Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/52DB11F0F36011EDA843F159C4F9AE02.roa
File: 52DB11F0F36011EDA843F159C4F9AE02.roa (raw, json)
Hash identifier: 4cgFbu5UgDHZoLySCRHcvyWGNXCbMK5OP73sRJI3+Xs=
Subject key identifier: F2:D9:4B:05:AE:DD:BD:C5:FE:11:5E:47:60:21:C0:58:95:40:6F:EF
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 0614
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/52DB11F0F36011EDA843F159C4F9AE02.roa
Signing time: Mon 15 May 2023 20:37:36 +0000
ROA not before: Mon 15 May 2023 20:37:35 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 205320
IP address blocks: 202.148.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1556 (0x614)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: May 15 20:37:35 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=6462980f-ba7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a6:c5:40:88:25:14:da:78:15:c8:fe:e4:56:
76:3b:a9:6e:d3:cd:ca:39:b1:c2:ff:2d:1b:05:87:
c0:7a:ad:70:20:9c:83:0e:24:54:6d:31:7c:53:42:
8d:8f:a9:7f:64:17:39:cd:dd:b3:8b:fb:5e:28:ff:
42:4a:48:c0:04:51:b0:9b:c5:15:71:25:a0:b2:91:
fd:d5:61:12:76:a6:58:2d:6b:da:71:fa:29:28:5a:
e9:ee:d8:05:4b:f6:ca:b3:ea:50:8f:80:c3:04:1f:
1c:56:14:f2:24:fa:f3:e7:1d:cb:ad:dc:47:94:54:
62:11:d3:34:79:a4:55:eb:94:df:77:e0:71:da:23:
a4:30:8e:31:90:2e:da:db:7e:62:db:94:7e:76:0e:
e0:de:5f:46:2b:55:69:76:a5:88:60:74:1f:0a:02:
49:a0:72:f0:1e:97:6d:2a:8d:45:a6:92:da:c7:ef:
3e:b1:9f:ec:ce:2c:97:c7:0f:36:7d:b9:d0:d6:f1:
d2:a3:32:9e:f1:7a:84:8a:40:19:13:e0:a6:13:f8:
1f:37:03:18:b3:81:aa:34:5b:4e:c7:d2:79:ee:b6:
ca:52:48:31:7c:f8:15:3a:72:b8:32:14:98:9a:70:
52:1d:24:aa:06:18:67:88:3e:5e:25:00:2b:e2:8e:
86:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D9:4B:05:AE:DD:BD:C5:FE:11:5E:47:60:21:C0:58:95:40:6F:EF
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/52DB11F0F36011EDA843F159C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.148.144.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:5d:32:90:ee:34:0b:b7:b2:81:44:e6:61:af:05:c2:ef:45:
13:08:af:f9:a3:82:23:ef:54:77:2c:7a:af:ce:7e:86:46:de:
25:d5:86:fe:d0:20:c4:07:c1:65:25:bc:c7:5e:32:36:ba:93:
bd:c9:53:e8:fc:bb:ef:95:9d:39:f1:77:bf:d2:f6:f3:34:41:
a9:10:68:ab:dc:ef:52:28:eb:38:d9:c4:ef:01:05:92:04:ea:
3b:cd:8a:7a:fa:46:af:31:21:04:b2:b5:4e:d3:87:2d:31:34:
14:84:8b:83:e3:65:8e:8a:ea:c5:eb:70:1e:f9:64:8b:9d:09:
77:45:c9:3e:89:f5:a7:ac:c0:6b:d4:b4:9e:1c:12:17:9b:06:
b5:70:69:c7:c1:bc:81:e6:34:1b:39:fd:45:7d:a3:df:38:e2:
7e:cd:00:52:af:55:5a:e0:fa:8b:48:6f:d1:9a:ae:d9:b2:28:
2d:4c:3f:26:9c:d0:01:ac:e5:98:f1:ea:eb:4a:f8:9a:f5:98:
ea:db:d4:1a:58:02:8d:33:00:c8:30:60:20:0c:b2:d6:1a:eb:
4e:a5:b9:ed:6c:2e:d3:a1:d0:65:b6:9a:87:43:14:29:2e:c7:
29:4f:e1:6a:7d:f3:3a:6d:62:41:19:5e:c0:25:04:54:22:aa:
f5:34:be:04
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwNTE1MjAzNzM1WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDYyOTgwZi1iYTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo6bFQIglFNp4Fcj+5FZ2O6lu083KObHC/y0bBYfAeq1wIJyDDiRUbTF8U0KN
j6l/ZBc5zd2zi/teKP9CSkjABFGwm8UVcSWgspH91WESdqZYLWvacfopKFrp7tgF
S/bKs+pQj4DDBB8cVhTyJPrz5x3LrdxHlFRiEdM0eaRV65Tfd+Bx2iOkMI4xkC7a
235i25R+dg7g3l9GK1VpdqWIYHQfCgJJoHLwHpdtKo1FppLax+8+sZ/sziyXxw82
fbnQ1vHSozKe8XqEikAZE+CmE/gfNwMYs4GqNFtOx9J57rbKUkgxfPgVOnK4MhSY
mnBSHSSqBhhniD5eJQAr4o6GLwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPLZSwWu
3b3F/hFeR2AhwFiVQG/vMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvNTJEQjExRjBG
MzYwMTFFREE4NDNGMTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKlJAwDQYJKoZIhvcNAQELBQADggEBAF1dMpDuNAu3soFE
5mGvBcLvRRMIr/mjgiPvVHcseq/OfoZG3iXVhv7QIMQHwWUlvMdeMja6k73JU+j8
u++VnTnxd7/S9vM0QakQaKvc71Io6zjZxO8BBZIE6jvNinr6Rq8xIQSytU7Thy0x
NBSEi4PjZY6K6sXrcB75ZIudCXdFyT6J9aeswGvUtJ4cEhebBrVwacfBvIHmNBs5
/UV9o9844n7NAFKvVVrg+otIb9GartmyKC1MPyac0AGs5Zjx6utK+Jr1mOrb1BpY
Ao0zAMgwYCAMstYa606lue1sLtOh0GW2modDFCkuxylP4Wp98zptYkEZXsAlBFQi
qvU0vgQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org