Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/D3E7261023CE11ED8C7C4F44C4F9AE02.roa
File: D3E7261023CE11ED8C7C4F44C4F9AE02.roa (raw, json)
Hash identifier: XgGkrbHBSQKSXPuRLo2Re3hm//t+aT6iFSaIkMNq7ug=
Subject key identifier: 5E:12:F1:63:F4:50:C1:6F:F3:B1:98:C2:FB:77:1F:A7:FF:31:0E:3F
Certificate issuer: /CN=A91A43EE/serialNumber=8EC333757E363A1711B00273250446FE1B4938DB
Certificate serial: 02
Authority key identifier: 8E:C3:33:75:7E:36:3A:17:11:B0:02:73:25:04:46:FE:1B:49:38:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jsMzdX42OhcRsAJzJQRG_htJONs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/D3E7261023CE11ED8C7C4F44C4F9AE02.roa
Signing time: Wed 24 Aug 2022 17:04:34 +0000
ROA not before: Wed 24 Aug 2022 17:04:34 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 9833
IP address blocks: 2001:df1:bc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A43EE/serialNumber=8EC333757E363A1711B00273250446FE1B4938DB
Validity
Not Before: Aug 24 17:04:34 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63065a22-fab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ae:75:c0:0b:cc:9f:43:43:db:23:90:1d:63:
a1:fa:53:f3:1e:aa:3a:bb:9b:7f:8a:56:2c:49:d3:
9b:68:1f:9d:49:75:e1:6b:a2:f8:6c:ed:d0:1d:0c:
a9:fe:1a:d4:9d:87:ce:10:ad:9f:97:84:05:5f:aa:
ee:cb:85:e1:65:e2:d8:fc:17:a4:36:0d:c8:38:d6:
96:04:ec:11:63:4a:98:1c:73:6c:9b:58:c7:d9:8e:
2f:12:7c:dc:e0:46:b1:c9:92:94:55:29:4a:99:33:
69:d5:f7:4b:87:d8:c2:4e:c2:c4:f9:ad:69:cb:42:
6b:0e:5c:60:f6:96:5b:4a:3d:c5:c4:c6:42:53:4e:
94:27:aa:c4:29:17:6b:94:24:3a:34:9f:a1:6e:33:
03:3e:42:c7:6e:82:e3:c8:f3:af:bb:ff:45:18:83:
cf:1b:66:02:7f:dc:6a:93:01:5f:9e:2f:62:c3:02:
7e:c7:14:dd:70:1d:47:f4:21:c2:f8:04:c4:01:fb:
d4:67:db:19:1f:61:8d:2d:b3:5f:bd:ff:8a:38:aa:
79:cd:39:53:59:f8:b5:e9:b5:36:25:47:eb:ef:84:
65:4d:eb:0c:ec:f9:66:a2:9c:7b:12:28:66:6e:f5:
7c:92:a6:2c:59:48:29:ba:81:06:2a:ef:ba:3d:35:
4a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:12:F1:63:F4:50:C1:6F:F3:B1:98:C2:FB:77:1F:A7:FF:31:0E:3F
X509v3 Authority Key Identifier:
keyid:8E:C3:33:75:7E:36:3A:17:11:B0:02:73:25:04:46:FE:1B:49:38:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/jsMzdX42OhcRsAJzJQRG_htJONs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jsMzdX42OhcRsAJzJQRG_htJONs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/D3E7261023CE11ED8C7C4F44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df1:bc0::/48
