Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5130266E4E2511EDA49B5C52C4F9AE02.roa
File: 5130266E4E2511EDA49B5C52C4F9AE02.roa (raw, json)
Hash identifier: joHEkWDZHJIAJW9nubRSxqbZDKF5xbvDBHKTXPLpokc=
Subject key identifier: 63:9C:41:09:0E:79:E9:EC:49:6C:A2:64:00:35:41:95:85:B7:EF:02
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0889
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5130266E4E2511EDA49B5C52C4F9AE02.roa
Signing time: Wed 24 May 2023 23:24:59 +0000
ROA not before: Wed 24 May 2023 23:24:59 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 139.190.8.0/22 maxlen: 22
139.190.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2185 (0x889)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: May 24 23:24:59 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=646e9cca-968a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:61:40:9a:f3:f2:17:b0:e4:69:80:9a:72:4e:
b0:22:c4:4f:9d:73:d3:dd:b7:f3:32:20:cd:99:9b:
d0:be:e3:5c:01:12:dd:d0:bd:2e:fb:ba:3a:1b:4b:
a7:08:b0:ae:78:09:e5:60:6f:28:e1:c9:aa:75:4e:
0b:0b:8d:52:f3:17:3c:18:b0:f2:06:ff:b1:cb:ac:
a9:36:3c:41:09:9d:58:84:7b:7e:38:30:15:ad:18:
b4:84:26:7c:19:86:ea:ae:69:14:b7:01:5d:c8:f0:
de:1e:44:6e:7b:3e:ca:ef:68:b4:b6:b0:91:88:32:
61:20:3d:85:50:e9:d5:62:c6:f7:df:57:22:4e:0f:
52:8f:73:c1:49:4f:b6:dd:c1:e1:20:4b:9b:f8:7c:
d4:1c:35:c4:a9:0e:5d:2c:28:94:46:03:46:23:50:
8c:67:c6:35:25:14:9c:72:0d:1b:37:41:55:1f:71:
c2:e1:2d:b5:a9:35:ea:05:37:12:ef:ec:fd:69:6a:
7a:68:87:d9:0d:5b:92:d3:26:92:f8:64:72:a5:d5:
55:74:92:28:dc:45:25:86:a8:3e:41:84:e7:96:5a:
5c:19:92:e4:19:2c:12:50:05:30:44:83:e0:ad:73:
7e:25:57:c9:d9:58:7b:47:1f:98:fa:8f:d3:a0:7f:
d2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9C:41:09:0E:79:E9:EC:49:6C:A2:64:00:35:41:95:85:B7:EF:02
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5130266E4E2511EDA49B5C52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.8.0/22
139.190.16.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:64:a4:83:de:15:ed:7a:81:bf:24:2f:17:ff:38:12:f1:18:
5f:d9:b5:93:75:c3:b3:bc:53:a4:c1:ad:37:01:bf:b3:3c:06:
e7:16:b9:c5:b3:4f:85:d0:0c:81:93:20:d9:af:40:10:6c:37:
69:32:1d:e8:bc:09:80:5f:9c:70:00:8b:af:31:85:5a:ea:5c:
78:03:5f:28:ab:bd:ad:74:7f:8c:29:2c:49:0a:23:f7:ce:97:
e1:15:6f:5d:d9:c4:1e:ea:0d:11:b5:fe:9e:d5:2d:e2:2f:8d:
6a:19:9e:32:53:76:97:67:b3:2e:e6:20:ec:05:9b:bf:76:72:
ed:4e:ff:82:3c:87:5d:05:ba:99:45:0f:51:8d:70:6d:79:a8:
e6:86:b9:74:ba:94:c9:a7:80:32:eb:c8:96:f9:d6:29:6c:dc:
42:7d:38:87:8b:d9:62:b0:d8:5d:d4:d7:31:aa:55:97:bf:9a:
d5:68:82:3b:f9:cc:30:a9:8d:de:2f:24:1e:ae:67:0d:57:4b:
f2:2e:71:d7:20:7d:58:8c:16:57:e0:90:dd:76:a6:c9:80:36:
e3:30:32:33:8f:f7:a0:69:94:ed:5c:6f:fe:fe:56:23:38:5a:
50:ef:72:4b:e7:bd:c7:f1:3f:f4:b1:98:74:17:1b:8b:df:5e:
9c:31:38:a7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjMwNTI0MjMyNDU5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZlOWNjYS05NjhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyGFAmvPyF7DkaYCack6wIsRPnXPT3bfzMiDNmZvQvuNcARLd0L0u+7o6G0un
CLCueAnlYG8o4cmqdU4LC41S8xc8GLDyBv+xy6ypNjxBCZ1YhHt+ODAVrRi0hCZ8
GYbqrmkUtwFdyPDeHkRuez7K72i0trCRiDJhID2FUOnVYsb331ciTg9Sj3PBSU+2
3cHhIEub+HzUHDXEqQ5dLCiURgNGI1CMZ8Y1JRSccg0bN0FVH3HC4S21qTXqBTcS
7+z9aWp6aIfZDVuS0yaS+GRypdVVdJIo3EUlhqg+QYTnllpcGZLkGSwSUAUwRIPg
rXN+JVfJ2Vh7Rx+Y+o/ToH/SuQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGOcQQkO
eensSWyiZAA1QZWFt+8CMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNTEzMDI2NkU0
RTI1MTFFREE0OUI1QzUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAKLvggDBAKLvhAwDQYJKoZIhvcNAQELBQADggEBALRkpIPe
Fe16gb8kLxf/OBLxGF/ZtZN1w7O8U6TBrTcBv7M8BucWucWzT4XQDIGTINmvQBBs
N2kyHei8CYBfnHAAi68xhVrqXHgDXyirva10f4wpLEkKI/fOl+EVb13ZxB7qDRG1
/p7VLeIvjWoZnjJTdpdnsy7mIOwFm792cu1O/4I8h10FuplFD1GNcG15qOaGuXS6
lMmngDLryJb51ils3EJ9OIeL2WKw2F3U1zGqVZe/mtVogjv5zDCpjd4vJB6uZw1X
S/IucdcgfViMFlfgkN12psmANuMwMjOP96BplO1cb/7+ViM4WlDvckvnvcfxP/Sx
mHQXG4vfXpwxOKc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:40:01 2025 by rpki-client