Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/06119562153311EDB40C6B2AC4F9AE02.roa
File: 06119562153311EDB40C6B2AC4F9AE02.roa (raw, json)
Hash identifier: 0KIxUw/ukmqPOFVMZieaXIyn8RabAnIkGri70nYcbKQ=
Subject key identifier: 83:4B:43:7E:02:59:B4:15:A6:4B:4C:13:8E:E2:3C:7F:71:DF:3C:64
Certificate issuer: /CN=A917BAC5/serialNumber=E1088187F64094263DDA6749A95F73AA6C1AB063
Certificate serial: 21
Authority key identifier: E1:08:81:87:F6:40:94:26:3D:DA:67:49:A9:5F:73:AA:6C:1A:B0:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4QiBh_ZAlCY92mdJqV9zqmwasGM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/06119562153311EDB40C6B2AC4F9AE02.roa
Signing time: Fri 19 Aug 2022 10:43:54 +0000
ROA not before: Fri 19 Aug 2022 10:43:54 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 150154
IP address blocks: 2400:9ce0::/40 maxlen: 40
2400:9ce0:1000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33 (0x21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917BAC5/serialNumber=E1088187F64094263DDA6749A95F73AA6C1AB063
Validity
Not Before: Aug 19 10:43:54 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=62ff696a-1879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d7:6a:c5:7b:93:e1:2d:35:c7:94:77:c5:00:
23:48:31:6a:e8:ba:cf:51:6b:9b:eb:49:d9:1e:4c:
42:6f:83:dd:ea:99:a9:5b:3c:ed:1b:98:ba:3d:fa:
9a:09:1a:9c:1d:54:72:56:c5:da:2b:d2:86:a9:53:
00:6a:1c:54:67:b1:24:98:35:54:68:d8:a5:8b:e0:
81:64:16:a2:6c:e9:c0:5a:3b:35:05:c5:ea:10:94:
23:c7:b7:cb:e1:05:21:5a:34:7f:dc:a5:95:ad:41:
ed:d4:10:02:2b:87:1b:ac:3d:05:98:00:e3:74:d8:
e3:44:c6:54:e8:58:e5:6d:81:86:69:59:7c:81:99:
db:b1:9f:ac:af:c9:a5:4b:02:52:a4:6b:7a:4e:a0:
24:77:f3:1e:58:b8:98:ea:e8:24:ae:c7:6f:a7:82:
63:4a:c1:b3:53:c5:79:68:c7:03:92:20:ae:c8:c5:
6d:68:61:60:5d:dd:6b:82:b8:9c:5d:92:64:86:8e:
5e:4c:49:4a:3a:f5:c6:b6:dc:61:1a:2b:c1:83:55:
12:e2:0d:fd:12:c6:48:86:98:d5:ad:55:1a:5c:60:
a1:5d:33:c5:7b:2c:b3:e8:6c:86:19:69:e1:e6:32:
0e:e9:ac:c3:33:fa:aa:07:e4:7a:91:24:4d:c3:ce:
fe:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:4B:43:7E:02:59:B4:15:A6:4B:4C:13:8E:E2:3C:7F:71:DF:3C:64
X509v3 Authority Key Identifier:
keyid:E1:08:81:87:F6:40:94:26:3D:DA:67:49:A9:5F:73:AA:6C:1A:B0:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/4QiBh_ZAlCY92mdJqV9zqmwasGM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4QiBh_ZAlCY92mdJqV9zqmwasGM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/06119562153311EDB40C6B2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:9ce0::/40
