Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/DCA2540C412711ED98C5591AC4F9AE02.roa
File: DCA2540C412711ED98C5591AC4F9AE02.roa (raw, json)
Hash identifier: N2fcxs7f10qYxF/tqlBBtbvJzW891R4N7fniFtgTw3Q=
Subject key identifier: 5E:95:0F:32:F1:8D:58:DA:B3:BF:63:4D:50:1D:68:49:6C:81:A2:F3
Certificate issuer: /CN=A91A43EE/serialNumber=8EC333757E363A1711B00273250446FE1B4938DB
Certificate serial: 50
Authority key identifier: 8E:C3:33:75:7E:36:3A:17:11:B0:02:73:25:04:46:FE:1B:49:38:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jsMzdX42OhcRsAJzJQRG_htJONs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/DCA2540C412711ED98C5591AC4F9AE02.roa
Signing time: Sat 01 Oct 2022 01:24:58 +0000
ROA not before: Sat 01 Oct 2022 01:24:58 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 150143
IP address blocks: 2001:df1:bc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80 (0x50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A43EE/serialNumber=8EC333757E363A1711B00273250446FE1B4938DB
Validity
Not Before: Oct 1 01:24:58 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=633796ea-706f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:37:6e:45:af:d3:18:13:e4:2c:e0:18:8c:
e7:89:63:1c:a7:97:e7:68:09:57:44:3b:ca:97:48:
d7:68:59:5b:87:ba:00:ad:18:2b:44:f3:f5:22:e7:
cd:5f:a9:bb:d5:69:a2:71:7d:30:ef:f2:b3:6e:b1:
92:cd:b5:a5:cd:85:18:e5:ad:b6:32:65:a3:04:dc:
85:2c:31:2b:af:9b:40:c5:cb:8e:6f:cf:ba:03:73:
67:3e:40:bc:f3:97:16:4d:2a:f9:f6:5d:67:fe:6c:
4c:9f:61:18:78:5a:dd:49:20:a4:10:0f:84:9f:d9:
52:6f:e6:25:a6:74:4c:96:fc:b2:03:d0:a4:20:e2:
96:36:b3:3f:0e:70:f7:28:96:dc:c0:13:3e:f8:98:
b1:3c:37:b4:ab:b7:42:94:fd:1b:a5:1c:10:8b:69:
a7:f4:1e:2f:aa:ad:58:ff:d4:20:58:13:7d:3e:9d:
75:c4:4c:3f:31:b2:8c:a5:9b:bb:2a:bf:01:58:15:
2b:ad:b5:98:ae:a8:ab:ca:21:1b:df:a5:52:5f:f8:
21:15:51:7d:5b:4e:5b:5c:42:e9:81:01:5b:ee:46:
61:6a:0e:5a:00:10:7e:df:68:a1:4d:32:61:54:92:
80:a1:d6:1c:38:f2:e4:a3:18:74:36:f0:dc:58:d8:
06:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:95:0F:32:F1:8D:58:DA:B3:BF:63:4D:50:1D:68:49:6C:81:A2:F3
X509v3 Authority Key Identifier:
keyid:8E:C3:33:75:7E:36:3A:17:11:B0:02:73:25:04:46:FE:1B:49:38:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/jsMzdX42OhcRsAJzJQRG_htJONs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jsMzdX42OhcRsAJzJQRG_htJONs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/DCA2540C412711ED98C5591AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df1:bc0::/48
