Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/D1BF62C8165B11EEAF7ECC31C4F9AE02.roa
File: D1BF62C8165B11EEAF7ECC31C4F9AE02.roa (raw, json)
Hash identifier: 9rYDWIFW2bgpA4w+m2twxfEbOfeNnJQIJantFojog/I=
Subject key identifier: 58:BC:8D:04:C0:45:B0:89:37:CC:A3:B4:5B:7D:5B:91:11:4C:BB:50
Certificate issuer: /CN=A911E2E0/serialNumber=ED68CA6A2D12A88CC7D296A2BC2BF1519A0B5FF3
Certificate serial: 215B
Authority key identifier: ED:68:CA:6A:2D:12:A8:8C:C7:D2:96:A2:BC:2B:F1:51:9A:0B:5F:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7WjKai0SqIzH0paivCvxUZoLX_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/D1BF62C8165B11EEAF7ECC31C4F9AE02.roa
Signing time: Thu 29 Jun 2023 09:03:31 +0000
ROA not before: Thu 29 Jun 2023 09:03:31 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 55559
IP address blocks: 2403:1600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8539 (0x215b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911E2E0/serialNumber=ED68CA6A2D12A88CC7D296A2BC2BF1519A0B5FF3
Validity
Not Before: Jun 29 09:03:31 2023 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=649d48e3-dc2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:92:21:84:21:56:f4:80:99:89:99:ff:64:22:
c3:0f:f6:d5:9d:a4:34:53:6d:2a:c2:fc:17:3e:91:
55:60:d4:39:e8:5e:85:c6:ce:58:ae:c9:86:b9:17:
c8:6d:c4:c2:e4:2c:cd:08:22:d3:f4:bc:11:f1:ec:
c5:0f:c9:6e:32:5c:f3:84:4c:85:2d:e0:bb:44:15:
79:d8:41:01:61:01:1e:d4:da:68:ec:d1:fd:e0:21:
a9:aa:51:51:69:50:74:ee:b6:bb:79:9c:2b:98:51:
34:15:24:af:61:b2:f5:d6:96:0e:8b:ab:41:dd:f5:
50:df:ed:69:95:aa:b2:81:55:b4:fd:b9:d8:71:b7:
5b:de:06:12:6f:0d:06:ba:e1:74:f4:31:d3:e4:f1:
44:e8:0a:83:48:7a:1a:2d:05:78:df:bd:16:0a:35:
79:3a:5d:88:ef:fe:7e:d8:24:7e:1e:75:ef:9f:d3:
a5:40:ac:1e:f3:ee:16:85:db:11:93:52:b7:ac:22:
54:57:00:d9:f1:35:b9:aa:77:f2:cf:c4:14:98:b8:
39:86:26:fb:26:f2:e7:df:01:90:40:9f:a9:f1:92:
25:7f:5f:13:7a:9a:97:2f:97:fd:69:73:5f:47:6c:
a3:9f:86:16:cc:36:a3:bb:de:31:2c:cc:b0:1b:2d:
a9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BC:8D:04:C0:45:B0:89:37:CC:A3:B4:5B:7D:5B:91:11:4C:BB:50
X509v3 Authority Key Identifier:
keyid:ED:68:CA:6A:2D:12:A8:8C:C7:D2:96:A2:BC:2B:F1:51:9A:0B:5F:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/7WjKai0SqIzH0paivCvxUZoLX_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7WjKai0SqIzH0paivCvxUZoLX_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/D1BF62C8165B11EEAF7ECC31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:1600::/32
