Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/7C5B824EE2B011EA8F8CDB28C4F9AE02.roa
File: 7C5B824EE2B011EA8F8CDB28C4F9AE02.roa (raw, json)
Hash identifier: I0vMvvLqVPjj6PbAT7PosBHY8W3E8i1fAWthdrsxylM=
Subject key identifier: 21:0F:91:00:AA:06:9D:16:9E:82:0D:AE:00:D6:24:48:88:99:24:D7
Certificate issuer: /CN=A91620E0/serialNumber=FD3B4EF8F79B0AE127E71E4B6C1869D81B22E880
Certificate serial: 0AC9
Authority key identifier: FD:3B:4E:F8:F7:9B:0A:E1:27:E7:1E:4B:6C:18:69:D8:1B:22:E8:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_TtO-PebCuEn5x5LbBhp2Bsi6IA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/7C5B824EE2B011EA8F8CDB28C4F9AE02.roa
Signing time: Wed 30 Nov 2022 21:27:27 +0000
ROA not before: Wed 30 Nov 2022 21:27:27 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 64520
IP address blocks: 49.40.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2761 (0xac9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91620E0/serialNumber=FD3B4EF8F79B0AE127E71E4B6C1869D81B22E880
Validity
Not Before: Nov 30 21:27:27 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6387cabe-0968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:99:c5:af:0f:50:2a:77:55:0a:32:3a:44:d7:
c2:85:f8:d0:d2:2d:fe:80:b3:94:8c:3e:ae:3c:86:
b6:40:92:dc:e8:bc:30:96:ba:48:c6:80:78:6c:03:
d4:28:dd:25:d7:63:a4:09:6a:09:ec:0c:b1:79:0e:
9e:ad:47:45:01:34:87:65:39:35:47:0e:9a:1e:3c:
94:bc:fc:ec:a2:aa:4f:bc:5a:d6:42:0f:9a:b1:ca:
ac:cc:c5:b2:6f:24:6b:9f:58:b8:4e:38:72:77:44:
e1:65:91:13:5e:ab:b9:33:58:62:42:e3:6d:5d:7d:
c4:f2:62:ad:7b:67:95:61:e1:ed:53:f3:97:4e:98:
d1:2b:1c:b4:43:94:ac:d5:ca:22:c3:13:b4:b0:1f:
a4:a9:70:db:a5:34:5a:e6:0f:e0:dc:b8:bd:5f:1d:
4e:73:1d:22:4f:77:a8:83:00:1e:af:09:51:68:ae:
63:6d:6e:bd:b6:14:24:b9:82:17:3b:ea:0d:b4:a2:
3d:57:89:59:e1:41:58:a7:cc:43:d3:59:22:c6:20:
71:59:65:98:13:f3:b5:38:ba:e4:33:27:eb:0e:cc:
f6:78:1a:bc:a3:90:8a:27:98:e6:11:2a:31:ee:c0:
67:38:62:8a:b8:bf:11:fa:a4:18:6c:93:79:55:ed:
e6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0F:91:00:AA:06:9D:16:9E:82:0D:AE:00:D6:24:48:88:99:24:D7
X509v3 Authority Key Identifier:
keyid:FD:3B:4E:F8:F7:9B:0A:E1:27:E7:1E:4B:6C:18:69:D8:1B:22:E8:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/_TtO-PebCuEn5x5LbBhp2Bsi6IA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_TtO-PebCuEn5x5LbBhp2Bsi6IA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91620E0/E1A384AC310E11EA9C3CE72FC4F9AE02/7C5B824EE2B011EA8F8CDB28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.40.4.0/24
