Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/D4F47BECED8C11EDA624505AC4F9AE02.roa
File: D4F47BECED8C11EDA624505AC4F9AE02.roa (raw, json)
Hash identifier: JEDezIkzikReOgMzWqijb61UizG+yUFK/Vgj5bHOY5o=
Subject key identifier: B0:7B:AC:EF:5A:B6:A6:2F:D0:F4:80:95:80:1D:DD:58:44:94:7C:53
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 060E
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/D4F47BECED8C11EDA624505AC4F9AE02.roa
Signing time: Mon 08 May 2023 10:41:05 +0000
ROA not before: Mon 08 May 2023 10:41:05 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 60021
IP address blocks: 203.147.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1550 (0x60e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: May 8 10:41:05 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=6458d1c0-09d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:82:e7:f2:e4:e6:54:42:46:3e:24:8f:32:15:
e6:6d:31:16:2f:d8:55:93:dd:9f:bc:7a:e0:b3:e1:
ff:75:fb:00:a2:1f:68:1d:93:35:70:4c:d9:1c:b0:
18:d3:92:bb:36:cc:e2:90:d7:68:19:a6:99:fc:19:
8d:42:fd:b2:55:eb:cf:25:c1:b2:7d:b7:76:d3:62:
80:a2:6d:8b:db:76:48:05:2b:4e:a9:33:2d:a7:ab:
53:68:52:6c:69:27:44:4f:1e:dd:09:0d:6d:a3:7e:
aa:9e:50:84:4e:ed:5d:89:39:fb:3b:78:f2:3f:64:
85:61:6c:9d:7b:8c:78:fb:bb:7a:5d:22:34:1c:68:
49:f4:d0:ad:9f:1e:ec:5b:3f:fe:5a:af:3e:f7:e1:
b1:bd:c7:5c:e3:38:46:ce:43:ae:4c:ab:b3:58:27:
e5:70:8e:e4:a2:d4:73:e4:4e:2a:6f:ff:27:b6:a3:
5f:6e:07:40:77:59:3c:da:7a:92:4e:9a:a3:94:32:
c0:57:7b:29:93:a6:db:26:a8:9c:0e:4f:76:db:3c:
ab:cf:c9:80:de:15:0e:b5:75:36:9f:b4:d7:c4:1a:
75:e5:e8:dd:71:ac:cf:ca:09:e7:97:2e:71:7e:b1:
ca:f2:c3:60:3d:d1:24:d1:c1:af:2b:0f:95:df:d1:
4f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7B:AC:EF:5A:B6:A6:2F:D0:F4:80:95:80:1D:DD:58:44:94:7C:53
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/D4F47BECED8C11EDA624505AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.147.240.0/21
Signature Algorithm: sha256WithRSAEncryption
d1:86:6f:4f:63:3b:c1:bf:f4:5f:20:c1:bb:47:b3:c4:36:c6:
30:47:7f:f0:aa:06:72:d5:a7:2a:23:a5:0f:82:7f:a1:a9:ce:
6e:a5:7b:9e:ec:a3:3d:ab:83:19:f8:9e:dc:05:64:6f:8e:70:
5d:ee:ea:34:7f:19:0a:b5:69:4b:c7:d9:28:8b:29:57:8e:7a:
e4:cc:8c:51:13:7b:07:ff:7d:91:f1:7a:9c:33:bb:5c:f4:92:
81:96:f2:31:b8:1e:d1:aa:c7:9d:98:f2:a6:70:87:58:d3:fb:
65:d3:36:7a:08:0c:ad:6d:5c:3a:8a:c8:57:64:c1:26:a2:6d:
91:d7:45:88:3b:d6:2d:79:f2:71:db:74:03:a9:7c:65:8e:c5:
0d:42:b1:08:88:60:c5:be:c3:1a:83:96:ad:0e:5e:2e:02:2d:
fc:70:aa:57:74:fc:86:47:5f:86:d3:bf:fd:cc:d3:d7:85:3c:
8a:ae:e2:13:5d:16:ae:8f:04:38:02:83:f2:42:a2:f6:d3:dc:
f7:0a:be:99:cb:2c:07:91:35:ae:7e:92:31:28:02:eb:5c:26:
93:86:ed:25:30:10:53:61:e6:94:86:c5:45:87:77:b7:12:24:
36:98:9a:f3:90:19:a3:95:70:6b:e5:62:ba:9b:7d:14:54:fa:
03:fa:29:c0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBg4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwNTA4MTA0MTA1WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU4ZDFjMC0wOWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5ILn8uTmVEJGPiSPMhXmbTEWL9hVk92fvHrgs+H/dfsAoh9oHZM1cEzZHLAY
05K7NszikNdoGaaZ/BmNQv2yVevPJcGyfbd202KAom2L23ZIBStOqTMtp6tTaFJs
aSdETx7dCQ1to36qnlCETu1diTn7O3jyP2SFYWyde4x4+7t6XSI0HGhJ9NCtnx7s
Wz/+Wq8+9+Gxvcdc4zhGzkOuTKuzWCflcI7kotRz5E4qb/8ntqNfbgdAd1k82nqS
TpqjlDLAV3spk6bbJqicDk922zyrz8mA3hUOtXU2n7TXxBp15ejdcazPygnnly5x
frHK8sNgPdEk0cGvKw+V39FPGQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLB7rO9a
tqYv0PSAlYAd3VhElHxTMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvRDRGNDdCRUNF
RDhDMTFFREE2MjQ1MDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPLk/AwDQYJKoZIhvcNAQELBQADggEBANGGb09jO8G/9F8g
wbtHs8Q2xjBHf/CqBnLVpyojpQ+Cf6Gpzm6le57soz2rgxn4ntwFZG+OcF3u6jR/
GQq1aUvH2SiLKVeOeuTMjFETewf/fZHxepwzu1z0koGW8jG4HtGqx52Y8qZwh1jT
+2XTNnoIDK1tXDqKyFdkwSaibZHXRYg71i158nHbdAOpfGWOxQ1CsQiIYMW+wxqD
lq0OXi4CLfxwqld0/IZHX4bTv/3M09eFPIqu4hNdFq6PBDgCg/JCovbT3PcKvpnL
LAeRNa5+kjEoAutcJpOG7SUwEFNh5pSGxUWHd7cSJDaYmvOQGaOVcGvlYrqbfRRU
+gP6KcA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org