Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/405546AE851A11EDB9312543C4F9AE02.roa
File: 405546AE851A11EDB9312543C4F9AE02.roa (raw, json)
Hash identifier: DSMP3mYqS2M0gnf9a6jEEBXLtR2h6V7txNeGAUBn0Yk=
Subject key identifier: 37:9C:A9:CD:60:4D:F2:5F:2C:57:98:4F:8C:95:9A:46:AC:98:04:42
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0807
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/405546AE851A11EDB9312543C4F9AE02.roa
Signing time: Mon 26 Dec 2022 12:38:52 +0000
ROA not before: Mon 26 Dec 2022 12:38:52 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 60458
IP address blocks: 139.190.32.0/22 maxlen: 24
139.190.44.0/22 maxlen: 24
139.190.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2055 (0x807)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Dec 26 12:38:52 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63a995db-7759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:62:26:c0:9b:46:16:8b:42:04:4a:43:8d:b9:
a7:86:72:86:be:e9:b5:9d:67:a9:3b:1d:bd:e5:5e:
12:e5:80:0f:75:21:95:bf:84:cf:7c:60:e7:b1:ee:
f3:ed:0a:d5:fe:02:93:74:de:4c:17:51:7e:ce:b0:
2b:cf:39:37:fc:30:88:0c:2f:7d:e0:4b:12:d1:ce:
89:ad:69:70:78:51:ea:14:aa:3f:ce:07:f5:40:6f:
a4:f1:11:40:68:26:c0:09:75:cf:e9:5f:6f:a4:1f:
8f:34:56:8c:49:7f:17:d3:fe:8e:13:30:a7:1f:f8:
d9:94:51:3f:0d:fe:d7:49:f1:19:ab:ee:ca:97:da:
a6:ff:04:1d:30:48:71:83:7c:7c:aa:b9:72:68:e3:
39:c0:df:3e:9e:90:04:0e:bd:3a:dd:28:e5:da:a4:
f0:06:96:9b:b5:ac:f0:13:95:37:a7:0b:33:e5:bc:
80:61:0f:1d:73:9c:04:29:82:d3:fc:f3:5a:3e:5f:
5b:44:de:34:7c:16:fd:1c:e0:f6:3c:eb:e1:a9:44:
c6:d3:10:b7:22:55:b1:a4:24:9f:bc:ff:d6:98:fb:
eb:e6:30:48:74:88:33:fe:0f:02:7f:01:56:ff:1b:
b8:77:c7:bf:c9:c1:1d:27:5b:ce:66:4b:c9:ca:97:
90:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:9C:A9:CD:60:4D:F2:5F:2C:57:98:4F:8C:95:9A:46:AC:98:04:42
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/405546AE851A11EDB9312543C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/22
139.190.44.0/22
139.190.60.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:e5:1d:3c:e5:42:53:14:83:a0:0c:5e:b2:df:a7:a7:99:e7:
66:d5:e7:ea:19:f5:53:4c:60:42:a8:44:cd:de:c4:91:5b:b9:
d1:de:72:49:6d:db:a1:ef:ad:9c:f6:54:a0:17:5a:a6:f5:a5:
a1:9f:3a:24:e5:2f:82:3f:31:c3:ce:d8:97:cd:8a:00:c7:80:
b2:65:0f:19:4d:42:af:b2:3b:cd:9c:fd:86:70:8e:9a:3f:6c:
a7:f3:2c:07:62:ed:c1:6a:e4:d7:a9:11:b5:76:c7:86:62:98:
e4:bc:56:6d:31:3d:1c:ef:cf:74:80:43:08:94:61:39:b7:41:
6e:a7:c1:97:2b:f0:a4:8c:1d:08:7b:96:5d:db:3f:e1:bb:fa:
45:5f:ac:91:5b:08:9c:d6:94:bb:bc:05:4f:d7:3c:64:2f:f4:
ba:5a:bd:6f:d3:68:b7:ea:19:10:db:93:29:f4:68:11:b5:aa:
db:4d:07:43:ce:c6:b4:83:ba:24:81:7d:a2:e7:6f:e0:f2:30:
6c:c6:f0:f5:3d:83:93:ad:82:50:cc:7e:db:93:3b:63:be:57:
85:0d:15:be:dd:50:5e:49:67:0c:01:09:92:43:51:26:e7:94:
d3:01:0a:ba:8b:c5:91:a4:69:b3:fc:26:6f:54:d8:9e:a8:7a:
a0:5d:91:63
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIxMjI2MTIzODUyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2E5OTVkYi03NzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr2ImwJtGFotCBEpDjbmnhnKGvum1nWepOx295V4S5YAPdSGVv4TPfGDnse7z
7QrV/gKTdN5MF1F+zrArzzk3/DCIDC994EsS0c6JrWlweFHqFKo/zgf1QG+k8RFA
aCbACXXP6V9vpB+PNFaMSX8X0/6OEzCnH/jZlFE/Df7XSfEZq+7Kl9qm/wQdMEhx
g3x8qrlyaOM5wN8+npAEDr063Sjl2qTwBpabtazwE5U3pwsz5byAYQ8dc5wEKYLT
/PNaPl9bRN40fBb9HOD2POvhqUTG0xC3IlWxpCSfvP/WmPvr5jBIdIgz/g8CfwFW
/xu4d8e/ycEdJ1vOZkvJypeQPwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDecqc1g
TfJfLFeYT4yVmkasmARCMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNDA1NTQ2QUU4
NTFBMTFFREI5MzEyNTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAKLviADBAKLviwDBAKLvjwwDQYJKoZIhvcNAQELBQADggEB
AAzlHTzlQlMUg6AMXrLfp6eZ52bV5+oZ9VNMYEKoRM3exJFbudHecklt26HvrZz2
VKAXWqb1paGfOiTlL4I/McPO2JfNigDHgLJlDxlNQq+yO82c/YZwjpo/bKfzLAdi
7cFq5NepEbV2x4ZimOS8Vm0xPRzvz3SAQwiUYTm3QW6nwZcr8KSMHQh7ll3bP+G7
+kVfrJFbCJzWlLu8BU/XPGQv9LpavW/TaLfqGRDbkyn0aBG1qttNB0POxrSDuiSB
faLnb+DyMGzG8PU9g5OtglDMftuTO2O+V4UNFb7dUF5JZwwBCZJDUSbnlNMBCrqL
xZGkabP8Jm9U2J6oeqBdkWM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:16:19 2025 by rpki-client