Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/B106B6148A0A11ECAA749D14C4F9AE02.roa
File: B106B6148A0A11ECAA749D14C4F9AE02.roa (raw, json)
Hash identifier: D2TEf1+ZoBVI1ZRnbC+74vvtuwvOeDcG5rRGXCj70Xc=
Subject key identifier: EC:40:4D:B6:93:8C:39:42:8E:63:D3:43:DD:87:B9:6E:A6:4D:21:DF
Certificate issuer: /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial: 0DF2
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/B106B6148A0A11ECAA749D14C4F9AE02.roa
Signing time: Wed 03 Aug 2022 19:06:05 +0000
ROA not before: Wed 03 Aug 2022 19:06:05 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 149506
IP address blocks: 2404:f4c0:d00::/40 maxlen: 48
2404:f4c0:ff10::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3570 (0xdf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Validity
Not Before: Aug 3 19:06:05 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62eac71d-a601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:59:b9:52:68:99:cd:5b:a6:f2:ce:78:26:e2:
10:9e:d4:bd:32:a2:95:79:2c:6b:2c:dc:18:be:c1:
21:94:5b:44:22:e1:92:b0:84:2e:40:ac:07:6a:2e:
79:f5:85:a3:72:d3:a2:07:dd:ae:8a:72:53:ef:24:
e4:4b:51:aa:ca:5a:1a:12:ee:2c:24:51:7f:66:2d:
56:04:a6:08:e1:5a:65:28:64:f6:eb:b2:b8:08:6a:
e3:9e:22:e6:aa:6b:97:1d:52:33:1a:cc:06:d9:dc:
f6:06:ff:da:1f:4b:d2:d5:31:14:08:11:56:0d:5d:
d2:20:de:d7:d0:39:73:27:ad:f4:a3:73:4c:b8:ce:
af:4c:99:96:36:26:a9:c2:28:6d:23:43:32:99:a1:
7b:85:cb:dc:52:f2:28:2c:7f:3c:3e:ff:c8:c1:8e:
fc:eb:e2:d8:61:68:f7:5f:df:d6:8f:a5:ec:f7:93:
c3:06:20:30:f2:1a:be:3f:ea:e3:b0:3f:ff:02:10:
07:88:48:30:fc:3f:45:80:0e:c2:d7:5b:c2:20:12:
dd:e8:49:f1:3b:e9:76:1f:f1:74:c6:58:ef:58:0c:
38:39:9e:be:4f:26:66:64:58:2e:82:96:c0:33:9b:
48:39:3e:e1:41:e3:8a:01:c6:52:d5:d7:8d:9b:a1:
c1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:40:4D:B6:93:8C:39:42:8E:63:D3:43:DD:87:B9:6E:A6:4D:21:DF
X509v3 Authority Key Identifier:
keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/B106B6148A0A11ECAA749D14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:f4c0:d00::/40
2404:f4c0:ff10::/44
Signature Algorithm: sha256WithRSAEncryption
bc:72:0f:bf:8b:f9:94:77:af:af:c8:67:d8:6b:96:2f:63:07:
2a:2d:2a:51:b2:79:e4:fc:55:c3:d5:8f:7e:5c:a4:78:03:08:
57:94:e5:f6:a9:ea:c9:6f:29:a8:aa:58:e2:3a:81:c5:31:87:
2e:10:02:3a:ee:3d:11:f8:0e:be:fd:4f:57:67:7c:b5:24:38:
0d:19:6b:2f:c9:a5:19:88:3d:13:68:5d:c5:87:76:d8:1d:2c:
a7:7b:cb:35:b6:eb:c7:3e:8e:46:8b:fb:7c:bc:5d:d8:09:1e:
4e:e5:67:63:bb:a2:10:74:6c:82:ef:48:62:5d:e4:09:b3:12:
50:6b:5c:c8:85:3a:76:52:f2:b8:cc:80:5c:2e:ae:42:cb:39:
41:f7:ec:61:45:8d:be:ee:a9:ea:14:3e:21:60:1d:c4:ae:85:
61:c4:42:19:38:21:62:90:a5:5e:1e:92:f5:84:0c:78:48:6f:
62:a6:49:ed:35:2b:f4:c5:40:e0:53:6a:8a:b0:5a:bb:3e:cb:
ae:3a:85:04:60:d2:8d:d5:29:95:95:e9:71:ae:38:5d:3b:11:
e7:7f:1c:f8:99:23:9a:0a:90:19:a1:64:67:16:71:1a:68:2f:
df:af:c4:f5:d2:76:aa:f3:c6:cc:ad:e9:f3:bd:bd:66:bf:5a:
a5:e1:7f:90
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgICDfIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjIwODAzMTkwNjA1WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVhYzcxZC1hNjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA51m5UmiZzVum8s54JuIQntS9MqKVeSxrLNwYvsEhlFtEIuGSsIQuQKwHai55
9YWjctOiB92uinJT7yTkS1GqyloaEu4sJFF/Zi1WBKYI4VplKGT267K4CGrjniLm
qmuXHVIzGswG2dz2Bv/aH0vS1TEUCBFWDV3SIN7X0DlzJ630o3NMuM6vTJmWNiap
wihtI0MymaF7hcvcUvIoLH88Pv/IwY786+LYYWj3X9/Wj6Xs95PDBiAw8hq+P+rj
sD//AhAHiEgw/D9FgA7C11vCIBLd6EnxO+l2H/F0xljvWAw4OZ6+TyZmZFgugpbA
M5tIOT7hQeOKAcZS1deNm6HBdwIDAQABo4ICoDCCApwwHQYDVR0OBBYEFOxATbaT
jDlCjmPTQ92HuW6mTSHfMB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvQjEwNkI2MTQ4
QTBBMTFFQ0FBNzQ5RDE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E
GzAZMBcEAgACMBEDBgAkBPTADQMHBCQE9MD/EDANBgkqhkiG9w0BAQsFAAOCAQEA
vHIPv4v5lHevr8hn2GuWL2MHKi0qUbJ55PxVw9WPflykeAMIV5Tl9qnqyW8pqKpY
4jqBxTGHLhACOu49EfgOvv1PV2d8tSQ4DRlrL8mlGYg9E2hdxYd22B0sp3vLNbbr
xz6ORov7fLxd2AkeTuVnY7uiEHRsgu9IYl3kCbMSUGtcyIU6dlLyuMyAXC6uQss5
QffsYUWNvu6p6hQ+IWAdxK6FYcRCGTghYpClXh6S9YQMeEhvYqZJ7TUr9MVA4FNq
irBauz7LrjqFBGDSjdUplZXpca44XTsR538c+JkjmgqQGaFkZxZxGmgv36/E9dJ2
qvPGzK3p8729Zr9apeF/kA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org