Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/A19FE5C6A57211EE982C0331C4F9AE02.roa
File: A19FE5C6A57211EE982C0331C4F9AE02.roa (raw, json)
Hash identifier: BABIDs6sbfD4eChPfq7FAQ/LRhgODnZPMOISmhi4lj8=
Subject key identifier: C5:C9:60:DA:0F:8A:D8:B4:5A:F5:DC:51:4B:4A:2C:70:37:55:7A:9B
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 097D
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/A19FE5C6A57211EE982C0331C4F9AE02.roa
Signing time: Sun 07 Jan 2024 16:05:06 +0000
ROA not before: Sun 07 Jan 2024 16:05:06 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.4.0/22 maxlen: 24
139.190.20.0/22 maxlen: 24
139.190.28.0/22 maxlen: 24
139.190.48.0/22 maxlen: 24
139.190.56.0/22 maxlen: 24
139.190.96.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2429 (0x97d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Jan 7 16:05:06 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=659acbb2-ce84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c3:c9:d9:81:67:dc:a6:28:7c:ca:f8:96:cc:
96:1c:c6:3a:f1:81:48:cf:57:8c:60:0b:45:21:44:
97:2d:76:aa:43:4f:4e:9a:31:58:3b:3a:69:f0:36:
5d:e2:5a:96:15:bb:ee:87:73:6e:13:f4:58:9f:d8:
86:be:1b:78:30:6b:e3:60:43:d5:12:65:d7:36:af:
2e:ea:d0:e8:e3:59:c3:d4:8b:a3:eb:a9:18:37:0d:
7d:50:61:5e:84:dc:36:f1:c4:1f:80:c3:1c:31:a1:
51:5d:81:b1:2d:53:e1:67:ec:bd:87:fe:e7:52:b7:
df:3d:45:06:5e:17:a5:87:e0:b6:0a:58:4a:2f:fe:
41:d8:2d:6b:46:a7:a0:d9:c1:f8:0d:b8:96:35:ca:
b0:ed:30:e0:b1:2b:60:ce:94:4e:b8:6c:2f:8e:d0:
25:91:77:9c:75:59:7b:20:4c:05:51:16:5a:36:1a:
05:77:98:a8:fd:d8:b0:92:9a:78:94:25:cc:e9:59:
7e:8e:7e:e0:6d:67:15:f2:50:3c:df:06:a2:4a:8a:
c6:4c:91:4d:d2:1b:25:35:15:64:06:21:65:81:33:
fb:1b:ff:90:45:67:38:2f:b9:cc:be:ab:aa:32:e6:
31:b5:22:45:37:21:a3:25:bc:43:55:6d:d9:df:af:
6b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C9:60:DA:0F:8A:D8:B4:5A:F5:DC:51:4B:4A:2C:70:37:55:7A:9B
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/A19FE5C6A57211EE982C0331C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.4.0/22
139.190.20.0/22
139.190.28.0/22
139.190.48.0/22
139.190.56.0/22
139.190.96.0/22
Signature Algorithm: sha256WithRSAEncryption
92:52:e3:83:41:4c:ec:75:7b:1e:4d:73:15:35:d5:5b:f9:ca:
54:51:b5:ed:42:5c:a4:47:7a:e8:30:d8:0b:8e:25:e4:8a:9a:
75:69:69:13:64:94:8b:0f:f8:5b:51:9c:1b:6a:ea:0e:00:17:
9b:9f:d2:d9:61:e7:49:0e:36:80:53:33:32:aa:c1:16:2b:cb:
e0:9e:a7:d7:00:2f:da:75:00:27:6a:c4:c7:b5:25:1b:80:0e:
17:47:a0:e8:13:30:f4:82:df:e3:e3:f7:cc:bf:64:69:2f:4a:
1e:c8:85:ed:26:ac:40:cb:6c:a8:79:6d:06:5b:f5:1a:ac:6a:
ab:21:6c:45:7a:23:8f:e1:92:cd:cb:fd:85:79:bb:db:f2:58:
52:93:70:4b:8a:73:34:4d:25:11:0b:0c:84:26:95:6f:00:e9:
99:bc:57:30:b6:9b:7b:cb:46:de:af:79:66:31:ae:7c:2a:b2:
5e:46:06:36:69:48:db:48:d4:84:16:98:ff:9c:aa:e0:38:b4:
a3:e2:87:45:da:ae:8c:32:da:97:2d:b7:69:d0:12:71:8d:39:
aa:b7:c8:25:be:af:c0:57:a4:28:4c:2d:8e:a2:f7:73:bf:b7:
16:fe:24:95:94:de:25:54:35:a1:de:3b:8e:12:3b:7f:5c:41:
94:ca:11:a1
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICCX0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwMTA3MTYwNTA2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTlhY2JiMi1jZTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv8PJ2YFn3KYofMr4lsyWHMY68YFIz1eMYAtFIUSXLXaqQ09OmjFYOzpp8DZd
4lqWFbvuh3NuE/RYn9iGvht4MGvjYEPVEmXXNq8u6tDo41nD1Iuj66kYNw19UGFe
hNw28cQfgMMcMaFRXYGxLVPhZ+y9h/7nUrffPUUGXhelh+C2ClhKL/5B2C1rRqeg
2cH4DbiWNcqw7TDgsStgzpROuGwvjtAlkXecdVl7IEwFURZaNhoFd5io/diwkpp4
lCXM6Vl+jn7gbWcV8lA83waiSorGTJFN0hslNRVkBiFlgTP7G/+QRWc4L7nMvquq
MuYxtSJFNyGjJbxDVW3Z369r8wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFMXJYNoP
iti0WvXcUUtKLHA3VXqbMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQTE5RkU1QzZB
NTcyMTFFRTk4MkMwMzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAKLvgQDBAKLvhQDBAKLvhwDBAKLvjADBAKLvjgDBAKLvmAw
DQYJKoZIhvcNAQELBQADggEBAJJS44NBTOx1ex5NcxU11Vv5ylRRte1CXKRHeugw
2AuOJeSKmnVpaRNklIsP+FtRnBtq6g4AF5uf0tlh50kONoBTMzKqwRYry+Cep9cA
L9p1ACdqxMe1JRuADhdHoOgTMPSC3+Pj98y/ZGkvSh7Ihe0mrEDLbKh5bQZb9Rqs
aqshbEV6I4/hks3L/YV5u9vyWFKTcEuKczRNJRELDIQmlW8A6Zm8VzC2m3vLRt6v
eWYxrnwqsl5GBjZpSNtI1IQWmP+cquA4tKPih0Xarowy2pctt2nQEnGNOaq3yCW+
r8BXpChMLY6i93O/txb+JJWU3iVUNaHeO44SO39cQZTKEaE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:31:50 2025 by rpki-client