Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/4CB4C8BE1C8E11EE84AD5926C4F9AE02.roa
File: 4CB4C8BE1C8E11EE84AD5926C4F9AE02.roa (raw, json)
Hash identifier: BW/9000vXSozVbGCC1OrEYUXuvs4VWanzl4aNHcEp8M=
Subject key identifier: 5D:C8:B5:E7:91:3B:84:65:C4:4F:30:7E:DF:E0:E9:A3:87:26:66:ED
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 0648
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/4CB4C8BE1C8E11EE84AD5926C4F9AE02.roa
Signing time: Fri 07 Jul 2023 06:19:59 +0000
ROA not before: Fri 07 Jul 2023 06:19:59 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 211619
IP address blocks: 210.247.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1608 (0x648)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: Jul 7 06:19:59 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64a7ae8f-5115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:77:42:3b:00:34:91:18:cd:e6:32:96:29:2d:
66:ed:6b:ad:21:91:d3:d4:90:33:47:23:d9:f7:07:
01:05:a3:6e:d5:2c:c0:dd:6a:9c:7c:f4:4d:cc:7e:
fd:72:47:6a:3f:46:8b:cb:b5:81:8f:bd:e5:b8:4d:
f4:5e:2e:28:2f:11:0c:fb:d3:7b:92:94:7c:d4:bc:
52:dc:1c:b0:01:a8:ad:c6:a6:3e:5f:5b:a5:c3:2a:
7f:2b:8b:0a:1e:6e:b8:31:5b:3f:31:ba:39:0e:25:
48:8f:76:1a:c4:d0:9e:4d:f0:cb:e2:4d:70:a6:c0:
89:61:67:ac:d2:89:44:f0:58:5c:c1:39:e6:f1:f2:
fb:00:94:f5:11:2b:4b:ff:c8:5e:f4:e9:62:d1:7e:
b4:a9:d0:d4:80:95:20:fd:8a:38:68:6b:11:e4:d2:
e4:cd:27:1f:24:f4:dd:37:42:6f:7c:28:53:71:9a:
ef:c6:8b:67:32:f0:c7:31:01:23:be:3c:51:20:4f:
da:d5:b9:16:a0:49:35:12:3b:f8:bd:8a:11:de:dc:
70:3a:4d:f1:ab:02:7c:dc:3b:3a:50:7e:d8:47:63:
b1:48:b0:ac:b4:f5:63:59:25:be:78:76:5c:c2:6b:
27:e2:ba:07:44:be:86:02:2e:ee:97:2d:0b:7e:54:
e2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C8:B5:E7:91:3B:84:65:C4:4F:30:7E:DF:E0:E9:A3:87:26:66:ED
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/4CB4C8BE1C8E11EE84AD5926C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.247.235.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:fa:72:b4:a6:fe:08:5e:b7:1e:ab:8a:d1:82:6c:ce:b7:00:
87:43:48:fc:71:29:38:b0:4d:fc:46:a6:1f:60:ef:8a:97:a3:
63:13:b3:9b:f0:63:7d:7f:b8:4d:68:41:0c:33:17:a5:13:c3:
bd:2e:6d:e8:21:4b:29:ef:b7:83:0d:da:d7:bc:25:4c:8e:3a:
8c:92:e4:9f:ac:42:d3:bd:01:b9:9d:48:d6:a0:39:ce:c5:56:
40:03:80:a9:70:e0:48:51:93:47:41:74:8b:db:4e:d0:c1:e9:
bd:32:3a:e9:5b:70:07:cc:18:1c:20:d7:65:25:ff:90:9b:87:
c3:6d:4c:a8:21:a9:75:44:fe:a6:62:9a:9e:38:e2:b8:d2:ce:
92:bb:dc:e6:49:09:d6:0c:dc:14:b0:24:d5:ab:72:a9:eb:e9:
db:ee:88:3c:b1:5d:ed:de:6e:e0:66:dd:07:e5:31:f0:76:c8:
ff:01:d8:5b:57:18:a6:0b:84:5c:08:e9:6e:fe:5d:68:fd:01:
ed:0d:07:01:bd:db:73:9f:d8:ca:39:9b:e5:6d:5a:e0:9c:b9:
60:d2:ed:46:db:c1:07:e6:dd:48:c6:41:71:c5:1d:c8:0e:7d:
da:9c:29:cc:ef:1b:13:f9:22:2a:16:4c:21:79:ae:f1:50:53:
cf:b4:b5:24
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBkgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwNzA3MDYxOTU5WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE3YWU4Zi01MTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4XdCOwA0kRjN5jKWKS1m7WutIZHT1JAzRyPZ9wcBBaNu1SzA3WqcfPRNzH79
ckdqP0aLy7WBj73luE30Xi4oLxEM+9N7kpR81LxS3BywAaitxqY+X1ulwyp/K4sK
Hm64MVs/Mbo5DiVIj3YaxNCeTfDL4k1wpsCJYWes0olE8FhcwTnm8fL7AJT1EStL
/8he9Oli0X60qdDUgJUg/Yo4aGsR5NLkzScfJPTdN0JvfChTcZrvxotnMvDHMQEj
vjxRIE/a1bkWoEk1Ejv4vYoR3txwOk3xqwJ83Ds6UH7YR2OxSLCstPVjWSW+eHZc
wmsn4roHRL6GAi7uly0LflTiXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFF3IteeR
O4RlxE8wft/g6aOHJmbtMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvNENCNEM4QkUx
QzhFMTFFRTg0QUQ1OTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADS9+swDQYJKoZIhvcNAQELBQADggEBAIz6crSm/ghetx6r
itGCbM63AIdDSPxxKTiwTfxGph9g74qXo2MTs5vwY31/uE1oQQwzF6UTw70ubegh
Synvt4MN2te8JUyOOoyS5J+sQtO9AbmdSNagOc7FVkADgKlw4EhRk0dBdIvbTtDB
6b0yOulbcAfMGBwg12Ul/5Cbh8NtTKghqXVE/qZimp444rjSzpK73OZJCdYM3BSw
JNWrcqnr6dvuiDyxXe3ebuBm3QflMfB2yP8B2FtXGKYLhFwI6W7+XWj9Ae0NBwG9
23Of2Mo5m+VtWuCcuWDS7UbbwQfm3UjGQXHFHcgOfdqcKczvGxP5IioWTCF5rvFQ
U8+0tSQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org