Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/F05192163E3D11EDB44A5F7AC4F9AE02.roa
File: F05192163E3D11EDB44A5F7AC4F9AE02.roa (raw, json)
Hash identifier: KP3rMbu0CdKyo70kgdCkzBtqEekbwJLx/iaYmR9z9YA=
Subject key identifier: F2:4B:D5:37:0D:88:82:56:A7:F7:AE:78:C5:9F:B5:B4:12:A4:B2:C2
Certificate issuer: /CN=A916B837/serialNumber=F5522DE313844E96E3EBF38034ECA09BE2AA0AD5
Certificate serial: 0142
Authority key identifier: F5:52:2D:E3:13:84:4E:96:E3:EB:F3:80:34:EC:A0:9B:E2:AA:0A:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9VIt4xOETpbj6_OANOygm-KqCtU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/F05192163E3D11EDB44A5F7AC4F9AE02.roa
Signing time: Tue 27 Sep 2022 08:25:27 +0000
ROA not before: Tue 27 Sep 2022 08:25:27 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 131668
IP address blocks: 2400:70e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 322 (0x142)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B837/serialNumber=F5522DE313844E96E3EBF38034ECA09BE2AA0AD5
Validity
Not Before: Sep 27 08:25:27 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6332b376-a770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a4:7d:6f:c7:79:bb:1a:5b:2a:5f:fa:62:cb:
91:8e:24:6f:c0:57:69:60:d9:02:16:ff:15:bb:15:
88:8e:14:c0:f2:30:f3:c2:93:8f:74:4c:7d:7c:f0:
9c:1b:a9:cc:f6:ea:2e:70:56:76:0d:59:fa:f0:dc:
52:1e:38:0e:61:a0:b4:b9:d1:ab:97:38:ed:5c:1c:
c3:7b:02:87:9a:a3:b2:8d:86:ce:4c:83:c7:21:95:
cb:d5:6a:12:a0:7b:b1:6d:a5:57:4b:0a:cc:fb:be:
09:6e:e6:46:a0:07:72:68:ae:f0:41:c4:94:f0:b0:
d4:11:7d:24:12:4f:18:f0:97:8e:c7:78:57:f5:e1:
60:bd:80:87:49:70:14:c7:ab:a1:a7:5f:32:13:23:
24:14:2d:71:72:46:42:2a:6c:0d:6e:05:08:80:50:
ed:c5:09:8f:77:31:55:f7:c1:90:9c:e7:b7:fd:33:
1f:99:3c:4c:6c:20:39:6e:8f:42:cc:4a:14:a4:a5:
cc:8b:bd:96:74:53:a1:20:7e:f8:9c:fb:cf:55:47:
14:fc:14:1a:68:82:a0:0f:40:ec:96:97:8f:23:96:
7e:17:4e:f3:bf:91:fb:f5:90:43:68:83:bf:a0:47:
63:b3:cf:34:ba:39:47:24:df:80:63:a2:5b:db:3e:
df:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4B:D5:37:0D:88:82:56:A7:F7:AE:78:C5:9F:B5:B4:12:A4:B2:C2
X509v3 Authority Key Identifier:
keyid:F5:52:2D:E3:13:84:4E:96:E3:EB:F3:80:34:EC:A0:9B:E2:AA:0A:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/9VIt4xOETpbj6_OANOygm-KqCtU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9VIt4xOETpbj6_OANOygm-KqCtU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/F05192163E3D11EDB44A5F7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:70e0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:56:37:bc:4f:3c:3a:5b:ea:b2:65:59:ad:f9:57:b8:f7:f0:
