Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3399/BA68C3285CB811EE8523BC7AC4F9AE02/3C2DC1745CB911EE98C1577CC4F9AE02.roa
File: 3C2DC1745CB911EE98C1577CC4F9AE02.roa (raw, json)
Hash identifier: OlBWBRCjxZ9jYlGJw8os7JZZjWlUUiL3/Pk2C0mMstk=
Subject key identifier: 5E:46:08:F6:6D:5A:30:C6:E7:62:63:65:3B:98:2C:C0:04:0F:72:DC
Certificate issuer: /CN=A91A3399/serialNumber=3DBDD7ED412480E9355C27F3C113B5640D3186B3
Certificate serial: 06
Authority key identifier: 3D:BD:D7:ED:41:24:80:E9:35:5C:27:F3:C1:13:B5:64:0D:31:86:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Pb3X7UEkgOk1XCfzwRO1ZA0xhrM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A3399/BA68C3285CB811EE8523BC7AC4F9AE02/3C2DC1745CB911EE98C1577CC4F9AE02.roa
Signing time: Tue 26 Sep 2023 22:13:25 +0000
ROA not before: Tue 26 Sep 2023 22:13:25 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 133915
IP address blocks: 202.50.140.0/24 maxlen: 24
202.50.142.0/24 maxlen: 24
202.50.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A3399/serialNumber=3DBDD7ED412480E9355C27F3C113B5640D3186B3
Validity
Not Before: Sep 26 22:13:25 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=65135785-502c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d5:b3:9c:cf:d3:f6:76:fe:9c:ba:ae:18:43:
5f:42:33:37:9c:51:08:ed:0e:88:a8:9e:ab:52:fb:
21:cc:17:ba:3a:a5:67:f7:05:d4:15:6e:6e:68:2e:
d7:d8:da:f7:b4:c2:3f:4a:0a:9b:6d:1b:c6:e8:64:
01:98:14:96:ca:cb:d9:93:75:a8:cd:b1:32:7d:2c:
3f:ef:a1:78:40:62:35:51:9f:83:a9:d4:4f:54:4c:
e9:76:39:17:a5:4e:e5:df:b2:82:d0:21:6d:98:ce:
9f:01:f3:7d:a0:c2:e8:a9:b5:4d:0f:55:0d:74:c0:
fa:51:29:a8:03:19:60:64:22:f5:4d:eb:5f:e4:fe:
ae:8f:a7:2a:dd:9c:f1:0e:84:d2:26:3e:8a:e8:4a:
6c:bb:8e:e9:b5:b1:7b:30:4d:47:14:7f:a1:b2:3c:
cc:c9:07:a8:5f:47:a6:df:8a:2a:94:b6:db:03:c9:
08:0d:8e:8c:12:03:2e:60:9b:b0:a2:31:65:8b:9a:
f4:f9:86:70:81:ef:c5:98:b6:fc:bd:7e:eb:c9:3e:
bd:64:3e:6f:46:5f:12:ed:57:2d:bd:a1:ec:8c:15:
7a:1b:bc:22:5a:3a:25:a6:a4:3e:32:ec:92:db:05:
b4:7b:98:e4:42:af:01:70:42:ae:a8:d9:e8:00:54:
65:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:46:08:F6:6D:5A:30:C6:E7:62:63:65:3B:98:2C:C0:04:0F:72:DC
X509v3 Authority Key Identifier:
keyid:3D:BD:D7:ED:41:24:80:E9:35:5C:27:F3:C1:13:B5:64:0D:31:86:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A3399/BA68C3285CB811EE8523BC7AC4F9AE02/Pb3X7UEkgOk1XCfzwRO1ZA0xhrM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Pb3X7UEkgOk1XCfzwRO1ZA0xhrM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3399/BA68C3285CB811EE8523BC7AC4F9AE02/3C2DC1745CB911EE98C1577CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.50.140.0/24
