Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9BC6/489091CE266711ECB9C22C77C4F9AE02/10C91E32B74811ED83F4CE55C4F9AE02.roa
File: 10C91E32B74811ED83F4CE55C4F9AE02.roa (raw, json)
Hash identifier: Rpx7XoInUV7IlNh4k/gimAwAUOrl8yPAxwGJd5tee/c=
Subject key identifier: 20:10:4A:26:3A:1C:4A:95:87:71:9F:93:14:94:36:52:C2:DF:1F:A6
Certificate issuer: /CN=A91B9BC6/serialNumber=EF5B497FFD8B259EE9EA157B0222B110266CF59F
Certificate serial: 033E
Authority key identifier: EF:5B:49:7F:FD:8B:25:9E:E9:EA:15:7B:02:22:B1:10:26:6C:F5:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71tJf_2LJZ7p6hV7AiKxECZs9Z8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9BC6/489091CE266711ECB9C22C77C4F9AE02/10C91E32B74811ED83F4CE55C4F9AE02.roa
Signing time: Tue 28 Feb 2023 09:12:47 +0000
ROA not before: Tue 28 Feb 2023 09:12:47 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 134505
IP address blocks: 2001:df7:b780::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 830 (0x33e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9BC6/serialNumber=EF5B497FFD8B259EE9EA157B0222B110266CF59F
Validity
Not Before: Feb 28 09:12:47 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63fdc58e-9b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cd:d3:42:8f:32:cf:c2:3a:1a:10:1b:7e:e8:
35:c1:49:45:90:80:b2:74:86:da:e8:a3:36:5e:6d:
6f:9a:ef:74:7b:2d:8b:f8:9f:0f:57:2a:f8:3b:d4:
d1:30:63:cd:21:eb:f8:94:36:b8:a7:35:5d:0e:e7:
38:48:6a:cf:30:95:84:45:be:9c:2b:cc:d3:3b:8e:
ab:70:75:d7:e3:09:fb:99:cd:d1:2d:5d:4b:4d:8a:
a7:2e:fd:00:46:a7:e9:56:49:bf:f2:db:dd:a4:80:
85:4b:52:0d:9d:80:db:1e:87:f7:ee:ce:fe:1e:eb:
12:61:85:8f:46:6f:8d:7b:95:6b:95:bb:c2:86:a3:
c5:72:e6:bf:5a:07:5e:d1:81:5c:d6:6a:7a:b1:99:
dc:a2:ce:0c:d4:6a:b9:14:72:ad:42:7d:eb:f5:b0:
b3:4e:08:39:9d:0e:8d:f1:7f:63:4e:c6:23:56:c9:
06:a0:be:23:37:0e:30:34:f7:75:c2:fc:32:cc:6a:
d6:a6:9b:7d:62:22:64:33:18:e1:ca:23:fa:94:b4:
48:52:df:5b:0d:f5:d7:51:1c:e6:d1:86:7d:72:00:
e8:e5:00:d3:30:3b:fa:ce:ed:8a:7c:26:02:13:f4:
80:57:6d:97:7f:80:85:90:b5:b5:70:e7:c5:c7:99:
84:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:10:4A:26:3A:1C:4A:95:87:71:9F:93:14:94:36:52:C2:DF:1F:A6
X509v3 Authority Key Identifier:
keyid:EF:5B:49:7F:FD:8B:25:9E:E9:EA:15:7B:02:22:B1:10:26:6C:F5:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9BC6/489091CE266711ECB9C22C77C4F9AE02/71tJf_2LJZ7p6hV7AiKxECZs9Z8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71tJf_2LJZ7p6hV7AiKxECZs9Z8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9BC6/489091CE266711ECB9C22C77C4F9AE02/10C91E32B74811ED83F4CE55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df7:b780::/48
