Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5BAE86D26A1B11EDA6C63C61C4F9AE02.roa
File: 5BAE86D26A1B11EDA6C63C61C4F9AE02.roa (raw, json)
Hash identifier: YnH717M1JYh/6C8Gw0sAcRVkhsjYH1h/2vB8gDNxX3s=
Subject key identifier: BE:18:5B:B1:0B:DA:99:9E:49:68:51:FF:BB:45:E5:27:D9:AE:AE:B1
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 07F2
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5BAE86D26A1B11EDA6C63C61C4F9AE02.roa
Signing time: Wed 21 Dec 2022 10:59:59 +0000
ROA not before: Wed 21 Dec 2022 10:59:59 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 38547
IP address blocks: 139.190.32.0/20 maxlen: 24
139.190.48.0/20 maxlen: 24
139.190.124.0/22 maxlen: 24
139.190.234.0/24 maxlen: 24
139.190.235.131/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2034 (0x7f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Dec 21 10:59:59 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63a2e72e-d9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e8:1c:30:52:a3:56:b9:37:3c:31:af:01:43:
88:b8:36:68:c3:5f:a9:e7:32:c3:cf:6b:64:67:bc:
e6:b6:55:d8:35:28:db:67:70:c0:2f:5c:6b:cd:e9:
35:7a:cb:29:b7:d3:6d:66:1b:2a:c8:5d:6c:dd:7f:
54:cb:b2:f7:36:dd:b9:33:48:54:14:76:fa:98:7c:
58:3c:d7:7c:58:24:1d:b2:a7:e3:d5:13:c1:17:6a:
28:83:a4:46:f4:fb:d8:81:d9:64:85:69:75:18:2e:
ef:6e:14:b6:6a:83:33:d6:bb:e3:22:42:5e:62:a9:
2e:25:4d:5c:e5:8a:87:84:9b:7c:2f:c4:8e:05:4f:
ba:24:4b:3c:a8:7c:e2:64:ca:ec:a6:2b:bd:ec:32:
d6:52:18:82:99:a1:95:a4:96:5d:fe:1a:ed:b4:c5:
86:da:f8:85:df:7f:cd:45:20:ae:57:b3:1b:bc:91:
e5:3c:75:46:87:db:dc:34:d7:29:25:48:bb:ba:4c:
f0:49:ac:de:50:a4:ab:a3:a0:03:33:c1:49:e6:da:
67:c9:6f:d4:a6:0a:aa:ae:69:74:ea:37:6c:a1:32:
92:e0:8b:ef:0b:2d:6b:e2:e3:03:4f:0d:49:78:12:
28:2c:e8:38:35:1f:ca:01:70:41:c6:4a:fb:4d:c6:
40:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:18:5B:B1:0B:DA:99:9E:49:68:51:FF:BB:45:E5:27:D9:AE:AE:B1
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/5BAE86D26A1B11EDA6C63C61C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/19
139.190.124.0/22
139.190.234.0/24
139.190.235.131/32
Signature Algorithm: sha256WithRSAEncryption
3b:30:a0:83:a9:d7:6e:12:72:56:9d:38:28:e8:06:3b:a5:3f:
b3:45:39:e7:10:a7:d7:b7:36:6d:47:b0:53:0d:d5:af:02:9b:
ff:ba:6f:4b:57:10:53:31:34:54:a7:70:f1:c8:5c:2a:0e:8c:
3b:c2:31:b5:ec:38:22:a3:97:23:65:5c:3e:db:30:64:5a:73:
f6:f3:82:c5:11:3a:ae:7b:13:20:c4:9a:ad:99:9c:aa:ff:9b:
e9:d7:d0:a9:96:c0:91:53:3b:56:42:2b:53:db:6f:b4:2b:77:
ce:9a:61:6e:d6:70:b3:83:ff:71:e7:20:f6:be:8a:2c:dd:23:
c9:fd:fe:8e:9c:fe:86:04:4e:68:12:32:80:58:1c:49:04:cd:
a7:1a:8a:4f:ab:b8:ac:8c:39:c9:78:94:e0:00:27:26:c9:94:
c2:02:b5:d3:dc:ff:5a:20:66:dc:d0:d5:39:8e:d5:22:34:b3:
cc:2e:46:44:20:50:cf:97:f2:90:49:a2:96:ef:60:f9:82:18:
f6:6d:8d:09:83:39:c1:48:91:4f:b2:da:92:71:5a:60:b1:9d:
01:19:1e:4e:5f:b6:2b:fb:be:13:31:a8:5a:c1:b3:ff:9d:59:
e0:4c:5b:35:43:3f:f6:ed:60:58:bc:d5:12:72:48:26:0d:32:
a0:f4:96:ed
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB/IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIxMjIxMTA1OTU5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2EyZTcyZS1kOWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApugcMFKjVrk3PDGvAUOIuDZow1+p5zLDz2tkZ7zmtlXYNSjbZ3DAL1xrzek1
esspt9NtZhsqyF1s3X9Uy7L3Nt25M0hUFHb6mHxYPNd8WCQdsqfj1RPBF2oog6RG
9PvYgdlkhWl1GC7vbhS2aoMz1rvjIkJeYqkuJU1c5YqHhJt8L8SOBU+6JEs8qHzi
ZMrspiu97DLWUhiCmaGVpJZd/hrttMWG2viF33/NRSCuV7MbvJHlPHVGh9vcNNcp
JUi7ukzwSazeUKSro6ADM8FJ5tpnyW/Upgqqrml06jdsoTKS4IvvCy1r4uMDTw1J
eBIoLOg4NR/KAXBBxkr7TcZAWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL4YW7EL
2pmeSWhR/7tF5SfZrq6xMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNUJBRTg2RDI2
QTFCMTFFREE2QzYzQzYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQcBAf8E
IzAhMB8EAgABMBkDBAWLviADBAKLvnwDBACLvuoDBQCLvuuDMA0GCSqGSIb3DQEB
CwUAA4IBAQA7MKCDqdduEnJWnTgo6AY7pT+zRTnnEKfXtzZtR7BTDdWvApv/um9L
VxBTMTRUp3DxyFwqDow7wjG17Dgio5cjZVw+2zBkWnP284LFETquexMgxJqtmZyq
/5vp19CplsCRUztWQitT22+0K3fOmmFu1nCzg/9x5yD2voos3SPJ/f6OnP6GBE5o
EjKAWBxJBM2nGopPq7isjDnJeJTgACcmyZTCArXT3P9aIGbc0NU5jtUiNLPMLkZE
IFDPl/KQSaKW72D5ghj2bY0JgznBSJFPstqScVpgsZ0BGR5OX7Yr+74TMahawbP/
nVngTFs1Qz/27WBYvNUSckgmDTKg9Jbt
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:01 2025 by rpki-client