Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1CB2322681B811EDAC3FF056C4F9AE02.roa
File: 1CB2322681B811EDAC3FF056C4F9AE02.roa (raw, json)
Hash identifier: 7DYLe0L0ikO9YhaGHF1AB/2MIriMKwmYGq23kJ+owYE=
Subject key identifier: 12:CC:77:73:D5:22:C5:B2:AA:D8:05:E3:3D:CE:F4:CA:27:1B:41:CE
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 07F5
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1CB2322681B811EDAC3FF056C4F9AE02.roa
Signing time: Thu 22 Dec 2022 05:18:48 +0000
ROA not before: Thu 22 Dec 2022 05:18:48 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 139.190.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2037 (0x7f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Dec 22 05:18:48 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63a3e8b7-7dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:12:35:ee:6a:d7:53:72:23:45:7b:12:93:26:
e6:5f:78:89:ea:6d:7e:7b:0d:a8:2c:22:96:ba:af:
9e:21:39:3c:d3:98:52:4a:23:0a:0c:d8:61:93:88:
df:46:60:e9:e5:a3:39:8d:2f:cc:68:0b:56:e9:0d:
d0:6f:e9:f9:b8:b9:b3:5b:23:48:0e:aa:ce:5e:dd:
e1:99:1d:8c:04:4d:5c:3f:a9:d3:5a:fc:01:f0:d0:
32:93:a6:1d:9d:dc:7e:c8:c0:38:7f:2d:99:15:87:
36:3b:57:44:96:ad:a4:a4:7f:22:fc:2a:f4:1c:38:
81:c5:af:af:74:bc:63:c1:23:60:99:0f:12:70:1e:
b4:b8:1e:71:f2:37:e7:74:99:bd:f2:ee:e0:87:1b:
38:42:5c:b5:d5:c5:e6:ef:1d:e0:46:ed:3f:05:88:
b4:df:26:04:63:54:86:61:06:ea:ca:9f:57:67:21:
f9:3b:b2:72:fe:e2:0c:3c:1b:c9:fb:82:d5:14:85:
76:90:04:fc:fb:2f:e9:0b:f4:16:15:ae:e8:ed:0a:
cc:88:bf:a5:30:4c:be:ef:65:8b:25:a8:34:4e:95:
11:c8:3e:05:0b:d9:7d:20:55:b5:c2:5f:d0:10:f9:
fc:79:3a:0e:6d:30:49:81:b4:be:86:6a:72:c6:70:
b4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CC:77:73:D5:22:C5:B2:AA:D8:05:E3:3D:CE:F4:CA:27:1B:41:CE
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1CB2322681B811EDAC3FF056C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.124.0/22
Signature Algorithm: sha256WithRSAEncryption
49:40:cb:e4:28:93:3e:88:f8:c0:7e:6e:73:5e:47:ff:14:80:
44:63:15:21:55:3d:78:a9:5a:1c:26:20:9f:91:f4:9f:47:b0:
0c:3b:11:b2:54:6b:9f:b1:87:a6:19:7c:a3:d6:6c:fc:bf:31:
fb:08:28:22:78:0a:3c:5d:7c:ea:8a:5e:72:e7:0a:18:9b:a2:
4e:31:7b:23:24:79:c2:59:94:3f:6d:82:e8:ac:01:76:44:77:
b4:f5:7d:1e:fa:9d:9f:28:bb:d0:ff:d0:04:32:f3:cc:b4:88:
f7:f3:e6:0c:d7:91:12:03:61:7f:7e:a7:6b:e8:f4:23:e0:dd:
a3:5d:d7:7f:bb:9e:af:1b:c5:24:12:38:61:f7:7f:bc:80:1f:
ec:55:fb:bb:ee:43:15:b4:b0:12:46:2a:56:f3:a9:7d:41:a6:
04:f4:7c:34:6f:f5:ed:d4:ab:9c:0f:95:16:e6:47:84:bd:d5:
2e:a6:4b:a5:d1:22:02:47:35:97:0e:05:68:67:be:7e:33:a3:
d2:6a:33:7b:40:ca:a3:7c:3f:ba:cd:5c:f8:9e:24:be:81:7d:
8b:9d:72:78:bb:3b:4f:7d:99:d5:60:f0:1c:7b:f7:19:bd:14:
21:b4:a4:a2:51:ab:46:c5:92:c8:b3:89:a9:13:a0:2e:ea:f5:
39:0b:91:cc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB/UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIxMjIyMDUxODQ4WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2EzZThiNy03ZGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2RI17mrXU3IjRXsSkybmX3iJ6m1+ew2oLCKWuq+eITk805hSSiMKDNhhk4jf
RmDp5aM5jS/MaAtW6Q3Qb+n5uLmzWyNIDqrOXt3hmR2MBE1cP6nTWvwB8NAyk6Yd
ndx+yMA4fy2ZFYc2O1dElq2kpH8i/Cr0HDiBxa+vdLxjwSNgmQ8ScB60uB5x8jfn
dJm98u7ghxs4Qly11cXm7x3gRu0/BYi03yYEY1SGYQbqyp9XZyH5O7Jy/uIMPBvJ
+4LVFIV2kAT8+y/pC/QWFa7o7QrMiL+lMEy+72WLJag0TpURyD4FC9l9IFW1wl/Q
EPn8eToObTBJgbS+hmpyxnC0rwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBLMd3PV
IsWyqtgF4z3O9MonG0HOMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMUNCMjMyMjY4
MUI4MTFFREFDM0ZGMDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKLvnwwDQYJKoZIhvcNAQELBQADggEBAElAy+Qokz6I+MB+
bnNeR/8UgERjFSFVPXipWhwmIJ+R9J9HsAw7EbJUa5+xh6YZfKPWbPy/MfsIKCJ4
CjxdfOqKXnLnChibok4xeyMkecJZlD9tguisAXZEd7T1fR76nZ8ou9D/0AQy88y0
iPfz5gzXkRIDYX9+p2vo9CPg3aNd13+7nq8bxSQSOGH3f7yAH+xV+7vuQxW0sBJG
KlbzqX1BpgT0fDRv9e3Uq5wPlRbmR4S91S6mS6XRIgJHNZcOBWhnvn4zo9JqM3tA
yqN8P7rNXPieJL6BfYudcni7O099mdVg8Bx79xm9FCG0pKJRq0bFksiziakToC7q
9TkLkcw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:35:20 2025 by rpki-client