b:e6:83:51:41:e9:
c0:d4:e0:19:c8:f4:ca:47:b3:7b:1c:35:20:39:9f:b1:71:cc:
0f:dd:75:e2:bc:4d:e6:bc:2c:11:23:ac:05:ec:9f:67:8a:62:
fc:2a:44:c1:07:e3:dc:90:56:ba:01:95:f8:42:f0:51:56:d5:
f0:26:c2:e9:b7:23:2c:c0:f0:b0:6e:2e:f6:a2:a9:3d:53:3e:
59:39:04:8b:81:1b:35:0d:8f:10:53:d1:ec:7d:ff:fc:3d:92:
60:e3:d8:6f:a3:c5:70:87:2e:f7:0b:1d:95:59:68:bb:2c:0a:
a3:9d:b6:6c
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICCjkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwNDI2MDUwNjQ1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJiMzY2NC03YWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuDNfm2bifeAISl0GBJIl9EXLPRuXnxFmKJpwGMUGkOftqt5fnvqI4qIo82oI
7jxlmSfPgDXMciHW2NNuK7Fwh7d33GxUj2C4o3rfqXtzAj3di9Su2QEwL3XzaPsT
qUS55gW8M5+cMV+fb25agQlppUi9xV+wrlAh8//XmSu1VQ625X36aKixE0fo3s6d
MgzqtnAvjPVxbIun0w1YgpYQ4kFStGng08Ore7jnJmyu3weiojy2IwDVs5iF+AkS
VgFfwpXl/UeNVl5bVLydlHTVxYD3e4T6TIkCpxrLdI2mGk5+t9lBkgkh+FbWJB08
WwvBX7UoHfiMsmbFeOX5MsUmIQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFBJySZjb
fRMRi24cY6KOggrASOzFMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvODY3QTE1NUUw
Mzg4MTFFRjhEQzM3RDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E
RDBCMEAEAgABMDoDBAKLvgAwDAMEA4u+CAMEBYu+AAMEAou+LDAMAwQCi740AwQC
i744AwQCi75kAwQDi75wAwQAi77vMA0GCSqGSIb3DQEBCwUAA4IBAQAJbA1uipeH
+ut965CZkiQbwZj92g9V/x+eyf8u9/+W1Gg7LFOoIOMUbX0UkRGxDVk+YtMaE0Zf
tiK4wTIaSwRf7Y4X9UhVwyC1PRNr9AKx5Hlpt7jo4GQo0Ye9bKCmPaaefzxS5irw
lHRk1nJnYGmMOT6E/reSzcPV0y0VSf9kPn9pNWeKv3psm8Zb5oNRQenA1OAZyPTK
R7N7HDUgOZ+xccwP3XXivE3mvCwRI6wF7J9nimL8KkTBB+PckFa6AZX4QvBRVtXw
JsLptyMswPCwbi72oqk9Uz5ZOQSLgRs1DY8QU9Hsff/8PZJg49hvo8Vwhy73Cx2V
WWi7LAqjnbZs
-----END CERTIFICATE-----
Generated at Fri Apr 26 14:43:23 2024 by rpki-client on console.sobornost.net