Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/A6582BCEDA7911EDB0D3866BC4F9AE02.roa
File: A6582BCEDA7911EDB0D3866BC4F9AE02.roa (raw, json)
Hash identifier: h71spNI30zub5EhdtiCyLuf+Lb/occd3NnHApG1YQ7U=
Subject key identifier: 3D:B0:22:54:25:BD:FE:3A:5F:94:35:F2:06:78:F8:9F:05:B3:C8:69
Certificate issuer: /CN=A91613AB/serialNumber=3901AF4A93FEFAAEB879CC9F5994E4E7F01AF838
Certificate serial: 4E
Authority key identifier: 39:01:AF:4A:93:FE:FA:AE:B8:79:CC:9F:59:94:E4:E7:F0:1A:F8:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OQGvSpP--q64ecyfWZTk5_Aa-Dg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/A6582BCEDA7911EDB0D3866BC4F9AE02.roa
Signing time: Fri 14 Apr 2023 04:05:54 +0000
ROA not before: Fri 14 Apr 2023 04:05:54 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 147001
IP address blocks: 2400:c620::/32 maxlen: 32
2400:c620:1::/48 maxlen: 48
2400:c620:2::/48 maxlen: 48
2400:c620:3::/48 maxlen: 48
2400:c620:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78 (0x4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91613AB/serialNumber=3901AF4A93FEFAAEB879CC9F5994E4E7F01AF838
Validity
Not Before: Apr 14 04:05:54 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=6438d121-7af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:1a:c1:1b:c2:74:a1:88:ed:68:e9:7b:01:88:
86:35:92:15:f7:47:10:92:77:dd:ed:a4:f6:a4:cc:
52:da:b0:f3:7a:23:81:fd:65:26:7e:e2:ed:77:63:
d6:78:a0:8c:cc:58:8f:8e:72:9b:f7:46:bc:85:ef:
93:6b:bb:b1:12:16:8a:1c:42:a6:8a:49:51:e8:c4:
4a:c2:8b:65:56:ec:ea:32:0c:17:19:36:13:68:c6:
8e:27:2f:69:f8:78:69:8d:16:3e:95:6f:64:ca:a9:
fa:04:2b:b5:e7:4a:c5:3e:76:9e:d4:bb:e9:8b:fe:
bf:71:81:44:c3:aa:dd:31:b6:7b:0b:40:6a:da:26:
88:b6:ec:76:0a:f1:9f:4e:24:47:52:65:b7:65:b2:
df:76:4a:8c:24:74:bc:92:42:ae:1f:c5:ed:11:e8:
bc:64:e9:60:59:34:a4:63:7f:28:f3:9d:88:e1:9b:
62:a1:a4:78:87:8d:20:dd:cf:37:ed:bc:5c:6a:5c:
83:26:bc:ca:0e:d0:1d:3c:cd:7e:93:64:24:89:b8:
aa:2a:a3:c1:bb:4e:e8:dd:05:28:8a:c0:73:ab:19:
a5:5f:66:48:d3:d4:7e:84:aa:b7:ce:e3:47:97:bb:
e3:61:a2:66:eb:df:5d:42:77:59:41:4d:4b:95:b7:
c6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B0:22:54:25:BD:FE:3A:5F:94:35:F2:06:78:F8:9F:05:B3:C8:69
X509v3 Authority Key Identifier:
keyid:39:01:AF:4A:93:FE:FA:AE:B8:79:CC:9F:59:94:E4:E7:F0:1A:F8:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/OQGvSpP--q64ecyfWZTk5_Aa-Dg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OQGvSpP--q64ecyfWZTk5_Aa-Dg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/A6582BCEDA7911EDB0D3866BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:c620::/32
