Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9168BA2/99DF386254C411EA84F4E72DC4F9AE02/668C298C1B8911ED8E01341FC4F9AE02.roa
File: 668C298C1B8911ED8E01341FC4F9AE02.roa (raw, json)
Hash identifier: Wjji2TG0SuLkXK/FboUx3lC33hAbOY0YKeH4NybD3/4=
Subject key identifier: E9:E6:BF:E3:CB:7E:ED:71:7C:1B:9F:E3:B0:42:21:E2:D6:BE:7C:3D
Certificate issuer: /CN=A9168BA2/serialNumber=CA62E438F98D8518D2F2A5D9F6765651E5ADA60E
Certificate serial: 0872
Authority key identifier: CA:62:E4:38:F9:8D:85:18:D2:F2:A5:D9:F6:76:56:51:E5:AD:A6:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9168BA2/99DF386254C411EA84F4E72DC4F9AE02/668C298C1B8911ED8E01341FC4F9AE02.roa
Signing time: Sun 14 Aug 2022 04:27:27 +0000
ROA not before: Sun 14 Aug 2022 04:27:27 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 16509
IP address blocks: 2001:df1:6c80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2162 (0x872)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9168BA2/serialNumber=CA62E438F98D8518D2F2A5D9F6765651E5ADA60E
Validity
Not Before: Aug 14 04:27:27 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=62f879ae-4679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:3f:50:4b:73:fb:4e:e2:2e:8d:c6:e3:09:0d:
80:62:d8:ae:b6:fb:78:6c:bc:e3:79:95:f1:0a:79:
c0:93:03:3d:93:0d:8a:17:ca:b0:f3:aa:73:83:cb:
bf:ec:ba:34:54:04:1e:e1:2a:41:38:a2:b9:d5:08:
c4:2e:60:9b:17:6e:07:e8:3c:38:12:70:61:50:3a:
3b:6b:49:90:05:c3:6b:0a:49:5b:c8:8c:b1:64:2e:
1a:7e:61:00:7c:0c:0f:10:52:a6:14:ac:7c:af:7d:
e3:b7:67:89:4c:77:70:7d:2d:29:b3:45:00:ee:f2:
95:18:33:e9:b0:bb:de:3c:c2:fa:86:ce:67:a4:a4:
40:f2:ad:a6:6b:fe:8b:d3:83:6c:09:bc:f3:65:1d:
23:a4:52:f1:4e:83:0a:31:0f:ee:63:9a:d3:e3:b0:
dc:50:d4:d1:45:4b:98:7f:25:85:3b:7a:a0:52:e8:
7a:e0:44:64:39:62:1a:53:35:38:9b:c4:26:b8:5e:
fe:81:5b:02:f0:c7:8e:37:d7:84:8d:9b:05:fa:75:
ee:67:ea:86:72:c2:d9:64:16:ba:c5:3b:3b:86:a4:
ad:ad:4a:4e:59:9f:1b:3a:a7:c1:87:9e:75:03:2f:
54:66:5c:fd:8e:dc:aa:86:c5:ed:d6:95:b0:9e:21:
b0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E6:BF:E3:CB:7E:ED:71:7C:1B:9F:E3:B0:42:21:E2:D6:BE:7C:3D
X509v3 Authority Key Identifier:
keyid:CA:62:E4:38:F9:8D:85:18:D2:F2:A5:D9:F6:76:56:51:E5:AD:A6:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9168BA2/99DF386254C411EA84F4E72DC4F9AE02/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ymLkOPmNhRjS8qXZ9nZWUeWtpg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168BA2/99DF386254C411EA84F4E72DC4F9AE02/668C298C1B8911ED8E01341FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df1:6c80::/48
