Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4C4BD6244A0211ED9F5C287DC4F9AE02.roa
File: 4C4BD6244A0211ED9F5C287DC4F9AE02.roa (raw, json)
Hash identifier: pPTD9yuP5Wb0kGlt/ioS6jLdnqiErjEd5/Ny6cxPjBs=
Subject key identifier: D0:0D:81:40:19:FA:C4:75:8F:E2:77:CF:9B:D4:38:0D:0E:25:88:6D
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 07BB
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4C4BD6244A0211ED9F5C287DC4F9AE02.roa
Signing time: Wed 12 Oct 2022 07:48:46 +0000
ROA not before: Wed 12 Oct 2022 07:48:45 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 13768
IP address blocks: 139.190.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1979 (0x7bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Oct 12 07:48:45 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6346715d-c121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3e:61:df:6f:e7:38:12:44:58:a4:ca:64:fe:
42:f6:02:07:d4:37:73:7c:8c:1f:8b:88:59:b7:3f:
2e:1f:a1:16:9b:0f:16:f0:88:f7:55:be:60:ce:a7:
cc:1a:d5:09:fe:d9:9a:81:5b:bb:5a:7d:99:f4:b3:
25:37:d9:60:ae:4b:8a:4a:37:98:3a:46:b7:16:bd:
68:86:3c:6b:db:0e:0a:e3:4c:98:57:2e:17:90:64:
6b:33:e1:1c:c1:59:48:3c:e6:3e:79:78:54:2a:2a:
2a:c8:ca:89:b6:86:91:6b:f1:5d:db:cd:13:a9:e2:
4a:4d:13:e5:a7:c8:2d:13:27:a1:1a:16:28:fc:85:
4c:11:fe:12:6d:1a:b4:7c:c1:12:e2:a0:d7:ed:32:
e5:fd:92:65:ea:03:23:05:6e:f1:cb:fa:c3:32:e4:
bf:47:12:bc:ad:13:35:99:f1:95:a9:51:08:89:23:
ce:1a:44:b4:3e:d8:4f:f3:6f:c3:32:c3:8e:fc:f5:
a6:bd:f1:d1:7d:ce:df:d9:c5:62:09:73:c0:7f:5b:
aa:f9:c1:d3:ef:81:51:d9:67:52:9b:ee:de:f0:42:
0d:db:d4:47:ae:02:91:ea:fe:65:74:94:77:51:f0:
35:5a:00:b2:6a:7a:e6:cc:30:68:fc:4e:89:7f:38:
ae:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:0D:81:40:19:FA:C4:75:8F:E2:77:CF:9B:D4:38:0D:0E:25:88:6D
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4C4BD6244A0211ED9F5C287DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:3d:42:4d:90:fa:1c:24:79:0d:11:9d:64:0b:01:f0:c8:2c:
4a:79:e3:5e:03:f3:69:f1:45:67:0c:b2:2d:c1:8b:94:d8:1b:
38:32:bb:3f:d2:2f:f9:5e:ff:16:9a:cd:da:5e:d8:9a:57:12:
f6:df:68:fb:ba:07:70:c6:e8:a2:70:a1:57:b0:55:e0:30:e6:
9a:8e:e3:e6:78:20:69:c1:2d:cf:cb:61:19:61:7f:4d:99:5b:
76:c9:17:92:62:61:58:dc:42:02:c4:b6:73:ed:17:af:1e:bb:
d8:3e:c0:6b:0b:95:32:9c:c9:5e:6e:81:73:aa:9a:41:86:6d:
35:b8:ce:6d:25:64:b1:3a:c7:79:6b:7b:48:be:1b:3c:aa:d5:
8e:54:0f:cb:1c:a7:36:59:dd:25:90:b9:60:28:30:27:6b:5c:
77:d1:c8:cf:7f:10:02:46:15:d8:21:74:06:01:f3:6a:1d:06:
d7:a9:c8:55:cc:c0:55:e0:1b:d0:18:37:c1:b6:88:89:b1:8d:
7b:6a:97:16:06:98:34:96:36:0a:3b:1e:36:d0:76:78:43:72:
fd:2f:09:06:6c:cb:34:7a:6f:cd:e1:5a:01:83:64:35:f4:78:
73:e0:41:b9:47:45:1a:cf:3f:44:8b:b2:2c:10:51:a8:77:6b:
01:d5:5c:e3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIxMDEyMDc0ODQ1WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ2NzE1ZC1jMTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyj5h32/nOBJEWKTKZP5C9gIH1DdzfIwfi4hZtz8uH6EWmw8W8Ij3Vb5gzqfM
GtUJ/tmagVu7Wn2Z9LMlN9lgrkuKSjeYOka3Fr1ohjxr2w4K40yYVy4XkGRrM+Ec
wVlIPOY+eXhUKioqyMqJtoaRa/Fd280TqeJKTRPlp8gtEyehGhYo/IVMEf4SbRq0
fMES4qDX7TLl/ZJl6gMjBW7xy/rDMuS/RxK8rRM1mfGVqVEIiSPOGkS0PthP82/D
MsOO/PWmvfHRfc7f2cViCXPAf1uq+cHT74FR2WdSm+7e8EIN29RHrgKR6v5ldJR3
UfA1WgCyanrmzDBo/E6JfziuSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNANgUAZ
+sR1j+J3z5vUOA0OJYhtMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNEM0QkQ2MjQ0
QTAyMTFFRDlGNUMyODdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKLvmwwDQYJKoZIhvcNAQELBQADggEBAKU9Qk2Q+hwkeQ0R
nWQLAfDILEp5414D82nxRWcMsi3Bi5TYGzgyuz/SL/le/xaazdpe2JpXEvbfaPu6
B3DG6KJwoVewVeAw5pqO4+Z4IGnBLc/LYRlhf02ZW3bJF5JiYVjcQgLEtnPtF68e
u9g+wGsLlTKcyV5ugXOqmkGGbTW4zm0lZLE6x3lre0i+Gzyq1Y5UD8scpzZZ3SWQ
uWAoMCdrXHfRyM9/EAJGFdghdAYB82odBtepyFXMwFXgG9AYN8G2iImxjXtqlxYG
mDSWNgo7HjbQdnhDcv0vCQZsyzR6b83hWgGDZDX0eHPgQblHRRrPP0SLsiwQUah3
awHVXOM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:26 2025 by rpki-client