Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/11B8C2307ADE11EDA8933D57C4F9AE02.roa
File: 11B8C2307ADE11EDA8933D57C4F9AE02.roa (raw, json)
Hash identifier: 3M7X8ZtQXA3k3wAGhi+xb46QK4viODml2FUuR3gj6oY=
Subject key identifier: 39:68:B2:6E:8D:1F:68:FF:B5:C7:8C:47:A3:6E:F5:37:B0:CB:B7:99
Certificate issuer: /CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Certificate serial: 0243
Authority key identifier: 45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/11B8C2307ADE11EDA8933D57C4F9AE02.roa
Signing time: Tue 13 Dec 2022 12:02:52 +0000
ROA not before: Tue 13 Dec 2022 12:02:52 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 14618
IP address blocks: 2001:df0:45c4::/48 maxlen: 48
2001:df0:45c5::/48 maxlen: 48
2001:df0:45c6::/48 maxlen: 48
2001:df0:45c7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 579 (0x243)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Validity
Not Before: Dec 13 12:02:52 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=639869ec-cd8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:76:0a:fe:d0:1f:22:23:60:1a:83:e3:f3:ab:
98:8c:ee:b3:2b:c2:00:d6:c6:35:bf:66:90:3f:15:
fb:0f:78:ff:5c:44:d5:aa:7a:29:cb:68:c2:e2:4b:
58:08:15:9b:54:72:42:58:bf:39:7b:ca:5f:36:65:
c5:bf:ca:5b:d9:aa:16:7e:2f:80:38:30:6d:bf:ea:
82:c2:1e:55:88:92:15:67:d0:7a:3e:d5:fb:b5:e7:
86:96:34:06:aa:61:18:41:2c:65:c9:10:f3:35:f9:
48:ea:dc:ab:9f:69:b8:38:5e:38:2c:2a:11:7b:51:
75:15:44:c4:c1:7a:ae:a0:f0:b4:26:5e:9c:e1:03:
93:4b:be:f5:a7:c8:b3:85:c4:c7:9a:6b:87:a4:68:
90:95:dc:46:be:a4:df:4d:f5:bf:1f:da:e8:37:25:
83:1b:75:37:03:ee:f3:09:8b:40:22:95:31:75:dd:
0b:33:0c:13:0e:a5:52:ef:11:ad:03:55:3a:d4:ee:
6b:6d:20:e9:03:0d:14:e9:df:87:1a:d4:a6:7c:19:
15:0a:00:b1:75:b9:92:ea:3f:74:4c:28:1a:11:b6:
4d:50:53:bb:47:de:c1:58:63:85:d9:a5:a1:78:43:
76:b3:6b:7e:9d:e7:98:06:7a:d9:ca:04:b9:bb:9c:
fd:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:68:B2:6E:8D:1F:68:FF:B5:C7:8C:47:A3:6E:F5:37:B0:CB:B7:99
X509v3 Authority Key Identifier:
keyid:45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/RYSuojlMRtaTTmPtaIfUcm_fehM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/11B8C2307ADE11EDA8933D57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:45c4::/46
Signature Algorithm: sha256WithRSAEncryption
08:b3:03:53:05:39:2c:1c:50:d6:eb:5e:3c:9d:1e:bc:92:33:
cd:97:7e:2f:cf:2a:f2:cd:29:78:ae:99:f0:7f:70:e8:4f:29:
1b:49:8c:75:84:6d:0a:60:f0:4c:16:e8:f1:3e:83:fd:23:eb:
6b:ba:ce:2a:f9:a7:64:b9:d4:20:23:7b:83:47:18:6d:5a:de:
60:d7:b5:1c:38:58:fc:4e:b8:ea:51:67:11:e9:28:cd:50:f4:
6e:87:48:bd:ae:e2:e1:df:23:47:32:13:30:0b:68:1c:fd:eb:
4c:89:db:3a:ed:38:16:a7:c5:98:b3:3e:8e:bf:2a:19:29:1e:
50:06:57:71:a9:25:d7:57:16:9d:67:23:0a:26:64:27:eb:3b:
49:fd:ff:76:28:6b:80:28:c1:1b:ec:9b:fc:a2:42:20:28:e1:
3f:e6:8a:20:fc:f8:a5:b7:6a:aa:b5:33:6c:ed:82:ab:82:8e:
6a:88:5a:8e:3c:4d:e3:e3:7e:1c:a4:92:58:6e:09:46:d7:7f:
de:01:74:85:72:30:89:35:02:39:75:af:62:a9:53:6f:ff:db:
76:8c:a0:0b:f5:5c:4b:91:bf:f5:1e:f1:b4:87:76:08:b5:b2:
48:ee:d4:64:13:88:b5:4d:8a:84:51:22:8c:d9:13:a6:dc:01:
73:2f:f0:6f
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFBRjUxMTAvBgNVBAUTKDQ1ODRBRUEyMzk0QzQ2RDY5MzRFNjNFRDY4ODdENDcy
NkZERjdBMTMwHhcNMjIxMjEzMTIwMjUyWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzk4NjllYy1jZDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2nYK/tAfIiNgGoPj86uYjO6zK8IA1sY1v2aQPxX7D3j/XETVqnopy2jC4ktY
CBWbVHJCWL85e8pfNmXFv8pb2aoWfi+AODBtv+qCwh5ViJIVZ9B6PtX7teeGljQG
qmEYQSxlyRDzNflI6tyrn2m4OF44LCoRe1F1FUTEwXquoPC0Jl6c4QOTS771p8iz
hcTHmmuHpGiQldxGvqTfTfW/H9roNyWDG3U3A+7zCYtAIpUxdd0LMwwTDqVS7xGt
A1U61O5rbSDpAw0U6d+HGtSmfBkVCgCxdbmS6j90TCgaEbZNUFO7R97BWGOF2aWh
eEN2s2t+neeYBnrZygS5u5z9GwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFDlosm6N
H2j/tceMR6Nu9Tewy7eZMB8GA1UdIwQYMBaAFEWErqI5TEbWk05j7WiH1HJv33oT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUFGNS9FOTlGNTIzQTZF
QzQxMUVDQUZEMjczMzFDNEY5QUUwMi9SWVN1b2psTVJ0YVRUbVB0YUlmVWNtX2Zl
aE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JZU3VvamxNUnRhVFRtUHRhSWZVY21fZmVoTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFBRjUvRTk5RjUyM0E2RUM0MTFFQ0FGRDI3MzMxQzRGOUFFMDIvMTFCOEMyMzA3
QURFMTFFREE4OTMzRDU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwIgAQ3wRcQwDQYJKoZIhvcNAQELBQADggEBAAizA1MFOSwc
UNbrXjydHrySM82Xfi/PKvLNKXiumfB/cOhPKRtJjHWEbQpg8EwW6PE+g/0j62u6
zir5p2S51CAje4NHGG1a3mDXtRw4WPxOuOpRZxHpKM1Q9G6HSL2u4uHfI0cyEzAL
aBz960yJ2zrtOBanxZizPo6/KhkpHlAGV3GpJddXFp1nIwomZCfrO0n9/3Yoa4Ao
wRvsm/yiQiAo4T/miiD8+KW3aqq1M2ztgquCjmqIWo48TePjfhykklhuCUbXf94B
dIVyMIk1Ajl1r2KpU2//23aMoAv1XEuRv/Ue8bSHdgi1skju1GQTiLVNioRRIozZ
E6bcAXMv8G8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org