2400:9ce0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
4d:3d:24:57:fb:f2:10:c0:79:91:dd:c3:eb:5c:3a:fb:95:d8:
b2:00:56:ef:01:48:05:40:c9:fb:12:9d:a3:38:fc:79:35:5c:
81:cd:3d:d7:c7:c5:8b:01:70:e8:5f:7a:32:a8:07:ce:3d:f8:
24:0c:71:d8:ac:da:80:ca:34:83:6d:26:b2:ab:6c:ab:cb:ea:
f8:aa:53:23:34:06:c6:cb:45:7e:8b:f2:a1:8f:ba:26:46:da:
76:99:15:51:3c:c4:47:54:60:67:f8:be:33:e6:5d:aa:28:e4:
94:5b:a5:53:73:f2:eb:62:b5:07:b7:c4:8b:b4:0a:f8:59:7e:
ae:47:da:6b:ad:e5:79:de:17:11:d8:92:2f:eb:a2:fe:8f:b4:
75:41:21:69:34:eb:e6:23:1b:ba:4b:2a:8e:26:e3:f6:34:24:
fe:98:df:0f:a6:f4:52:89:ca:00:e2:b2:7d:2e:6f:dd:e1:99:
37:4a:73:a1:f2:cf:c8:d9:de:fe:23:32:88:92:bf:73:25:8f:
f3:c3:d8:66:fe:05:be:7b:b5:fb:fe:66:9a:3a:66:49:66:3e:
e7:59:f9:5e:b0:3b:ef:28:6f:66:35:9e:32:84:42:86:b9:bb:
a5:a7:cb:e9:02:7d:9f:3c:84:b0:14:63:1a:c5:f5:23:fb:80:
ce:0f:92:1d
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QkFDNTExMC8GA1UEBRMoRTEwODgxODdGNjQwOTQyNjNEREE2NzQ5QTk1RjczQUE2
QzFBQjA2MzAeFw0yMjA4MTkxMDQzNTRaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZmY2OTZhLTE4NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJ12rFe5PhLTXHlHfFACNIMWrous9Ra5vrSdkeTEJvg93qmalbPO0bmLo9+poJ
GpwdVHJWxdor0oapUwBqHFRnsSSYNVRo2KWL4IFkFqJs6cBaOzUFxeoQlCPHt8vh
BSFaNH/cpZWtQe3UEAIrhxusPQWYAON02ONExlToWOVtgYZpWXyBmduxn6yvyaVL
AlKka3pOoCR38x5YuJjq6CSux2+ngmNKwbNTxXloxwOSIK7IxW1oYWBd3WuCuJxd
kmSGjl5MSUo69ca23GEaK8GDVRLiDf0SxkiGmNWtVRpcYKFdM8V7LLPobIYZaeHm
Mg7prMMz+qoH5HqRJE3Dzv7LAgMBAAGjggKfMIICmzAdBgNVHQ4EFgQUg0tDfgJZ
tBWmS0wTjuI8f3HfPGQwHwYDVR0jBBgwFoAU4QiBh/ZAlCY92mdJqV9zqmwasGMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCQUM1LzQ3MEE2MjA0MTUz
MDExRURCQUEzRDAyN0M0RjlBRTAyLzRRaUJoX1pBbENZOTJtZEpxVjl6cW13YXNH
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNFFpQmhfWkFsQ1k5Mm1kSnFWOXpxbXdhc0dNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QkFDNS80NzBBNjIwNDE1MzAxMUVEQkFBM0QwMjdDNEY5QUUwMi8wNjExOTU2MjE1
MzMxMUVEQjQwQzZCMkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDApBggrBgEFBQcBBwEB/wQa
MBgwFgQCAAIwEAMGACQAnOAAAwYEJACc4BAwDQYJKoZIhvcNAQELBQADggEBAE09
JFf78hDAeZHdw+tcOvuV2LIAVu8BSAVAyfsSnaM4/Hk1XIHNPdfHxYsBcOhfejKo
B849+CQMcdis2oDKNINtJrKrbKvL6viqUyM0BsbLRX6L8qGPuiZG2naZFVE8xEdU
YGf4vjPmXaoo5JRbpVNz8utitQe3xIu0CvhZfq5H2mut5XneFxHYki/rov6PtHVB
IWk06+YjG7pLKo4m4/Y0JP6Y3w+m9FKJygDisn0ub93hmTdKc6Hyz8jZ3v4jMoiS
v3Mlj/PD2Gb+Bb57tfv+Zpo6ZklmPudZ+V6wO+8ob2Y1njKEQoa5u6Wny+kCfZ88
hLAUYxrF9SP7gM4Pkh0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org