Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/BC9A3FE6F63311ED8B338084C4F9AE02.roa
File: BC9A3FE6F63311ED8B338084C4F9AE02.roa (raw, json)
Hash identifier: dKc58J7ssHAcgEG89WAGFgvK0rlu64M69cb2e6PM/8I=
Subject key identifier: 88:B7:79:A9:F3:F7:38:A3:82:C8:BB:64:B3:36:7D:B4:56:95:C5:6D
Certificate issuer: /CN=A915B2EC/serialNumber=46922C565440040BD99AFD4E329ED9DEB6F92573
Certificate serial: 0375
Authority key identifier: 46:92:2C:56:54:40:04:0B:D9:9A:FD:4E:32:9E:D9:DE:B6:F9:25:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RpIsVlRABAvZmv1OMp7Z3rb5JXM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/BC9A3FE6F63311ED8B338084C4F9AE02.roa
Signing time: Fri 19 May 2023 10:55:59 +0000
ROA not before: Fri 19 May 2023 10:55:59 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 151338
IP address blocks: 2407:d840:20::/48 maxlen: 48
2407:d840:21::/48 maxlen: 48
2407:d840:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 885 (0x375)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915B2EC/serialNumber=46922C565440040BD99AFD4E329ED9DEB6F92573
Validity
Not Before: May 19 10:55:59 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=646755be-d44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3f:f9:f3:a1:fa:c0:e7:d5:8e:4e:fe:29:64:
57:48:09:cf:41:f3:8d:b8:02:93:fa:cc:2e:39:19:
02:02:2c:02:2c:f3:f6:4d:66:56:88:32:5e:a2:f7:
4f:ff:cb:54:8f:74:3a:c4:d1:dc:56:ff:c5:4e:6b:
22:76:4d:8f:21:ad:15:60:e7:5d:2e:42:38:45:44:
ab:0c:87:b7:ae:15:f7:3c:fa:5c:6f:55:32:6f:bd:
cd:d4:d9:c5:b4:e7:98:02:f2:0e:33:e0:2f:6e:ef:
39:d0:d7:2e:58:d2:17:2e:7a:69:21:d1:a8:6b:3f:
78:fa:b5:e5:02:60:1b:aa:14:1f:f4:f7:63:5b:00:
19:ba:45:2d:b3:56:53:e8:b7:6a:f2:7b:4f:3d:2b:
bc:17:1e:bb:50:f6:36:94:25:c5:8b:d9:b9:fa:9b:
95:f9:6f:a0:72:8c:14:86:59:f1:5d:0d:2c:34:4a:
8a:91:43:76:c4:34:58:41:56:23:f3:61:d4:ae:f3:
cd:01:35:75:48:39:5d:a6:ba:91:c2:30:30:48:d6:
82:f5:3d:9a:50:b1:0e:56:9d:2a:77:be:ef:19:6d:
b3:3c:5e:fe:ae:f5:0f:83:15:62:27:45:6f:fc:c4:
18:47:84:49:2c:90:0f:9c:8c:5e:16:5a:bd:b1:30:
8f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B7:79:A9:F3:F7:38:A3:82:C8:BB:64:B3:36:7D:B4:56:95:C5:6D
X509v3 Authority Key Identifier:
keyid:46:92:2C:56:54:40:04:0B:D9:9A:FD:4E:32:9E:D9:DE:B6:F9:25:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/RpIsVlRABAvZmv1OMp7Z3rb5JXM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RpIsVlRABAvZmv1OMp7Z3rb5JXM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/BC9A3FE6F63311ED8B338084C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d840:20::/47
