Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/32F45F7E5E9A11ECB134AD53C4F9AE02.roa
File: 32F45F7E5E9A11ECB134AD53C4F9AE02.roa (raw, json)
Hash identifier: 0DLIpi8gsFH1cRrahGkqZEnEcWyiWuCAYbHaVejPC7U=
Subject key identifier: 1E:27:B3:D1:57:8D:BC:74:BE:F2:73:F2:03:53:59:34:4A:B2:4A:C2
Certificate issuer: /CN=A91618BC/serialNumber=1AEBCD82D7028343B745AD406739CDB92D4DFB77
Certificate serial: 14
Authority key identifier: 1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/32F45F7E5E9A11ECB134AD53C4F9AE02.roa
Signing time: Thu 16 Dec 2021 18:01:32 +0000
ROA not before: Thu 16 Dec 2021 18:01:31 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 212425
IP address blocks: 2407:9240:2100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91618BC/serialNumber=1AEBCD82D7028343B745AD406739CDB92D4DFB77
Validity
Not Before: Dec 16 18:01:31 2021 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61bb7efb-ed3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:99:d0:e0:c9:14:15:d1:a4:63:70:85:0b:1e:
1e:e2:42:70:1b:2d:ac:1d:d8:7d:d8:02:5c:a6:f7:
4c:ff:ad:d4:24:f9:15:dd:61:16:4a:b0:2f:05:4b:
ff:72:a1:a7:f5:60:0a:5d:29:e7:75:67:52:77:52:
6c:a7:72:aa:64:65:6f:1e:dd:e6:9f:26:8e:5a:3b:
69:52:bd:17:12:88:d2:d6:2b:eb:0b:a1:88:44:9b:
1b:31:13:38:7b:42:34:2c:cf:c4:3f:d6:3f:6b:92:
bf:d2:0f:24:63:77:10:53:14:25:eb:3c:76:ce:61:
61:88:d9:ba:77:41:8a:a9:98:0c:77:ea:12:8e:c5:
33:3e:0a:e7:f1:9d:6d:2a:6a:c5:cc:2a:ec:49:4b:
66:ba:18:a4:72:27:43:5c:a4:5e:47:d0:8a:bf:71:
8b:61:bc:3a:ef:12:a0:fd:52:79:29:23:d1:0a:45:
9e:7e:a8:83:f0:7c:96:d2:ce:25:a8:92:cf:6d:82:
f0:2d:6c:99:cf:7c:f0:8c:08:6d:13:2f:df:b1:c3:
65:9d:92:fa:9a:1d:63:25:65:44:ca:3d:31:0d:aa:
03:af:a1:c4:d9:79:41:29:cd:51:0b:44:6c:e1:ff:
32:71:0c:99:b9:ec:db:90:2f:73:ca:f1:cf:44:7f:
0f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:27:B3:D1:57:8D:BC:74:BE:F2:73:F2:03:53:59:34:4A:B2:4A:C2
X509v3 Authority Key Identifier:
keyid:1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/GuvNgtcCg0O3Ra1AZznNuS1N-3c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/32F45F7E5E9A11ECB134AD53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9240:2100::/40
Signature Algorithm: sha256WithRSAEncryption
71:82:28:5e:f0:ac:9e:38:82:69:25:e1:d8:d4:ac:43:22:59:
43:43:86:5d:fb:d8:1f:ae:28:d6:39:58:64:93:10:ab:13:dc:
