Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/CF87369A0CCD11ED97C94316C4F9AE02.roa
File: CF87369A0CCD11ED97C94316C4F9AE02.roa (raw, json)
Hash identifier: xr1Cjtpnoa58KzAu4FGSdVayFdNe0XokD8qAunkZ2/U=
Subject key identifier: 71:C4:9C:00:5A:7B:EB:01:BE:38:07:25:8E:1A:C5:9D:F1:51:6F:65
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 070A
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/CF87369A0CCD11ED97C94316C4F9AE02.roa
Signing time: Tue 26 Jul 2022 10:29:21 +0000
ROA not before: Tue 26 Jul 2022 10:29:21 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 13768
IP address blocks: 139.190.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1802 (0x70a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Jul 26 10:29:21 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62dfc201-e479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c9:d9:16:9d:2f:1d:38:79:fd:fd:a9:a8:7a:
4b:a6:da:a2:d2:5b:25:67:f9:f4:d9:31:75:32:85:
5f:df:0c:3e:0c:ff:79:1a:bf:73:81:1b:4d:e0:ba:
ea:e9:c6:67:c7:47:c4:f6:0a:82:78:7e:07:6b:8f:
21:d0:16:50:b8:2e:f6:e9:94:10:bc:80:f8:0b:d3:
f8:48:ba:6c:7b:da:82:f6:5a:2d:15:51:bb:82:d1:
e0:cb:a9:85:65:97:aa:13:74:2a:fa:f5:fd:94:8c:
99:a9:2d:e5:75:05:05:f7:02:8c:82:c0:75:aa:d2:
f6:21:c5:aa:6d:f2:c2:57:ef:ca:ff:76:99:40:88:
2f:26:4f:b2:f4:c5:7b:ef:ec:28:30:9d:a5:b7:1d:
c7:9d:d6:63:46:d7:c0:f6:2b:9d:9d:12:4e:eb:3a:
63:89:1b:e3:f6:b5:d3:a7:c6:b8:ef:66:dd:a7:51:
20:52:66:36:81:73:59:6b:6f:07:9c:a0:09:84:c0:
76:d5:0f:a4:52:a7:59:58:a1:1c:f6:3a:43:7d:67:
04:ee:84:ef:a7:bb:be:a6:43:a7:ea:47:0d:49:65:
49:75:4c:b1:8e:5e:8e:0c:29:8f:8c:3f:21:ad:43:
21:99:c3:c3:7e:e0:1b:6b:0a:21:f4:83:c9:f1:bc:
05:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C4:9C:00:5A:7B:EB:01:BE:38:07:25:8E:1A:C5:9D:F1:51:6F:65
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/CF87369A0CCD11ED97C94316C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.108.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:ee:8e:91:52:5e:e7:db:ee:ba:38:fa:bf:21:ef:97:60:fa:
32:fc:c0:66:b7:e5:9e:1d:52:15:d0:d5:f5:c4:ad:f4:9d:cc:
39:d7:ad:aa:80:93:1f:d8:c0:e7:97:21:9e:2d:02:c4:e4:e0:
0b:78:cf:a9:11:73:a5:19:3f:f2:cd:80:a6:1b:ad:90:22:42:
93:93:7c:89:24:4f:df:55:3e:d7:e5:fa:24:9e:b2:62:a5:a9:
3e:f9:cb:f0:19:a8:7c:10:a5:4e:28:6d:e4:ba:55:e4:a7:8c:
86:97:2f:cb:a4:0f:5f:b5:24:d4:4b:57:98:01:e1:af:f7:c3:
3e:f6:c1:88:96:4f:9b:17:5a:c2:86:28:5d:1d:61:c9:e3:8e:
33:10:1d:c9:d2:89:c3:f5:f0:f6:38:4e:d2:b7:f7:69:cd:91:
bd:ae:c6:b6:99:b0:c7:51:4e:30:10:6b:a6:a9:43:45:c8:23:
87:68:68:cb:aa:16:f4:cf:21:81:37:e1:29:3c:01:5b:6b:b6:
27:08:15:72:7a:57:2e:63:8e:86:35:9a:e0:f8:a5:13:7b:a8:
2e:4b:36:bd:c4:1f:66:6a:55:7a:ef:f0:fb:bd:20:b1:31:39:
4d:b6:31:c1:46:6b:17:df:eb:7e:7a:fa:7e:a1:86:8e:4f:54:
33:56:40:43
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBwowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIwNzI2MTAyOTIxWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmRmYzIwMS1lNDc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAysnZFp0vHTh5/f2pqHpLptqi0lslZ/n02TF1MoVf3ww+DP95Gr9zgRtN4Lrq
6cZnx0fE9gqCeH4Ha48h0BZQuC726ZQQvID4C9P4SLpse9qC9lotFVG7gtHgy6mF
ZZeqE3Qq+vX9lIyZqS3ldQUF9wKMgsB1qtL2IcWqbfLCV+/K/3aZQIgvJk+y9MV7
7+woMJ2ltx3HndZjRtfA9iudnRJO6zpjiRvj9rXTp8a472bdp1EgUmY2gXNZa28H
nKAJhMB21Q+kUqdZWKEc9jpDfWcE7oTvp7u+pkOn6kcNSWVJdUyxjl6ODCmPjD8h
rUMhmcPDfuAbawoh9IPJ8bwF8wIDAQABo4IClTCCApEwHQYDVR0OBBYEFHHEnABa
e+sBvjgHJY4axZ3xUW9lMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQ0Y4NzM2OUEw
Q0NEMTFFRDk3Qzk0MzE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKLvmwwDQYJKoZIhvcNAQELBQADggEBAKrujpFSXufb7ro4
+r8h75dg+jL8wGa35Z4dUhXQ1fXErfSdzDnXraqAkx/YwOeXIZ4tAsTk4At4z6kR
c6UZP/LNgKYbrZAiQpOTfIkkT99VPtfl+iSesmKlqT75y/AZqHwQpU4obeS6VeSn
jIaXL8ukD1+1JNRLV5gB4a/3wz72wYiWT5sXWsKGKF0dYcnjjjMQHcnSicP18PY4
TtK392nNkb2uxraZsMdRTjAQa6apQ0XII4doaMuqFvTPIYE34Sk8AVtrticIFXJ6
Vy5jjoY1muD4pRN7qC5LNr3EH2ZqVXrv8Pu9ILExOU22McFGaxff6356+n6hho5P
VDNWQEM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:36:47 2025 by rpki-client