Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2DA98A0AFEC911E88E78993AC4F9AE02.roa
File: 2DA98A0AFEC911E88E78993AC4F9AE02.roa (raw, json)
Hash identifier: mWbbpNWgpQrwSIE3Gtl2IBF9pC5JLU7tGdr0UZI6bKk=
Subject key identifier: 05:27:6A:3E:20:33:9E:AE:B9:FB:4A:9A:64:FA:2D:5F:C9:FA:DE:4D
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 24AE
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2DA98A0AFEC911E88E78993AC4F9AE02.roa
Signing time: Tue 02 Aug 2022 04:22:39 +0000
ROA not before: Tue 02 Aug 2022 04:22:39 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 138166
IP address blocks: 2402:9e80:27::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9390 (0x24ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Aug 2 04:22:39 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62e8a68f-bd48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4b:b1:d4:20:6c:a6:ca:b4:21:5f:cd:1a:67:
e2:7c:f0:c1:0a:99:19:50:d5:48:6b:06:da:80:f6:
96:24:e4:4c:32:27:34:af:9f:e7:7c:7a:9d:54:ff:
68:3c:03:49:5c:3b:be:40:6c:9c:13:f9:7d:a0:57:
01:39:37:f8:0b:1a:95:a7:4c:8e:4e:5f:5f:64:2b:
15:7e:55:3b:21:79:c1:64:4d:d3:d9:42:db:2f:0e:
bd:c7:82:5b:d5:c9:de:ff:0a:c3:92:3a:a3:01:16:
a9:b4:d0:50:fb:2d:ba:17:b5:02:dc:62:86:9b:1a:
23:06:49:b3:a1:1b:f9:e2:6f:c9:e4:83:2a:c9:e8:
5c:82:22:1c:7c:5f:0e:50:01:b9:f8:5f:6d:99:ab:
e9:65:7c:d5:c7:40:0a:1f:57:44:84:d9:ae:a7:88:
d8:2a:62:e0:2d:3a:93:6f:00:b7:f4:66:dc:1f:d5:
6b:ba:9f:11:7d:d7:cd:39:4a:ba:4f:49:ac:40:10:
bb:5b:0b:b5:de:41:f2:6d:06:e3:20:12:ca:5a:38:
d3:98:34:5e:bc:ee:0e:86:f9:cf:b3:ef:8c:59:46:
21:23:fe:1c:5a:f9:cb:4f:01:e5:f1:79:5c:3a:6d:
74:ab:01:d8:44:eb:a6:a4:5e:3d:bb:ff:17:e8:d4:
30:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:27:6A:3E:20:33:9E:AE:B9:FB:4A:9A:64:FA:2D:5F:C9:FA:DE:4D
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2DA98A0AFEC911E88E78993AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:9e80:27::/48
Signature Algorithm: sha256WithRSAEncryption
68:8e:fc:89:4c:28:a2:59:4f:5e:d7:68:b4:0b:8f:64:c3:71:
bd:3f:f9:44:d7:c8:9c:dc:12:46:38:07:3a:0c:23:12:5c:90:
ba:a7:f7:5c:8e:de:18:41:e9:fa:1a:a2:bd:8e:87:48:57:14:
ea:3a:13:63:86:ac:8f:25:d5:d1:a9:0b:01:c7:95:df:7b:eb:
ff:89:9c:96:b9:86:aa:e3:b2:8f:43:0d:85:c5:e8:ba:31:ac:
ab:92:f9:93:5c:d5:c6:14:a0:ee:3b:16:63:9f:25:e8:45:63:
09:76:a8:73:1a:74:03:f2:ab:7d:4e:a8:88:31:c2:43:3d:cc:
b0:e1:37:13:c0:d6:0b:5d:df:e9:74:56:b5:8d:7a:59:23:b3:
d8:6c:30:77:c6:ba:cc:e6:94:61:96:56:0b:f8:ec:b3:f2:cf:
1b:46:23:5e:a9:e2:15:75:51:a7:13:cb:c6:b5:78:6f:d4:93:
1d:c2:a2:79:1f:3b:c0:b2:91:23:a4:6b:9d:aa:75:05:50:c4:
56:e2:a1:10:2f:3e:81:20:da:eb:af:8a:dd:30:87:3d:a1:1e:
a1:2c:58:6b:10:0a:00:52:82:9e:bb:70:d9:09:5d:fa:bb:fb:
98:07:21:e4:ac:2e:b4:20:8f:27:50:f3:c0:40:68:9c:38:c8:
6a:50:20:f3
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICJK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjIwODAyMDQyMjM5WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU4YTY4Zi1iZDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Uux1CBspsq0IV/NGmfifPDBCpkZUNVIawbagPaWJORMMic0r5/nfHqdVP9o
PANJXDu+QGycE/l9oFcBOTf4CxqVp0yOTl9fZCsVflU7IXnBZE3T2ULbLw69x4Jb
1cne/wrDkjqjARaptNBQ+y26F7UC3GKGmxojBkmzoRv54m/J5IMqyehcgiIcfF8O
UAG5+F9tmavpZXzVx0AKH1dEhNmup4jYKmLgLTqTbwC39GbcH9Vrup8RfdfNOUq6
T0msQBC7Wwu13kHybQbjIBLKWjjTmDRevO4OhvnPs++MWUYhI/4cWvnLTwHl8Xlc
Om10qwHYROumpF49u/8X6NQwkwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFAUnaj4g
M56uuftKmmT6LV/J+t5NMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvMkRBOThBMEFG
RUM5MTFFODhFNzg5OTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAp6AACcwDQYJKoZIhvcNAQELBQADggEBAGiO/IlMKKJZ
T17XaLQLj2TDcb0/+UTXyJzcEkY4BzoMIxJckLqn91yO3hhB6foaor2Oh0hXFOo6
E2OGrI8l1dGpCwHHld976/+JnJa5hqrjso9DDYXF6LoxrKuS+ZNc1cYUoO47FmOf
JehFYwl2qHMadAPyq31OqIgxwkM9zLDhNxPA1gtd3+l0VrWNelkjs9hsMHfGuszm
lGGWVgv47LPyzxtGI16p4hV1UacTy8a1eG/Ukx3ConkfO8CykSOka52qdQVQxFbi
oRAvPoEg2uuvit0whz2hHqEsWGsQCgBSgp67cNkJXfq7+5gHIeSsLrQgjydQ88BA
aJw4yGpQIPM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org