Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9112DB1/3FA6920083C011ECB54B397FC4F9AE02/DCEC6B8AF8A911ECA8424C6FC4F9AE02.roa
File: DCEC6B8AF8A911ECA8424C6FC4F9AE02.roa (raw, json)
Hash identifier: otRk0UEpmSLkcIM792woiRXhdfgPvSwgaDBl31wFGUE=
Subject key identifier: 39:49:F5:EA:9E:B7:3D:E9:84:86:BA:F7:51:2E:34:45:6B:3A:DE:F3
Certificate issuer: /CN=A9112DB1/serialNumber=22EDF9EB66087FD0E9817AE736C0039D188088D5
Certificate serial: 0257
Authority key identifier: 22:ED:F9:EB:66:08:7F:D0:E9:81:7A:E7:36:C0:03:9D:18:80:88:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Iu3562YIf9DpgXrnNsADnRiAiNU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9112DB1/3FA6920083C011ECB54B397FC4F9AE02/DCEC6B8AF8A911ECA8424C6FC4F9AE02.roa
Signing time: Thu 09 Mar 2023 04:34:03 +0000
ROA not before: Thu 09 Mar 2023 04:34:03 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 49901
IP address blocks: 2400:8a20:100::/44 maxlen: 44
2400:8a20:100::/48 maxlen: 48
2400:8a20:101::/48 maxlen: 48
2400:8a20:102::/48 maxlen: 48
2400:8a20:103::/48 maxlen: 48
2400:8a20:104::/48 maxlen: 48
2400:8a20:105::/48 maxlen: 48
2400:8a20:106::/48 maxlen: 48
2400:8a20:107::/48 maxlen: 48
2400:8a20:108::/48 maxlen: 48
2400:8a20:109::/48 maxlen: 48
2400:8a20:10a::/48 maxlen: 48
2400:8a20:10b::/48 maxlen: 48
2400:8a20:10c::/48 maxlen: 48
2400:8a20:10d::/48 maxlen: 48
2400:8a20:10e::/48 maxlen: 48
2400:8a20:10f::/48 maxlen: 48
2400:8a20:110::/44 maxlen: 44
2400:8a20:110::/48 maxlen: 48
2400:8a20:111::/48 maxlen: 48
2400:8a20:112::/47 maxlen: 48
2400:8a20:114::/48 maxlen: 48
2400:8a20:115::/48 maxlen: 48
2400:8a20:116::/48 maxlen: 48
2400:8a20:117::/48 maxlen: 48
2400:8a20:118::/48 maxlen: 48
2400:8a20:119::/48 maxlen: 48
2400:8a20:11a::/48 maxlen: 48
2400:8a20:11b::/48 maxlen: 48
2400:8a20:11c::/48 maxlen: 48
2400:8a20:11d::/48 maxlen: 48
2400:8a20:11e::/48 maxlen: 48
2400:8a20:11f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 599 (0x257)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9112DB1/serialNumber=22EDF9EB66087FD0E9817AE736C0039D188088D5
Validity
Not Before: Mar 9 04:34:03 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=640961bb-b4a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:68:91:24:2b:81:42:14:32:1d:0c:8e:4e:ff:
0a:e0:4f:6a:d2:7e:2a:be:c2:c4:64:cf:d8:84:a3:
5d:e6:56:c3:af:c8:f1:f2:3c:00:e9:6b:a0:ee:c7:
7b:5c:5e:5f:1b:25:80:dc:e2:eb:6a:16:3a:b0:17:
c4:43:d7:d9:b6:09:65:24:f1:67:96:be:f1:33:42:
4c:39:a2:6d:40:55:47:d4:4b:8e:79:11:7b:d3:c6:
06:59:97:18:49:cf:4b:d3:18:6b:77:c7:ce:de:33:
89:af:98:fb:21:84:38:d3:72:a1:14:74:01:91:13:
b3:29:40:84:22:5f:a5:88:7f:e3:c2:23:dc:d6:e8:
1d:81:14:f3:b0:c1:aa:32:32:b8:ea:56:be:b0:e1:
3f:b5:4d:7b:44:cf:29:87:69:41:bd:33:64:33:a5:
bd:40:48:16:61:2f:6c:9b:0b:5c:cc:c6:0a:27:cc:
0c:1e:c2:fa:8e:b6:cb:58:d1:32:24:8c:a1:45:ab:
90:5d:d2:73:f7:0d:65:41:4b:22:6c:f6:a5:31:10:
71:80:13:76:27:56:06:4c:d4:20:82:94:04:01:26:
14:e9:30:76:87:d2:b1:09:1f:c5:65:50:e0:70:25:
e0:2a:61:f2:66:4a:b7:51:99:72:47:b0:46:ae:75:
2c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:49:F5:EA:9E:B7:3D:E9:84:86:BA:F7:51:2E:34:45:6B:3A:DE:F3
