Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/844E471E9B3A11EB9B73EB7BC4F9AE02.roa
File: 844E471E9B3A11EB9B73EB7BC4F9AE02.roa (raw, json)
Hash identifier: zuQIjxE27nF0KsJJWLT0RpZ+t+FbLVXwU0lZM4JaDzI=
Subject key identifier: F2:89:6E:9D:7B:80:EB:5D:43:0F:B7:2C:7A:E1:DD:F7:A4:B6:7F:2A
Certificate issuer: /CN=A91F7DCD/serialNumber=3BD302FA7A2E866A679B1B6096DB67453A03AB86
Certificate serial: 0512
Authority key identifier: 3B:D3:02:FA:7A:2E:86:6A:67:9B:1B:60:96:DB:67:45:3A:03:AB:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O9MC-nouhmpnmxtglttnRToDq4Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/844E471E9B3A11EB9B73EB7BC4F9AE02.roa
Signing time: Mon 06 Sep 2021 10:28:36 +0000
ROA not before: Mon 06 Sep 2021 10:28:36 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 135386
IP address blocks: 39.109.92.0/24 maxlen: 24
39.109.93.0/24 maxlen: 24
39.109.94.0/24 maxlen: 24
39.109.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1298 (0x512)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F7DCD
Validity
Not Before: Sep 6 10:28:36 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=6135ed53-f0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6d:8f:5a:5c:a8:6a:55:96:6c:fa:28:86:89:
5f:00:97:2c:20:fd:49:e5:da:36:ee:5f:c1:62:c3:
f4:9f:d3:71:c4:63:6c:c9:fa:e3:04:09:1f:2e:d3:
94:5e:2b:6f:11:9a:d6:76:f4:0b:4c:04:f0:dd:33:
87:08:96:44:c2:42:e3:3e:81:83:78:f8:80:60:cf:
f6:4a:fb:91:dd:f3:c0:89:33:2e:50:8e:1c:bd:60:
c2:c1:56:f6:29:78:a6:c2:b1:09:1f:75:83:2a:30:
8e:30:27:bc:d7:6e:21:b5:ab:aa:d4:31:45:fd:89:
8c:d6:f2:5f:c1:ae:f6:e9:a3:65:d4:dd:6f:18:e9:
f2:19:64:f5:4e:4d:f7:1d:a3:42:7d:66:a1:d8:cf:
59:7c:df:67:0b:26:a2:3e:3f:f9:ef:e8:30:cc:0d:
1b:4d:5e:36:5b:f9:d7:96:5e:21:b1:7f:c3:26:40:
2f:01:70:76:56:c7:b6:47:c9:04:3b:e2:49:32:68:
f9:67:4a:5a:fd:bf:1f:fb:81:84:5e:9c:e5:63:6b:
7d:63:21:07:a1:31:35:25:57:18:17:6f:b2:e6:c3:
da:36:8a:d8:4b:5c:2e:10:18:83:66:42:64:9f:cb:
54:9e:15:7a:27:79:b3:0c:bb:ac:a4:59:d0:fa:97:
d9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:89:6E:9D:7B:80:EB:5D:43:0F:B7:2C:7A:E1:DD:F7:A4:B6:7F:2A
X509v3 Authority Key Identifier:
keyid:3B:D3:02:FA:7A:2E:86:6A:67:9B:1B:60:96:DB:67:45:3A:03:AB:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/O9MC-nouhmpnmxtglttnRToDq4Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O9MC-nouhmpnmxtglttnRToDq4Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/844E471E9B3A11EB9B73EB7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.109.92.0/22
