Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/D53027AC43AD11EDAD491729C4F9AE02.roa
File: D53027AC43AD11EDAD491729C4F9AE02.roa (raw, json)
Hash identifier: K22/Y4lt6zyQthvy1S64jm6QEy0uaYGXbLj7ZDFpXC0=
Subject key identifier: 88:39:0F:F6:AA:B1:55:06:EF:DD:25:D2:E9:D2:C7:E3:8C:CE:88:FA
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0A57
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/D53027AC43AD11EDAD491729C4F9AE02.roa
Signing time: Fri 26 Apr 2024 11:19:38 +0000
ROA not before: Fri 26 Apr 2024 11:19:38 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 139.190.24.0/22 maxlen: 24
139.190.28.0/22 maxlen: 24
139.190.32.0/22 maxlen: 24
139.190.44.0/22 maxlen: 24
139.190.56.0/22 maxlen: 24
139.190.112.0/22 maxlen: 24
139.190.116.0/22 maxlen: 24
139.190.124.0/22 maxlen: 24
139.190.239.0/24 maxlen: 24
139.190.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2647 (0xa57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Apr 26 11:19:38 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=662b8dca-dd7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:28:b1:02:61:b3:e0:75:a0:e5:35:eb:ce:5b:
36:33:cd:9e:bc:7f:56:a5:1e:4e:6f:36:22:b7:08:
49:60:3d:3f:56:54:3c:5d:b7:06:b2:5b:44:b6:f3:
32:87:61:4e:e2:61:6c:1c:23:95:98:38:ab:f3:71:
e7:e2:9d:d0:38:f8:1b:f5:9b:81:67:5a:6f:b4:05:
b6:04:86:62:12:bb:12:ea:a0:d1:c6:73:90:ef:08:
2e:3c:80:67:7a:6b:c0:c8:e9:4c:60:c7:00:1d:50:
fa:78:5b:28:88:ec:2a:be:1d:e9:ae:4e:e2:11:93:
3c:5a:dd:eb:10:73:5f:b3:21:df:b8:c0:16:df:46:
5f:2a:aa:22:7f:70:83:6a:20:40:06:7a:7b:c3:73:
24:6b:3a:44:46:02:bc:e4:d7:c7:5c:2d:17:b0:af:
5b:40:eb:88:dd:c4:a1:03:49:49:7e:31:f0:bf:e6:
70:5e:d8:9c:ee:c2:d6:26:97:0e:b7:af:c1:cd:76:
72:db:ec:a7:cf:04:51:ed:25:06:e8:a1:e0:19:ae:
6a:36:26:d9:d5:94:0f:2d:c1:e9:d6:45:1a:8c:f7:
5d:a4:dd:6b:c8:49:b7:a1:8a:e0:c3:8a:59:67:63:
8a:68:98:4d:8b:70:b6:c5:a6:5f:e6:b3:83:50:0f:
bc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:39:0F:F6:AA:B1:55:06:EF:DD:25:D2:E9:D2:C7:E3:8C:CE:88:FA
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/D53027AC43AD11EDAD491729C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.24.0-139.190.35.255
139.190.44.0/22
139.190.56.0/22
139.190.112.0/21
139.190.124.0/22
139.190.239.0-139.190.255.255
Signature Algorithm: sha256WithRSAEncryption
c7:39:6d:a2:0b:af:3d:5b:18:b7:a9:ca:8a:25:40:be:c4:d4:
24:db:36:22:42:11:b3:2e:b0:99:69:c1:a9:2d:d4:ec:09:b9:
c5:cc:b4:d1:25:af:d2:67:76:2b:16:1b:99:64:7d:e6:28:e3:
1c:95:b3:f0:d6:d5:88:07:8a:53:24:39:e5:aa:d7:6e:e8:7f:
4e:a6:a2:ec:bc:fb:d0:4c:bc:cd:6f:64:ec:bf:31:ac:5e:af:
ce:b2:5e:63:ac:df:3a:36:4b:8f:63:a5:d4:11:3a:c1:25:f4:
68:9b:08:d5:50:07:4b:c5:84:7f:64:19:51:39:d0:22:a1:6a:
0b:03:a6:d7:20:97:b5:5a:90:dc:ad:59:78:60:17:e5:56:88:
71:40:b1:cf:59:7b:0b:11:c0:96:aa:5a:c0:57:bf:ec:52:82:
58:2a:1f:d9:ec:20:a9:30:b9:09:70:ca:a8:e4:ac:53:94:ac:
fe:e8:0d:e4:90:83:dd:81:a3:0f:d0:b3:f6:e8:31:36:61:6a:
92:26:d3:8b:d4:0f:6a:a0:6c:d7:41:36:b7:63:1f:eb:50:39:
90:df:68:aa:29:4d:19:01:2b:99:01:12:9b:8e:eb:89:85:8a:
83:bc:52:05:50:5f:0e:6e:69:ef:9b:4f:2c:4a:81:41:34:a5:
c8:05:04:a5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICClcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQwNDI2MTExOTM4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJiOGRjYS1kZDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5CixAmGz4HWg5TXrzls2M82evH9WpR5ObzYitwhJYD0/VlQ8XbcGsltEtvMy
h2FO4mFsHCOVmDir83Hn4p3QOPgb9ZuBZ1pvtAW2BIZiErsS6qDRxnOQ7wguPIBn
emvAyOlMYMcAHVD6eFsoiOwqvh3prk7iEZM8Wt3rEHNfsyHfuMAW30ZfKqoif3CD
aiBABnp7w3MkazpERgK85NfHXC0XsK9bQOuI3cShA0lJfjHwv+ZwXtic7sLWJpcO
t6/BzXZy2+ynzwRR7SUG6KHgGa5qNibZ1ZQPLcHp1kUajPddpN1ryEm3oYrgw4pZ
Z2OKaJhNi3C2xaZf5rODUA+8lQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFIg5D/aq
sVUG790l0unSx+OMzoj6MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRDUzMDI3QUM0
M0FEMTFFREFENDkxNzI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MDkEAgABMDMwDAMEA4u+GAMEAou+IAMEAou+LAMEAou+OAMEA4u+cAMEAou+
fDALAwQAi77vAwMAi74wDQYJKoZIhvcNAQELBQADggEBAMc5baILrz1bGLepyool
QL7E1CTbNiJCEbMusJlpwakt1OwJucXMtNElr9JndisWG5lkfeYo4xyVs/DW1YgH
ilMkOeWq127of06mouy8+9BMvM1vZOy/Maxer86yXmOs3zo2S49jpdQROsEl9Gib
CNVQB0vFhH9kGVE50CKhagsDptcgl7VakNytWXhgF+VWiHFAsc9ZewsRwJaqWsBX
v+xSglgqH9nsIKkwuQlwyqjkrFOUrP7oDeSQg92Bow/Qs/boMTZhapIm04vUD2qg
bNdBNrdjH+tQOZDfaKopTRkBK5kBEpuO64mFioO8UgVQXw5uae+bTyxKgUE0pcgF
BKU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:44:34 2025 by rpki-client