Signature Algorithm: sha256WithRSAEncryption
61:4c:b3:dc:bd:07:7c:37:93:df:c8:33:5c:a5:19:f3:c1:7f:
07:16:63:e4:f9:90:a4:f6:97:45:ea:8f:18:5d:5a:f3:0d:8a:
6d:78:19:90:79:38:0c:0d:07:84:45:9b:b1:ff:15:ce:aa:15:
c3:ae:ad:80:f8:e3:85:2d:8d:7c:44:06:39:af:67:d3:d7:d5:
03:60:6e:61:7c:2b:2f:ed:4e:b5:31:2e:89:a8:23:2e:9e:d2:
36:ef:37:e3:92:d0:db:42:e4:13:3a:53:e1:fa:ed:36:f2:c1:
07:ec:dd:33:d4:a6:95:cc:8b:e5:eb:c4:87:dd:c8:e5:3d:52:
81:64:4b:d1:e4:62:d2:4c:50:91:92:f2:53:36:bb:1a:e9:59:
9d:6b:76:3c:fb:1b:83:b6:f4:7c:14:72:9d:c0:6e:25:48:c4:
3c:90:5c:10:0a:23:16:21:a2:60:eb:c1:68:28:80:e0:d7:41:
1e:71:2a:26:35:25:d3:dd:9c:be:9a:1a:15:14:ff:e7:81:dc:
53:0f:2e:0b:6c:90:5a:01:c9:72:a6:fe:60:bd:e1:ad:6d:99:
b3:4e:b6:cb:e9:35:e0:2e:c4:e6:33:b3:eb:a0:e0:24:83:13:
18:34:73:98:a7:e2:85:0f:a5:fa:50:a4:d0:7b:ba:e3:30:45:
33:82:2c:38
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NDNFRTExMC8GA1UEBRMoOEVDMzMzNzU3RTM2M0ExNzExQjAwMjczMjUwNDQ2RkUx
QjQ5MzhEQjAeFw0yMjA4MjQxNzA0MzRaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzMDY1YTIyLWZhYjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2rnXAC8yfQ0PbI5AdY6H6U/Meqjq7m3+KVixJ05toH51JdeFrovhs7dAdDKn+
GtSdh84QrZ+XhAVfqu7LheFl4tj8F6Q2Dcg41pYE7BFjSpgcc2ybWMfZji8SfNzg
RrHJkpRVKUqZM2nV90uH2MJOwsT5rWnLQmsOXGD2lltKPcXExkJTTpQnqsQpF2uU
JDo0n6FuMwM+QsduguPI86+7/0UYg88bZgJ/3GqTAV+eL2LDAn7HFN1wHUf0IcL4
BMQB+9Rn2xkfYY0ts1+9/4o4qnnNOVNZ+LXptTYlR+vvhGVN6wzs+WainHsSKGZu
9XySpixZSCm6gQYq77o9NUpzAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUXhLxY/RQ
wW/zsZjC+3cfp/8xDj8wHwYDVR0jBBgwFoAUjsMzdX42OhcRsAJzJQRG/htJONsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0M0VFLzAxRTRFNjk2MjND
QjExRURBOEUzNTgzRUM0RjlBRTAyL2pzTXpkWDQyT2hjUnNBSnpKUVJHX2h0Sk9O
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvanNNemRYNDJPaGNSc0FKekpRUkdfaHRKT05zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NDNFRS8wMUU0RTY5NjIzQ0IxMUVEQThFMzU4M0VDNEY5QUUwMi9EM0U3MjYxMDIz
Q0UxMUVEOEM3QzRGNDRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfELwDANBgkqhkiG9w0BAQsFAAOCAQEAYUyz3L0HfDeT
38gzXKUZ88F/BxZj5PmQpPaXReqPGF1a8w2KbXgZkHk4DA0HhEWbsf8VzqoVw66t
gPjjhS2NfEQGOa9n09fVA2BuYXwrL+1OtTEuiagjLp7SNu8345LQ20LkEzpT4frt
NvLBB+zdM9SmlcyL5evEh93I5T1SgWRL0eRi0kxQkZLyUza7GulZnWt2PPsbg7b0
fBRyncBuJUjEPJBcEAojFiGiYOvBaCiA4NdBHnEqJjUl092cvpoaFRT/54HcUw8u
C2yQWgHJcqb+YL3hrW2Zs062y+k14C7E5jOz66DgJIMTGDRzmKfihQ+l+lCk0Hu6
4zBFM4IsOA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org