Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136AF7/7B0B6F72F27311E9AE257640C4F9AE02/E7DE8DAEF27411E99E67A342C4F9AE02.roa
File: E7DE8DAEF27411E99E67A342C4F9AE02.roa (raw, json)
Hash identifier: ulwi/akSQpfV1+/LqOjTz/QmXwLU1hbX5P5dafdF1TU=
Subject key identifier: 7D:8B:DD:74:49:AB:3B:21:CD:C0:2C:F2:81:FD:F5:6C:1F:8A:20:1A
Certificate issuer: /CN=A9136AF7/serialNumber=28FBADF1C0B5A425B5D21D7CF45C40CAA44EDCE1
Certificate serial: 0B37
Authority key identifier: 28:FB:AD:F1:C0:B5:A4:25:B5:D2:1D:7C:F4:5C:40:CA:A4:4E:DC:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPut8cC1pCW10h189FxAyqRO3OE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136AF7/7B0B6F72F27311E9AE257640C4F9AE02/E7DE8DAEF27411E99E67A342C4F9AE02.roa
Signing time: Fri 02 Jun 2023 20:00:51 +0000
ROA not before: Fri 02 Jun 2023 20:00:51 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 134830
IP address blocks: 2401:31c0:fffe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2871 (0xb37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136AF7
Validity
Not Before: Jun 2 20:00:51 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=647a4a73-554f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e7:84:6b:18:32:46:c3:29:51:11:b9:1b:8e:
b5:07:e1:f7:49:8f:f7:eb:ae:a8:76:26:78:0e:8c:
df:ac:06:37:2e:b1:8c:79:e6:78:1f:3f:d4:87:05:
48:03:7d:c9:44:8d:af:a8:34:c2:11:46:cc:36:b5:
7c:b7:17:09:57:f1:16:da:aa:17:50:f2:ab:db:36:
9d:02:ca:89:19:74:19:04:5d:85:95:a3:3f:f4:59:
1a:02:56:e7:ec:5e:d0:84:65:14:c7:82:9b:3a:19:
f1:03:ce:69:05:9a:9c:5c:a4:52:60:5d:61:d6:4d:
d8:67:07:1d:47:3d:40:72:a2:58:c1:b3:b1:04:86:
f4:0a:7b:a2:68:4d:d7:27:97:12:b5:65:64:98:c3:
59:81:5f:b7:bc:08:9a:02:ab:0a:ec:f2:c2:ee:36:
38:b7:e2:f5:db:0a:7d:a5:ca:51:74:ee:73:aa:8f:
62:11:fb:c8:53:27:13:80:4d:ff:00:07:cf:17:9b:
15:99:06:ea:a9:9e:18:67:bf:53:15:25:2b:5e:b6:
2a:7d:1e:d9:44:87:bf:eb:97:64:62:5e:9c:53:f1:
32:0d:e4:3f:73:8d:25:b8:50:e0:c0:76:b4:7c:57:
f5:6b:db:56:16:32:83:b1:93:1e:27:06:b4:86:ac:
89:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8B:DD:74:49:AB:3B:21:CD:C0:2C:F2:81:FD:F5:6C:1F:8A:20:1A
X509v3 Authority Key Identifier:
keyid:28:FB:AD:F1:C0:B5:A4:25:B5:D2:1D:7C:F4:5C:40:CA:A4:4E:DC:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136AF7/7B0B6F72F27311E9AE257640C4F9AE02/KPut8cC1pCW10h189FxAyqRO3OE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPut8cC1pCW10h189FxAyqRO3OE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136AF7/7B0B6F72F27311E9AE257640C4F9AE02/E7DE8DAEF27411E99E67A342C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:31c0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