X509v3 Authority Key Identifier:
keyid:22:ED:F9:EB:66:08:7F:D0:E9:81:7A:E7:36:C0:03:9D:18:80:88:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9112DB1/3FA6920083C011ECB54B397FC4F9AE02/Iu3562YIf9DpgXrnNsADnRiAiNU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Iu3562YIf9DpgXrnNsADnRiAiNU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112DB1/3FA6920083C011ECB54B397FC4F9AE02/DCEC6B8AF8A911ECA8424C6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:8a20:100::/43
Signature Algorithm: sha256WithRSAEncryption
26:5e:db:aa:9d:33:30:36:b7:74:f1:ae:c9:ca:5a:df:18:a4:
1d:59:c8:0a:ae:81:38:e1:8e:e0:c0:d9:7a:f6:5f:17:35:a9:
bf:33:2b:7a:74:1e:c3:bf:ae:92:05:35:cc:70:b3:1c:55:24:
f0:70:b7:08:1f:de:ff:ed:ba:d7:f1:a0:a3:26:01:db:bc:61:
94:cb:d9:5f:35:c5:53:84:b6:29:8c:b1:6d:7f:9d:6c:81:5b:
93:2d:88:5f:a8:c7:35:a7:b3:e4:9d:a7:63:95:30:10:5d:5f:
33:81:8d:70:78:14:ab:f0:a5:8d:1e:d1:b8:93:1d:5e:16:3f:
c4:8b:52:d4:54:17:e7:e1:6d:35:1c:d8:94:a2:b8:8e:50:5c:
df:2e:ab:e0:fa:a4:f5:7c:3e:66:9e:e8:62:ed:a5:49:c2:3f:
2d:7c:0c:1b:27:da:5d:5e:75:42:99:92:6c:fc:1c:bd:52:a9:
0b:27:19:e8:7f:cf:f3:52:77:04:b1:a3:3d:53:d4:34:c2:d2:
13:8b:99:ef:0d:09:1c:db:55:62:34:75:5a:6f:46:2f:dc:62:
6b:f9:08:1f:e5:57:05:10:49:0f:fb:85:99:e0:50:4b:81:7d:
ea:a5:da:09:5a:76:50:8d:36:36:5a:1f:d9:8d:17:db:07:ba:
c0:1c:e2:07
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAlcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTJEQjExMTAvBgNVBAUTKDIyRURGOUVCNjYwODdGRDBFOTgxN0FFNzM2QzAwMzlE
MTg4MDg4RDUwHhcNMjMwMzA5MDQzNDAzWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDA5NjFiYi1iNGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnGiRJCuBQhQyHQyOTv8K4E9q0n4qvsLEZM/YhKNd5lbDr8jx8jwA6Wug7sd7
XF5fGyWA3OLrahY6sBfEQ9fZtgllJPFnlr7xM0JMOaJtQFVH1EuOeRF708YGWZcY
Sc9L0xhrd8fO3jOJr5j7IYQ403KhFHQBkROzKUCEIl+liH/jwiPc1ugdgRTzsMGq
MjK46la+sOE/tU17RM8ph2lBvTNkM6W9QEgWYS9smwtczMYKJ8wMHsL6jrbLWNEy
JIyhRauQXdJz9w1lQUsibPalMRBxgBN2J1YGTNQggpQEASYU6TB2h9KxCR/FZVDg
cCXgKmHyZkq3UZlyR7BGrnUswwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFDlJ9eqe
tz3phIa691EuNEVrOt7zMB8GA1UdIwQYMBaAFCLt+etmCH/Q6YF65zbAA50YgIjV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMkRCMS8zRkE2OTIwMDgz
QzAxMUVDQjU0QjM5N0ZDNEY5QUUwMi9JdTM1NjJZSWY5RHBnWHJuTnNBRG5SaUFp
TlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0l1MzU2MllJZjlEcGdYcm5Oc0FEblJpQWlOVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTJEQjEvM0ZBNjkyMDA4M0MwMTFFQ0I1NEIzOTdGQzRGOUFFMDIvRENFQzZCOEFG
OEE5MTFFQ0E4NDI0QzZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwUkAIogAQAwDQYJKoZIhvcNAQELBQADggEBACZe26qdMzA2
t3TxrsnKWt8YpB1ZyAqugTjhjuDA2Xr2Xxc1qb8zK3p0HsO/rpIFNcxwsxxVJPBw
twgf3v/tutfxoKMmAdu8YZTL2V81xVOEtimMsW1/nWyBW5MtiF+oxzWns+Sdp2OV
MBBdXzOBjXB4FKvwpY0e0biTHV4WP8SLUtRUF+fhbTUc2JSiuI5QXN8uq+D6pPV8
Pmae6GLtpUnCPy18DBsn2l1edUKZkmz8HL1SqQsnGeh/z/NSdwSxoz1T1DTC0hOL
me8NCRzbVWI0dVpvRi/cYmv5CB/lVwUQSQ/7hZngUEuBfeql2gladlCNNjZaH9mN
F9sHusAc4gc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:54 2024 by rpki-client on console-fra.rpki-client.org