Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91166FC/AB1F4ECA729A11EAABBF9141C4F9AE02/61CA44F2F07C11ECB8925244C4F9AE02.roa
File: 61CA44F2F07C11ECB8925244C4F9AE02.roa (raw, json)
Hash identifier: sqUBlsaVkA5iAQteb4W44zBJnJ1MKmCn83ZAQHRbKu8=
Subject key identifier: 34:65:14:FF:48:53:79:89:2F:A9:C7:F3:40:56:60:43:41:C9:0A:9E
Certificate issuer: /CN=A91166FC/serialNumber=69408F6B1CA02816683CCE4C08E00493251944B2
Certificate serial: 0763
Authority key identifier: 69:40:8F:6B:1C:A0:28:16:68:3C:CE:4C:08:E0:04:93:25:19:44:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aUCPaxygKBZoPM5MCOAEkyUZRLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91166FC/AB1F4ECA729A11EAABBF9141C4F9AE02/61CA44F2F07C11ECB8925244C4F9AE02.roa
Signing time: Wed 22 Jun 2022 12:06:06 +0000
ROA not before: Wed 22 Jun 2022 12:06:06 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 141723
IP address blocks: 2406:ebc0::/48 maxlen: 48
2406:ebc0:1::/48 maxlen: 48
2406:ebc0:2::/48 maxlen: 48
2406:ebc0:3::/48 maxlen: 48
2406:ebc0:4::/48 maxlen: 48
2406:ebc0:5::/48 maxlen: 48
2406:ebc0:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1891 (0x763)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91166FC/serialNumber=69408F6B1CA02816683CCE4C08E00493251944B2
Validity
Not Before: Jun 22 12:06:06 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=62b305ae-b062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4b:f9:20:ea:90:b4:af:b4:31:13:07:9e:eb:
d2:06:d8:6d:b8:c0:e9:6d:a6:d7:0e:74:de:57:15:
fa:51:ff:41:e3:86:51:d2:e1:4c:65:e3:bc:e0:17:
6d:7d:5c:9f:34:4d:be:9b:ca:ab:01:3c:9c:8d:86:
9b:6c:46:d8:2a:52:4a:f5:b6:da:67:e4:be:ea:30:
ee:97:b9:a6:21:fe:c0:07:0e:93:d7:51:43:56:58:
2c:df:20:f8:fe:4b:32:e8:99:fc:a5:50:df:6b:7c:
b1:f2:70:0b:43:f4:75:6f:77:f3:1c:5b:b3:62:4c:
80:f5:1c:1b:fd:dd:2a:b3:d2:5f:88:64:76:c5:c9:
37:98:74:5a:38:7b:69:8b:81:68:e4:ab:6b:a1:f3:
79:21:45:58:18:07:aa:75:60:70:6c:29:89:a1:05:
90:f3:85:cb:81:44:60:c9:b6:ad:59:e4:73:ae:e5:
b8:3c:b4:13:4f:eb:07:d6:28:e0:cd:15:d2:1a:5c:
a0:d2:ed:c5:f9:b8:bb:d3:c4:a6:df:43:f1:b6:06:
c9:32:4a:5f:d3:ca:fb:1d:ae:50:ca:79:1c:71:be:
93:8d:2b:85:40:4e:59:70:8e:52:ee:22:06:b5:fc:
78:21:65:b6:65:bb:36:e6:52:e4:64:31:16:35:99:
34:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:65:14:FF:48:53:79:89:2F:A9:C7:F3:40:56:60:43:41:C9:0A:9E
X509v3 Authority Key Identifier:
keyid:69:40:8F:6B:1C:A0:28:16:68:3C:CE:4C:08:E0:04:93:25:19:44:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91166FC/AB1F4ECA729A11EAABBF9141C4F9AE02/aUCPaxygKBZoPM5MCOAEkyUZRLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aUCPaxygKBZoPM5MCOAEkyUZRLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91166FC/AB1F4ECA729A11EAABBF9141C4F9AE02/61CA44F2F07C11ECB8925244C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:ebc0::-2406:ebc0:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