Signature Algorithm: sha256WithRSAEncryption
85:f2:c6:c4:fc:65:76:f1:49:f6:07:e2:0b:21:a0:64:14:da:
66:ca:b1:51:7d:e4:d1:92:92:6c:b6:94:dc:62:aa:f6:69:ac:
22:62:0d:5e:92:d1:5d:d3:d7:10:98:e2:8b:23:28:98:f9:94:
2f:d2:e3:b8:b9:bd:34:92:d6:73:ef:61:ce:ce:0a:27:3f:31:
2b:cc:b8:b5:5c:16:88:b1:70:ff:b1:b6:5f:e0:05:50:c3:29:
31:97:42:53:ca:bc:ea:8a:6f:32:68:d5:a1:3a:ab:a7:5d:40:
01:ca:2c:3d:99:74:7e:ea:a7:66:65:b6:08:f5:2c:99:d6:46:
30:7a:e4:d4:05:84:09:8f:c1:b2:0f:b8:b0:e4:72:3b:d7:ba:
4c:a5:c0:0d:36:8a:c6:93:4e:f7:66:48:de:19:1d:a8:f8:45:
69:1a:9f:87:f6:90:02:be:03:50:13:d8:0e:2c:b6:bb:e7:76:
1c:64:a8:13:79:94:08:b8:78:50:7f:42:79:2c:6b:5b:ad:e8:
2e:2a:9d:80:29:79:c2:1a:8c:dd:7a:f1:bb:84:2e:5c:48:f9:
24:92:87:eb:8a:8e:9c:46:2b:0d:a3:6e:8c:8c:9e:41:ab:36:
a8:ca:2a:62:98:dc:0e:dc:0f:51:88:06:7f:69:0a:ac:6c:8c:
5f:a9:9c:ff
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIwRTAxMTAvBgNVBAUTKEZEM0I0RUY4Rjc5QjBBRTEyN0U3MUU0QjZDMTg2OUQ4
MUIyMkU4ODAwHhcNMjIxMTMwMjEyNzI3WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzg3Y2FiZS0wOTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2JnFrw9QKndVCjI6RNfChfjQ0i3+gLOUjD6uPIa2QJLc6LwwlrpIxoB4bAPU
KN0l12OkCWoJ7AyxeQ6erUdFATSHZTk1Rw6aHjyUvPzsoqpPvFrWQg+ascqszMWy
byRrn1i4Tjhyd0ThZZETXqu5M1hiQuNtXX3E8mKte2eVYeHtU/OXTpjRKxy0Q5Ss
1coiwxO0sB+kqXDbpTRa5g/g3Li9Xx1Ocx0iT3eogwAerwlRaK5jbW69thQkuYIX
O+oNtKI9V4lZ4UFYp8xD01kixiBxWWWYE/O1OLrkMyfrDsz2eBq8o5CKJ5jmESox
7sBnOGKKuL8R+qQYbJN5Ve3mKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCEPkQCq
Bp0WnoINrgDWJEiImSTXMB8GA1UdIwQYMBaAFP07Tvj3mwrhJ+ceS2wYadgbIuiA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjBFMC9FMUEzODRBQzMx
MEUxMUVBOUMzQ0U3MkZDNEY5QUUwMi9fVHRPLVBlYkN1RW41eDVMYkJocDJCc2k2
SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19UdE8tUGViQ3VFbjV4NUxiQmhwMkJzaTZJQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIwRTAvRTFBMzg0QUMzMTBFMTFFQTlDM0NFNzJGQzRGOUFFMDIvN0M1QjgyNEVF
MkIwMTFFQThGOENEQjI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAxKAQwDQYJKoZIhvcNAQELBQADggEBAIXyxsT8ZXbxSfYH
4gshoGQU2mbKsVF95NGSkmy2lNxiqvZprCJiDV6S0V3T1xCY4osjKJj5lC/S47i5
vTSS1nPvYc7OCic/MSvMuLVcFoixcP+xtl/gBVDDKTGXQlPKvOqKbzJo1aE6q6dd
QAHKLD2ZdH7qp2Zltgj1LJnWRjB65NQFhAmPwbIPuLDkcjvXukylwA02isaTTvdm
SN4ZHaj4RWkan4f2kAK+A1AT2A4strvndhxkqBN5lAi4eFB/Qnksa1ut6C4qnYAp
ecIajN168buELlxI+SSSh+uKjpxGKw2jboyMnkGrNqjKKmKY3A7cD1GIBn9pCqxs
jF+pnP8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org