Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/7E4A6E02310011EEBC0FAC62C4F9AE02.roa
File: 7E4A6E02310011EEBC0FAC62C4F9AE02.roa (raw, json)
Hash identifier: acX1dNTK9NkOCXAQv2eDNqXR6JAz4fd8Z3jyDHBhlZE=
Subject key identifier: E3:EC:C2:AF:CB:50:49:B6:ED:05:98:B3:61:BF:3D:E5:43:08:AC:DD
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 08D8
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/7E4A6E02310011EEBC0FAC62C4F9AE02.roa
Signing time: Wed 02 Aug 2023 06:47:49 +0000
ROA not before: Wed 02 Aug 2023 06:47:49 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 54600
IP address blocks: 139.190.112.0/22 maxlen: 24
139.190.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2264 (0x8d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Aug 2 06:47:49 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64c9fc14-f6d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bc:88:eb:2f:9d:1f:20:0b:be:31:c9:32:4f:
ff:08:0d:07:b2:88:70:d9:8f:d4:79:8f:a0:62:fc:
42:5f:ca:c0:58:07:26:fd:7b:50:ea:72:d7:0e:c6:
38:b2:f6:92:09:91:0d:e9:6e:b0:59:6a:12:87:b7:
8f:31:b2:7d:a2:33:7b:23:4e:f2:7f:7a:89:4a:00:
bd:e2:88:64:ca:54:28:91:9e:8c:b9:7f:36:ce:8e:
8e:60:05:68:47:a1:e2:ac:34:2d:d9:53:47:e5:8e:
e0:8e:c7:73:00:7c:11:4f:aa:ab:cf:f5:8e:ea:99:
0c:ab:0b:ff:77:08:70:4e:a9:52:41:b3:e2:ae:5c:
a5:cd:42:7b:ae:29:44:81:79:d1:a9:15:dd:a8:2a:
b3:63:f7:57:9d:2e:64:23:bb:88:d2:74:eb:ed:74:
b4:5f:f2:da:94:54:0c:8b:49:3f:27:45:dc:83:33:
91:8f:c4:53:5c:46:1c:c1:a5:89:47:7c:32:04:07:
4f:a7:c4:5f:66:81:a6:f6:f3:40:e3:10:31:f4:1a:
69:be:5a:89:a8:67:53:25:f0:49:72:74:96:41:5c:
6a:e6:b4:6e:d1:9c:99:ee:ea:b5:d5:95:4e:87:79:
39:2c:a0:0e:f8:91:d7:66:71:84:92:6e:18:a4:8f:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:EC:C2:AF:CB:50:49:B6:ED:05:98:B3:61:BF:3D:E5:43:08:AC:DD
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/7E4A6E02310011EEBC0FAC62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.112.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:fa:b6:fc:07:31:06:27:cc:c6:57:ce:c7:7c:b2:87:c3:49:
d5:59:16:d5:65:ef:dc:71:0b:f6:5a:87:64:41:84:75:c1:b9:
87:c1:59:ca:dd:ae:6a:2f:6b:1f:6a:af:d3:bf:87:df:e5:9b:
e9:26:5d:0d:d6:dd:e3:14:5d:15:b2:da:8c:3f:c3:0d:a8:7e:
6a:70:70:ac:90:3b:c5:07:ba:52:85:51:ab:d1:14:eb:fc:10:
2f:3c:97:27:c3:86:cc:04:e6:15:e0:db:3a:18:c1:16:66:1b:
e8:f6:98:80:d0:a3:44:f8:3f:87:79:d2:8a:cf:b8:56:6c:ea:
1c:d9:e1:38:1c:1c:a8:3e:12:b3:01:4a:8b:fc:7f:33:b8:c2:
e8:00:f1:bf:9b:9b:02:04:a7:b5:b3:31:ed:0f:92:b8:5b:da:
1a:57:a6:db:8a:68:9d:00:cc:ef:23:58:7d:5b:2f:95:86:bf:
3f:50:b3:74:15:dc:c0:0f:17:37:10:25:fd:72:8c:61:61:94:
af:42:e8:50:d4:ff:34:72:0b:12:0a:2d:ba:c8:eb:77:87:09:
9c:fa:60:7e:a9:3f:b1:58:6c:d6:1f:b5:eb:2f:a3:31:82:29:
5b:2b:b7:70:f2:3d:29:f2:29:7c:c2:17:79:7f:28:5f:bd:33:
18:c0:fe:ec
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCNgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjMwODAyMDY0NzQ5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM5ZmMxNC1mNmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApLyI6y+dHyALvjHJMk//CA0Hsohw2Y/UeY+gYvxCX8rAWAcm/XtQ6nLXDsY4
svaSCZEN6W6wWWoSh7ePMbJ9ojN7I07yf3qJSgC94ohkylQokZ6MuX82zo6OYAVo
R6HirDQt2VNH5Y7gjsdzAHwRT6qrz/WO6pkMqwv/dwhwTqlSQbPirlylzUJ7rilE
gXnRqRXdqCqzY/dXnS5kI7uI0nTr7XS0X/LalFQMi0k/J0XcgzORj8RTXEYcwaWJ
R3wyBAdPp8RfZoGm9vNA4xAx9BppvlqJqGdTJfBJcnSWQVxq5rRu0ZyZ7uq11ZVO
h3k5LKAO+JHXZnGEkm4YpI+jEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOPswq/L
UEm27QWYs2G/PeVDCKzdMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvN0U0QTZFMDIz
MTAwMTFFRUJDMEZBQzYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAOLvnAwDQYJKoZIhvcNAQELBQADggEBADv6tvwHMQYnzMZX
zsd8sofDSdVZFtVl79xxC/Zah2RBhHXBuYfBWcrdrmovax9qr9O/h9/lm+kmXQ3W
3eMUXRWy2ow/ww2ofmpwcKyQO8UHulKFUavRFOv8EC88lyfDhswE5hXg2zoYwRZm
G+j2mIDQo0T4P4d50orPuFZs6hzZ4TgcHKg+ErMBSov8fzO4wugA8b+bmwIEp7Wz
Me0Pkrhb2hpXptuKaJ0AzO8jWH1bL5WGvz9Qs3QV3MAPFzcQJf1yjGFhlK9C6FDU
/zRyCxIKLbrI63eHCZz6YH6pP7FYbNYftesvozGCKVsrt3DyPSnyKXzCF3l/KF+9
MxjA/uw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:35:06 2025 by rpki-client