3c:02:66:98:4c:7a:2d:9f:18:c9:a2:73:4e:eb:fd:ab:af:18:
1b:0a:75:6f:2e:2f:be:01:eb:91:25:7a:e4:c5:3e:91:25:f7:
ec:67:9f:3e:32:6c:25:fd:4f:30:e9:3c:7f:7f:eb:d7:b3:06:
88:8f:6d:8b:02:3a:cd:8c:7d:a4:9b:0c:d5:b7:6c:49:8d:9d:
fd:ed:e1:f5:1a:b5:65:c9:7d:64:a0:bd:29:5b:ee:4d:64:12:
ca:d5:d4:8e:ed:76:54:a5:8e:09:dc:fc:f6:1b:82:0e:6e:a5:
63:17:86:68:32:1c:4c:66:d9:db:01:51:da:19:9c:31:79:59:
db:04:7f:7c:d1:5b:e5:c5:86:49:c1:9d:ed:08:fb:b4:87:f3:
16:f1:c0:9f:ab:fd:59:fe:bb:9c:35:c8:42:99:c9:ee:93:e1:
ed:b2:4c:24:eb:0c:ec:75:75:99:5c:73:71:46:2a:88:5e:29:
f9:f5:8d:25:23:f6:82:70:16:04:50:36:8a:e3:a7:29:2c:81:
59:80:61:4f:ed:2d:ec:cf:3a:68:b0:bf:a4:de:3d:43:67:d6:
04:26:e6:19:24:9c:6c:f7:6c:97:57:e3:06:55:a3:88:44:dc:
33:0d:1f:19
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICAUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkI4MzcxMTAvBgNVBAUTKEY1NTIyREUzMTM4NDRFOTZFM0VCRjM4MDM0RUNBMDlC
RTJBQTBBRDUwHhcNMjIwOTI3MDgyNTI3WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzMyYjM3Ni1hNzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvqR9b8d5uxpbKl/6YsuRjiRvwFdpYNkCFv8VuxWIjhTA8jDzwpOPdEx9fPCc
G6nM9uoucFZ2DVn68NxSHjgOYaC0udGrlzjtXBzDewKHmqOyjYbOTIPHIZXL1WoS
oHuxbaVXSwrM+74JbuZGoAdyaK7wQcSU8LDUEX0kEk8Y8JeOx3hX9eFgvYCHSXAU
x6uhp18yEyMkFC1xckZCKmwNbgUIgFDtxQmPdzFV98GQnOe3/TMfmTxMbCA5bo9C
zEoUpKXMi72WdFOhIH74nPvPVUcU/BQaaIKgD0DslpePI5Z+F07zv5H79ZBDaIO/
oEdjs880ujlHJN+AY6Jb2z7f7QIDAQABo4ICljCCApIwHQYDVR0OBBYEFPJL1TcN
iIJWp/eueMWftbQSpLLCMB8GA1UdIwQYMBaAFPVSLeMThE6W4+vzgDTsoJviqgrV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjgzNy85RDkwQUI2MkMx
NUExMUVDQTQ0RjUzNjBDNEY5QUUwMi85Vkl0NHhPRVRwYmo2X09BTk95Z20tS3FD
dFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlWSXQ0eE9FVHBiajZfT0FOT3lnbS1LcUN0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkI4MzcvOUQ5MEFCNjJDMTVBMTFFQ0E0NEY1MzYwQzRGOUFFMDIvRjA1MTkyMTYz
RTNEMTFFREI0NEE1RjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAHDgMA0GCSqGSIb3DQEBCwUAA4IBAQBPVje8Tzw6W+qy
ZVmt+Ve49/A8AmaYTHotnxjJonNO6/2rrxgbCnVvLi++AeuRJXrkxT6RJffsZ58+
Mmwl/U8w6Tx/f+vXswaIj22LAjrNjH2kmwzVt2xJjZ397eH1GrVlyX1koL0pW+5N
ZBLK1dSO7XZUpY4J3Pz2G4IObqVjF4ZoMhxMZtnbAVHaGZwxeVnbBH980VvlxYZJ
wZ3tCPu0h/MW8cCfq/1Z/rucNchCmcnuk+Htskwk6wzsdXWZXHNxRiqIXin59Y0l
I/aCcBYEUDaK46cpLIFZgGFP7S3szzposL+k3j1DZ9YEJuYZJJxs92yXV+MGVaOI
RNwzDR8Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org