Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/A3CEB1D4860E11EEBC665D37C4F9AE02.roa
File: A3CEB1D4860E11EEBC665D37C4F9AE02.roa (raw, json)
Hash identifier: JDw4yWJ099pxlYcmNMP5AUaxZ4kgJihlba6kxhB+ADo=
Subject key identifier: B1:F7:EB:CA:BC:29:CA:C9:80:26:2E:9B:F1:75:29:86:27:0E:FB:91
Certificate issuer: /CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Certificate serial: 030D
Authority key identifier: 45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/A3CEB1D4860E11EEBC665D37C4F9AE02.roa
Signing time: Sat 18 Nov 2023 12:33:13 +0000
ROA not before: Sat 18 Nov 2023 12:33:13 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2001:df0:45c4::/46 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 781 (0x30d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Validity
Not Before: Nov 18 12:33:13 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6558af09-ab4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:58:77:2f:b9:f2:89:c2:11:5d:27:22:ff:12:
78:aa:5f:21:dc:08:fa:1c:20:43:53:b3:2b:1f:f1:
35:da:fb:db:de:18:b8:cf:fb:28:6a:72:42:9f:59:
46:bd:a2:d7:1e:84:c5:b3:e8:df:04:a6:4a:76:9a:
97:6c:e9:99:d9:eb:fa:a9:0b:e1:f8:40:89:2e:2f:
37:07:6e:f4:5b:62:ab:3a:c6:2d:48:c7:49:71:75:
94:33:52:8d:3e:48:86:cc:d6:58:8c:13:8e:32:0c:
c0:5e:fe:91:41:a3:eb:5b:80:e8:c2:b2:31:a0:3a:
e6:5c:9f:0b:e9:8e:d6:14:e2:82:c8:cf:63:17:8f:
6f:45:17:39:32:00:bd:50:97:fe:76:eb:e7:fb:68:
39:f1:aa:5e:4b:18:86:9e:bd:48:90:03:2c:f9:e5:
ea:2e:90:db:ac:a1:48:17:18:95:34:52:4d:9e:1b:
11:38:b8:84:14:90:73:4c:ab:07:e4:bd:dd:b8:27:
fc:e1:93:1f:69:a9:c3:f9:41:b2:7c:dd:a3:c0:70:
c8:17:df:8f:80:e2:d6:e8:78:69:93:b7:ad:01:fd:
5c:e8:b2:9c:6d:73:a5:b4:82:dc:2d:ae:38:51:45:
2d:ca:c0:75:a0:8c:68:0e:97:16:15:56:60:40:ef:
5c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F7:EB:CA:BC:29:CA:C9:80:26:2E:9B:F1:75:29:86:27:0E:FB:91
X509v3 Authority Key Identifier:
keyid:45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/RYSuojlMRtaTTmPtaIfUcm_fehM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/A3CEB1D4860E11EEBC665D37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:45c4::/46
Signature Algorithm: sha256WithRSAEncryption
16:ad:86:32:9a:08:e9:a1:85:9e:3b:b3:cc:c2:d6:69:e8:03:
c7:f2:90:c8:80:6a:73:bc:b0:1b:5d:50:95:da:94:f5:cb:d3:
10:a4:f1:66:92:3b:ac:ba:b5:2d:92:fb:7e:aa:8b:c7:38:f2:
d7:b4:30:0c:7e:21:b7:a5:7a:dc:b2:9b:0a:d7:08:dd:9a:84:
be:f9:c6:1b:36:32:85:8e:5d:fa:dd:3e:17:70:8d:6d:10:57:
c2:ca:ee:10:22:4d:0f:6f:8b:a4:62:ae:15:ce:1c:36:f6:44:
a4:1c:70:c4:fc:df:46:c6:b2:98:ac:e1:0a:8e:d4:57:97:2d:
79:f4:f9:13:7b:4a:31:f8:c4:08:89:8d:5d:9e:32:73:d5:54:
72:e3:d3:15:73:3f:e6:62:36:56:4a:83:f9:34:d6:8e:0c:7b:
53:c3:63:73:d3:19:99:3b:6a:18:b0:a2:cf:5a:95:71:67:e0:
e5:96:fa:54:a8:82:4a:a0:6f:50:69:80:5b:17:1b:59:10:01:
a6:60:97:e6:cf:35:19:35:51:cc:22:62:e1:2a:23:6e:11:b0:
cc:53:92:f3:80:46:18:df:a9:7f:69:ec:91:2a:71:4e:95:48:
90:03:86:c6:46:80:34:84:56:2c:62:29:77:a7:18:9d:e9:99:
cd:79:bd:52
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAw0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFBRjUxMTAvBgNVBAUTKDQ1ODRBRUEyMzk0QzQ2RDY5MzRFNjNFRDY4ODdENDcy
NkZERjdBMTMwHhcNMjMxMTE4MTIzMzEzWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU4YWYwOS1hYjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Fh3L7nyicIRXSci/xJ4ql8h3Aj6HCBDU7MrH/E12vvb3hi4z/soanJCn1lG
vaLXHoTFs+jfBKZKdpqXbOmZ2ev6qQvh+ECJLi83B270W2KrOsYtSMdJcXWUM1KN
PkiGzNZYjBOOMgzAXv6RQaPrW4DowrIxoDrmXJ8L6Y7WFOKCyM9jF49vRRc5MgC9
UJf+duvn+2g58apeSxiGnr1IkAMs+eXqLpDbrKFIFxiVNFJNnhsROLiEFJBzTKsH
5L3duCf84ZMfaanD+UGyfN2jwHDIF9+PgOLW6Hhpk7etAf1c6LKcbXOltILcLa44
UUUtysB1oIxoDpcWFVZgQO9cYQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFLH368q8
KcrJgCYum/F1KYYnDvuRMB8GA1UdIwQYMBaAFEWErqI5TEbWk05j7WiH1HJv33oT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUFGNS9FOTlGNTIzQTZF
QzQxMUVDQUZEMjczMzFDNEY5QUUwMi9SWVN1b2psTVJ0YVRUbVB0YUlmVWNtX2Zl
aE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JZU3VvamxNUnRhVFRtUHRhSWZVY21fZmVoTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFBRjUvRTk5RjUyM0E2RUM0MTFFQ0FGRDI3MzMxQzRGOUFFMDIvQTNDRUIxRDQ4
NjBFMTFFRUJDNjY1RDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwIgAQ3wRcQwDQYJKoZIhvcNAQELBQADggEBABathjKaCOmh
hZ47s8zC1mnoA8fykMiAanO8sBtdUJXalPXL0xCk8WaSO6y6tS2S+36qi8c48te0
MAx+IbeletyymwrXCN2ahL75xhs2MoWOXfrdPhdwjW0QV8LK7hAiTQ9vi6RirhXO
HDb2RKQccMT830bGspis4QqO1FeXLXn0+RN7SjH4xAiJjV2eMnPVVHLj0xVzP+Zi
NlZKg/k01o4Me1PDY3PTGZk7ahiwos9alXFn4OWW+lSogkqgb1BpgFsXG1kQAaZg
l+bPNRk1UcwiYuEqI24RsMxTkvOARhjfqX9p7JEqcU6VSJADhsZGgDSEVixiKXen
GJ3pmc15vVI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org