Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/18131E32746811EC825C5260C4F9AE02.roa
File: 18131E32746811EC825C5260C4F9AE02.roa (raw, json)
Hash identifier: TV2bmh6r37K3tpAUTbLt6dddEH+YrIzTD2GEz2I63Qk=
Subject key identifier: 0E:CE:D0:C0:2C:BD:23:B7:79:04:FF:50:F1:55:A5:EC:87:C9:13:E1
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 07B0
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/18131E32746811EC825C5260C4F9AE02.roa
Signing time: Tue 04 Oct 2022 16:48:46 +0000
ROA not before: Tue 04 Oct 2022 16:48:46 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 15083
IP address blocks: 139.190.0.0/22 maxlen: 24
139.190.12.0/22 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1968 (0x7b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Oct 4 16:48:46 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=633c63ed-a1a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:98:a9:d6:e9:34:0e:07:1e:2b:e5:c6:ab:79:
ab:5d:08:c9:cd:f2:32:1f:52:42:5d:85:6d:81:c4:
86:e1:73:3a:0b:a5:44:d2:1e:30:f6:c0:02:80:d0:
cf:30:d8:7e:9d:c5:30:00:8e:29:af:13:74:69:d8:
9b:e7:34:34:ed:cc:15:c2:4e:57:08:7c:69:50:09:
43:36:ea:26:67:1e:ad:cb:d9:c8:89:29:4b:1a:06:
51:8f:68:0e:7a:79:9a:5a:4f:91:ac:4d:c7:c2:3c:
d4:7c:09:63:62:53:bb:de:32:9f:6d:27:c9:b8:8d:
b8:7b:72:3c:e7:25:9e:75:f1:fa:e0:44:ee:56:1d:
c8:df:47:2c:1d:86:b6:c6:64:b1:9e:2b:58:3c:af:
9a:e5:ad:53:f8:a4:31:7e:4d:36:64:4a:8b:70:56:
81:d7:8a:91:e4:25:a5:3f:c4:3d:fb:52:e1:45:04:
96:79:6b:66:1b:63:dc:3c:0c:c1:da:58:41:f2:8c:
54:7f:3c:5a:4b:d0:a5:4a:df:5b:b0:4d:71:c8:d0:
0f:03:8e:c8:68:a9:05:f0:aa:74:2b:59:52:c2:99:
eb:7f:c9:e9:61:ff:48:91:d0:cf:e7:d3:7e:9d:cd:
5e:f6:10:09:70:35:57:13:c9:f8:65:13:ef:1f:28:
d2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CE:D0:C0:2C:BD:23:B7:79:04:FF:50:F1:55:A5:EC:87:C9:13:E1
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/18131E32746811EC825C5260C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/22
139.190.12.0/22
139.190.24.0/22
139.190.100.0/22
Signature Algorithm: sha256WithRSAEncryption
08:96:dd:d7:dc:c6:de:cc:c8:b1:a0:57:5e:ac:89:80:c8:dd:
22:26:1b:e7:70:83:19:43:f5:6c:09:d1:77:81:e3:d1:20:f5:
fa:39:03:fe:87:c5:e7:89:3b:76:f9:80:0a:e1:9a:f5:1e:08:
66:45:33:d1:ae:5f:8e:de:26:05:d0:b2:c9:9a:a8:e3:cd:2e:
1d:db:5f:97:42:75:3c:61:52:9e:d6:d7:1d:f8:e8:6d:7f:7a:
c9:67:79:c1:92:fd:d1:2e:22:8f:b7:8c:41:48:f1:db:f4:73:
f3:08:04:90:eb:50:20:c2:8e:6c:98:99:8d:1b:5b:0e:e0:e2:
f5:5a:32:0b:68:80:d8:0d:7b:95:f2:3b:87:b0:8e:36:d0:c2:
95:89:42:3f:8a:40:0b:45:43:ed:76:86:37:aa:a0:bb:9e:80:
c6:15:f0:b7:20:68:c5:27:6e:fa:1f:45:86:e2:df:80:d0:2c:
07:07:64:6e:fb:9e:a4:aa:19:a2:5d:1c:93:65:9b:92:3f:a9:
26:85:54:a1:18:a4:f7:91:3e:a6:0a:bc:3d:09:49:3e:be:ec:
92:73:3b:6e:01:c4:6e:aa:25:8a:3f:94:80:13:9f:32:bb:2c:
d9:1e:60:77:88:dc:a2:ac:e6:c4:eb:18:e1:4e:69:78:78:b8:
62:43:83:6d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB7AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIxMDA0MTY0ODQ2WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNjNjNlZC1hMWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzZip1uk0DgceK+XGq3mrXQjJzfIyH1JCXYVtgcSG4XM6C6VE0h4w9sACgNDP
MNh+ncUwAI4prxN0adib5zQ07cwVwk5XCHxpUAlDNuomZx6ty9nIiSlLGgZRj2gO
enmaWk+RrE3HwjzUfAljYlO73jKfbSfJuI24e3I85yWedfH64ETuVh3I30csHYa2
xmSxnitYPK+a5a1T+KQxfk02ZEqLcFaB14qR5CWlP8Q9+1LhRQSWeWtmG2PcPAzB
2lhB8oxUfzxaS9ClSt9bsE1xyNAPA47IaKkF8Kp0K1lSwpnrf8npYf9IkdDP59N+
nc1e9hAJcDVXE8n4ZRPvHyjSlwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFA7O0MAs
vSO3eQT/UPFVpeyHyRPhMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMTgxMzFFMzI3
NDY4MTFFQzgyNUM1MjYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAKLvgADBAKLvgwDBAKLvhgDBAKLvmQwDQYJKoZIhvcNAQEL
BQADggEBAAiW3dfcxt7MyLGgV16siYDI3SImG+dwgxlD9WwJ0XeB49Eg9fo5A/6H
xeeJO3b5gArhmvUeCGZFM9GuX47eJgXQssmaqOPNLh3bX5dCdTxhUp7W1x346G1/
eslnecGS/dEuIo+3jEFI8dv0c/MIBJDrUCDCjmyYmY0bWw7g4vVaMgtogNgNe5Xy
O4ewjjbQwpWJQj+KQAtFQ+12hjeqoLuegMYV8LcgaMUnbvofRYbi34DQLAcHZG77
nqSqGaJdHJNlm5I/qSaFVKEYpPeRPqYKvD0JST6+7JJzO24BxG6qJYo/lIATnzK7
LNkeYHeI3KKs5sTrGOFOaXh4uGJDg20=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:50 2025 by rpki-client