Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E76B8/FF1508EE7E9A11E8B69FC02DC4F9AE02/845FB3E27D0011ED9F48D85EC4F9AE02.roa
File: 845FB3E27D0011ED9F48D85EC4F9AE02.roa (raw, json)
Hash identifier: 8Pd9X68eLudfEJgPEG1FUp+/V3Kw2N+ZqBQDbY/R2Co=
Subject key identifier: F7:CC:11:46:C1:5B:C8:F3:68:27:E6:A9:80:82:F8:84:1D:A3:D1:CB
Certificate issuer: /CN=A91E76B8/serialNumber=30E7DEB1C522E791598592B645308863CA000E18
Certificate serial: 1246
Authority key identifier: 30:E7:DE:B1:C5:22:E7:91:59:85:92:B6:45:30:88:63:CA:00:0E:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOfescUi55FZhZK2RTCIY8oADhg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E76B8/FF1508EE7E9A11E8B69FC02DC4F9AE02/845FB3E27D0011ED9F48D85EC4F9AE02.roa
Signing time: Fri 16 Dec 2022 05:14:29 +0000
ROA not before: Fri 16 Dec 2022 05:14:29 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 136205
IP address blocks: 2400:ecc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4678 (0x1246)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E76B8/serialNumber=30E7DEB1C522E791598592B645308863CA000E18
Validity
Not Before: Dec 16 05:14:29 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=639bfeb5-b9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:65:0b:a6:0f:bd:6d:f0:77:34:0d:4e:a7:eb:
e8:9b:bd:43:1e:bc:f0:5e:88:c1:52:36:9a:81:5d:
ef:93:d7:52:9a:a6:f1:2e:c0:7b:98:cc:a5:c3:0d:
62:90:6b:89:65:93:ec:e9:03:73:07:75:27:b1:e5:
43:f6:6d:03:34:6c:d8:a3:e3:1c:4b:7b:db:ac:70:
c3:d0:66:86:b8:e4:14:97:99:f2:26:09:62:13:8a:
1e:3a:db:90:41:f9:57:a1:d7:26:32:80:cf:03:4f:
6d:2f:d7:b1:26:6c:0b:ba:53:e5:29:c5:0e:44:a9:
7e:b5:d4:e0:82:e1:05:d7:0d:c1:fe:b9:17:7a:8c:
54:4b:55:03:c0:2d:75:fd:10:67:b7:63:b3:55:4e:
c3:ec:d7:3d:62:9e:6c:3d:54:c2:0d:f4:53:19:f4:
a6:c5:53:b5:36:fa:95:e2:bf:f2:57:18:36:e7:62:
ca:28:f2:a4:a7:18:7d:e4:54:df:e2:c3:06:57:83:
8c:8e:65:96:7b:e4:84:4e:8c:4f:1a:b5:4e:8a:24:
66:a4:1b:b0:39:7d:ce:d3:a8:ed:ad:5b:d5:db:be:
5c:17:11:3f:bb:37:99:dd:bc:bb:3d:f3:b3:b3:c2:
d1:07:cc:60:1d:6d:07:e4:8c:e0:97:25:b2:3d:28:
59:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CC:11:46:C1:5B:C8:F3:68:27:E6:A9:80:82:F8:84:1D:A3:D1:CB
X509v3 Authority Key Identifier:
keyid:30:E7:DE:B1:C5:22:E7:91:59:85:92:B6:45:30:88:63:CA:00:0E:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E76B8/FF1508EE7E9A11E8B69FC02DC4F9AE02/MOfescUi55FZhZK2RTCIY8oADhg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOfescUi55FZhZK2RTCIY8oADhg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E76B8/FF1508EE7E9A11E8B69FC02DC4F9AE02/845FB3E27D0011ED9F48D85EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:ecc0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:66:c8:0b:ee:71:54:2e:f2:0a:0c:7a:af:e1:79:ae:36:09:
c7:82:79:8b:bc:24:1c:79:a1:51:ce:0b:2a:ad:17:aa:60:0f:
b9:f4:8f:47:cc:2b:2c:e6:da:2d:ea:a5:00:ee:9f:28:07:d8:
cd:bc:39:81:f1:c4:d8:f9:55:62:bc:91:74:14:81:79:45:59:
df:3b:19:1a:c1:81:42:ff:4b:4d:82:c7:d5:e0:14:0a:97:f0:
18:3c:c4:dc:f7:3c:fa:60:f0:74:01:06:fc:1c:61:25:0e:0e:
e3:41:4e:80:20:04:41:ed:d9:bb:79:f7:62:69:14:7e:3f:c8:
60:11:57:bd:46:2e:4b:66:e6:b1:41:52:69:87:38:a9:ef:6a:
70:58:b6:de:0b:f6:eb:37:5f:ad:77:c5:a6:ba:30:24:8c:96:
e4:0d:87:69:b8:4e:8d:30:fa:14:8f:9b:48:96:80:bd:44:ab:
d7:01:62:ab:e5:eb:5c:7c:63:96:91:a9:07:5b:1b:69:17:45:
6d:5d:aa:07:30:fc:dc:a5:dc:51:a4:4f:f4:f3:03:d5:ac:81:
09:f7:ab:89:13:78:33:5d:c9:f7:c2:38:88:6c:df:73:6b:bc:
f7:30:58:f7:94:13:7b:b3:2e:69:c1:d0:58:c3:91:34:b0:6d:
57:54:eb:14
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICEkYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc2QjgxMTAvBgNVBAUTKDMwRTdERUIxQzUyMkU3OTE1OTg1OTJCNjQ1MzA4ODYz
Q0EwMDBFMTgwHhcNMjIxMjE2MDUxNDI5WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzliZmViNS1iOWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1WULpg+9bfB3NA1Op+vom71DHrzwXojBUjaagV3vk9dSmqbxLsB7mMylww1i
kGuJZZPs6QNzB3UnseVD9m0DNGzYo+McS3vbrHDD0GaGuOQUl5nyJgliE4oeOtuQ
QflXodcmMoDPA09tL9exJmwLulPlKcUORKl+tdTgguEF1w3B/rkXeoxUS1UDwC11
/RBnt2OzVU7D7Nc9Yp5sPVTCDfRTGfSmxVO1NvqV4r/yVxg252LKKPKkpxh95FTf
4sMGV4OMjmWWe+SEToxPGrVOiiRmpBuwOX3O06jtrVvV275cFxE/uzeZ3by7PfOz
s8LRB8xgHW0H5IzglyWyPShZxQIDAQABo4ICljCCApIwHQYDVR0OBBYEFPfMEUbB
W8jzaCfmqYCC+IQdo9HLMB8GA1UdIwQYMBaAFDDn3rHFIueRWYWStkUwiGPKAA4Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzZCOC9GRjE1MDhFRTdF
OUExMUU4QjY5RkMwMkRDNEY5QUUwMi9NT2Zlc2NVaTU1RlpoWksyUlRDSVk4b0FE
aGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01PZmVzY1VpNTVGWmhaSzJSVENJWThvQURoZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc2QjgvRkYxNTA4RUU3RTlBMTFFOEI2OUZDMDJEQzRGOUFFMDIvODQ1RkIzRTI3
RDAwMTFFRDlGNDhEODVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAOzAMA0GCSqGSIb3DQEBCwUAA4IBAQCPZsgL7nFULvIK
DHqv4XmuNgnHgnmLvCQceaFRzgsqrReqYA+59I9HzCss5tot6qUA7p8oB9jNvDmB
8cTY+VVivJF0FIF5RVnfOxkawYFC/0tNgsfV4BQKl/AYPMTc9zz6YPB0AQb8HGEl
Dg7jQU6AIARB7dm7efdiaRR+P8hgEVe9Ri5LZuaxQVJphzip72pwWLbeC/brN1+t
d8WmujAkjJbkDYdpuE6NMPoUj5tIloC9RKvXAWKr5etcfGOWkakHWxtpF0VtXaoH
MPzcpdxRpE/08wPVrIEJ96uJE3gzXcn3wjiIbN9za7z3MFj3lBN7sy5pwdBYw5E0
sG1XVOsU
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org