Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/142B54D2A3E711EE8A82BA5CC4F9AE02.roa
File: 142B54D2A3E711EE8A82BA5CC4F9AE02.roa (raw, json)
Hash identifier: rD9zm9Ah9V+lcCkNXdMMHNUEgZ0EGV9MO732CSJry70=
Subject key identifier: 63:41:6D:F2:A7:ED:F4:01:C3:31:C8:2B:EF:8F:3C:2E:52:C0:8B:86
Certificate issuer: /CN=A91AE972/serialNumber=5D185B712D93056BF274B8B7A898C69254EBB983
Certificate serial: 02
Authority key identifier: 5D:18:5B:71:2D:93:05:6B:F2:74:B8:B7:A8:98:C6:92:54:EB:B9:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XRhbcS2TBWvydLi3qJjGklTruYM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/142B54D2A3E711EE8A82BA5CC4F9AE02.roa
Signing time: Tue 26 Dec 2023 12:05:37 +0000
ROA not before: Tue 26 Dec 2023 12:05:37 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 152189
IP address blocks: 36.50.198.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE972, serialNumber=5D185B712D93056BF274B8B7A898C69254EBB983
Validity
Not Before: Dec 26 12:05:37 2023 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=658ac190-a2ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:20:b5:87:b7:3d:2b:1a:ec:f8:1f:ad:7c:99:
ba:85:c8:a4:56:67:39:88:2e:54:a8:2e:ea:ef:bf:
65:b8:73:79:1e:2e:48:ab:1b:41:e4:49:59:36:b2:
ce:5b:96:4e:a2:3a:cf:81:ce:23:e5:fb:f5:a7:cb:
94:aa:48:1f:ba:cc:8e:06:f5:90:55:80:e5:12:d6:
93:9d:be:b7:7f:a9:82:66:a3:af:7d:1a:5e:7d:9e:
22:a3:a6:55:12:e2:d7:59:9c:6f:d8:7b:90:73:ce:
a8:ca:9d:a4:85:ca:bc:dd:30:03:7d:ea:fd:47:10:
6d:96:68:75:4d:b4:0c:5a:01:0c:d5:a0:8b:0f:cf:
dd:5a:ff:b4:50:2c:ad:e8:f3:06:68:af:f7:86:fd:
34:01:2c:4d:7f:78:c4:09:74:f8:50:f7:56:08:fc:
b4:f1:e3:c8:5d:4e:fb:e4:23:36:63:c0:d4:26:a6:
de:ff:09:25:07:63:cb:a6:fd:8e:87:4f:48:2f:b9:
66:fc:6c:d7:ae:33:6c:77:72:5d:2d:37:79:c0:55:
78:e0:f6:46:94:77:fb:ca:d9:cd:51:0c:ab:53:62:
c1:5b:45:4b:41:12:84:98:82:47:ca:ee:2f:5f:bb:
c3:07:08:2e:35:d1:48:f9:15:4c:ab:b1:f9:3d:2e:
19:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:41:6D:F2:A7:ED:F4:01:C3:31:C8:2B:EF:8F:3C:2E:52:C0:8B:86
X509v3 Authority Key Identifier:
keyid:5D:18:5B:71:2D:93:05:6B:F2:74:B8:B7:A8:98:C6:92:54:EB:B9:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/XRhbcS2TBWvydLi3qJjGklTruYM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XRhbcS2TBWvydLi3qJjGklTruYM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/142B54D2A3E711EE8A82BA5CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.198.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:85:61:be:91:bc:25:fd:66:21:5d:45:9d:21:2d:65:1d:63:
83:d7:ec:c1:24:ff:e7:9a:f2:ff:9e:4f:63:8a:38:6b:bc:78:
85:47:d7:c4:cd:30:3c:3d:7d:c4:28:9f:42:a9:89:1d:91:37:
8c:d6:75:9c:52:06:a8:2a:fe:7e:53:c5:45:8c:65:80:a7:84:
a0:6c:74:b4:89:cb:53:5d:13:d6:e8:73:ad:98:0d:b2:fb:ec:
1c:03:47:8b:bf:52:1a:d1:fc:e2:34:86:4a:d3:5e:db:89:6e:
a8:3d:08:36:0a:03:d1:22:6f:c1:a2:63:c8:99:c7:7e:c1:5b:
e6:9e:8b:19:6e:0a:96:52:37:39:0b:03:50:9b:ec:25:64:85:
af:6f:c6:85:d7:ab:22:1a:5e:d0:4f:2e:6c:43:db:a9:28:84:
e4:6d:55:65:f0:aa:25:71:b5:14:1a:32:c1:26:91:86:14:ae:
d2:f7:a5:59:7e:96:62:60:51:41:a6:10:a1:e0:aa:d6:cd:a1:
39:35:d7:5f:e7:80:7c:36:2b:e5:e4:11:f4:60:4c:f5:4d:30:
89:94:d9:ea:c3:15:19:4c:21:cb:9d:8e:61:a0:2a:72:e5:5c:
46:46:a8:47:d1:6b:fe:cb:8b:7b:d1:94:cc:fb:a2:d5:87:ce:
95:c8:fd:c8
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RTk3MjExMC8GA1UEBRMoNUQxODVCNzEyRDkzMDU2QkYyNzRCOEI3QTg5OEM2OTI1
NEVCQjk4MzAeFw0yMzEyMjYxMjA1MzdaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OGFjMTkwLWEyZmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7ILWHtz0rGuz4H618mbqFyKRWZzmILlSoLurvv2W4c3keLkirG0HkSVk2ss5b
lk6iOs+BziPl+/Wny5SqSB+6zI4G9ZBVgOUS1pOdvrd/qYJmo699Gl59niKjplUS
4tdZnG/Ye5BzzqjKnaSFyrzdMAN96v1HEG2WaHVNtAxaAQzVoIsPz91a/7RQLK3o
8wZor/eG/TQBLE1/eMQJdPhQ91YI/LTx48hdTvvkIzZjwNQmpt7/CSUHY8um/Y6H
T0gvuWb8bNeuM2x3cl0tN3nAVXjg9kaUd/vK2c1RDKtTYsFbRUtBEoSYgkfK7i9f
u8MHCC410Uj5FUyrsfk9LhmHAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUY0Ft8qft
9AHDMcgr7488LlLAi4YwHwYDVR0jBBgwFoAUXRhbcS2TBWvydLi3qJjGklTruYMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFFOTcyLzI0NUIzRERDQTNF
NjExRUVBREY5NDg1NUM0RjlBRTAyL1hSaGJjUzJUQld2eWRMaTNxSmpHa2xUcnVZ
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWFJoYmNTMlRCV3Z5ZExpM3FKakdrbFRydVlNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RTk3Mi8yNDVCM0REQ0EzRTYxMUVFQURGOTQ4NTVDNEY5QUUwMi8xNDJCNTREMkEz
RTcxMUVFOEE4MkJBNUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEASQyxjANBgkqhkiG9w0BAQsFAAOCAQEALIVhvpG8Jf1mIV1F
nSEtZR1jg9fswST/55ry/55PY4o4a7x4hUfXxM0wPD19xCifQqmJHZE3jNZ1nFIG
qCr+flPFRYxlgKeEoGx0tInLU10T1uhzrZgNsvvsHANHi79SGtH84jSGStNe24lu
qD0INgoD0SJvwaJjyJnHfsFb5p6LGW4KllI3OQsDUJvsJWSFr2/GhderIhpe0E8u
bEPbqSiE5G1VZfCqJXG1FBoywSaRhhSu0velWX6WYmBRQaYQoeCq1s2hOTXXX+eA
fDYr5eQR9GBM9U0wiZTZ6sMVGUwhy52OYaAqcuVcRkaoR9Fr/suLe9GUzPui1YfO
lcj9yA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:18:30 2025 by rpki-client