202.50.142.0/23
Signature Algorithm: sha256WithRSAEncryption
58:d0:8b:86:2a:4b:5b:21:7b:37:c9:ea:39:db:23:7c:ce:fa:
52:2e:4b:17:50:c1:8e:bc:b0:6a:87:50:89:e5:7a:68:8f:e5:
bc:0c:0a:4c:0a:82:2f:9c:f0:af:8e:b0:18:eb:56:b4:35:c4:
0c:ae:43:af:b9:62:5f:2f:52:38:00:9e:26:e4:41:1e:a3:44:
0e:8e:5b:f9:1e:78:03:6a:b8:a1:4b:3e:b1:fd:21:cf:90:4d:
16:74:12:7f:4b:a6:64:dd:56:30:0b:22:f2:84:21:62:30:e1:
60:77:94:db:3b:5f:80:08:43:0f:b6:fd:43:f8:dc:d8:d3:f1:
91:15:4f:0e:c5:4f:d7:ed:cb:ab:82:f6:d6:be:9c:d6:89:a1:
a0:9d:46:f0:fa:2f:ab:4f:49:df:73:7e:12:f5:c9:d3:01:21:
47:32:44:0e:44:a1:69:02:9b:39:87:24:b3:e0:98:e0:99:83:
75:0a:ff:d6:44:40:c7:3c:fa:95:53:2d:70:f4:a5:90:71:8b:
7a:63:7c:e0:a8:4c:85:b0:f8:2f:80:58:df:42:8d:97:f2:fd:
a6:5c:73:fb:5e:4f:50:2b:d9:78:d7:d5:b3:c7:5e:fe:1c:af:
03:ca:46:4c:ad:c9:15:0b:94:86:46:c5:c3:c0:15:e7:98:8a:
89:ba:0f:9c
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MzM5OTExMC8GA1UEBRMoM0RCREQ3RUQ0MTI0ODBFOTM1NUMyN0YzQzExM0I1NjQw
RDMxODZCMzAeFw0yMzA5MjYyMjEzMjVaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTM1Nzg1LTUwMmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC91bOcz9P2dv6cuq4YQ19CMzecUQjtDoionqtS+yHMF7o6pWf3BdQVbm5oLtfY
2ve0wj9KCpttG8boZAGYFJbKy9mTdajNsTJ9LD/voXhAYjVRn4Op1E9UTOl2ORel
TuXfsoLQIW2Yzp8B832gwuiptU0PVQ10wPpRKagDGWBkIvVN61/k/q6PpyrdnPEO
hNImPoroSmy7jum1sXswTUcUf6GyPMzJB6hfR6bfiiqUttsDyQgNjowSAy5gm7Ci
MWWLmvT5hnCB78WYtvy9fuvJPr1kPm9GXxLtVy29oeyMFXobvCJaOiWmpD4y7JLb
BbR7mORCrwFwQq6o2egAVGW3AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUXkYI9m1a
MMbnYmNlO5gswAQPctwwHwYDVR0jBBgwFoAUPb3X7UEkgOk1XCfzwRO1ZA0xhrMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEzMzk5L0JBNjhDMzI4NUNC
ODExRUU4NTIzQkM3QUM0RjlBRTAyL1BiM1g3VUVrZ09rMVhDZnp3Uk8xWkEweGhy
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUGIzWDdVRWtnT2sxWENmendSTzFaQTB4aHJNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MzM5OS9CQTY4QzMyODVDQjgxMUVFODUyM0JDN0FDNEY5QUUwMi8zQzJEQzE3NDVD
QjkxMUVFOThDMTU3N0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAMoyjAMEAcoyjjANBgkqhkiG9w0BAQsFAAOCAQEAWNCLhipL
WyF7N8nqOdsjfM76Ui5LF1DBjrywaodQieV6aI/lvAwKTAqCL5zwr46wGOtWtDXE
DK5Dr7liXy9SOACeJuRBHqNEDo5b+R54A2q4oUs+sf0hz5BNFnQSf0umZN1WMAsi
8oQhYjDhYHeU2ztfgAhDD7b9Q/jc2NPxkRVPDsVP1+3Lq4L21r6c1omhoJ1G8Pov
q09J33N+EvXJ0wEhRzJEDkShaQKbOYcks+CY4JmDdQr/1kRAxzz6lVMtcPSlkHGL
emN84KhMhbD4L4BY30KNl/L9plxz+15PUCvZeNfVs8de/hyvA8pGTK3JFQuUhkbF
w8AV55iKiboPnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org