Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/204DC128955711EC8E5B6A59C4F9AE02.roa
File: 204DC128955711EC8E5B6A59C4F9AE02.roa (raw, json)
Hash identifier: 4zwOwcR0ykIYZ7lg4UuUAP10FVLDbrNlTkZs4HwTSUQ=
Subject key identifier: FB:8B:EC:D2:92:DB:E8:4C:D7:9D:A7:E1:41:D9:CD:9C:52:95:5F:0C
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 05AC
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/204DC128955711EC8E5B6A59C4F9AE02.roa
Signing time: Thu 24 Feb 2022 09:49:58 +0000
ROA not before: Thu 24 Feb 2022 09:49:58 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 211252
IP address blocks: 139.190.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1452 (0x5ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Feb 24 09:49:58 2022 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=621754c6-7ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:cd:43:8b:46:16:48:5d:65:f0:dd:a4:6b:66:
a4:98:f2:29:d2:1f:df:44:b5:09:51:1f:eb:e8:f4:
59:e3:ed:e4:45:14:14:d2:a9:7d:4b:34:85:1c:77:
61:dc:75:09:e9:a1:2c:f4:df:d8:31:81:05:d0:0a:
3a:f3:11:6b:b8:d5:e7:a2:f9:b5:c3:2a:7f:ab:e9:
70:48:88:41:3c:ef:7f:ae:67:f6:b7:1b:85:ea:e6:
1f:7c:1f:0e:f2:61:ea:89:b1:3b:29:42:fa:cc:75:
b7:8c:96:2c:4f:1b:da:bf:ab:c3:12:20:3d:23:89:
64:37:be:f6:53:7d:7c:c5:2a:e1:bb:2a:eb:aa:47:
84:32:44:52:f6:c1:13:bc:42:4f:d7:37:2d:49:1a:
68:3f:4d:af:4b:c7:c4:0a:b1:0b:b0:32:14:43:d7:
62:38:27:7e:cf:30:09:46:c1:c7:96:06:70:a5:c5:
9a:37:87:68:3a:7f:5c:17:a8:cd:cf:55:89:31:e7:
b5:54:e2:c4:82:98:d4:d7:d5:4f:af:f9:6e:f1:2b:
d0:6c:1a:85:09:34:ee:90:f7:9c:ad:33:19:14:22:
2a:1b:e2:9a:a9:01:30:b7:ce:4e:9f:41:c3:85:11:
30:45:fa:1a:ec:18:6e:c4:51:3f:2d:c2:1d:8b:96:
03:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8B:EC:D2:92:DB:E8:4C:D7:9D:A7:E1:41:D9:CD:9C:52:95:5F:0C
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/204DC128955711EC8E5B6A59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.233.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:37:8d:ae:4a:4c:bc:76:45:15:82:8d:8f:fe:41:04:41:d8:
0a:40:31:b6:ca:b2:eb:8b:d0:1f:ea:72:fd:e9:4f:bc:d6:06:
c8:43:cf:ea:37:a9:48:51:bc:94:b3:a9:06:15:e1:90:e7:07:
e0:96:a8:21:6a:a5:00:7c:f9:2a:46:dc:29:3d:1d:5c:29:87:
c8:a5:55:95:e2:e3:28:c2:db:8f:ca:7d:47:c2:62:69:0a:2b:
0b:2c:12:09:56:1b:21:5f:fe:c5:16:54:1b:6d:70:03:64:75:
1a:73:b1:07:d6:6c:54:20:6c:08:97:c0:f0:58:36:44:df:30:
81:ea:55:9b:63:9b:ae:b1:ca:15:c1:eb:13:8a:29:96:14:ca:
f3:e3:96:58:ae:51:e8:18:11:19:93:8a:51:c0:90:e3:f4:41:
51:6d:fc:57:db:f4:b9:ea:50:ff:be:a6:4b:45:11:1a:80:03:
10:dd:f0:40:d2:ce:1a:3b:3d:ca:82:e3:b1:0b:3b:fe:33:10:
60:35:7f:66:18:c0:a9:87:5d:30:e4:eb:f5:cc:e2:05:38:55:
db:8f:21:a8:e8:d9:61:e8:30:e2:fe:0c:0c:65:1e:8c:37:54:
d2:48:b6:e8:f7:b2:c2:02:ef:6d:f9:41:c6:3f:32:29:bf:d5:
6c:d8:cd:75
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIwMjI0MDk0OTU4WhcNMjIwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjE3NTRjNi03ZWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3M1Di0YWSF1l8N2ka2akmPIp0h/fRLUJUR/r6PRZ4+3kRRQU0ql9SzSFHHdh
3HUJ6aEs9N/YMYEF0Ao68xFruNXnovm1wyp/q+lwSIhBPO9/rmf2txuF6uYffB8O
8mHqibE7KUL6zHW3jJYsTxvav6vDEiA9I4lkN772U318xSrhuyrrqkeEMkRS9sET
vEJP1zctSRpoP02vS8fECrELsDIUQ9diOCd+zzAJRsHHlgZwpcWaN4doOn9cF6jN
z1WJMee1VOLEgpjU19VPr/lu8SvQbBqFCTTukPecrTMZFCIqG+KaqQEwt85On0HD
hREwRfoa7BhuxFE/LcIdi5YDnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPuL7NKS
2+hM152n4UHZzZxSlV8MMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMjA0REMxMjg5
NTU3MTFFQzhFNUI2QTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACLvukwDQYJKoZIhvcNAQELBQADggEBADo3ja5KTLx2RRWC
jY/+QQRB2ApAMbbKsuuL0B/qcv3pT7zWBshDz+o3qUhRvJSzqQYV4ZDnB+CWqCFq
pQB8+SpG3Ck9HVwph8ilVZXi4yjC24/KfUfCYmkKKwssEglWGyFf/sUWVBttcANk
dRpzsQfWbFQgbAiXwPBYNkTfMIHqVZtjm66xyhXB6xOKKZYUyvPjlliuUegYERmT
ilHAkOP0QVFt/Ffb9LnqUP++pktFERqAAxDd8EDSzho7PcqC47ELO/4zEGA1f2YY
wKmHXTDk6/XM4gU4VduPIajo2WHoMOL+DAxlHow3VNJItuj3ssIC7235QcY/Mim/
1WzYzXU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:32:53 2025 by rpki-client