Signature Algorithm: sha256WithRSAEncryption
3d:a8:b4:5d:f7:50:0c:e4:cc:98:71:c0:9e:5f:b3:74:01:9c:
50:cc:6e:93:26:c8:d6:11:d2:fe:4e:1f:53:a6:82:91:ad:30:
20:43:ca:80:83:1e:82:d5:7d:80:11:bb:91:28:db:bf:13:4b:
be:dc:9a:f3:b6:02:49:0c:03:74:9f:b8:9e:d8:79:7d:5a:47:
79:2e:97:0a:98:c5:e4:62:83:c7:b5:f3:7a:ee:2a:f6:86:e4:
96:cb:5d:ed:03:f6:4c:4d:5e:c1:9f:cb:5d:e1:e5:d3:fd:26:
47:c2:f7:4c:da:ba:b4:1d:af:ba:2f:58:28:fc:56:77:0c:8e:
24:1e:e6:ad:25:35:a6:8b:0c:39:1f:81:d1:f2:d5:0c:90:18:
82:91:5d:8a:6a:d9:51:5d:b9:d8:b5:70:8f:cb:d7:34:85:c8:
04:6a:d5:de:7f:f4:ae:c0:17:33:10:3d:e6:61:d0:e8:34:c4:
79:ab:2d:05:30:81:93:4c:30:d5:da:72:a2:11:e4:7b:7c:82:
10:2d:92:fc:33:80:1a:fc:f6:13:af:fe:58:08:11:65:f6:1e:
86:5d:02:9f:4b:e6:ff:7d:c2:fd:a2:28:97:b3:62:77:ac:04:
fa:66:85:e4:48:86:a6:c5:3c:b3:8f:32:f0:5f:0b:9b:da:b9:
3a:a5:fb:96
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBUDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NDNFRTExMC8GA1UEBRMoOEVDMzMzNzU3RTM2M0ExNzExQjAwMjczMjUwNDQ2RkUx
QjQ5MzhEQjAeFw0yMjEwMDEwMTI0NThaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzMzc5NmVhLTcwNmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5WzduRa/TGBPkLOAYjOeJYxynl+doCVdEO8qXSNdoWVuHugCtGCtE8/Ui581f
qbvVaaJxfTDv8rNusZLNtaXNhRjlrbYyZaME3IUsMSuvm0DFy45vz7oDc2c+QLzz
lxZNKvn2XWf+bEyfYRh4Wt1JIKQQD4Sf2VJv5iWmdEyW/LID0KQg4pY2sz8OcPco
ltzAEz74mLE8N7Srt0KU/RulHBCLaaf0Hi+qrVj/1CBYE30+nXXETD8xsoylm7sq
vwFYFSuttZiuqKvKIRvfpVJf+CEVUX1bTltcQumBAVvuRmFqDloAEH7faKFNMmFU
koCh1hw48uSjGHQ28NxY2AY1AgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUXpUPMvGN
WNqzv2NNUB1oSWyBovMwHwYDVR0jBBgwFoAUjsMzdX42OhcRsAJzJQRG/htJONsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0M0VFLzAxRTRFNjk2MjND
QjExRURBOEUzNTgzRUM0RjlBRTAyL2pzTXpkWDQyT2hjUnNBSnpKUVJHX2h0Sk9O
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvanNNemRYNDJPaGNSc0FKekpRUkdfaHRKT05zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NDNFRS8wMUU0RTY5NjIzQ0IxMUVEQThFMzU4M0VDNEY5QUUwMi9EQ0EyNTQwQzQx
MjcxMUVEOThDNTU5MUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfELwDANBgkqhkiG9w0BAQsFAAOCAQEAPai0XfdQDOTM
mHHAnl+zdAGcUMxukybI1hHS/k4fU6aCka0wIEPKgIMegtV9gBG7kSjbvxNLvtya
87YCSQwDdJ+4nth5fVpHeS6XCpjF5GKDx7Xzeu4q9obklstd7QP2TE1ewZ/LXeHl
0/0mR8L3TNq6tB2vui9YKPxWdwyOJB7mrSU1posMOR+B0fLVDJAYgpFdimrZUV25
2LVwj8vXNIXIBGrV3n/0rsAXMxA95mHQ6DTEeastBTCBk0ww1dpyohHke3yCEC2S
/DOAGvz2E6/+WAgRZfYehl0Cn0vm/33C/aIol7Nid6wE+maF5EiGpsU8s48y8F8L
m9q5OqX7lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org