Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/E1FD7272884111EDAEA9B228C4F9AE02.roa
File: E1FD7272884111EDAEA9B228C4F9AE02.roa (raw, json)
Hash identifier: px1sFIJ5pwP0FlcgmDIMbOK/UOND+LrdvsLfX+4Qn78=
Subject key identifier: B0:A7:D2:A8:74:FB:E9:0F:72:DA:E4:8C:AC:6D:DD:1C:39:1B:55:76
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 080E
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/E1FD7272884111EDAEA9B228C4F9AE02.roa
Signing time: Fri 30 Dec 2022 13:00:06 +0000
ROA not before: Fri 30 Dec 2022 13:00:06 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 139.190.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2062 (0x80e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Dec 30 13:00:06 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63aee0d6-3988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:0e:b0:59:9a:58:33:11:b4:d7:cf:54:63:
23:18:8b:87:81:00:f9:a7:0c:37:12:c9:cd:e6:48:
75:ce:fd:52:5a:4d:cd:71:85:ca:2f:35:b9:77:44:
80:b6:5d:bf:8b:a0:e0:b0:b7:56:20:bc:88:93:06:
66:0d:22:15:95:f6:5b:01:a8:80:8b:0e:3e:d5:ad:
39:d2:39:e6:64:bc:ff:86:89:1d:5a:c2:54:d6:52:
fc:7f:34:f7:07:d1:c6:01:2f:c6:d3:c6:04:3a:b8:
22:69:a9:21:5b:98:87:8d:65:83:de:9c:d1:24:f9:
c7:63:3f:d8:8b:ed:00:68:72:b1:73:cc:55:20:30:
fd:13:1d:60:fb:50:f7:ff:0d:93:52:39:4d:d6:b0:
c3:bb:73:64:95:4f:db:55:93:cb:52:ce:56:da:5b:
cc:98:7a:0d:09:d5:ad:7a:5f:13:56:2d:82:10:b6:
1f:0b:b0:ad:66:30:df:b8:d0:9e:58:a9:b0:76:27:
00:04:80:0e:7d:59:35:06:7b:80:1c:a8:6f:a9:00:
53:e4:f7:db:e8:95:41:54:03:b8:90:f3:8c:20:d9:
27:1f:00:b7:9b:f2:32:04:cb:20:e6:c9:d4:db:e6:
5b:18:34:85:e2:7c:ad:81:4f:c8:62:57:59:64:b1:
a6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A7:D2:A8:74:FB:E9:0F:72:DA:E4:8C:AC:6D:DD:1C:39:1B:55:76
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/E1FD7272884111EDAEA9B228C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.124.0/22
Signature Algorithm: sha256WithRSAEncryption
92:11:d6:e9:24:f4:f1:17:de:28:f5:7b:b4:e2:78:04:75:4e:
03:82:9e:a3:35:0d:f5:80:84:d2:48:cb:a9:a0:9a:67:4c:78:
31:2d:e9:31:a9:dc:51:55:2c:54:18:19:0c:ee:33:bb:fc:3a:
e1:b9:e8:f1:13:e8:14:35:ac:54:f1:a9:03:7c:6d:3a:db:b4:
69:4b:8f:a2:1c:9a:5f:a0:d4:76:5f:e0:f9:7b:4c:41:d8:f1:
18:0e:64:23:0f:88:b6:db:51:93:e4:ba:98:bf:1d:93:a5:c3:
08:7c:15:b0:43:a9:23:49:75:5f:63:eb:89:4c:18:8f:35:02:
66:f7:a1:0b:7d:69:bc:89:4f:f3:71:92:ab:db:c1:1a:35:66:
25:d8:c5:22:7f:21:c0:20:16:4e:08:90:c4:b8:78:35:49:e4:
4d:f6:9a:6b:37:88:44:6d:4a:4c:15:9d:df:1d:fb:a1:fe:85:
42:30:c1:2d:c4:f8:ab:f4:48:db:e5:66:bb:8f:48:94:01:f0:
11:03:80:ca:4b:c5:43:c2:4e:9e:df:f3:9c:73:2f:d4:1d:23:
49:f3:b3:04:5a:56:40:69:7e:b2:80:bf:32:86:2b:79:ad:d6:
1e:d5:41:f3:ab:a8:c7:21:92:8d:65:0d:0c:19:95:5a:3e:b9:
80:84:d4:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCA4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIxMjMwMTMwMDA2WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2FlZTBkNi0zOTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsk8OsFmaWDMRtNfPVGMjGIuHgQD5pww3EsnN5kh1zv1SWk3NcYXKLzW5d0SA
tl2/i6DgsLdWILyIkwZmDSIVlfZbAaiAiw4+1a050jnmZLz/hokdWsJU1lL8fzT3
B9HGAS/G08YEOrgiaakhW5iHjWWD3pzRJPnHYz/Yi+0AaHKxc8xVIDD9Ex1g+1D3
/w2TUjlN1rDDu3NklU/bVZPLUs5W2lvMmHoNCdWtel8TVi2CELYfC7CtZjDfuNCe
WKmwdicABIAOfVk1BnuAHKhvqQBT5Pfb6JVBVAO4kPOMINknHwC3m/IyBMsg5snU
2+ZbGDSF4nytgU/IYldZZLGmjQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLCn0qh0
++kPctrkjKxt3Rw5G1V2MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRTFGRDcyNzI4
ODQxMTFFREFFQTlCMjI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKLvnwwDQYJKoZIhvcNAQELBQADggEBAJIR1ukk9PEX3ij1
e7TieAR1TgOCnqM1DfWAhNJIy6mgmmdMeDEt6TGp3FFVLFQYGQzuM7v8OuG56PET
6BQ1rFTxqQN8bTrbtGlLj6Icml+g1HZf4Pl7TEHY8RgOZCMPiLbbUZPkupi/HZOl
wwh8FbBDqSNJdV9j64lMGI81Amb3oQt9abyJT/NxkqvbwRo1ZiXYxSJ/IcAgFk4I
kMS4eDVJ5E32mms3iERtSkwVnd8d+6H+hUIwwS3E+Kv0SNvlZruPSJQB8BEDgMpL
xUPCTp7f85xzL9QdI0nzswRaVkBpfrKAvzKGK3mt1h7VQfOrqMchko1lDQwZlVo+
uYCE1MU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:33:53 2025 by rpki-client