Signature Algorithm: sha256WithRSAEncryption
40:01:b3:09:8b:82:44:f3:14:f2:e7:e1:0f:1b:c8:a8:4d:ae:
ad:3f:fa:f5:79:89:b6:f8:b8:06:72:ce:36:36:7e:a2:2c:99:
b3:4f:48:ba:24:cd:06:42:bb:a7:ef:f7:cb:60:50:0a:72:7d:
7e:a8:a4:10:08:f9:8f:ab:28:d7:60:1a:b6:c8:27:e8:3c:70:
4d:c7:42:61:13:d2:e9:49:fd:b8:ce:f2:fa:9d:e4:49:b3:18:
d5:fa:2e:87:5c:4f:a0:e1:77:74:ba:cd:0f:f6:fc:4d:bd:e5:
03:ca:18:f9:66:e1:a2:f7:a9:a0:18:e9:57:52:9f:35:8d:f8:
0b:a3:25:58:24:ae:32:f2:c3:d5:aa:e4:e5:40:3b:74:09:2b:
5d:5a:1c:c6:44:30:1e:41:3e:39:52:3b:96:7b:92:24:cb:b9:
c5:d6:64:ad:16:93:d8:00:6a:2e:8e:0a:07:e7:d5:c0:3b:91:
dd:6b:8e:44:01:91:98:0a:3c:a2:77:a7:21:ef:00:bd:34:e4:
1b:da:28:99:b0:3a:28:7d:53:e4:9c:e8:77:1a:7d:0b:39:ab:
b9:80:0b:28:c8:e1:3b:ea:ea:2c:ba:50:cd:d1:e8:e0:7d:a6:
be:cb:83:11:06:0a:79:03:ef:b9:57:ad:bc:ed:f4:24:8a:eb:
9c:7c:4a:fd
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlCQzYxMTAvBgNVBAUTKEVGNUI0OTdGRkQ4QjI1OUVFOUVBMTU3QjAyMjJCMTEw
MjY2Q0Y1OUYwHhcNMjMwMjI4MDkxMjQ3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZkYzU4ZS05YjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs83TQo8yz8I6GhAbfug1wUlFkICydIba6KM2Xm1vmu90ey2L+J8PVyr4O9TR
MGPNIev4lDa4pzVdDuc4SGrPMJWERb6cK8zTO46rcHXX4wn7mc3RLV1LTYqnLv0A
RqfpVkm/8tvdpICFS1INnYDbHof37s7+HusSYYWPRm+Ne5VrlbvChqPFcua/Wgde
0YFc1mp6sZncos4M1Gq5FHKtQn3r9bCzTgg5nQ6N8X9jTsYjVskGoL4jNw4wNPd1
wvwyzGrWppt9YiJkMxjhyiP6lLRIUt9bDfXXURzm0YZ9cgDo5QDTMDv6zu2KfCYC
E/SAV22Xf4CFkLW1cOfFx5mEzQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFCAQSiY6
HEqVh3GfkxSUNlLC3x+mMB8GA1UdIwQYMBaAFO9bSX/9iyWe6eoVewIisRAmbPWf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUJDNi80ODkwOTFDRTI2
NjcxMUVDQjlDMjJDNzdDNEY5QUUwMi83MXRKZl8yTEpaN3A2aFY3QWlLeEVDWnM5
WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcxdEpmXzJMSlo3cDZoVjdBaUt4RUNaczlaOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlCQzYvNDg5MDkxQ0UyNjY3MTFFQ0I5QzIyQzc3QzRGOUFFMDIvMTBDOTFFMzJC
NzQ4MTFFRDgzRjRDRTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ33t4AwDQYJKoZIhvcNAQELBQADggEBAEABswmLgkTz
FPLn4Q8byKhNrq0/+vV5ibb4uAZyzjY2fqIsmbNPSLokzQZCu6fv98tgUApyfX6o
pBAI+Y+rKNdgGrbIJ+g8cE3HQmET0ulJ/bjO8vqd5EmzGNX6LodcT6Dhd3S6zQ/2
/E295QPKGPlm4aL3qaAY6VdSnzWN+AujJVgkrjLyw9Wq5OVAO3QJK11aHMZEMB5B
PjlSO5Z7kiTLucXWZK0Wk9gAai6OCgfn1cA7kd1rjkQBkZgKPKJ3pyHvAL005Bva
KJmwOih9U+Sc6HcafQs5q7mACyjI4Tvq6iy6UM3R6OB9pr7LgxEGCnkD77lXrbzt
9CSK65x8Sv0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org