Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/8E715B0C55DA11EEA90E634EC4F9AE02.roa
File: 8E715B0C55DA11EEA90E634EC4F9AE02.roa (raw, json)
Hash identifier: 3/5XIevFKqjYP3uPHPkQbWnEX1Psjg+zmhoT1vDIwhw=
Subject key identifier: 66:37:5D:DE:1A:CE:E8:CF:4E:EC:B1:89:51:E3:8C:EC:01:42:DF:D2
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 08FC
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/8E715B0C55DA11EEA90E634EC4F9AE02.roa
Signing time: Mon 18 Sep 2023 04:19:28 +0000
ROA not before: Mon 18 Sep 2023 04:19:28 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.52.0/22 maxlen: 24
139.190.104.0/22 maxlen: 22
139.190.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2300 (0x8fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Sep 18 04:19:28 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6507cfcf-edf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e4:e9:22:c4:10:a1:68:e8:7e:91:d0:bb:cb:
35:1f:e4:57:8e:bb:ba:99:b5:0b:6e:da:45:05:e0:
d2:6d:55:4b:3c:dc:17:44:9c:0a:05:0a:16:83:14:
20:33:64:7d:c1:af:0a:c5:84:5b:1b:18:d9:88:b1:
25:1a:7b:6c:69:e7:db:3a:05:7e:de:7f:e7:3b:9f:
7e:a5:a5:06:5e:3d:26:ff:18:ff:d6:50:27:d5:bf:
0a:78:72:bd:61:38:45:41:2c:42:76:69:b7:8f:ee:
a5:b5:94:7e:df:47:80:f1:05:56:f5:dc:e0:f8:99:
23:5f:16:38:b0:54:31:70:f7:b9:ed:41:91:2e:fe:
29:4e:dc:0f:f9:64:e0:a4:c1:bb:c2:21:62:51:44:
b6:d7:6f:d4:f2:ea:0d:1a:12:88:b4:42:8e:ec:f7:
52:c0:50:32:fc:d2:3a:8b:7f:0f:f0:7d:da:eb:01:
44:fe:d0:36:cd:19:0a:e8:83:25:84:77:76:60:f9:
62:f6:94:8f:1b:34:16:3c:65:6c:eb:bb:1e:02:d0:
e9:ee:73:02:d4:6c:cd:cd:89:4f:07:38:0b:3a:45:
b1:5f:88:3f:da:99:f0:ae:0f:bd:8c:49:0f:fe:b1:
35:c3:6e:7a:e0:23:4a:6e:0d:18:f0:e4:9f:b9:8c:
ca:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:37:5D:DE:1A:CE:E8:CF:4E:EC:B1:89:51:E3:8C:EC:01:42:DF:D2
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/8E715B0C55DA11EEA90E634EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.52.0/22
139.190.104.0/22
139.190.120.0/22
Signature Algorithm: sha256WithRSAEncryption
94:6d:c9:89:d8:60:11:c9:c0:80:61:c6:9e:3f:4b:65:96:f3:
71:21:fc:e9:4f:5b:16:29:43:73:5b:7c:73:11:4d:0f:d2:73:
cd:58:c8:4c:33:0a:a8:39:46:66:5c:da:39:5f:36:71:4c:bf:
f6:34:4d:3f:fc:93:bc:c0:96:bc:7b:71:b3:93:34:79:74:95:
c7:09:50:d9:06:a3:0d:09:f9:b9:d8:86:b5:d8:b0:92:34:42:
07:51:b1:ce:2e:05:bf:95:8e:a0:9e:3b:99:99:0e:d0:02:98:
78:04:cf:48:69:2a:d7:91:26:9f:23:a6:a4:4f:7c:5c:14:bb:
5a:49:d9:95:82:f2:bf:98:ce:d9:a0:fd:07:0b:40:4a:3b:06:
22:72:a4:aa:84:43:71:a3:0f:35:49:3c:ae:3a:8b:73:5e:a7:
1f:94:48:28:70:09:cf:bb:86:1b:aa:c3:67:fc:f0:74:12:30:
d4:13:60:06:6c:83:aa:22:ff:5f:2f:e9:97:11:2b:47:07:71:
13:46:8b:b3:7a:11:6c:0b:34:80:24:ad:0b:30:be:d9:ac:94:
bf:70:69:89:5e:0b:ff:30:a5:0a:6d:17:6e:d5:36:44:85:7d:
00:63:3f:6a:8d:39:26:fb:5e:1d:1e:6b:10:94:bc:ca:a5:e3:
58:e2:ff:67
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjMwOTE4MDQxOTI4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA3Y2ZjZi1lZGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4uTpIsQQoWjofpHQu8s1H+RXjru6mbULbtpFBeDSbVVLPNwXRJwKBQoWgxQg
M2R9wa8KxYRbGxjZiLElGntsaefbOgV+3n/nO59+paUGXj0m/xj/1lAn1b8KeHK9
YThFQSxCdmm3j+6ltZR+30eA8QVW9dzg+JkjXxY4sFQxcPe57UGRLv4pTtwP+WTg
pMG7wiFiUUS212/U8uoNGhKItEKO7PdSwFAy/NI6i38P8H3a6wFE/tA2zRkK6IMl
hHd2YPli9pSPGzQWPGVs67seAtDp7nMC1GzNzYlPBzgLOkWxX4g/2pnwrg+9jEkP
/rE1w2564CNKbg0Y8OSfuYzKIwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGY3Xd4a
zujPTuyxiVHjjOwBQt/SMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOEU3MTVCMEM1
NURBMTFFRUE5MEU2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAKLvjQDBAKLvmgDBAKLvngwDQYJKoZIhvcNAQELBQADggEB
AJRtyYnYYBHJwIBhxp4/S2WW83Eh/OlPWxYpQ3NbfHMRTQ/Sc81YyEwzCqg5RmZc
2jlfNnFMv/Y0TT/8k7zAlrx7cbOTNHl0lccJUNkGow0J+bnYhrXYsJI0QgdRsc4u
Bb+VjqCeO5mZDtACmHgEz0hpKteRJp8jpqRPfFwUu1pJ2ZWC8r+Yztmg/QcLQEo7
BiJypKqEQ3GjDzVJPK46i3Nepx+USChwCc+7hhuqw2f88HQSMNQTYAZsg6oi/18v
6ZcRK0cHcRNGi7N6EWwLNIAkrQswvtmslL9waYleC/8wpQptF27VNkSFfQBjP2qN
OSb7Xh0eaxCUvMql41ji/2c=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:41:54 2025 by rpki-client