Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B5A97E0A4E0211EEAFCAD744C4F9AE02.roa
File: B5A97E0A4E0211EEAFCAD744C4F9AE02.roa (raw, json)
Hash identifier: 92DqR3Rgj6fT0oLivoyn6GLq5j1KyMj/35GQC3ayOFc=
Subject key identifier: 2F:88:0C:DE:DB:33:11:A1:47:16:BA:D0:6F:EB:12:8E:8F:E8:64:AD
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 08F0
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B5A97E0A4E0211EEAFCAD744C4F9AE02.roa
Signing time: Fri 08 Sep 2023 04:46:44 +0000
ROA not before: Fri 08 Sep 2023 04:46:44 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 139.190.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2288 (0x8f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Sep 8 04:46:44 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64faa734-ddeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f8:f1:b4:79:98:85:c7:5d:5f:53:d7:61:8b:
9b:dd:9f:c2:ba:47:5e:a7:82:1d:ce:4f:c5:91:5b:
15:37:54:30:ce:94:25:25:99:58:49:22:76:6b:8d:
3f:a6:2c:09:75:43:17:b0:a4:ea:2e:9e:22:d4:b9:
04:06:30:a7:9e:b0:66:5f:59:0a:ed:ba:ed:53:54:
d1:e3:2c:53:bc:86:4b:71:e8:e1:dd:88:38:81:30:
d9:51:d6:a6:22:d1:7f:1a:99:ec:8f:13:ce:a9:58:
c8:47:26:90:35:b7:24:46:04:df:c8:d1:ed:d6:83:
ce:3e:c6:8f:81:fd:9c:08:cb:30:11:a4:8a:48:2e:
55:49:d1:52:21:26:f0:14:15:78:96:eb:29:ff:0e:
6a:59:3a:f3:ea:be:82:35:ea:55:af:20:ce:13:9d:
45:a5:c2:0e:a3:3e:09:21:77:73:d9:e0:59:e3:a9:
7b:e5:4f:46:61:f3:79:0f:a0:80:7e:b0:7d:73:87:
aa:b4:82:c9:e6:e6:33:a2:64:94:74:58:a8:d3:0f:
b7:7b:c0:15:0f:ef:6b:bb:94:a6:bb:05:b9:c9:13:
98:1b:4d:29:26:ba:7c:5c:5a:c5:0b:a3:e1:ab:58:
5f:a1:f4:01:d5:71:be:c6:38:57:75:c7:74:85:67:
68:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:88:0C:DE:DB:33:11:A1:47:16:BA:D0:6F:EB:12:8E:8F:E8:64:AD
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B5A97E0A4E0211EEAFCAD744C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:f4:c4:4a:ea:6e:47:3e:09:9a:4a:fd:78:3d:c8:4c:a7:ed:
c6:9a:66:a7:3d:0a:8c:c2:b7:66:a8:77:7b:34:60:f6:9a:ef:
50:b7:c7:a3:a3:46:8d:13:59:a5:7a:3d:fb:c7:5b:2b:9c:4b:
e3:70:f5:ab:c8:c1:11:f5:63:a1:68:b1:22:73:d3:f1:45:da:
6e:fc:f6:31:f9:ed:1d:b0:b3:3f:63:af:e4:a0:db:4f:7f:b8:
92:5d:b0:0d:e1:15:4d:01:9e:f7:a6:8d:30:3d:d8:db:0c:41:
59:94:23:4c:98:b6:b3:78:d1:d3:16:00:db:56:2f:b5:83:fc:
bd:b4:31:cf:ac:c7:60:f0:97:0c:46:bb:10:2f:a0:9d:98:70:
b4:f7:78:e7:bb:7d:d6:9a:06:45:3d:d0:4c:bc:5b:ec:e6:15:
8f:28:be:14:11:de:b2:72:e0:1d:a4:60:32:c1:7b:05:6d:fd:
b3:02:3d:ea:d9:9f:fd:09:92:b4:d8:db:da:12:bd:51:5d:42:
83:2f:bd:98:39:e0:36:a8:4e:cf:32:6e:02:8e:c5:3e:e7:08:
b5:67:de:b7:2b:e0:aa:da:97:56:27:ad:cc:12:02:0f:bc:d3:
8f:87:9d:a3:19:69:45:65:b4:fa:ce:23:35:d4:57:51:d7:6d:
a0:d4:52:41
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjMwOTA4MDQ0NjQ0WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZhYTczNC1kZGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0/jxtHmYhcddX1PXYYub3Z/Cukdep4Idzk/FkVsVN1QwzpQlJZlYSSJ2a40/
piwJdUMXsKTqLp4i1LkEBjCnnrBmX1kK7brtU1TR4yxTvIZLcejh3Yg4gTDZUdam
ItF/GpnsjxPOqVjIRyaQNbckRgTfyNHt1oPOPsaPgf2cCMswEaSKSC5VSdFSISbw
FBV4lusp/w5qWTrz6r6CNepVryDOE51FpcIOoz4JIXdz2eBZ46l75U9GYfN5D6CA
frB9c4eqtILJ5uYzomSUdFio0w+3e8AVD+9ru5SmuwW5yROYG00pJrp8XFrFC6Ph
q1hfofQB1XG+xjhXdcd0hWdoqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFC+IDN7b
MxGhRxa60G/rEo6P6GStMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQjVBOTdFMEE0
RTAyMTFFRUFGQ0FENzQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKLviAwDQYJKoZIhvcNAQELBQADggEBAEv0xErqbkc+CZpK
/Xg9yEyn7caaZqc9CozCt2aod3s0YPaa71C3x6OjRo0TWaV6PfvHWyucS+Nw9avI
wRH1Y6FosSJz0/FF2m789jH57R2wsz9jr+Sg209/uJJdsA3hFU0BnvemjTA92NsM
QVmUI0yYtrN40dMWANtWL7WD/L20Mc+sx2DwlwxGuxAvoJ2YcLT3eOe7fdaaBkU9
0Ey8W+zmFY8ovhQR3rJy4B2kYDLBewVt/bMCPerZn/0JkrTY29oSvVFdQoMvvZg5
4DaoTs8ybgKOxT7nCLVn3rcr4Kral1YnrcwSAg+804+HnaMZaUVltPrOIzXUV1HX
baDUUkE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:38:41 2025 by rpki-client