Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/BE0C16060B5E11EFA6867D6FC4F9AE02.roa
File: BE0C16060B5E11EFA6867D6FC4F9AE02.roa (raw, json)
Hash identifier: mF30mUnG46Mr3WtTcPX15G4umncWtXLNvFdpcM4GUqE=
Subject key identifier: D5:95:73:C3:8B:AF:AF:49:36:9D:A4:4D:AE:22:32:8D:86:5B:B1:85
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0A7D
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/BE0C16060B5E11EFA6867D6FC4F9AE02.roa
Signing time: Mon 06 May 2024 05:03:31 +0000
ROA not before: Mon 06 May 2024 05:03:31 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 139.190.0.0/22 maxlen: 22
139.190.8.0/22 maxlen: 22
139.190.12.0/22 maxlen: 22
139.190.16.0/22 maxlen: 22
139.190.20.0/22 maxlen: 22
139.190.24.0/22 maxlen: 22
139.190.28.0/22 maxlen: 22
139.190.44.0/22 maxlen: 22
139.190.52.0/22 maxlen: 22
139.190.56.0/22 maxlen: 22
139.190.100.0/22 maxlen: 22
139.190.112.0/22 maxlen: 22
139.190.116.0/22 maxlen: 22
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2685 (0xa7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: May 6 05:03:31 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=663864a3-9f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e3:73:7c:d5:3e:fc:af:cf:d9:24:38:b6:88:
64:cf:5b:1c:02:b7:71:da:d2:bc:ca:60:18:df:71:
d3:8c:7e:f7:fd:34:7c:70:dc:3f:24:3c:7d:c6:9e:
dd:e0:64:da:19:71:37:25:10:30:90:53:bc:b6:6a:
e0:46:3d:52:da:c9:3f:8c:4a:72:0a:1a:0b:9d:5e:
a6:52:25:49:63:fd:57:22:aa:8d:ad:bd:7f:7a:93:
a7:22:e1:2a:f6:aa:1c:5f:8b:be:15:c2:90:ee:ee:
74:7b:90:c6:7d:25:01:e4:d6:d4:11:35:d2:41:2f:
d8:a7:86:f4:e4:21:cc:f6:08:5e:38:97:db:0a:a0:
0e:c3:b8:5d:b8:68:9a:06:71:6c:c3:88:97:4e:60:
98:5d:f8:c2:34:c1:b7:9a:f5:41:ce:f5:b3:bb:b2:
63:7e:f9:a4:95:4c:d3:c6:f9:8b:a0:cc:8f:8e:e5:
80:8f:1c:fe:f4:0e:98:b4:58:3d:e8:35:4f:ad:83:
4a:38:2f:8d:7f:17:a2:fc:5f:c3:7d:db:9f:14:54:
50:16:93:5d:33:b8:ad:27:ed:a8:df:8b:8e:b2:e9:
3b:37:28:2d:65:88:ce:b6:84:27:88:10:25:46:52:
e6:51:54:9c:be:fc:0a:a1:65:39:3a:8f:0d:ed:c2:
e1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:95:73:C3:8B:AF:AF:49:36:9D:A4:4D:AE:22:32:8D:86:5B:B1:85
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/BE0C16060B5E11EFA6867D6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/22
139.190.8.0-139.190.31.255
139.190.44.0/22
139.190.52.0-139.190.59.255
139.190.100.0/22
139.190.112.0/21
139.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:e4:7b:2f:10:5f:a7:b1:40:0b:4f:78:75:02:21:5f:6e:d7:
7c:0c:86:d5:3d:33:1a:c6:e6:13:4a:91:70:b1:03:01:9f:63:
b4:ef:03:29:8f:a5:f0:37:5e:26:a9:51:ca:dd:c3:6a:57:2a:
ea:e0:7c:a3:7c:8d:a5:dd:cc:16:55:13:de:e8:4e:30:23:c1:
0d:8b:f4:56:2f:5e:44:2b:e8:d9:14:3d:42:1b:29:f2:b2:dc:
2a:2f:4a:7e:79:e3:e4:42:cd:92:a5:26:1a:8b:1e:dc:ab:14:
41:24:4f:ed:42:a4:11:08:ba:47:4a:bf:97:23:64:f2:f9:30:
2a:12:5a:41:9f:ea:f4:67:a5:ff:8b:f4:eb:a6:ee:79:76:98:
5c:48:e8:75:0a:ae:18:79:fe:64:e6:0e:f0:6c:35:82:0f:23:
c6:53:be:85:d8:47:31:eb:cf:1d:23:72:9c:b6:c8:69:72:45:
2b:16:8c:a8:2c:80:85:1b:2c:92:36:c0:c1:d4:43:7c:ec:43:
06:c1:6b:15:27:0b:da:b1:73:a2:23:2f:9f:5e:87:71:c1:d5:
83:22:91:85:fc:e1:35:ba:f4:df:d1:e0:47:3d:ab:f2:60:0d:
93:9c:25:bc:8d:5c:b9:8a:47:a0:42:e8:27:cd:64:74:74:91:
15:f2:02:47
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICCn0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwNTA2MDUwMzMxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4NjRhMy05ZjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1+NzfNU+/K/P2SQ4tohkz1scArdx2tK8ymAY33HTjH73/TR8cNw/JDx9xp7d
4GTaGXE3JRAwkFO8tmrgRj1S2sk/jEpyChoLnV6mUiVJY/1XIqqNrb1/epOnIuEq
9qocX4u+FcKQ7u50e5DGfSUB5NbUETXSQS/Yp4b05CHM9gheOJfbCqAOw7hduGia
BnFsw4iXTmCYXfjCNMG3mvVBzvWzu7JjfvmklUzTxvmLoMyPjuWAjxz+9A6YtFg9
6DVPrYNKOC+Nfxei/F/DfdufFFRQFpNdM7itJ+2o34uOsuk7NygtZYjOtoQniBAl
RlLmUVScvvwKoWU5Oo8N7cLhPQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFNWVc8OL
r69JNp2kTa4iMo2GW7GFMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQkUwQzE2MDYw
QjVFMTFFRkE2ODY3RDZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E
RDBCMEAEAgABMDoDBAKLvgAwDAMEA4u+CAMEBYu+AAMEAou+LDAMAwQCi740AwQC
i744AwQCi75kAwQDi75wAwQAi77vMA0GCSqGSIb3DQEBCwUAA4IBAQCo5HsvEF+n
sUALT3h1AiFfbtd8DIbVPTMaxuYTSpFwsQMBn2O07wMpj6XwN14mqVHK3cNqVyrq
4HyjfI2l3cwWVRPe6E4wI8ENi/RWL15EK+jZFD1CGynystwqL0p+eePkQs2SpSYa
ix7cqxRBJE/tQqQRCLpHSr+XI2Ty+TAqElpBn+r0Z6X/i/Trpu55dphcSOh1Cq4Y
ef5k5g7wbDWCDyPGU76F2Ecx688dI3KctshpckUrFoyoLICFGyySNsDB1EN87EMG
wWsVJwvasXOiIy+fXodxwdWDIpGF/OE1uvTf0eBHPavyYA2TnCW8jVy5ikegQugn
zWR0dJEV8gJH
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:39:55 2025 by rpki-client