2407:d840:200::/40
Signature Algorithm: sha256WithRSAEncryption
8f:d9:67:77:90:f7:eb:1d:fe:3d:e5:ab:32:a0:45:c4:7a:1a:
61:b9:a1:f3:fe:eb:41:d6:55:98:a7:3d:de:7d:2c:4e:66:02:
29:14:fe:b1:31:13:82:a1:9b:90:d1:42:32:9c:6f:09:d8:c2:
32:bb:38:61:ab:81:4e:39:50:13:67:90:7c:94:9a:a8:f7:1a:
71:52:77:89:c0:01:c0:8c:65:ee:70:12:79:5c:e9:d8:e7:5b:
e2:fe:b3:de:1c:44:32:90:f8:91:83:94:2a:a8:3c:e2:1b:dd:
b0:aa:2f:52:71:45:1d:27:56:7d:26:d4:ba:93:8c:71:52:4c:
0a:6b:79:81:52:71:93:95:58:9c:46:c6:ac:3e:82:8b:e2:13:
1e:fe:d2:53:86:00:83:fe:95:ae:be:b4:aa:09:58:1f:c6:25:
52:4d:84:44:a6:6c:9d:73:c7:de:31:27:30:3d:5f:c4:ca:d0:
9c:68:96:60:7c:9e:fe:f1:ac:14:7c:be:b7:7d:f4:0d:0a:56:
33:30:04:2f:bb:20:18:ef:b2:ce:df:ea:e3:79:c5:58:56:59:
07:ea:d6:57:01:39:59:2c:33:a7:78:41:4a:e1:4a:de:bb:47:
13:50:d4:71:cc:ed:ad:8d:2e:00:81:da:bb:23:30:ca:eb:5c:
a7:50:08:9f
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgICA3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUIyRUMxMTAvBgNVBAUTKDQ2OTIyQzU2NTQ0MDA0MEJEOTlBRkQ0RTMyOUVEOURF
QjZGOTI1NzMwHhcNMjMwNTE5MTA1NTU5WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY3NTViZS1kNDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1T/586H6wOfVjk7+KWRXSAnPQfONuAKT+swuORkCAiwCLPP2TWZWiDJeovdP
/8tUj3Q6xNHcVv/FTmsidk2PIa0VYOddLkI4RUSrDIe3rhX3PPpcb1Uyb73N1NnF
tOeYAvIOM+Avbu850NcuWNIXLnppIdGoaz94+rXlAmAbqhQf9PdjWwAZukUts1ZT
6Ldq8ntPPSu8Fx67UPY2lCXFi9m5+puV+W+gcowUhlnxXQ0sNEqKkUN2xDRYQVYj
82HUrvPNATV1SDldprqRwjAwSNaC9T2aULEOVp0qd77vGW2zPF7+rvUPgxViJ0Vv
/MQYR4RJLJAPnIxeFlq9sTCP4wIDAQABo4ICoDCCApwwHQYDVR0OBBYEFIi3eanz
9zijgsi7ZLM2fbRWlcVtMB8GA1UdIwQYMBaAFEaSLFZUQAQL2Zr9TjKe2d62+SVz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjJFQy84NDI3NTk1NjJC
MDkxMUVDODUxQjk4MEVDNEY5QUUwMi9ScElzVmxSQUJBdlptdjFPTXA3WjNyYjVK
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JwSXNWbFJBQkF2Wm12MU9NcDdaM3JiNUpYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUIyRUMvODQyNzU5NTYyQjA5MTFFQzg1MUI5ODBFQzRGOUFFMDIvQkM5QTNGRTZG
NjMzMTFFRDhCMzM4MDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E
GzAZMBcEAgACMBEDBwEkB9hAACADBgAkB9hAAjANBgkqhkiG9w0BAQsFAAOCAQEA
j9lnd5D36x3+PeWrMqBFxHoaYbmh8/7rQdZVmKc93n0sTmYCKRT+sTETgqGbkNFC
MpxvCdjCMrs4YauBTjlQE2eQfJSaqPcacVJ3icABwIxl7nASeVzp2Odb4v6z3hxE
MpD4kYOUKqg84hvdsKovUnFFHSdWfSbUupOMcVJMCmt5gVJxk5VYnEbGrD6Ci+IT
Hv7SU4YAg/6Vrr60qglYH8YlUk2ERKZsnXPH3jEnMD1fxMrQnGiWYHye/vGsFHy+
t330DQpWMzAEL7sgGO+yzt/q43nFWFZZB+rWVwE5WSwzp3hBSuFK3rtHE1DUcczt
rY0uAIHauyMwyutcp1AInw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org