Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1DBF705C81B811EDAC3FF056C4F9AE02.roa
File: 1DBF705C81B811EDAC3FF056C4F9AE02.roa (raw, json)
Hash identifier: bCKVBUR/9MwrjxtrnBny1tIJ0qiFpA++ymZglpe1+U8=
Subject key identifier: A5:7B:E6:9D:F8:98:98:1E:28:2A:69:70:6A:61:E2:D6:40:22:86:D5
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 07F6
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1DBF705C81B811EDAC3FF056C4F9AE02.roa
Signing time: Thu 22 Dec 2022 05:18:49 +0000
ROA not before: Thu 22 Dec 2022 05:18:49 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 38547
IP address blocks: 139.190.32.0/20 maxlen: 24
139.190.48.0/20 maxlen: 24
139.190.234.0/24 maxlen: 24
139.190.235.131/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2038 (0x7f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Dec 22 05:18:49 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63a3e8b9-65ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b2:ba:f7:53:c8:d7:36:6d:8e:15:53:c7:61:
8c:5c:92:21:db:c0:c6:6c:e7:23:3d:8a:e4:70:d2:
0c:50:d3:80:32:74:0a:ff:91:9e:d4:e4:c4:aa:22:
14:62:db:39:9f:fb:7b:b6:34:5f:e4:a3:c0:79:8d:
9e:e8:26:ee:95:38:98:4f:3d:6f:0b:50:47:ce:f4:
87:7e:cb:27:bc:6d:40:dd:63:2f:12:d7:b7:ac:76:
19:34:f8:e1:5b:1e:86:ec:7a:9d:3c:a0:61:ec:ab:
ed:eb:66:9b:87:8a:ca:3d:8b:46:ff:12:9f:e7:04:
dc:84:d3:de:fb:b9:e9:64:13:a1:07:da:e9:5d:e6:
09:a9:ff:54:37:46:62:0f:f8:88:95:4e:28:27:28:
fb:49:a4:a1:96:44:3a:37:79:b1:13:7d:02:93:e6:
40:bc:d7:3a:c1:61:a7:df:90:96:c6:7b:25:95:20:
8e:eb:ee:d0:77:83:e0:77:3d:a2:36:10:76:48:e0:
2f:d1:e2:ea:f0:34:ab:1f:6c:2a:d0:bb:45:06:dd:
de:ba:fb:d6:3b:1f:3e:14:23:7a:cb:c1:11:bc:6d:
96:4e:97:11:ca:d4:c2:6e:17:84:07:48:9e:27:60:
16:05:ef:3c:bd:46:af:64:9e:a8:54:c7:00:68:46:
53:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:7B:E6:9D:F8:98:98:1E:28:2A:69:70:6A:61:E2:D6:40:22:86:D5
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1DBF705C81B811EDAC3FF056C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/19
139.190.234.0/24
139.190.235.131/32
Signature Algorithm: sha256WithRSAEncryption
1a:a6:98:ed:36:d2:56:76:7d:f4:da:ed:b9:1b:51:ec:c3:60:
6b:eb:c8:51:3c:a5:7e:68:51:65:b9:28:a1:07:03:14:15:92:
86:f2:e5:a4:98:0b:a0:08:e1:58:96:67:57:51:a0:ed:d9:77:
c5:c1:c0:5e:91:8b:d8:2f:e1:4c:75:0a:9e:3d:4c:1c:83:9d:
c4:a8:bb:3c:8f:99:78:fa:b6:02:b9:78:ed:05:73:7a:31:a0:
af:ef:bb:88:61:a5:c8:7e:2a:d9:ed:fa:83:44:8f:54:2b:eb:
84:fb:fd:ac:c7:22:4e:ef:dc:5c:6f:1f:81:a9:a3:36:81:2e:
6e:93:dc:73:8d:8b:ff:5b:81:db:43:c9:d6:13:5e:70:ea:70:
71:d8:5a:e2:74:41:c8:00:ef:d2:5c:5f:38:71:a4:e4:ff:c6:
32:8d:a5:b0:b9:b5:e6:74:e1:24:9a:3c:ec:42:22:5b:c2:13:
26:e6:3a:e5:89:02:c3:88:0e:53:8e:fd:f5:11:07:ef:ea:64:
7d:55:fe:ad:72:d5:90:fd:ae:da:ca:cc:1b:b8:da:6e:cb:43:
f9:aa:d7:21:38:23:26:b1:6f:42:a1:b5:ca:44:b8:80:dd:84:
5e:72:aa:25:a0:9b:81:34:a3:06:cb:c6:b7:f6:43:ae:97:49:
01:14:d3:f6
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgICB/YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIxMjIyMDUxODQ5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2EzZThiOS02NWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzLK691PI1zZtjhVTx2GMXJIh28DGbOcjPYrkcNIMUNOAMnQK/5Ge1OTEqiIU
Yts5n/t7tjRf5KPAeY2e6CbulTiYTz1vC1BHzvSHfssnvG1A3WMvEte3rHYZNPjh
Wx6G7HqdPKBh7Kvt62abh4rKPYtG/xKf5wTchNPe+7npZBOhB9rpXeYJqf9UN0Zi
D/iIlU4oJyj7SaShlkQ6N3mxE30Ck+ZAvNc6wWGn35CWxnsllSCO6+7Qd4Pgdz2i
NhB2SOAv0eLq8DSrH2wq0LtFBt3euvvWOx8+FCN6y8ERvG2WTpcRytTCbheEB0ie
J2AWBe88vUavZJ6oVMcAaEZTbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKV75p34
mJgeKCppcGph4tZAIobVMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMURCRjcwNUM4
MUI4MTFFREFDM0ZGMDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E
HTAbMBkEAgABMBMDBAWLviADBACLvuoDBQCLvuuDMA0GCSqGSIb3DQEBCwUAA4IB
AQAappjtNtJWdn302u25G1Hsw2Br68hRPKV+aFFluSihBwMUFZKG8uWkmAugCOFY
lmdXUaDt2XfFwcBekYvYL+FMdQqePUwcg53EqLs8j5l4+rYCuXjtBXN6MaCv77uI
YaXIfirZ7fqDRI9UK+uE+/2sxyJO79xcbx+BqaM2gS5uk9xzjYv/W4HbQ8nWE15w
6nBx2FridEHIAO/SXF84caTk/8YyjaWwubXmdOEkmjzsQiJbwhMm5jrliQLDiA5T
jv31EQfv6mR9Vf6tctWQ/a7ayswbuNpuy0P5qtchOCMmsW9CobXKRLiA3YRecqol
oJuBNKMGy8a39kOul0kBFNP2
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:36:47 2025 by rpki-client