28:73:60:90:d3:0a:4b:c0:ca:71:8c:06:84:76:89:cc:77:b9:
e0:a9:32:ed:54:fc:d6:74:54:65:e9:6e:15:fa:f8:d8:b1:e3:
37:81:ff:7d:a0:1e:97:a0:09:95:65:a9:a9:28:28:6b:ee:75:
93:5f:22:9c:d4:d7:c0:4e:a1:9a:60:e7:09:f7:3a:9b:08:f1:
09:27:45:ae:ca:c8:a0:a0:04:e6:5e:4f:30:0f:ae:6b:36:87:
c3:c7:3d:c0:66:1b:56:7e:bf:18:99:53:a1:e0:3a:a9:72:19:
b5:52:51:9d:5b:36:27:e7:8f:56:c1:97:ce:a6:da:4e:cf:61:
7a:2a:fd:52:88:bb:46:a2:c8:81:3c:c1:2b:9b:24:98:01:2d:
f4:08:82:e7:51:9f:f2:4c:aa:02:00:99:70:d2:92:f8:45:49:
d3:08:b9:9f:cc:2b:73:25:21:f2:90:8b:b9:63:b2:c1:ac:67:
58:ae:c7:16:01:b0:1c:ff:da:c7:c3:07:d5:61:46:a8:68:fe:
20:3d:31:8d:07:31:5d:25:34:0c:7e:c5:8e:9e:26:ba:93:36:
72:c5:c5:b6:14:ef:97:6b:5e:0d:ac:18:3a:7b:6f:42:54:65:
58:17:cc:69:fa:ab:95:b1:19:a9:95:77:34:c7:9c:48:0d:a5:
4f:54:60:f1
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzZBRjcxMTAvBgNVBAUTKDI4RkJBREYxQzBCNUE0MjVCNUQyMUQ3Q0Y0NUM0MENB
QTQ0RURDRTEwHhcNMjMwNjAyMjAwMDUxWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdhNGE3My01NTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1OeEaxgyRsMpURG5G461B+H3SY/3666odiZ4DozfrAY3LrGMeeZ4Hz/UhwVI
A33JRI2vqDTCEUbMNrV8txcJV/EW2qoXUPKr2zadAsqJGXQZBF2FlaM/9FkaAlbn
7F7QhGUUx4KbOhnxA85pBZqcXKRSYF1h1k3YZwcdRz1AcqJYwbOxBIb0CnuiaE3X
J5cStWVkmMNZgV+3vAiaAqsK7PLC7jY4t+L12wp9pcpRdO5zqo9iEfvIUycTgE3/
AAfPF5sVmQbqqZ4YZ79TFSUrXrYqfR7ZRIe/65dkYl6cU/EyDeQ/c40luFDgwHa0
fFf1a9tWFjKDsZMeJwa0hqyJXwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFH2L3XRJ
qzshzcAs8oH99WwfiiAaMB8GA1UdIwQYMBaAFCj7rfHAtaQltdIdfPRcQMqkTtzh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkFGNy83QjBCNkY3MkYy
NzMxMUU5QUUyNTc2NDBDNEY5QUUwMi9LUHV0OGNDMXBDVzEwaDE4OUZ4QXlxUk8z
T0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tQdXQ4Y0MxcENXMTBoMTg5RnhBeXFSTzNPRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzZBRjcvN0IwQjZGNzJGMjczMTFFOUFFMjU3NjQwQzRGOUFFMDIvRTdERThEQUVG
Mjc0MTFFOTlFNjdBMzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkATHA//4wDQYJKoZIhvcNAQELBQADggEBAChzYJDTCkvA
ynGMBoR2icx3ueCpMu1U/NZ0VGXpbhX6+Nix4zeB/32gHpegCZVlqakoKGvudZNf
IpzU18BOoZpg5wn3OpsI8QknRa7KyKCgBOZeTzAPrms2h8PHPcBmG1Z+vxiZU6Hg
OqlyGbVSUZ1bNifnj1bBl86m2k7PYXoq/VKIu0aiyIE8wSubJJgBLfQIgudRn/JM
qgIAmXDSkvhFSdMIuZ/MK3MlIfKQi7ljssGsZ1iuxxYBsBz/2sfDB9VhRqho/iA9
MY0HMV0lNAx+xY6eJrqTNnLFxbYU75drXg2sGDp7b0JUZVgXzGn6q5WxGamVdzTH
nEgNpU9UYPE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:05 2025 by rpki-client