Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/251A197495EB11EC9715DA5BC4F9AE02.roa
File: 251A197495EB11EC9715DA5BC4F9AE02.roa (raw, json)
Hash identifier: Nyv/srBq5klXftFZpy1/KjBaC/jayJFGlwe0L+L5ZZQ=
Subject key identifier: E1:21:0D:30:93:CE:EC:8E:D1:AE:15:CE:2E:F8:2C:0D:D3:29:97:75
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0731
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/251A197495EB11EC9715DA5BC4F9AE02.roa
Signing time: Wed 10 Aug 2022 10:28:23 +0000
ROA not before: Wed 10 Aug 2022 10:28:23 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 139.190.0.0/19 maxlen: 24
139.190.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1841 (0x731)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Aug 10 10:28:23 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62f38846-e556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:45:2b:36:fd:ca:f3:d5:16:9a:92:4d:00:31:
4e:fd:4e:91:9d:d1:b1:d0:dd:d6:67:2c:0a:10:ad:
0b:7f:98:1d:d0:39:57:82:2f:d6:2c:fc:31:d4:c6:
43:f3:7e:12:0d:ae:2a:b5:d4:04:eb:a1:12:c0:c3:
1a:56:50:65:2e:26:81:0d:c1:2b:35:c4:38:25:1c:
cd:0e:a6:b7:0d:75:c1:b9:ec:60:ff:63:95:e3:c5:
9c:81:4a:0d:a4:38:0f:09:80:90:4e:62:18:09:15:
b0:61:6f:ef:3b:5d:8d:cc:8e:8c:92:f0:c4:e1:7c:
c9:e7:ae:82:b3:e8:6f:b4:c1:e1:29:28:ad:4e:ce:
a9:dc:03:5a:ee:8b:3d:f4:8b:93:c0:7f:b1:42:8a:
03:70:c0:1e:ed:83:f2:32:bc:2a:d9:d1:e7:ff:d6:
42:43:7d:7d:38:6e:1d:af:d3:83:52:89:4a:04:6f:
39:aa:77:1c:0c:94:51:37:ab:fa:49:2d:91:6e:df:
99:5e:0c:46:90:40:12:99:96:c7:06:60:f2:d7:68:
3a:24:62:9f:f8:b8:26:c0:60:48:62:a1:bb:45:0e:
51:b7:03:6a:7d:53:7f:f7:00:c2:dc:f4:cd:fc:e1:
90:17:68:e6:84:9f:d0:9c:9d:c1:92:3a:d1:ae:00:
99:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:21:0D:30:93:CE:EC:8E:D1:AE:15:CE:2E:F8:2C:0D:D3:29:97:75
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/251A197495EB11EC9715DA5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/19
139.190.240.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:4a:9e:29:d8:0f:83:62:ad:16:85:04:df:f2:fb:41:fc:86:
2f:2f:12:3d:1d:58:de:bc:20:97:20:4b:70:44:19:60:d5:f9:
f9:87:7c:0d:95:58:99:ee:eb:35:4e:ff:0e:fd:11:7f:3b:55:
23:9f:e7:48:fb:45:81:5e:e7:cd:bf:00:c8:62:67:07:a3:fc:
65:5c:84:aa:51:a0:41:1b:9d:bd:5f:8b:5a:13:ea:00:7e:8e:
8f:38:70:41:a1:6f:7c:be:89:5b:8d:52:8e:3e:35:91:a3:0a:
61:c4:3e:a7:e3:c6:0d:fd:d7:61:f1:e6:e1:2a:d1:ab:eb:ae:
82:7d:28:bd:a9:6d:a7:ab:ae:b8:9e:de:26:e7:80:c3:50:ff:
2a:fa:91:f3:b4:e2:ca:82:8d:b2:7e:a9:05:1a:ca:f4:26:f4:
ea:59:6f:58:20:11:9b:3b:d4:7f:c2:92:70:a8:db:18:01:60:
da:b4:39:7e:3f:8c:cd:70:e3:b2:c3:fa:cf:da:47:10:6f:e7:
dc:34:2a:25:c1:0d:14:1f:5b:f2:88:d2:1f:6f:b6:b7:87:b8:
da:75:eb:d2:4a:3a:a4:a4:fc:f8:bd:b6:9b:b1:5c:b8:63:99:
81:80:2c:52:03:2d:83:ab:cf:d5:77:2f:29:12:bb:4b:58:bb:
3a:e9:4d:0d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIwODEwMTAyODIzWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmYzODg0Ni1lNTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApEUrNv3K89UWmpJNADFO/U6RndGx0N3WZywKEK0Lf5gd0DlXgi/WLPwx1MZD
834SDa4qtdQE66ESwMMaVlBlLiaBDcErNcQ4JRzNDqa3DXXBuexg/2OV48WcgUoN
pDgPCYCQTmIYCRWwYW/vO12NzI6MkvDE4XzJ566Cs+hvtMHhKSitTs6p3ANa7os9
9IuTwH+xQooDcMAe7YPyMrwq2dHn/9ZCQ319OG4dr9ODUolKBG85qnccDJRRN6v6
SS2Rbt+ZXgxGkEASmZbHBmDy12g6JGKf+LgmwGBIYqG7RQ5RtwNqfVN/9wDC3PTN
/OGQF2jmhJ/QnJ3BkjrRrgCZ6wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOEhDTCT
zuyO0a4Vzi74LA3TKZd1MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMjUxQTE5NzQ5
NUVCMTFFQzk3MTVEQTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAWLvgADBASLvvAwDQYJKoZIhvcNAQELBQADggEBAK1KninY
D4NirRaFBN/y+0H8hi8vEj0dWN68IJcgS3BEGWDV+fmHfA2VWJnu6zVO/w79EX87
VSOf50j7RYFe582/AMhiZwej/GVchKpRoEEbnb1fi1oT6gB+jo84cEGhb3y+iVuN
Uo4+NZGjCmHEPqfjxg3912Hx5uEq0avrroJ9KL2pbaerrrie3ibngMNQ/yr6kfO0
4sqCjbJ+qQUayvQm9OpZb1ggEZs71H/CknCo2xgBYNq0OX4/jM1w47LD+s/aRxBv
59w0KiXBDRQfW/KI0h9vtreHuNp169JKOqSk/Pi9tpuxXLhjmYGALFIDLYOrz9V3
LykSu0tYuzrpTQ0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:37:03 2025 by rpki-client