Signature Algorithm: sha256WithRSAEncryption
53:e2:a1:0f:4b:5e:c2:6e:e3:3c:0f:bb:53:35:be:06:17:bb:
08:1b:3b:f2:d4:72:85:a8:3f:0f:7e:5a:b7:a2:82:a4:87:8b:
a3:05:76:51:a3:d2:87:d2:df:37:ea:10:99:17:31:3c:98:e5:
f3:f4:7b:20:38:34:c0:3f:4c:28:92:b8:86:93:12:79:33:5f:
4b:fd:51:f9:ba:ff:b0:f6:86:6b:9f:5e:18:2b:f0:a5:9d:bf:
79:12:00:cf:c8:54:c9:dd:ed:40:4c:30:af:50:0b:0e:e9:34:
eb:d4:58:41:f9:fa:62:2e:c6:b0:14:8a:35:46:80:12:4a:de:
12:e4:0e:30:3d:1d:54:9b:69:1a:9e:f3:d1:88:38:f8:53:1c:
95:c2:a4:aa:52:00:96:34:1f:f7:ea:3d:e4:1c:67:8d:bb:95:
39:79:45:4a:48:80:8a:16:0c:8d:b4:0c:ed:94:6d:f1:47:1e:
ad:cc:38:55:ba:89:b0:8a:c9:12:13:99:b7:0e:23:78:24:51:
03:76:18:3e:a2:d7:76:23:20:8e:b0:df:72:aa:0d:b8:01:0d:
6f:11:9b:2c:50:e5:43:78:59:03:6e:aa:7d:b2:71:88:ed:ee:
58:e0:1d:6c:9f:f9:7b:7e:40:79:2e:d6:c4:94:28:e7:10:5c:
c5:24:2b:e3
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICIVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUUyRTAxMTAvBgNVBAUTKEVENjhDQTZBMkQxMkE4OENDN0QyOTZBMkJDMkJGMTUx
OUEwQjVGRjMwHhcNMjMwNjI5MDkwMzMxWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDlkNDhlMy1kYzJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAopIhhCFW9ICZiZn/ZCLDD/bVnaQ0U20qwvwXPpFVYNQ56F6Fxs5YrsmGuRfI
bcTC5CzNCCLT9LwR8ezFD8luMlzzhEyFLeC7RBV52EEBYQEe1Npo7NH94CGpqlFR
aVB07ra7eZwrmFE0FSSvYbL11pYOi6tB3fVQ3+1plaqygVW0/bnYcbdb3gYSbw0G
uuF09DHT5PFE6AqDSHoaLQV4370WCjV5Ol2I7/5+2CR+HnXvn9OlQKwe8+4WhdsR
k1K3rCJUVwDZ8TW5qnfyz8QUmLg5hib7JvLn3wGQQJ+p8ZIlf18TepqXL5f9aXNf
R2yjn4YWzDaju94xLMywGy2p5wIDAQABo4ICljCCApIwHQYDVR0OBBYEFFi8jQTA
RbCJN8yjtFt9W5ERTLtQMB8GA1UdIwQYMBaAFO1oymotEqiMx9KWorwr8VGaC1/z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTJFMC9CM0U4MTVEQzlF
NDYxMUU1ODhENDYwMTZDNEY5QUUwMi83V2pLYWkwU3FJekgwcGFpdkN2eFVab0xY
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdXakthaTBTcUl6SDBwYWl2Q3Z4VVpvTFhfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUUyRTAvQjNFODE1REM5RTQ2MTFFNTg4RDQ2MDE2QzRGOUFFMDIvRDFCRjYyQzgx
NjVCMTFFRUFGN0VDQzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAxYAMA0GCSqGSIb3DQEBCwUAA4IBAQBT4qEPS17CbuM8
D7tTNb4GF7sIGzvy1HKFqD8Pflq3ooKkh4ujBXZRo9KH0t836hCZFzE8mOXz9Hsg
ODTAP0wokriGkxJ5M19L/VH5uv+w9oZrn14YK/Clnb95EgDPyFTJ3e1ATDCvUAsO
6TTr1FhB+fpiLsawFIo1RoASSt4S5A4wPR1Um2kanvPRiDj4UxyVwqSqUgCWNB/3
6j3kHGeNu5U5eUVKSICKFgyNtAztlG3xRx6tzDhVuomwiskSE5m3DiN4JFEDdhg+
otd2IyCOsN9yqg24AQ1vEZssUOVDeFkDbqp9snGI7e5Y4B1sn/l7fkB5LtbElCjn
EFzFJCvj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org