Signature Algorithm: sha256WithRSAEncryption
44:eb:45:5c:37:52:29:ac:ad:a8:0e:e6:8e:b1:c3:1f:ea:87:
e5:97:ab:08:24:10:96:73:50:68:ed:06:84:8e:5b:0d:ea:19:
33:2d:1e:87:f3:12:4d:23:bd:37:44:c4:24:23:c3:69:d2:5c:
3f:ec:5b:9a:9a:3f:c7:64:6d:c3:cf:87:9a:a4:6f:34:42:5f:
fc:8b:c8:e3:99:bb:3b:da:22:4f:8a:94:70:b2:ef:e3:cb:18:
7f:02:f7:de:0a:13:66:e8:e2:e4:14:ad:f2:b8:9e:95:e0:14:
38:6a:86:08:68:f4:3d:4a:34:47:c6:26:50:29:f5:fa:0d:8a:
b6:88:c5:2c:5e:64:b9:1e:4e:47:54:23:7e:2f:04:71:80:74:
23:fc:d4:9c:2f:fc:3d:5d:2f:c9:f4:d8:f4:e8:7a:a9:ee:62:
d8:be:cf:59:0b:85:29:84:32:21:3b:f2:d4:98:2f:48:35:e8:
c1:c7:fe:e2:0d:dc:db:a4:cf:95:c3:d0:75:8a:08:fb:a1:ae:
44:d5:ba:9d:38:35:68:19:b9:da:aa:41:b7:04:e5:2c:24:ce:
14:5e:0c:09:3e:30:c5:2d:a9:e1:51:a7:ea:f4:57:a3:e7:94:
d1:0c:82:f4:e2:aa:ba:96:51:ec:75:2d:ab:0a:66:55:85:bd:
a4:c6:06:cf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBRIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjdEQ0QxMTAvBgNVBAUTKDNCRDMwMkZBN0EyRTg2NkE2NzlCMUI2MDk2REI2NzQ1
M0EwM0FCODYwHhcNMjEwOTA2MTAyODM2WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTM1ZWQ1My1mMGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsm2PWlyoalWWbPooholfAJcsIP1J5do27l/BYsP0n9NxxGNsyfrjBAkfLtOU
XitvEZrWdvQLTATw3TOHCJZEwkLjPoGDePiAYM/2SvuR3fPAiTMuUI4cvWDCwVb2
KXimwrEJH3WDKjCOMCe8124htauq1DFF/YmM1vJfwa726aNl1N1vGOnyGWT1Tk33
HaNCfWah2M9ZfN9nCyaiPj/57+gwzA0bTV42W/nXll4hsX/DJkAvAXB2Vse2R8kE
O+JJMmj5Z0pa/b8f+4GEXpzlY2t9YyEHoTE1JVcYF2+y5sPaNorYS1wuEBiDZkJk
n8tUnhV6J3mzDLuspFnQ+pfZTwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPKJbp17
gOtdQw+3LHrh3fektn8qMB8GA1UdIwQYMBaAFDvTAvp6LoZqZ5sbYJbbZ0U6A6uG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGN0RDRC84NDQyOEIwRTcz
RDExMUVBOUNERUM1MzRDNEY5QUUwMi9POU1DLW5vdWhtcG5teHRnbHR0blJUb0Rx
NFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL085TUMtbm91aG1wbm14dGdsdHRuUlRvRHE0WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjdEQ0QvODQ0MjhCMEU3M0QxMTFFQTlDREVDNTM0QzRGOUFFMDIvODQ0RTQ3MUU5
QjNBMTFFQjlCNzNFQjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAInbVwwDQYJKoZIhvcNAQELBQADggEBAETrRVw3UimsragO
5o6xwx/qh+WXqwgkEJZzUGjtBoSOWw3qGTMtHofzEk0jvTdExCQjw2nSXD/sW5qa
P8dkbcPPh5qkbzRCX/yLyOOZuzvaIk+KlHCy7+PLGH8C994KE2bo4uQUrfK4npXg
FDhqhgho9D1KNEfGJlAp9foNiraIxSxeZLkeTkdUI34vBHGAdCP81Jwv/D1dL8n0
2PToeqnuYti+z1kLhSmEMiE78tSYL0g16MHH/uIN3Nukz5XD0HWKCPuhrkTVup04
NWgZudqqQbcE5SwkzhReDAk+MMUtqeFRp+r0V6PnlNEMgvTiqrqWUex1LasKZlWF
vaTGBs8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:26 2025 by rpki-client