Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/2F3FD3BCB98311EF82890050C4F9AE02.roa
File: 2F3FD3BCB98311EF82890050C4F9AE02.roa (raw, json)
Hash identifier: UhWOrxct1emD08/L03LjezJs+w6zVQsdVkI/ltGDrQs=
Subject key identifier: F1:B6:BC:8A:AF:BB:88:9C:1D:55:26:48:A1:7B:03:DE:4A:A7:7A:B7
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0CD9
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/2F3FD3BCB98311EF82890050C4F9AE02.roa
Signing time: Fri 13 Dec 2024 18:50:56 +0000
ROA not before: Fri 13 Dec 2024 18:50:56 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 397373
IP address blocks: 59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3289 (0xcd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2, serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Dec 13 18:50:56 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=675c820f-f3bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b1:2c:21:32:cc:3a:ef:02:19:d2:33:34:18:
62:53:53:05:e3:1a:53:5b:3d:6e:48:b5:1c:56:40:
a0:73:c1:ae:43:c8:ee:f1:a5:b0:92:66:f8:63:9e:
f0:43:ec:d4:29:29:bd:74:3b:49:b8:fb:00:9a:a5:
a4:f0:b9:8c:62:26:63:61:0e:8c:b3:11:75:d3:8e:
62:1d:a9:c2:ca:a9:6c:16:54:7b:43:94:8b:1b:93:
d3:14:e1:c3:15:9b:63:25:12:72:f0:87:bc:81:f2:
c9:3e:f3:51:f2:f5:a9:4c:bd:28:6b:7f:ca:a3:74:
87:53:78:db:ba:fe:99:94:25:8c:bb:91:f5:e1:dc:
27:03:85:73:56:dd:80:8c:4c:76:62:b1:72:45:26:
fa:d8:86:08:53:ad:6f:83:2e:e7:be:90:db:fa:f8:
a3:ce:84:ac:c1:08:c8:aa:49:4b:1f:e7:e2:17:a2:
cf:bc:eb:39:d8:28:cc:15:6a:e7:7f:36:49:08:f8:
7a:e9:23:0f:e3:95:1b:0a:3f:45:3c:8b:eb:e9:04:
a7:03:26:da:47:4c:35:96:99:14:f4:81:58:c8:b2:
78:87:e8:40:32:ce:4d:00:d0:ef:68:7c:37:db:46:
c5:8d:08:0b:c6:c5:4f:53:79:97:e5:d0:90:81:31:
bb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:B6:BC:8A:AF:BB:88:9C:1D:55:26:48:A1:7B:03:DE:4A:A7:7A:B7
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/2F3FD3BCB98311EF82890050C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.62.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:cb:c4:97:95:91:e4:8a:c9:f4:5a:da:6a:24:5d:07:3a:e1:
d0:79:7c:7c:e0:dd:bf:60:27:89:ef:09:53:87:f3:84:ee:0e:
33:ef:5c:6f:04:64:23:71:ef:c8:ce:07:8a:84:3d:91:ca:69:
fc:2b:32:bc:bb:a0:f3:69:83:dc:17:5d:1c:4a:c0:fb:87:d2:
08:e5:f3:c3:75:b8:7e:03:b2:c3:31:65:04:0c:65:e5:5b:42:
60:50:c6:3e:f2:e1:18:ac:e5:7c:6c:61:5e:5d:e5:06:b0:a7:
2e:ae:de:57:06:c2:e4:0b:a6:72:7e:88:aa:56:4d:40:56:1d:
eb:79:2f:8c:7a:e0:64:65:23:5f:0d:41:60:65:75:8b:32:af:
36:49:82:f9:f7:1c:80:e4:fe:15:25:1e:e5:73:42:ab:b0:b1:
c9:a5:6e:27:5d:1e:9e:9c:22:da:2e:7d:28:b9:e5:96:85:46:
ce:b3:2c:51:60:ea:e5:17:73:d4:d6:fd:64:4c:8d:04:6e:a7:
a1:38:e5:86:27:c2:e7:1a:27:8a:81:e9:7f:0b:5b:ad:72:e4:
3a:a9:ff:98:ee:c0:af:4e:21:1b:8f:64:41:48:d2:9f:93:9f:
ff:bf:64:4d:9b:e9:16:f1:6d:58:8c:78:9c:c4:11:cd:02:e4:
cc:c2:6c:f3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDNkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQxMjEzMTg1MDU2WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVjODIwZi1mM2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuLEsITLMOu8CGdIzNBhiU1MF4xpTWz1uSLUcVkCgc8GuQ8ju8aWwkmb4Y57w
Q+zUKSm9dDtJuPsAmqWk8LmMYiZjYQ6MsxF1045iHanCyqlsFlR7Q5SLG5PTFOHD
FZtjJRJy8Ie8gfLJPvNR8vWpTL0oa3/Ko3SHU3jbuv6ZlCWMu5H14dwnA4VzVt2A
jEx2YrFyRSb62IYIU61vgy7nvpDb+vijzoSswQjIqklLH+fiF6LPvOs52CjMFWrn
fzZJCPh66SMP45UbCj9FPIvr6QSnAybaR0w1lpkU9IFYyLJ4h+hAMs5NANDvaHw3
20bFjQgLxsVPU3mX5dCQgTG7MwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPG2vIqv
u4icHVUmSKF7A95Kp3q3MB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvMkYzRkQzQkNC
OTgzMTFFRjgyODkwMDUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAE7mD4wDQYJKoZIhvcNAQELBQADggEBAMDLxJeVkeSKyfRa
2mokXQc64dB5fHzg3b9gJ4nvCVOH84TuDjPvXG8EZCNx78jOB4qEPZHKafwrMry7
oPNpg9wXXRxKwPuH0gjl88N1uH4DssMxZQQMZeVbQmBQxj7y4Ris5XxsYV5d5Qaw
py6u3lcGwuQLpnJ+iKpWTUBWHet5L4x64GRlI18NQWBldYsyrzZJgvn3HIDk/hUl
HuVzQquwscmlbiddHp6cItoufSi55ZaFRs6zLFFg6uUXc9TW/WRMjQRup6E45YYn
wucaJ4qB6X8LW61y5Dqp/5juwK9OIRuPZEFI0p+Tn/+/ZE2b6RbxbViMeJzEEc0C
5MzCbPM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:05:25 2025 by rpki-client