Signature Algorithm: sha256WithRSAEncryption
42:e7:ce:6b:c5:b0:67:0d:07:bf:79:d7:86:f4:06:44:a7:d5:
95:c9:4a:15:3d:c4:09:3b:52:25:e9:d9:f6:18:f6:8a:7c:62:
34:bf:59:dc:47:59:d2:2c:67:eb:de:c2:b8:e5:5f:87:b7:0c:
c8:d7:5a:ea:8f:45:5b:9c:f5:51:a8:c8:01:95:6e:32:8c:1f:
59:84:0a:6b:30:3a:4e:85:94:7a:f3:3c:66:17:01:8e:01:d1:
b3:75:31:cc:b1:50:b7:81:51:7a:2d:4d:0a:8a:c4:e0:6b:af:
7f:b0:cf:d0:62:16:99:a3:d7:8d:be:71:8e:7b:ff:05:8b:08:
a5:b1:c8:c9:ed:5b:80:be:d1:77:94:12:9f:59:6a:a0:c5:f3:
f1:aa:96:97:c6:17:55:e3:59:f6:1c:44:99:d5:94:45:cf:19:
6c:ef:65:59:f5:b8:f6:5d:3a:48:a0:b3:27:ed:4d:8e:eb:0c:
ee:42:5f:75:af:0d:81:19:90:93:bb:1d:91:1f:dc:8f:c1:f7:
5b:d4:66:7d:a1:89:9f:7c:fa:de:87:70:a9:8c:53:71:ae:b1:
16:3f:ce:e6:c5:f6:fc:30:1d:37:ff:6d:41:4a:8d:2a:8e:a4:
8a:1b:ca:13:15:66:54:0e:ad:5f:6b:80:30:b1:38:3a:a5:c5:
74:98:46:13
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCHIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjhCQTIxMTAvBgNVBAUTKENBNjJFNDM4Rjk4RDg1MThEMkYyQTVEOUY2NzY1NjUx
RTVBREE2MEUwHhcNMjIwODE0MDQyNzI3WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmY4NzlhZS00Njc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+D9QS3P7TuIujcbjCQ2AYtiutvt4bLzjeZXxCnnAkwM9kw2KF8qw86pzg8u/
7Lo0VAQe4SpBOKK51QjELmCbF24H6Dw4EnBhUDo7a0mQBcNrCklbyIyxZC4afmEA
fAwPEFKmFKx8r33jt2eJTHdwfS0ps0UA7vKVGDPpsLvePML6hs5npKRA8q2ma/6L
04NsCbzzZR0jpFLxToMKMQ/uY5rT47DcUNTRRUuYfyWFO3qgUuh64ERkOWIaUzU4
m8QmuF7+gVsC8MeON9eEjZsF+nXuZ+qGcsLZZBa6xTs7hqStrUpOWZ8bOqfBh551
Ay9UZlz9jtyqhsXt1pWwniGwkQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFOnmv+PL
fu1xfBuf47BCIeLWvnw9MB8GA1UdIwQYMBaAFMpi5Dj5jYUY0vKl2fZ2VlHlraYO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OEJBMi85OURGMzg2MjU0
QzQxMUVBODRGNEU3MkRDNEY5QUUwMi95bUxrT1BtTmhSalM4cVhaOW5aV1VlV3Rw
ZzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ltTGtPUG1OaFJqUzhxWFo5blpXVWVXdHBnNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjhCQTIvOTlERjM4NjI1NEM0MTFFQTg0RjRFNzJEQzRGOUFFMDIvNjY4QzI5OEMx
Qjg5MTFFRDhFMDEzNDFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3xbIAwDQYJKoZIhvcNAQELBQADggEBAELnzmvFsGcN
B79514b0BkSn1ZXJShU9xAk7UiXp2fYY9op8YjS/WdxHWdIsZ+vewrjlX4e3DMjX
WuqPRVuc9VGoyAGVbjKMH1mECmswOk6FlHrzPGYXAY4B0bN1McyxULeBUXotTQqK
xOBrr3+wz9BiFpmj142+cY57/wWLCKWxyMntW4C+0XeUEp9ZaqDF8/GqlpfGF1Xj
WfYcRJnVlEXPGWzvZVn1uPZdOkigsyftTY7rDO5CX3WvDYEZkJO7HZEf3I/B91vU
Zn2hiZ98+t6HcKmMU3GusRY/zubF9vwwHTf/bUFKjSqOpIobyhMVZlQOrV9rgDCx
ODqlxXSYRhM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:42 2023 by rpki-client on console-ams.rpki-client.org