Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/246FDB067FF311EDADAD7B7EC4F9AE02.roa
File: 246FDB067FF311EDADAD7B7EC4F9AE02.roa (raw, json)
Hash identifier: lEHfIxNYgQciD8uGYHuXhPaO0NbyBsMIflU/T+S5nl0=
Subject key identifier: 99:BE:8B:A3:06:3F:19:D5:71:0F:DA:56:30:53:36:CE:A9:AF:B8:4B
Certificate issuer: /CN=A91CE3A3/serialNumber=B4B10E6CB38D5365D054E8DBE90F34F2C388B10C
Certificate serial: 0AA3
Authority key identifier: B4:B1:0E:6C:B3:8D:53:65:D0:54:E8:DB:E9:0F:34:F2:C3:88:B1:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLEObLONU2XQVOjb6Q808sOIsQw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/246FDB067FF311EDADAD7B7EC4F9AE02.roa
Signing time: Mon 19 Dec 2022 23:16:18 +0000
ROA not before: Mon 19 Dec 2022 23:16:18 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 132680
IP address blocks: 2407:e700::/32 maxlen: 32
2407:e700:11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2723 (0xaa3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE3A3/serialNumber=B4B10E6CB38D5365D054E8DBE90F34F2C388B10C
Validity
Not Before: Dec 19 23:16:18 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63a0f0c2-dcc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:38:cd:72:7d:fe:33:95:75:95:e3:62:6c:c6:
6a:71:0b:c7:58:d6:b8:a7:02:56:9e:46:54:c0:33:
e2:17:40:2c:1c:f1:9c:17:92:84:2c:53:68:c1:5b:
b3:78:30:47:a4:12:17:43:a8:55:a6:37:5c:1c:e0:
a4:39:cb:d7:c0:e9:ba:dd:b2:91:13:9a:0f:f1:6b:
69:50:96:08:6d:97:03:19:f5:a8:09:10:38:24:24:
f2:89:93:95:be:ac:fc:6d:be:ca:e3:da:be:a2:48:
21:27:ea:dc:49:fb:30:66:97:bf:e5:b9:ca:6d:12:
b7:9d:9c:8e:34:7f:a8:dc:8d:0d:5f:13:d7:18:58:
45:ca:98:88:d1:bb:e0:a7:ab:f6:2b:a4:bf:36:a6:
13:55:c1:55:c3:af:fa:1c:06:4b:fe:c0:a2:27:cc:
64:a5:5d:5e:f2:fd:e8:de:93:2f:75:6a:c9:eb:8c:
29:f0:a7:67:74:c2:05:fc:63:91:2a:8d:39:40:61:
39:59:6d:d5:a0:c9:3c:55:a6:c3:50:77:6a:c4:83:
56:43:20:89:2d:86:0d:2c:48:3a:85:d4:89:be:7c:
91:c3:c0:8c:94:14:fd:53:0f:56:1f:e6:92:a5:80:
83:8d:41:20:af:85:29:d6:df:c1:dd:35:39:04:8b:
47:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BE:8B:A3:06:3F:19:D5:71:0F:DA:56:30:53:36:CE:A9:AF:B8:4B
X509v3 Authority Key Identifier:
keyid:B4:B1:0E:6C:B3:8D:53:65:D0:54:E8:DB:E9:0F:34:F2:C3:88:B1:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/tLEObLONU2XQVOjb6Q808sOIsQw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLEObLONU2XQVOjb6Q808sOIsQw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/246FDB067FF311EDADAD7B7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:e700::/32
