Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/3A025FC8458611ECA385111EC4F9AE02.roa
File: 3A025FC8458611ECA385111EC4F9AE02.roa (raw, json)
Hash identifier: fTJsFtEkV43/3cBFrP2kaLdMRn1NbYrfsfc9Yln2nsY=
Subject key identifier: A5:AC:B2:1A:84:2D:CF:B3:41:60:94:49:38:1A:8A:BD:CF:09:47:76
Certificate issuer: /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial: 0DF0
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/3A025FC8458611ECA385111EC4F9AE02.roa
Signing time: Wed 03 Aug 2022 19:06:03 +0000
ROA not before: Wed 03 Aug 2022 19:06:03 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 146961
IP address blocks: 2404:f4c0:200::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3568 (0xdf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Validity
Not Before: Aug 3 19:06:03 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62eac71a-7856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ef:d1:74:92:ed:51:35:54:d8:30:0d:a3:a9:
fa:51:0c:61:16:3d:08:05:23:2c:ff:ce:54:9b:fd:
97:0b:fe:bc:5f:cf:10:9b:5f:48:17:70:b2:30:6b:
74:86:a2:62:a9:b8:7a:c6:54:b6:38:28:61:74:e6:
7c:35:8b:aa:22:2d:59:c2:81:5e:cd:89:fb:28:ba:
83:c4:25:c9:df:de:75:f3:c8:88:3b:5f:54:f6:83:
0d:50:76:c8:f6:34:d1:4f:81:e0:db:9c:bd:b5:d7:
8f:72:b1:f8:73:c1:ee:4d:ef:de:d8:c5:b0:92:0d:
de:39:72:d9:17:4a:5e:37:e6:06:81:7c:dd:54:01:
fb:7f:d8:87:96:46:0a:0f:a9:d2:e3:85:87:ee:c5:
2f:db:9c:5e:d5:9d:09:49:e2:ef:74:e4:64:50:ab:
29:ff:81:02:d6:02:e4:3e:29:10:12:f1:40:9f:a8:
95:fa:ad:01:cf:58:14:49:d4:f7:6e:27:66:b1:58:
d9:28:dd:b7:16:66:ef:dd:e2:cf:85:11:f6:3f:0e:
04:aa:5a:be:30:4b:ec:cc:97:d4:a8:3f:ac:12:c8:
32:f7:94:6b:a1:b2:0c:fd:7a:c8:a5:4c:e7:eb:65:
b5:84:da:98:01:7f:df:3f:9e:28:e0:8e:c6:d7:42:
12:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AC:B2:1A:84:2D:CF:B3:41:60:94:49:38:1A:8A:BD:CF:09:47:76
X509v3 Authority Key Identifier:
keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/3A025FC8458611ECA385111EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:f4c0:200::/40
Signature Algorithm: sha256WithRSAEncryption
d3:1a:48:fb:01:99:cd:54:05:7f:6b:15:46:90:32:b6:89:9e:
d3:30:93:3c:99:5d:54:d3:8f:98:ac:6e:e0:33:db:49:51:ab:
6d:a4:ae:a3:02:62:97:e0:65:f6:87:6e:1d:21:60:89:1e:7c:
7a:33:0b:97:89:24:6f:ba:ed:17:6a:87:9a:d9:5b:ae:73:9f:
c7:a0:09:91:1f:3f:e3:22:6b:f4:1d:5f:1e:0c:6d:fd:84:12:
fc:d7:78:33:3e:60:8c:54:cd:f8:5b:b2:89:f5:9e:f8:4b:34:
b3:9d:84:92:4b:ab:47:af:73:06:08:d1:20:5e:9a:5d:20:73:
a3:75:2d:43:26:bd:bf:e4:34:17:24:51:f5:f0:2e:63:b5:6d:
6a:8a:99:0b:ec:e7:ee:4a:96:3d:1d:f6:a8:15:8d:82:04:b9:
cc:7f:62:aa:f7:b5:19:44:f9:ac:72:9f:c9:a7:8f:31:a0:88:
f5:bf:f8:9d:15:c8:09:80:91:41:52:05:98:eb:24:5f:ea:ba:
43:50:0a:de:56:2c:38:87:f3:a3:ca:ea:46:63:4c:d1:c7:d3:
6d:bd:c2:e2:73:e5:6d:82:22:45:44:45:ab:cf:a0:29:74:ec:
9a:e0:39:12:e3:3d:0e:7f:c9:62:84:da:00:dd:b7:4b:d1:09:
48:bf:13:15
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICDfAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjIwODAzMTkwNjAzWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVhYzcxYS03ODU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAre/RdJLtUTVU2DANo6n6UQxhFj0IBSMs/85Um/2XC/68X88Qm19IF3CyMGt0
hqJiqbh6xlS2OChhdOZ8NYuqIi1ZwoFezYn7KLqDxCXJ395188iIO19U9oMNUHbI
9jTRT4Hg25y9tdePcrH4c8HuTe/e2MWwkg3eOXLZF0peN+YGgXzdVAH7f9iHlkYK
D6nS44WH7sUv25xe1Z0JSeLvdORkUKsp/4EC1gLkPikQEvFAn6iV+q0Bz1gUSdT3
bidmsVjZKN23Fmbv3eLPhRH2Pw4Eqlq+MEvszJfUqD+sEsgy95RrobIM/XrIpUzn
62W1hNqYAX/fP54o4I7G10ISXwIDAQABo4IClzCCApMwHQYDVR0OBBYEFKWsshqE
Lc+zQWCUSTgair3PCUd2MB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvM0EwMjVGQzg0
NTg2MTFFQ0EzODUxMTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAkBPTAAjANBgkqhkiG9w0BAQsFAAOCAQEA0xpI+wGZzVQF
f2sVRpAytome0zCTPJldVNOPmKxu4DPbSVGrbaSuowJil+Bl9oduHSFgiR58ejML
l4kkb7rtF2qHmtlbrnOfx6AJkR8/4yJr9B1fHgxt/YQS/Nd4Mz5gjFTN+FuyifWe
+Es0s52EkkurR69zBgjRIF6aXSBzo3UtQya9v+Q0FyRR9fAuY7VtaoqZC+zn7kqW
PR32qBWNggS5zH9iqve1GUT5rHKfyaePMaCI9b/4nRXICYCRQVIFmOskX+q6Q1AK
3lYsOIfzo8rqRmNM0cfTbb3C4nPlbYIiRURFq8+gKXTsmuA5EuM9Dn/JYoTaAN23
S9EJSL8TFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org