a5:c2:67:4b:aa:91:a5:da:cc:23:c8:e7:14:0e:a7:e0:40:e0:
c2:24:6a:f4:e4:82:b8:16:f7:39:c9:7e:a1:65:d0:cc:6b:9c:
9c:2e:91:fd:1b:98:cc:16:c9:19:10:44:78:0e:9b:14:76:41:
d0:6a:fc:05:b2:28:ce:db:05:53:ec:58:97:9e:bb:b0:5b:28:
94:f6:41:c2:ec:4e:a2:2a:9a:e9:31:cf:15:c1:c7:59:b1:d7:
c7:a5:da:40:e5:67:98:71:21:04:71:17:7b:ec:ec:f6:65:32:
d3:a3:86:90:41:1f:ab:e1:4c:92:99:f5:5a:8f:b9:6e:70:83:
60:5e:fb:99:c4:32:0c:bb:96:1b:df:a6:85:7a:f5:c8:ef:04:
6b:7c:3c:4a:0e:a4:69:43:99:18:fe:4a:1b:f1:5e:33:6e:03:
b3:3e:3b:8c:d1:80:48:d2:89:71:76:d1:e9:20:31:31:55:46:
1a:16:52:ec:ca:cd:21:ae:17:a9:ef:3a:a8:df:5c:d7:4a:5b:
fb:63:e5:b6:d3:9a:37:14:e0:34:fb:00:33:1e:15:93:8a:4c:
1c:9f:64:4b
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MThCQzExMC8GA1UEBRMoMUFFQkNEODJENzAyODM0M0I3NDVBRDQwNjczOUNEQjky
RDRERkI3NzAeFw0yMTEyMTYxODAxMzFaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxYmI3ZWZiLWVkM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZmdDgyRQV0aRjcIULHh7iQnAbLawd2H3YAlym90z/rdQk+RXdYRZKsC8FS/9y
oaf1YApdKed1Z1J3UmyncqpkZW8e3eafJo5aO2lSvRcSiNLWK+sLoYhEmxsxEzh7
QjQsz8Q/1j9rkr/SDyRjdxBTFCXrPHbOYWGI2bp3QYqpmAx36hKOxTM+CufxnW0q
asXMKuxJS2a6GKRyJ0NcpF5H0Iq/cYthvDrvEqD9UnkpI9EKRZ5+qIPwfJbSziWo
ks9tgvAtbJnPfPCMCG0TL9+xw2WdkvqaHWMlZUTKPTENqgOvocTZeUEpzVELRGzh
/zJxDJm57NuQL3PK8c9Efw+5AgMBAAGjggKXMIICkzAdBgNVHQ4EFgQUHiez0VeN
vHS+8nPyA1NZNEqySsIwHwYDVR0jBBgwFoAUGuvNgtcCg0O3Ra1AZznNuS1N+3cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxOEJDL0VEN0I2MkFDNUQ4
NzExRUM5QzFENzAyQ0M0RjlBRTAyL0d1dk5ndGNDZzBPM1JhMUFaem5OdVMxTi0z
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR3V2Tmd0Y0NnME8zUmExQVp6bk51UzFOLTNjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MThCQy9FRDdCNjJBQzVEODcxMUVDOUMxRDcwMkNDNEY5QUUwMi8zMkY0NUY3RTVF
OUExMUVDQjEzNEFENTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAhBggrBgEFBQcBBwEB/wQS
MBAwDgQCAAIwCAMGACQHkkAhMA0GCSqGSIb3DQEBCwUAA4IBAQBxgihe8KyeOIJp
JeHY1KxDIllDQ4Zd+9gfrijWOVhkkxCrE9ylwmdLqpGl2swjyOcUDqfgQODCJGr0
5IK4Fvc5yX6hZdDMa5ycLpH9G5jMFskZEER4DpsUdkHQavwFsijO2wVT7FiXnruw
WyiU9kHC7E6iKprpMc8VwcdZsdfHpdpA5WeYcSEEcRd77Oz2ZTLTo4aQQR+r4UyS
mfVaj7lucINgXvuZxDIMu5Yb36aFevXI7wRrfDxKDqRpQ5kY/kob8V4zbgOzPjuM
0YBI0olxdtHpIDExVUYaFlLsys0hrhep7zqo31zXSlv7Y+W205o3FOA0+wAzHhWT
ikwcn2RL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:44 2023 by rpki-client on console-fra.rpki-client.org