Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/41BAD7EC850C11ED84ADFA75C4F9AE02.roa
File: 41BAD7EC850C11ED84ADFA75C4F9AE02.roa (raw, json)
Hash identifier: 0GPV3oZySTJfidwuVHsqk1wU59U7vguiXUnbvex6Y68=
Subject key identifier: 2B:A5:67:D7:FA:BA:B8:48:6B:E9:59:4C:F6:9D:07:29:AD:69:F1:39
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0804
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/41BAD7EC850C11ED84ADFA75C4F9AE02.roa
Signing time: Mon 26 Dec 2022 10:58:41 +0000
ROA not before: Mon 26 Dec 2022 10:58:41 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 38547
IP address blocks: 139.190.32.0/22 maxlen: 24
139.190.44.0/22 maxlen: 24
139.190.124.0/22 maxlen: 24
139.190.234.0/24 maxlen: 24
139.190.235.131/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2052 (0x804)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Dec 26 10:58:41 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63a97e61-fd4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fe:3b:fc:05:0c:fe:63:54:a2:6b:db:bb:25:
6b:0b:1d:67:11:7f:ca:b7:0b:90:44:64:fa:19:43:
c1:b1:7b:72:3c:90:9d:6c:92:07:d3:0e:9a:71:e6:
0a:91:af:3f:8a:da:18:3f:df:4b:86:ff:ea:42:25:
ef:84:cf:98:9d:a3:bd:05:8f:ff:b5:92:cf:d2:2c:
7a:46:2d:8f:e5:70:fd:c7:96:4e:95:43:fa:70:24:
e0:3a:f2:64:2e:84:b7:9e:d7:a4:39:63:dd:4f:b4:
cc:e0:08:f6:0c:c4:65:97:f9:04:df:f9:b2:59:e5:
df:c8:59:6c:ec:5d:3e:f3:8d:f5:0f:8d:2a:a0:0a:
a3:c5:09:17:8b:70:91:75:88:58:5d:72:57:73:57:
a4:ad:de:2a:0f:2c:f6:ea:e7:a7:32:74:e9:7a:a6:
b9:bd:01:e0:f4:dd:0d:cb:4c:fe:35:ef:46:83:56:
09:6a:74:e1:47:f0:18:65:9d:c9:f2:82:84:df:d8:
dd:c5:3e:56:01:99:94:54:68:79:1a:dc:4a:1f:64:
59:c3:9a:ef:95:8e:c7:8d:91:3c:5a:fd:32:03:8f:
8d:00:91:de:fc:f9:04:89:66:95:20:3a:0d:71:31:
28:ce:97:ed:87:76:a4:65:5e:aa:8a:0b:a2:b1:1f:
c4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A5:67:D7:FA:BA:B8:48:6B:E9:59:4C:F6:9D:07:29:AD:69:F1:39
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/41BAD7EC850C11ED84ADFA75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.32.0/22
139.190.44.0/22
139.190.124.0/22
139.190.234.0/24
139.190.235.131/32
Signature Algorithm: sha256WithRSAEncryption
bf:f5:af:ec:10:6d:25:25:39:3a:c3:c3:5f:98:f4:7b:e8:b9:
82:eb:a2:3d:63:4c:1e:da:15:78:84:5d:e7:e7:91:1a:d3:3c:
c5:5b:1c:73:5e:04:76:f0:a7:a4:a8:a7:27:2d:b8:0b:a7:1d:
f0:0f:fc:cb:b1:ab:3a:4f:fb:41:9f:96:ee:eb:d2:e8:20:94:
07:86:02:c4:d0:b6:ae:db:93:6c:83:37:63:8d:59:fc:17:ac:
a3:84:a9:20:00:82:76:a8:7c:a4:ef:85:d2:e2:eb:91:e4:64:
8c:43:c6:f0:10:2c:17:e0:58:e2:80:d5:16:7b:7e:dc:09:d6:
90:69:3d:da:35:54:f6:d6:34:3a:99:62:fd:74:c2:cf:f5:e0:
fd:7d:3e:e2:df:9a:1f:9a:5d:7a:58:c5:89:03:fb:64:c3:d3:
aa:af:75:35:3c:b0:b5:2d:e8:83:da:ac:2f:1e:9a:4c:14:f1:
7d:98:13:81:32:c4:b9:4d:52:42:94:40:a4:52:9e:24:f5:8e:
0a:32:e0:21:3e:38:55:3e:73:e7:fe:de:7b:49:55:55:ae:bb:
61:f7:2c:64:b5:c0:6c:85:c5:89:a5:5a:8f:23:83:9b:e4:17:
f6:a1:d3:e1:b3:c6:40:0b:8d:08:65:1d:ca:16:e5:42:8d:33:
39:0b:18:ce
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICCAQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIxMjI2MTA1ODQxWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2E5N2U2MS1mZDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr/47/AUM/mNUomvbuyVrCx1nEX/KtwuQRGT6GUPBsXtyPJCdbJIH0w6aceYK
ka8/itoYP99Lhv/qQiXvhM+YnaO9BY//tZLP0ix6Ri2P5XD9x5ZOlUP6cCTgOvJk
LoS3ntekOWPdT7TM4Aj2DMRll/kE3/myWeXfyFls7F0+8431D40qoAqjxQkXi3CR
dYhYXXJXc1ekrd4qDyz26uenMnTpeqa5vQHg9N0Ny0z+Ne9Gg1YJanThR/AYZZ3J
8oKE39jdxT5WAZmUVGh5GtxKH2RZw5rvlY7HjZE8Wv0yA4+NAJHe/PkEiWaVIDoN
cTEozpfth3akZV6qiguisR/EdQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFCulZ9f6
urhIa+lZTPadBymtafE5MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNDFCQUQ3RUM4
NTBDMTFFRDg0QURGQTc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMCUEAgABMB8DBAKLviADBAKLviwDBAKLvnwDBACLvuoDBQCLvuuDMA0GCSqG
SIb3DQEBCwUAA4IBAQC/9a/sEG0lJTk6w8NfmPR76LmC66I9Y0we2hV4hF3n55Ea
0zzFWxxzXgR28KekqKcnLbgLpx3wD/zLsas6T/tBn5bu69LoIJQHhgLE0Lau25Ns
gzdjjVn8F6yjhKkgAIJ2qHyk74XS4uuR5GSMQ8bwECwX4FjigNUWe37cCdaQaT3a
NVT21jQ6mWL9dMLP9eD9fT7i35ofml16WMWJA/tkw9Oqr3U1PLC1LeiD2qwvHppM
FPF9mBOBMsS5TVJClECkUp4k9Y4KMuAhPjhVPnPn/t57SVVVrrth9yxktcBshcWJ
pVqPI4Ob5Bf2odPhs8ZAC40IZR3KFuVCjTM5CxjO
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:01:22 2025 by rpki-client