Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/CE9A8294440111EDA63B1315C4F9AE02.roa
File: CE9A8294440111EDA63B1315C4F9AE02.roa (raw, json)
Hash identifier: k3iZ5fzQiuUWDXmTwGpTeNfj/prKTi3lqJMI4st8MN4=
Subject key identifier: 77:4C:C0:57:26:20:71:B7:1D:7C:49:11:A3:84:E5:83:DD:83:CD:F3
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 07AC
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/CE9A8294440111EDA63B1315C4F9AE02.roa
Signing time: Tue 04 Oct 2022 16:30:07 +0000
ROA not before: Tue 04 Oct 2022 16:30:07 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 139.190.8.0/22 maxlen: 24
139.190.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1964 (0x7ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Oct 4 16:30:07 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=633c5f8f-c027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:52:54:cc:21:b4:64:5f:20:5e:6a:62:a4:
15:ca:18:e4:cc:b7:19:6c:27:06:69:1a:1c:91:6f:
e1:a0:4f:51:f0:4e:fa:67:09:93:ec:d1:06:f6:47:
f5:2d:27:90:9f:4c:be:a2:ba:da:3e:48:e0:33:15:
09:b9:b9:df:7d:e3:96:82:ac:8f:ee:11:26:53:b3:
fa:0a:b4:7e:7e:4d:f6:29:89:62:7b:ee:7f:6b:54:
5d:08:df:c9:3b:e1:e9:4c:ec:28:78:05:81:ff:c8:
93:ab:31:51:6e:b8:a8:39:49:45:b4:58:dc:6a:d8:
3d:88:01:12:38:5e:1c:c7:4c:1f:8d:a4:6b:e8:a6:
bb:a8:9e:4e:81:3d:cf:62:46:08:b6:e6:60:4d:02:
a8:58:ea:c4:2e:05:9d:13:67:2e:29:c8:72:3a:de:
85:6c:61:ea:49:9c:3d:36:89:e8:b0:ef:1f:b8:27:
4e:bd:0f:5f:03:fd:01:20:bc:37:2a:7a:15:ef:48:
35:7b:8b:41:99:8f:16:d2:08:41:09:05:d3:5c:e2:
23:b9:38:27:1f:76:9f:aa:91:00:de:2b:06:88:59:
0a:1c:1e:32:bd:f9:5d:b6:98:e1:a3:de:73:99:0b:
7f:a4:b9:a9:ff:ed:7e:d0:b7:85:3e:f0:ba:bc:ce:
02:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:4C:C0:57:26:20:71:B7:1D:7C:49:11:A3:84:E5:83:DD:83:CD:F3
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/CE9A8294440111EDA63B1315C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.8.0/22
139.190.16.0/22
Signature Algorithm: sha256WithRSAEncryption
60:4a:7b:e5:9d:b2:79:31:47:76:51:29:23:08:73:d2:9b:ca:
31:84:e9:7b:46:27:2a:00:e6:d8:51:da:f6:ec:7b:e1:e0:f0:
21:8d:62:8b:a6:da:69:df:96:51:87:ba:fc:71:fd:07:ed:64:
88:5d:24:e4:e4:30:66:f8:ab:4d:03:4b:77:34:fe:90:3a:9e:
c9:99:02:08:fa:1b:86:e9:f1:44:0f:5d:b3:ac:28:91:0e:94:
21:81:e7:7d:c4:4e:38:e4:84:03:d0:dc:41:56:42:f5:56:12:
4d:73:bf:c4:5b:dd:dc:39:a5:19:9b:9e:7e:75:51:7d:bb:b6:
13:34:45:30:60:28:32:f2:98:d1:e3:30:cc:cd:e5:80:8a:de:
2a:6a:d3:a0:b4:5c:f1:db:e7:45:ef:82:53:d8:62:36:3c:2c:
96:06:c4:2f:bf:f0:05:f6:6e:cf:a7:52:d2:72:83:9c:1c:86:
24:72:1c:d6:fb:94:b4:20:98:94:69:84:55:d6:da:ea:b8:a8:
b1:5c:22:96:a1:7d:79:9a:7b:bc:65:44:6c:8d:57:29:32:6b:
68:79:d7:57:43:3f:b0:cf:78:32:3d:ee:b1:7c:e1:95:11:e5:
2d:b2:ea:fe:b5:4b:2a:73:2a:68:a4:97:f7:e1:c2:36:e0:f6:
83:c2:07:1f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICB6wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIxMDA0MTYzMDA3WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNjNWY4Zi1jMDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuuRSVMwhtGRfIF5qYqQVyhjkzLcZbCcGaRockW/hoE9R8E76ZwmT7NEG9kf1
LSeQn0y+orraPkjgMxUJubnffeOWgqyP7hEmU7P6CrR+fk32KYlie+5/a1RdCN/J
O+HpTOwoeAWB/8iTqzFRbrioOUlFtFjcatg9iAESOF4cx0wfjaRr6Ka7qJ5OgT3P
YkYItuZgTQKoWOrELgWdE2cuKchyOt6FbGHqSZw9NonosO8fuCdOvQ9fA/0BILw3
KnoV70g1e4tBmY8W0ghBCQXTXOIjuTgnH3afqpEA3isGiFkKHB4yvfldtpjho95z
mQt/pLmp/+1+0LeFPvC6vM4CTwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHdMwFcm
IHG3HXxJEaOE5YPdg83zMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQ0U5QTgyOTQ0
NDAxMTFFREE2M0IxMzE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAKLvggDBAKLvhAwDQYJKoZIhvcNAQELBQADggEBAGBKe+Wd
snkxR3ZRKSMIc9KbyjGE6XtGJyoA5thR2vbse+Hg8CGNYoum2mnfllGHuvxx/Qft
ZIhdJOTkMGb4q00DS3c0/pA6nsmZAgj6G4bp8UQPXbOsKJEOlCGB533ETjjkhAPQ
3EFWQvVWEk1zv8Rb3dw5pRmbnn51UX27thM0RTBgKDLymNHjMMzN5YCK3ipq06C0
XPHb50XvglPYYjY8LJYGxC+/8AX2bs+nUtJyg5wchiRyHNb7lLQgmJRphFXW2uq4
qLFcIpahfXmae7xlRGyNVykya2h511dDP7DPeDI97rF84ZUR5S2y6v61SypzKmik
l/fhwjbg9oPCBx8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:01 2025 by rpki-client