Signature Algorithm: sha256WithRSAEncryption
78:90:03:31:97:ec:fa:6e:84:05:99:01:9c:01:47:8f:e2:c7:
78:0e:25:a0:94:88:03:f6:ec:55:27:c9:d7:52:bc:ba:69:0f:
03:d7:6d:87:9f:d4:1a:96:fe:38:c0:f5:90:f8:bf:88:0b:da:
b4:b1:7a:1a:f0:e4:3f:4c:81:ca:87:26:f6:ea:bf:96:eb:b5:
2b:2c:33:18:08:aa:ae:65:15:d3:2a:a6:f5:e9:8b:a3:2b:90:
8e:fb:48:41:94:08:2e:97:22:40:ec:aa:14:00:cd:71:6c:1b:
5c:13:9c:64:c4:33:de:d1:16:d8:c3:b8:cf:8d:08:5c:23:b0:
3f:8c:9e:69:15:16:ed:51:bd:d8:60:83:09:23:1d:1b:5d:97:
c8:8f:4a:64:bc:3c:78:ce:62:1b:50:64:83:b4:b2:35:f7:3e:
10:9b:f2:94:51:54:22:ac:60:14:a9:4b:0d:e8:bf:c9:14:2b:
35:b6:2d:23:5d:22:49:a5:d3:29:9f:5a:65:88:87:da:07:92:
54:24:4e:ac:e0:73:9a:c7:5b:17:1b:4e:98:6d:d7:b8:a2:ce:
c0:2c:28:e9:d8:f8:ac:e2:fb:91:51:72:7a:b4:b1:cd:32:12:
a1:7a:e9:cb:45:92:d3:e6:83:a1:6e:26:70:07:dd:7e:a0:ef:
3a:9e:84:fe
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICCqMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0UzQTMxMTAvBgNVBAUTKEI0QjEwRTZDQjM4RDUzNjVEMDU0RThEQkU5MEYzNEYy
QzM4OEIxMEMwHhcNMjIxMjE5MjMxNjE4WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2EwZjBjMi1kY2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzjNcn3+M5V1leNibMZqcQvHWNa4pwJWnkZUwDPiF0AsHPGcF5KELFNowVuz
eDBHpBIXQ6hVpjdcHOCkOcvXwOm63bKRE5oP8WtpUJYIbZcDGfWoCRA4JCTyiZOV
vqz8bb7K49q+okghJ+rcSfswZpe/5bnKbRK3nZyONH+o3I0NXxPXGFhFypiI0bvg
p6v2K6S/NqYTVcFVw6/6HAZL/sCiJ8xkpV1e8v3o3pMvdWrJ64wp8KdndMIF/GOR
Ko05QGE5WW3VoMk8VabDUHdqxINWQyCJLYYNLEg6hdSJvnyRw8CMlBT9Uw9WH+aS
pYCDjUEgr4Up1t/B3TU5BItHMQIDAQABo4ICljCCApIwHQYDVR0OBBYEFJm+i6MG
PxnVcQ/aVjBTNs6pr7hLMB8GA1UdIwQYMBaAFLSxDmyzjVNl0FTo2+kPNPLDiLEM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTNBMy8yMDkxREM4RTA1
MDExMUVBQkQ5QjIwMkNDNEY5QUUwMi90TEVPYkxPTlUyWFFWT2piNlE4MDhzT0lz
UXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMRU9iTE9OVTJYUVZPamI2UTgwOHNPSXNRdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0UzQTMvMjA5MURDOEUwNTAxMTFFQUJEOUIyMDJDQzRGOUFFMDIvMjQ2RkRCMDY3
RkYzMTFFREFEQUQ3QjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkB+cAMA0GCSqGSIb3DQEBCwUAA4IBAQB4kAMxl+z6boQF
mQGcAUeP4sd4DiWglIgD9uxVJ8nXUry6aQ8D122Hn9Qalv44wPWQ+L+IC9q0sXoa
8OQ/TIHKhyb26r+W67UrLDMYCKquZRXTKqb16YujK5CO+0hBlAgulyJA7KoUAM1x
bBtcE5xkxDPe0RbYw7jPjQhcI7A/jJ5pFRbtUb3YYIMJIx0bXZfIj0pkvDx4zmIb
UGSDtLI19z4Qm/KUUVQirGAUqUsN6L/JFCs1ti0jXSJJpdMpn1pliIfaB5JUJE6s
4HOax1sXG06Ybde4os7ALCjp2Pis4vuRUXJ6tLHNMhKheunLRZLT5oOhbiZwB91+
oO86noT+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:27 2024 by rpki-client on console-ams.rpki-client.org