Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/F653DEDC829611EE99C5E520C4F9AE02.roa
File: F653DEDC829611EE99C5E520C4F9AE02.roa (raw, json)
Hash identifier: raRttN4uIMY2Nr7qWV1lUhjZ5IcY+CCq8nt47GQvtuM=
Subject key identifier: 7C:53:CD:44:72:E1:D4:B7:E4:A4:05:B1:64:FF:CD:5B:2D:61:B4:69
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 06BD
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/F653DEDC829611EE99C5E520C4F9AE02.roa
Signing time: Tue 14 Nov 2023 02:38:59 +0000
ROA not before: Tue 14 Nov 2023 02:38:59 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 46844
IP address blocks: 202.139.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1725 (0x6bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: Nov 14 02:38:59 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=6552ddc2-0db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0a:ff:20:f8:a9:5e:ae:99:d4:70:f0:96:bc:
a2:9a:67:1a:11:72:e8:49:97:f9:f8:c7:f9:29:dc:
91:1f:41:d8:86:0b:8b:19:9e:f5:6b:27:79:08:6c:
f3:9c:4c:ee:cd:30:9f:7e:d7:9a:2e:16:c2:34:95:
bb:3d:09:5f:fc:e8:eb:be:6c:35:59:d1:b7:5e:26:
30:c4:bf:aa:51:87:b6:c6:73:be:24:fb:e0:e6:82:
f6:15:29:9e:6c:08:e1:87:ac:06:38:2c:14:84:7c:
0e:6f:5f:4e:2d:ee:27:74:c7:5a:d6:75:b4:25:46:
04:8c:44:8a:5d:38:16:78:fb:83:84:32:c2:d3:c7:
80:78:dc:62:57:14:b2:2d:c0:b6:0e:db:f1:dd:d2:
d3:58:cb:ec:01:c6:14:80:d9:41:9c:c1:4f:00:de:
02:9d:e0:dd:17:29:9a:e2:ec:25:da:99:f9:36:83:
76:f9:10:db:fc:6c:30:9f:e2:e1:c6:b4:75:cf:f6:
0a:a5:ec:e8:6a:b3:85:a3:b3:ee:33:8b:18:29:76:
bf:ef:c7:7c:3a:b0:d0:d4:4f:8d:40:d8:10:85:91:
43:90:16:90:64:02:bd:65:e2:49:50:d5:5a:ba:de:
65:8d:af:8e:fe:36:f2:5b:61:bd:e2:a3:59:00:55:
86:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:53:CD:44:72:E1:D4:B7:E4:A4:05:B1:64:FF:CD:5B:2D:61:B4:69
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/F653DEDC829611EE99C5E520C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.139.227.0/24
Signature Algorithm: sha256WithRSAEncryption
68:1e:c9:9a:47:f5:d6:98:52:65:10:25:d7:f1:ee:87:a1:c4:
59:88:e1:3f:92:6c:75:e6:60:18:dc:fc:25:87:db:d6:ce:38:
9e:8b:ed:bc:08:7e:f4:fe:31:8e:ef:d6:cb:dc:09:71:66:c6:
73:c6:5f:28:55:ae:f3:df:5b:1c:5b:64:90:6b:72:c7:85:f3:
d0:9d:4c:cd:37:fe:3d:4a:84:04:f1:67:3e:4e:85:73:b3:0e:
22:8f:5c:52:33:e4:35:cc:e3:c0:14:b7:50:0f:9c:1c:b9:d5:
35:0c:86:3e:62:15:76:de:43:6c:23:bb:54:a2:1e:16:26:19:
d2:3c:2e:08:97:ae:d5:14:b3:29:a0:be:c4:5d:17:5a:48:f4:
a9:7e:13:8c:88:2f:3d:eb:ba:7e:dd:3b:06:f5:7e:d1:d1:5b:
f5:76:7e:02:30:01:90:55:3e:0d:1c:af:2f:a3:60:f1:2b:dc:
11:d6:02:6f:b4:86:83:30:d5:dd:ad:9c:d0:9f:2e:1f:d4:c8:
99:39:3a:cb:91:88:a1:4e:1a:f5:88:e5:14:b4:05:81:43:b0:
ec:f9:e8:c0:5d:14:cf:85:4f:65:ed:e8:e8:c2:50:e0:4c:be:
8b:ca:fb:9d:05:15:e5:6f:b5:a4:37:64:36:41:92:5b:ca:53:
15:70:d2:a7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMxMTE0MDIzODU5WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTUyZGRjMi0wZGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4gr/IPipXq6Z1HDwlryimmcaEXLoSZf5+Mf5KdyRH0HYhguLGZ71ayd5CGzz
nEzuzTCffteaLhbCNJW7PQlf/Ojrvmw1WdG3XiYwxL+qUYe2xnO+JPvg5oL2FSme
bAjhh6wGOCwUhHwOb19OLe4ndMda1nW0JUYEjESKXTgWePuDhDLC08eAeNxiVxSy
LcC2Dtvx3dLTWMvsAcYUgNlBnMFPAN4CneDdFyma4uwl2pn5NoN2+RDb/Gwwn+Lh
xrR1z/YKpezoarOFo7PuM4sYKXa/78d8OrDQ1E+NQNgQhZFDkBaQZAK9ZeJJUNVa
ut5lja+O/jbyW2G94qNZAFWGdQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHxTzURy
4dS35KQFsWT/zVstYbRpMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvRjY1M0RFREM4
Mjk2MTFFRTk5QzVFNTIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKi+MwDQYJKoZIhvcNAQELBQADggEBAGgeyZpH9daYUmUQ
Jdfx7oehxFmI4T+SbHXmYBjc/CWH29bOOJ6L7bwIfvT+MY7v1svcCXFmxnPGXyhV
rvPfWxxbZJBrcseF89CdTM03/j1KhATxZz5OhXOzDiKPXFIz5DXM48AUt1APnBy5
1TUMhj5iFXbeQ2wju1SiHhYmGdI8LgiXrtUUsymgvsRdF1pI9Kl+E4yILz3run7d
Owb1ftHRW/V2fgIwAZBVPg0cry+jYPEr3BHWAm+0hoMw1d2tnNCfLh/UyJk5OsuR
iKFOGvWI5RS0BYFDsOz56MBdFM+FT2Xt6OjCUOBMvovK+50FFeVvtaQ3ZDZBklvK
UxVw0qc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org