14:78:e6:1b:66:5c:e7:42:5c:22:f9:75:65:6f:01:fe:35:6b:
c5:6b:52:52:8b:3f:53:58:51:e0:78:97:fe:6a:51:1a:40:e3:
af:86:3a:f8:65:9d:8d:3d:49:72:c9:29:55:ea:ff:82:25:11:
d6:50:ea:eb:92:d4:4d:08:64:a3:d1:46:80:f9:71:11:a1:90:
fd:55:8a:a3:59:7f:46:22:cd:9c:39:c0:48:e2:68:70:f4:3b:
90:55:3a:8e:f0:b8:02:cd:9a:42:33:f8:77:bb:87:55:86:84:
e9:75:4b:de:cc:c7:0f:23:48:fe:df:45:de:1f:b9:76:76:f1:
e4:32:4b:ca:5b:aa:b6:5a:7e:cd:d2:29:8a:6e:8f:60:57:d2:
04:e9:89:7c:ce:1c:4e:e6:1f:fe:fc:00:a3:35:1e:94:95:b5:
b9:8e:cb:c3:4f:85:4e:6d:26:fd:02:38:52:50:0e:d7:24:87:
57:1e:d8:77:06:9a:52:90:a4:b7:0d:21:76:1c:6f:85:d2:eb:
c5:29:d6:8f:2a:3c:be:3c:c4:d7:5b:b4:b4:9f:4a:99:1f:27:
3b:9f:07:d9:34:84:58:4f:c0:d7:e4:7b:8e:b6:38:b4:d1:24:
47:e9:b4:e4:aa:41:84:ff:63:58:11:e5:4b:fc:73:56:a9:98:
d2:dd:39:77
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICB2MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY2RkMxMTAvBgNVBAUTKDY5NDA4RjZCMUNBMDI4MTY2ODNDQ0U0QzA4RTAwNDkz
MjUxOTQ0QjIwHhcNMjIwNjIyMTIwNjA2WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmIzMDVhZS1iMDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv0v5IOqQtK+0MRMHnuvSBthtuMDpbabXDnTeVxX6Uf9B44ZR0uFMZeO84Bdt
fVyfNE2+m8qrATycjYabbEbYKlJK9bbaZ+S+6jDul7mmIf7ABw6T11FDVlgs3yD4
/ksy6Jn8pVDfa3yx8nALQ/R1b3fzHFuzYkyA9Rwb/d0qs9JfiGR2xck3mHRaOHtp
i4Fo5KtrofN5IUVYGAeqdWBwbCmJoQWQ84XLgURgybatWeRzruW4PLQTT+sH1ijg
zRXSGlyg0u3F+bi708Sm30PxtgbJMkpf08r7Ha5Qynkccb6TjSuFQE5ZcI5S7iIG
tfx4IWW2Zbs25lLkZDEWNZk0NwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDRlFP9I
U3mJL6nH80BWYENByQqeMB8GA1UdIwQYMBaAFGlAj2scoCgWaDzOTAjgBJMlGUSy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjZGQy9BQjFGNEVDQTcy
OUExMUVBQUJCRjkxNDFDNEY5QUUwMi9hVUNQYXh5Z0tCWm9QTTVNQ09BRWt5VVpS
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FVQ1BheHlnS0Jab1BNNU1DT0FFa3lVWlJMSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY2RkMvQUIxRjRFQ0E3MjlBMTFFQUFCQkY5MTQxQzRGOUFFMDIvNjFDQTQ0RjJG
MDdDMTFFQ0I4OTI1MjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIwEAMFBiQG68ADBwAkBuvAAAYwDQYJKoZIhvcNAQELBQADggEB
ABR45htmXOdCXCL5dWVvAf41a8VrUlKLP1NYUeB4l/5qURpA46+GOvhlnY09SXLJ
KVXq/4IlEdZQ6uuS1E0IZKPRRoD5cRGhkP1ViqNZf0YizZw5wEjiaHD0O5BVOo7w
uALNmkIz+He7h1WGhOl1S97Mxw8jSP7fRd4fuXZ28eQyS8pbqrZafs3SKYpuj2BX
0gTpiXzOHE7mH/78AKM1HpSVtbmOy8NPhU5tJv0COFJQDtckh1ce2HcGmlKQpLcN
IXYcb4XS68Up1o8qPL48xNdbtLSfSpkfJzufB9k0hFhPwNfke462OLTRJEfptOSq
QYT/Y1gR5Uv8c1apmNLdOXc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org