Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/91298682014011EFBB667D5EC4F9AE02.roa
File: 91298682014011EFBB667D5EC4F9AE02.roa (raw, json)
Hash identifier: lpRJZ2lsBnPy3++mlReY9SIPOoVLwY5qJuAbeEKskrQ=
Subject key identifier: 1F:C4:0B:04:73:56:79:DE:42:B7:18:31:DD:64:F0:1A:02:6F:FE:1A
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0A01
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/91298682014011EFBB667D5EC4F9AE02.roa
Signing time: Tue 23 Apr 2024 08:06:19 +0000
ROA not before: Tue 23 Apr 2024 08:06:19 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 54702
IP address blocks: 139.190.0.0/22 maxlen: 24
139.190.8.0/22 maxlen: 24
139.190.12.0/22 maxlen: 24
139.190.16.0/22 maxlen: 24
139.190.20.0/22 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.28.0/22 maxlen: 24
139.190.44.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.56.0/22 maxlen: 24
139.190.100.0/22 maxlen: 24
139.190.112.0/22 maxlen: 24
139.190.116.0/22 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2561 (0xa01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Apr 23 08:06:19 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=66276bfa-433a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:81:b7:15:24:93:01:78:14:94:f6:87:1d:01:
66:53:a1:57:9d:33:c0:46:94:2b:79:ba:2d:65:48:
08:31:a4:a0:c4:d8:c9:31:0c:be:1e:f9:21:60:40:
9e:d8:6b:23:de:12:45:ae:bf:49:4b:90:f6:17:c1:
bb:26:63:e1:01:54:57:67:92:a7:af:21:3e:8c:e7:
6e:43:5b:42:96:45:ce:6c:11:33:1d:da:39:54:3b:
ea:36:56:74:6c:2e:79:f3:00:fb:52:5b:aa:db:19:
0d:6f:51:6a:ea:b8:13:0d:fe:6e:75:d4:b1:21:ac:
e0:30:55:c4:96:5f:c9:16:39:2b:e1:d5:14:c2:e1:
31:33:51:c4:f1:c1:b4:83:f5:e5:1e:74:a3:1c:ef:
5c:cb:d2:a7:67:a0:00:ce:28:cc:75:ad:3a:85:af:
7e:37:ff:11:d3:af:01:95:63:ed:b6:ab:cd:b3:54:
fd:00:87:88:c3:2d:9b:99:f8:ad:c4:6d:7c:81:25:
6f:c5:ec:97:d8:1d:62:4c:32:77:3b:0a:d5:53:fb:
e0:97:43:42:04:ed:c3:55:ab:2c:45:73:91:4e:40:
00:c0:3c:7d:67:52:84:72:ac:f8:f6:1c:d2:55:86:
7b:1e:19:1b:e2:46:78:8e:e8:24:82:15:dc:9a:9b:
98:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C4:0B:04:73:56:79:DE:42:B7:18:31:DD:64:F0:1A:02:6F:FE:1A
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/91298682014011EFBB667D5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/22
139.190.8.0-139.190.31.255
139.190.44.0/22
139.190.52.0-139.190.59.255
139.190.100.0/22
139.190.112.0/21
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:69:de:9a:24:a7:40:4c:7b:aa:90:e8:74:05:04:cd:58:4e:
eb:81:c2:9e:bd:4a:eb:f5:e5:6b:7f:be:29:4f:4c:dc:52:2f:
0f:8f:bf:43:ee:90:7e:cd:77:21:8f:17:a0:4a:15:4e:87:37:
e1:6a:5c:ad:00:58:5e:b2:4a:50:4f:0a:57:84:90:a1:14:a9:
b3:89:6a:5d:84:d3:5e:ea:51:0f:3b:7d:1b:01:aa:5e:74:92:
53:56:7f:7c:d5:92:a3:5a:b2:e6:69:12:2e:12:ec:1b:38:67:
80:ea:15:1f:26:26:d8:d0:21:1d:5e:3c:d1:bf:b1:84:28:eb:
ed:eb:e7:6e:9b:da:ac:8a:47:32:3c:54:b7:da:15:ec:05:87:
91:57:e5:ad:9f:9d:ba:1a:f0:2a:a6:c7:2a:de:4c:c6:2a:7a:
ba:1e:d4:2a:fa:20:3f:6d:fe:b8:a4:87:15:76:0e:23:79:8f:
f9:0a:e7:87:7e:09:e9:43:bb:fc:c7:8a:0c:ee:88:f2:12:d6:
75:46:dc:5d:22:c7:36:69:51:28:01:cc:56:70:7e:64:3b:12:
24:0a:f8:81:18:48:3d:2a:45:dd:54:5f:89:51:95:50:b8:45:
8e:2d:6b:f7:13:d9:79:b1:55:e2:66:02:68:4d:58:b3:d2:d5:
2f:89:49:33
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICCgEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwNDIzMDgwNjE5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI3NmJmYS00MzNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvIG3FSSTAXgUlPaHHQFmU6FXnTPARpQrebotZUgIMaSgxNjJMQy+HvkhYECe
2Gsj3hJFrr9JS5D2F8G7JmPhAVRXZ5KnryE+jOduQ1tClkXObBEzHdo5VDvqNlZ0
bC558wD7Uluq2xkNb1Fq6rgTDf5uddSxIazgMFXEll/JFjkr4dUUwuExM1HE8cG0
g/XlHnSjHO9cy9KnZ6AAzijMda06ha9+N/8R068BlWPttqvNs1T9AIeIwy2bmfit
xG18gSVvxeyX2B1iTDJ3OwrVU/vgl0NCBO3DVassRXORTkAAwDx9Z1KEcqz49hzS
VYZ7Hhkb4kZ4jugkghXcmpuYWQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFB/ECwRz
VnneQrcYMd1k8BoCb/4aMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOTEyOTg2ODIw
MTQwMTFFRkJCNjY3RDVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E
RDBCMEAEAgABMDoDBAKLvgAwDAMEA4u+CAMEBYu+AAMEAou+LDAMAwQCi740AwQC
i744AwQCi75kAwQDi75wAwQAi77vMA0GCSqGSIb3DQEBCwUAA4IBAQDXad6aJKdA
THuqkOh0BQTNWE7rgcKevUrr9eVrf74pT0zcUi8Pj79D7pB+zXchjxegShVOhzfh
alytAFheskpQTwpXhJChFKmziWpdhNNe6lEPO30bAapedJJTVn981ZKjWrLmaRIu
EuwbOGeA6hUfJibY0CEdXjzRv7GEKOvt6+dum9qsikcyPFS32hXsBYeRV+Wtn526
GvAqpscq3kzGKnq6HtQq+iA/bf64pIcVdg4jeY/5CueHfgnpQ7v8x4oM7ojyEtZ1
RtxdIsc2aVEoAcxWcH5kOxIkCviBGEg9KkXdVF+JUZVQuEWOLWv3E9l5sVXiZgJo
TViz0tUviUkz
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:35:21 2025 by rpki-client