Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4274E28ECFA911EE9029BB14C4F9AE02.roa
File: 4274E28ECFA911EE9029BB14C4F9AE02.roa (raw, json)
Hash identifier: SZ9f6qVeCwn8ZzDyK4ufrE3Apt8R9SO0Jt7eeIB6jnI=
Subject key identifier: 03:5C:C2:CA:7E:F5:AB:0D:00:CF:FA:AD:A7:4F:45:33:74:43:73:6A
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 09A6
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4274E28ECFA911EE9029BB14C4F9AE02.roa
Signing time: Tue 20 Feb 2024 04:33:57 +0000
ROA not before: Tue 20 Feb 2024 04:33:57 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 139.190.4.0/22 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.40.0/22 maxlen: 24
139.190.48.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.96.0/22 maxlen: 24
139.190.104.0/22 maxlen: 24
139.190.108.0/22 maxlen: 24
139.190.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2470 (0x9a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Feb 20 04:33:57 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65d42bb4-0b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:94:4f:e3:5e:55:3d:d1:a3:a8:49:7f:3e:30:
3d:08:11:f7:a7:2d:f8:8b:ce:b5:68:00:77:40:eb:
60:34:2e:4d:ac:92:f9:e7:c2:61:3f:aa:1e:66:05:
08:e3:95:69:93:93:d4:48:2c:82:e2:d9:52:ec:98:
c7:a7:d3:d1:de:99:86:36:ed:ea:52:36:6b:0d:bd:
f8:01:cd:12:2a:3a:a5:cc:20:0d:97:40:76:50:24:
47:9a:ef:98:55:fe:e8:de:80:0f:a5:ba:11:88:4c:
63:e9:86:3a:50:a6:02:ff:ba:72:33:52:9f:96:03:
98:bd:bc:bc:8b:9b:d5:ac:a8:8a:41:1b:c1:57:e8:
2c:d2:3e:f8:f3:d3:40:af:14:b3:f7:0a:23:ad:c3:
92:64:4a:af:3d:66:fa:44:bd:72:25:fd:31:cd:01:
d6:63:9a:59:78:51:b4:4e:34:72:ab:77:7c:a8:a8:
e9:60:8a:bd:be:94:cc:d9:ae:51:af:59:51:dc:8b:
f5:81:92:35:5f:20:b1:28:39:fa:1c:85:01:5d:df:
6c:a0:44:5f:e2:36:6d:52:9f:64:07:cf:9a:62:e0:
5f:18:30:bf:55:10:08:fa:00:cd:49:9e:7a:35:74:
85:60:8e:4f:bf:1b:71:27:c7:d1:3e:f7:90:ad:94:
a5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5C:C2:CA:7E:F5:AB:0D:00:CF:FA:AD:A7:4F:45:33:74:43:73:6A
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4274E28ECFA911EE9029BB14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.4.0/22
139.190.36.0-139.190.43.255
139.190.48.0/21
139.190.96.0/22
139.190.104.0/21
139.190.120.0/22
Signature Algorithm: sha256WithRSAEncryption
46:58:7f:6a:7f:c6:d1:0e:e0:a3:8a:8c:94:25:a2:24:d8:c2:
f6:d3:7b:0e:c5:49:c1:c1:72:fb:41:e7:05:9c:22:bd:8f:a3:
24:05:d6:22:b2:fc:75:2e:be:b9:79:bf:c8:b1:29:e4:1b:26:
8e:2f:6d:e1:2f:90:24:64:1e:1f:d4:2b:18:b1:3c:c5:4b:54:
10:d7:5f:3e:e2:9f:87:f6:af:6e:f5:6c:65:80:25:29:fa:1a:
13:d6:1d:b1:cb:c5:29:96:ee:9f:ef:a9:49:c4:7c:d9:84:37:
d0:80:d8:c3:b0:30:8f:a3:9c:1f:2a:eb:ef:0c:8b:df:b9:d1:
05:f8:dc:9e:cf:12:ed:68:6e:66:55:64:2c:54:95:26:8b:f6:
ec:6d:01:f5:bf:88:04:7d:87:45:1d:d8:be:0a:b6:8c:ba:9a:
dd:cf:6f:92:83:48:5d:e2:ab:14:23:20:a4:5c:e2:15:aa:5e:
2b:d2:d5:fa:3d:ab:23:2f:3e:fb:1c:ca:c8:6d:fa:b1:8d:a8:
18:d2:a8:03:de:88:02:77:e8:3b:dc:cc:ed:8e:4e:5d:62:31:
bc:03:9f:ec:a3:13:98:c8:fd:74:14:cb:cb:3d:f2:6e:16:00:
ee:ff:69:ca:8a:db:04:5b:02:61:a3:30:71:9a:a5:f5:8e:ac:
c4:1b:65:94
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICCaYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwMjIwMDQzMzU3WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ0MmJiNC0wYjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw5RP415VPdGjqEl/PjA9CBH3py34i861aAB3QOtgNC5NrJL558JhP6oeZgUI
45Vpk5PUSCyC4tlS7JjHp9PR3pmGNu3qUjZrDb34Ac0SKjqlzCANl0B2UCRHmu+Y
Vf7o3oAPpboRiExj6YY6UKYC/7pyM1KflgOYvby8i5vVrKiKQRvBV+gs0j7489NA
rxSz9wojrcOSZEqvPWb6RL1yJf0xzQHWY5pZeFG0TjRyq3d8qKjpYIq9vpTM2a5R
r1lR3Iv1gZI1XyCxKDn6HIUBXd9soERf4jZtUp9kB8+aYuBfGDC/VRAI+gDNSZ56
NXSFYI5PvxtxJ8fRPveQrZSlKQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFANcwsp+
9asNAM/6radPRTN0Q3NqMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNDI3NEUyOEVD
RkE5MTFFRTkwMjlCQjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwDBAKLvgQwDAMEAou+JAMEAou+KAMEA4u+MAMEAou+YAMEA4u+
aAMEAou+eDANBgkqhkiG9w0BAQsFAAOCAQEARlh/an/G0Q7go4qMlCWiJNjC9tN7
DsVJwcFy+0HnBZwivY+jJAXWIrL8dS6+uXm/yLEp5Bsmji9t4S+QJGQeH9QrGLE8
xUtUENdfPuKfh/avbvVsZYAlKfoaE9YdscvFKZbun++pScR82YQ30IDYw7Awj6Oc
Hyrr7wyL37nRBfjcns8S7WhuZlVkLFSVJov27G0B9b+IBH2HRR3Yvgq2jLqa3c9v
koNIXeKrFCMgpFziFapeK9LV+j2rIy8++xzKyG36sY2oGNKoA96IAnfoO9zM7Y5O
XWIxvAOf7KMTmMj9dBTLyz3ybhYA7v9pyorbBFsCYaMwcZql9Y6sxBtllA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:13 2025 by rpki-client