Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/6866FE98BF4511ED80984679C4F9AE02.roa
File: 6866FE98BF4511ED80984679C4F9AE02.roa (raw, json)
Hash identifier: d76gdGJLscwXbf1YFBVymvnXFQLmaV17ojBNZ/zkrLY=
Subject key identifier: 6A:5B:A3:BB:53:D1:2C:AF:E5:E0:5B:C5:75:5B:32:C1:87:80:4A:8D
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: 021F
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/6866FE98BF4511ED80984679C4F9AE02.roa
Signing time: Fri 10 Mar 2023 13:13:54 +0000
ROA not before: Fri 10 Mar 2023 13:13:54 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 208485
IP address blocks: 223.29.128.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 543 (0x21f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Validity
Not Before: Mar 10 13:13:54 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=640b2d12-f4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ea:a9:ac:b1:12:a5:41:90:15:ac:cd:54:e2:
f0:28:a4:a0:32:49:15:73:50:40:5c:e4:c6:3c:82:
f9:62:a2:21:b5:cf:b4:c9:8f:40:9b:66:0c:c1:7d:
e0:4d:74:16:13:c3:7a:bb:b0:3c:bc:6a:70:47:1b:
93:ff:8f:fa:0f:7b:22:a2:55:a6:3f:e6:ce:2a:4b:
59:b6:81:cc:cc:23:46:d9:d5:08:f8:19:9d:da:a7:
ad:f8:a7:cb:cf:f8:31:e4:88:e6:48:0a:f7:15:48:
4d:fa:ad:30:6e:c3:58:2a:21:86:aa:5b:bc:7e:87:
57:40:df:26:c2:63:30:7d:71:6f:a3:c8:c3:76:61:
00:77:1b:88:61:7d:84:5c:dc:dc:0f:cc:d5:e1:9f:
9e:3b:e1:67:56:8c:12:ca:9e:98:d0:88:cc:11:e8:
4f:cd:53:d0:0a:3f:32:6c:0d:9f:e5:c6:93:b6:ca:
52:ea:db:c3:33:96:eb:8f:64:2a:f1:7a:3a:40:4f:
63:e1:60:bf:d7:f5:b0:84:3f:91:f1:03:6e:cd:74:
24:7d:86:2b:37:d1:ad:fa:85:e5:3f:27:d7:c3:fe:
3a:42:e1:37:83:70:44:ef:3e:42:d6:b8:69:00:c7:
c8:67:bd:0b:18:11:ba:76:aa:62:06:33:04:b4:fc:
09:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5B:A3:BB:53:D1:2C:AF:E5:E0:5B:C5:75:5B:32:C1:87:80:4A:8D
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/6866FE98BF4511ED80984679C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.128.0/19
Signature Algorithm: sha256WithRSAEncryption
b6:ad:75:0a:14:94:8a:c5:71:90:cf:a3:3c:7b:af:ad:6b:2f:
d7:e8:26:f1:32:90:e4:be:66:56:a7:88:f6:c3:3d:8f:c6:44:
f5:5c:ba:40:7e:a3:27:0a:bf:51:a1:fb:af:e9:07:c6:08:5d:
5a:4d:9d:e6:f4:c3:47:3d:7c:0c:70:f7:12:db:5d:7a:46:3e:
4a:bb:d4:ff:10:ec:06:99:61:31:99:55:24:b1:4b:a4:34:f9:
5c:df:81:7e:79:1c:0a:4e:96:68:8b:55:fa:6b:0c:71:4c:a9:
87:a6:10:62:43:b9:bd:84:84:98:7a:90:d0:30:3f:a3:df:c8:
67:56:b3:13:34:19:bd:5a:b7:54:d1:3c:32:04:a9:b9:58:19:
d6:d3:fe:12:e0:a0:37:8b:9f:25:ff:d0:bb:5d:5b:1e:11:3e:
a8:c4:7c:74:1c:04:af:23:8a:86:dd:6a:43:8e:35:e3:36:81:
7e:18:5f:d9:b5:ed:82:b3:bc:6f:76:0d:c9:6d:63:8d:44:36:
33:45:20:e8:00:15:29:4b:d9:88:48:0b:b8:62:97:05:2a:fa:
be:50:d7:a0:2f:cd:3d:cc:94:53:58:55:98:77:9b:ff:7c:ae:
02:9d:63:96:08:04:d2:2d:ec:50:9e:84:d2:ab:00:5f:35:f3:
e9:c4:b3:89
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjMwMzEwMTMxMzU0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDBiMmQxMi1mNGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3uqprLESpUGQFazNVOLwKKSgMkkVc1BAXOTGPIL5YqIhtc+0yY9Am2YMwX3g
TXQWE8N6u7A8vGpwRxuT/4/6D3siolWmP+bOKktZtoHMzCNG2dUI+Bmd2qet+KfL
z/gx5IjmSAr3FUhN+q0wbsNYKiGGqlu8fodXQN8mwmMwfXFvo8jDdmEAdxuIYX2E
XNzcD8zV4Z+eO+FnVowSyp6Y0IjMEehPzVPQCj8ybA2f5caTtspS6tvDM5brj2Qq
8Xo6QE9j4WC/1/WwhD+R8QNuzXQkfYYrN9Gt+oXlPyfXw/46QuE3g3BE7z5C1rhp
AMfIZ70LGBG6dqpiBjMEtPwJQwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGpbo7tT
0Syv5eBbxXVbMsGHgEqNMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvNjg2NkZFOThC
RjQ1MTFFRDgwOTg0Njc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAXfHYAwDQYJKoZIhvcNAQELBQADggEBALatdQoUlIrFcZDP
ozx7r61rL9foJvEykOS+ZlaniPbDPY/GRPVcukB+oycKv1Gh+6/pB8YIXVpNneb0
w0c9fAxw9xLbXXpGPkq71P8Q7AaZYTGZVSSxS6Q0+VzfgX55HApOlmiLVfprDHFM
qYemEGJDub2EhJh6kNAwP6PfyGdWsxM0Gb1at1TRPDIEqblYGdbT/hLgoDeLnyX/
0LtdWx4RPqjEfHQcBK8jiobdakOONeM2gX4YX9m17YKzvG92DcltY41ENjNFIOgA
FSlL2YhIC7hilwUq+r5Q16AvzT3MlFNYVZh3m/98rgKdY5YIBNIt7FCehNKrAF81
8+nEs4k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org