Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/DD633C6E997111EEA8AB327AC4F9AE02.roa
File: DD633C6E997111EEA8AB327AC4F9AE02.roa (raw, json)
Hash identifier: mvLMMzZpCfFHbEIhZJIgLUk+oIiCakzILjiszSE2+ko=
Subject key identifier: A0:4E:0D:68:0D:8E:77:7C:56:26:AB:E7:3E:86:69:24:1E:95:DE:21
Certificate issuer: /CN=A91187FD/serialNumber=68852AB7F2714FCF54D75F0AAE3068ADC38B35CC
Certificate serial: 89
Authority key identifier: 68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/DD633C6E997111EEA8AB327AC4F9AE02.roa
Signing time: Wed 13 Dec 2023 04:41:22 +0000
ROA not before: Wed 13 Dec 2023 04:41:22 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 151062
IP address blocks: 2401:3fa0:120::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137 (0x89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91187FD
Validity
Not Before: Dec 13 04:41:22 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=657935f2-db0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:84:04:c3:78:3e:c1:99:5f:84:24:c6:2c:8c:
16:26:d4:c3:14:8c:1d:60:84:5f:03:bc:0c:5a:b4:
be:cf:7b:88:1e:cb:94:68:6e:51:8e:10:85:bc:83:
37:b8:df:3a:78:18:15:d0:50:87:35:dd:b0:3c:03:
10:d3:49:04:fc:c9:03:bf:89:6d:ab:fd:77:3d:ab:
e1:4c:9d:6c:2f:ae:f1:17:ca:df:ba:1b:f5:7b:00:
84:a2:b5:7e:94:23:3c:9a:fe:1a:f8:ca:03:3a:5f:
75:66:6b:41:9f:b8:b3:16:de:aa:b1:20:0a:53:04:
5f:66:a0:03:26:10:48:4e:99:ef:ea:74:4c:8c:41:
b5:5b:ce:fb:21:6b:ce:95:5c:d1:1a:11:46:9b:62:
be:17:8e:69:33:7a:78:08:5b:32:57:c2:ea:ce:26:
4b:bd:64:5e:63:3d:9e:6f:54:66:18:0d:e1:bd:e5:
c2:51:ea:88:24:92:68:df:63:8f:70:15:98:f4:cc:
a1:be:27:50:df:0b:c0:50:32:ba:1f:0f:4d:62:0c:
00:af:77:8c:93:4f:32:83:a1:a2:bc:c6:a9:75:0c:
b2:45:83:2f:3c:4c:99:ac:9b:51:83:5b:ae:6b:a5:
0c:5f:01:30:dc:68:32:c4:9a:fa:14:ff:70:20:30:
44:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4E:0D:68:0D:8E:77:7C:56:26:AB:E7:3E:86:69:24:1E:95:DE:21
X509v3 Authority Key Identifier:
keyid:68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/aIUqt_JxT89U118KrjBorcOLNcw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/DD633C6E997111EEA8AB327AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3fa0:120::/44
Signature Algorithm: sha256WithRSAEncryption
0e:14:f4:36:3c:dd:61:6b:d7:37:51:65:94:bf:f7:ce:93:9a:
16:5f:3c:6a:41:c9:18:ae:78:0c:fa:2a:ab:89:b1:22:73:f3:
32:28:c5:d7:ae:18:a7:e4:22:da:ad:da:85:80:8c:27:02:a4:
ad:64:61:0a:66:50:5b:28:06:ff:a2:d1:42:60:1a:30:ab:8b:
4e:95:e7:57:2e:09:2f:db:52:dd:3c:e8:68:f4:89:70:33:26:
40:2a:24:f5:6e:e6:98:8f:9e:7f:25:bb:66:1c:30:94:7a:d3:
04:82:46:70:af:ff:8f:8d:6f:a6:ac:f9:88:28:ef:e6:7d:a5:
eb:99:27:87:c2:99:27:6d:f1:26:a8:b2:0e:81:76:ec:32:59:
3e:58:4b:38:f8:4e:37:5b:36:ef:c4:ea:b6:4a:e7:98:04:09:
0d:ae:44:91:5a:e3:98:26:ac:4b:07:51:b6:49:a7:5a:bb:db:
9c:02:d6:79:c6:01:4f:c6:7c:d2:1a:90:2f:d9:23:ae:e3:1b:
58:db:20:e1:7f:6f:ea:ae:20:9d:07:6d:1d:b8:39:0d:b3:56:
9b:26:fb:85:11:08:75:0c:2e:66:43:51:77:ad:90:fb:a8:8f:
81:20:d8:db:b2:c1:77:08:79:b6:b1:f3:15:f9:5d:d6:ea:4c:
ab:a0:fd:08
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTg3RkQxMTAvBgNVBAUTKDY4ODUyQUI3RjI3MTRGQ0Y1NEQ3NUYwQUFFMzA2OEFE
QzM4QjM1Q0MwHhcNMjMxMjEzMDQ0MTIyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTc5MzVmMi1kYjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvoQEw3g+wZlfhCTGLIwWJtTDFIwdYIRfA7wMWrS+z3uIHsuUaG5RjhCFvIM3
uN86eBgV0FCHNd2wPAMQ00kE/MkDv4ltq/13PavhTJ1sL67xF8rfuhv1ewCEorV+
lCM8mv4a+MoDOl91ZmtBn7izFt6qsSAKUwRfZqADJhBITpnv6nRMjEG1W877IWvO
lVzRGhFGm2K+F45pM3p4CFsyV8LqziZLvWReYz2eb1RmGA3hveXCUeqIJJJo32OP
cBWY9MyhvidQ3wvAUDK6Hw9NYgwAr3eMk08yg6GivMapdQyyRYMvPEyZrJtRg1uu
a6UMXwEw3GgyxJr6FP9wIDBEwQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFKBODWgN
jnd8Viar5z6GaSQeld4hMB8GA1UdIwQYMBaAFGiFKrfycU/PVNdfCq4waK3DizXM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODdGRC81NUVENkExNjEw
QTAxMUVFOTM0OTNDNTJDNEY5QUUwMi9hSVVxdF9KeFQ4OVUxMThLcmpCb3JjT0xO
Y3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FJVXF0X0p4VDg5VTExOEtyakJvcmNPTE5jdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTg3RkQvNTVFRDZBMTYxMEEwMTFFRTkzNDkzQzUyQzRGOUFFMDIvREQ2MzNDNkU5
OTcxMTFFRUE4QUIzMjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkAT+gASAwDQYJKoZIhvcNAQELBQADggEBAA4U9DY83WFr
1zdRZZS/986TmhZfPGpByRiueAz6KquJsSJz8zIoxdeuGKfkItqt2oWAjCcCpK1k
YQpmUFsoBv+i0UJgGjCri06V51cuCS/bUt086Gj0iXAzJkAqJPVu5piPnn8lu2Yc
MJR60wSCRnCv/4+Nb6as+Ygo7+Z9peuZJ4fCmSdt8Saosg6BduwyWT5YSzj4Tjdb
Nu/E6rZK55gECQ2uRJFa45gmrEsHUbZJp1q725wC1nnGAU/GfNIakC/ZI67jG1jb
IOF/b+quIJ0HbR24OQ2zVpsm+4URCHUMLmZDUXetkPuoj4Eg2NuywXcIebax8xX5
XdbqTKug/Qg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:34:15 2025 by rpki-client