Signature Algorithm: sha256WithRSAEncryption
6d:56:fc:76:d8:07:cd:bd:76:93:ff:33:df:ed:0d:4c:87:a9:
08:f6:ef:4d:48:c2:39:08:10:60:62:65:85:4f:91:68:9a:ca:
c6:fb:a7:4c:1d:a5:6a:06:8b:32:67:7d:56:64:da:87:7a:01:
30:8f:cc:89:98:a7:a4:a3:f8:5b:38:44:d4:dc:e0:b6:83:16:
bf:02:12:ad:ec:52:93:0a:1f:13:0f:50:41:e2:ec:64:b5:9d:
3a:e1:06:58:94:12:9d:67:d4:ea:9d:65:dd:b2:c5:92:66:46:
20:5b:82:64:28:b3:5b:87:e6:48:6f:61:d8:ba:7d:97:96:d8:
8b:52:17:bc:32:d2:19:3b:7d:51:a3:c0:0d:8d:09:37:4d:94:
51:a3:dc:85:30:76:e6:21:ba:b8:ac:8a:74:5d:d8:e8:21:ce:
6a:e5:6c:68:6a:1b:80:2f:81:12:8c:d0:60:cd:11:1b:ad:6b:
f0:c7:ea:b3:74:4a:5e:1c:38:36:d2:7f:74:0e:9c:c1:da:63:
ab:cd:97:1e:27:7d:a2:75:60:76:86:c1:af:5c:d4:99:bd:03:
a5:4f:e5:d7:14:14:02:a9:d2:33:2c:3c:62:09:9b:0b:53:1a:
1d:c3:50:de:4e:ca:cc:6b:3f:85:28:1f:96:f9:0d:0b:ab:4b:
9c:0d:d1:ec
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBTjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MTNBQjExMC8GA1UEBRMoMzkwMUFGNEE5M0ZFRkFBRUI4NzlDQzlGNTk5NEU0RTdG
MDFBRjgzODAeFw0yMzA0MTQwNDA1NTRaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MzhkMTIxLTdhZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmGsEbwnShiO1o6XsBiIY1khX3RxCSd93tpPakzFLasPN6I4H9ZSZ+4u13Y9Z4
oIzMWI+Ocpv3RryF75Nru7ESFoocQqaKSVHoxErCi2VW7OoyDBcZNhNoxo4nL2n4
eGmNFj6Vb2TKqfoEK7XnSsU+dp7Uu+mL/r9xgUTDqt0xtnsLQGraJoi27HYK8Z9O
JEdSZbdlst92SowkdLySQq4fxe0R6Lxk6WBZNKRjfyjznYjhm2KhpHiHjSDdzzft
vFxqXIMmvMoO0B08zX6TZCSJuKoqo8G7TujdBSiKwHOrGaVfZkjT1H6EqrfO40eX
u+Nhombr311Cd1lBTUuVt8alAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUPbAiVCW9
/jpflDXyBnj4nwWzyGkwHwYDVR0jBBgwFoAUOQGvSpP++q64ecyfWZTk5/Aa+Dgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxM0FCLzlDRjdFQ0RBNkY4
QjExRUQ4RkFFM0MxMUM0RjlBRTAyL09RR3ZTcFAtLXE2NGVjeWZXWlRrNV9BYS1E
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvT1FHdlNwUC0tcTY0ZWN5ZldaVGs1X0FhLURnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MTNBQi85Q0Y3RUNEQTZGOEIxMUVEOEZBRTNDMTFDNEY5QUUwMi9BNjU4MkJDRURB
NzkxMUVEQjBEMzg2NkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQAxiAwDQYJKoZIhvcNAQELBQADggEBAG1W/HbYB829dpP/
M9/tDUyHqQj2701IwjkIEGBiZYVPkWiaysb7p0wdpWoGizJnfVZk2od6ATCPzImY
p6Sj+Fs4RNTc4LaDFr8CEq3sUpMKHxMPUEHi7GS1nTrhBliUEp1n1OqdZd2yxZJm
RiBbgmQos1uH5khvYdi6fZeW2ItSF7wy0hk7fVGjwA2NCTdNlFGj3IUwduYhuris
inRd2OghzmrlbGhqG4AvgRKM0GDNERuta/DH6rN0Sl4cODbSf3QOnMHaY6vNlx4n
faJ1YHaGwa9c1Jm9A6VP5dcUFAKp0jMsPGIJmwtTGh3DUN5OysxrP4UoH5b5DQur
S5wN0ew=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org