Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/2E30F0ECB43411EDBBC3B973C4F9AE02.roa
File: 2E30F0ECB43411EDBBC3B973C4F9AE02.roa (raw, json)
Hash identifier: YQh3kN/wo0gthJESORdvx+0KsihHPswBlH3kDHRiXuE=
Subject key identifier: 57:AD:E8:6C:7A:A0:69:11:0A:E9:23:91:E8:93:58:A6:7B:EB:16:87
Certificate issuer: /CN=A917419E/serialNumber=1445489FDD50AA44AC1D2A3C3A166E06C662AFD5
Certificate serial: 0415
Authority key identifier: 14:45:48:9F:DD:50:AA:44:AC:1D:2A:3C:3A:16:6E:06:C6:62:AF:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FEVIn91QqkSsHSo8OhZuBsZir9U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/2E30F0ECB43411EDBBC3B973C4F9AE02.roa
Signing time: Thu 06 Jul 2023 13:20:27 +0000
ROA not before: Thu 06 Jul 2023 13:20:27 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 61302
IP address blocks: 2407:d340::/32 maxlen: 32
2407:d340:7000::/36 maxlen: 39
2407:d340:7000::/40 maxlen: 48
2407:d340:7100::/40 maxlen: 48
2407:d340:7200::/40 maxlen: 48
2407:d340:7300::/40 maxlen: 48
2407:d340:7400::/40 maxlen: 48
2407:d340:7500::/40 maxlen: 48
2407:d340:7600::/40 maxlen: 48
2407:d340:7800::/40 maxlen: 48
2407:d340:7900::/40 maxlen: 48
2407:d340:7a00::/40 maxlen: 48
2407:d340:8000::/36 maxlen: 39
2407:d340:8000::/40 maxlen: 48
2407:d340:8b00::/40 maxlen: 48
2407:d340:8c00::/40 maxlen: 48
2407:d340:8d00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1045 (0x415)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917419E
Validity
Not Before: Jul 6 13:20:27 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64a6bf9b-6a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:12:b3:c7:34:c7:8c:da:be:b7:42:0c:3d:fc:
b2:e6:85:7a:ae:52:58:2b:12:e9:03:93:cc:0a:13:
08:b8:1e:92:81:2a:d3:2b:e1:45:dc:97:b5:8d:10:
99:42:76:f8:f1:5b:8c:f6:eb:ac:4c:ac:1e:14:e0:
98:06:f9:74:c0:47:ad:c1:37:ca:1d:90:59:d3:e8:
6e:88:32:20:cf:ab:72:a2:3e:c1:4c:f9:c2:cc:e7:
f5:ab:a8:56:63:68:dd:1e:e1:21:f7:07:ab:db:6a:
75:b1:70:1b:44:6b:75:88:b0:25:83:cf:ae:12:70:
ff:f9:0c:a6:ee:f4:67:bb:99:8f:dd:04:3f:85:3e:
6a:40:ba:77:7e:d0:62:d4:22:dd:47:3a:35:4c:6e:
10:21:87:25:73:42:d4:41:45:d5:9b:44:94:ff:79:
e6:78:72:4d:26:2d:46:c7:05:d1:a8:a8:d3:ba:3b:
8e:bc:7f:17:0e:05:3b:9f:b2:d9:95:5d:1e:ff:b4:
b4:6f:bc:f6:5a:9c:96:e7:39:9a:5f:4f:9c:35:6a:
1e:e0:52:e7:13:e9:bb:ff:bf:aa:a9:c6:e1:55:38:
4b:58:36:aa:62:fb:6a:4e:56:73:fa:c5:fa:91:2d:
ea:6c:1a:6f:6b:cf:39:a4:fa:56:ac:a0:62:bb:2f:
87:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:AD:E8:6C:7A:A0:69:11:0A:E9:23:91:E8:93:58:A6:7B:EB:16:87
X509v3 Authority Key Identifier:
keyid:14:45:48:9F:DD:50:AA:44:AC:1D:2A:3C:3A:16:6E:06:C6:62:AF:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/FEVIn91QqkSsHSo8OhZuBsZir9U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FEVIn91QqkSsHSo8OhZuBsZir9U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/2E30F0ECB43411EDBBC3B973C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d340::/32
Signature Algorithm: sha256WithRSAEncryption
2b:2a:3d:47:de:9f:fb:d9:ea:92:91:7f:ce:fa:67:ae:db:19:
5a:99:14:29:1f:21:29:bd:f3:47:13:ea:6b:7a:d8:59:9e:5c:
4e:8e:f2:4d:23:93:48:66:cb:9a:9f:66:dc:84:d3:44:a1:de:
d9:27:3b:d5:7c:71:69:70:ae:c8:d0:47:af:32:99:88:2c:63:
04:e9:84:e5:a6:a1:b4:b3:3a:4b:a5:56:0b:8b:b7:09:27:94:
dd:f3:11:54:0d:55:64:52:01:16:1f:7d:cf:74:94:02:af:25:
86:15:f0:26:f1:21:de:ec:ac:03:a1:83:7b:5b:f5:b6:d5:e0:
98:4e:d4:52:93:66:c3:b6:44:6f:a1:5c:94:e7:ca:d0:ad:63:
85:28:b2:85:e8:39:f2:a5:6d:c5:c3:d3:f0:ef:6c:4e:0c:57:
6f:0f:70:bf:00:2a:32:eb:84:9a:bc:b9:46:00:b8:79:c2:85:
66:c8:3a:9e:6d:d9:90:16:ee:e7:0b:85:e7:b3:4f:86:8b:99:
f9:ee:3f:2e:07:e9:b7:b7:a6:0b:8f:c9:81:a4:da:53:91:b7:
07:9a:b0:6a:8e:fc:bc:7d:c0:73:ec:be:1e:7e:28:9e:7a:6d:
bc:10:3c:83:50:73:90:bd:1a:1a:89:57:11:4c:1c:84:39:da:
b2:ae:5b:af
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICBBUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQxOUUxMTAvBgNVBAUTKDE0NDU0ODlGREQ1MEFBNDRBQzFEMkEzQzNBMTY2RTA2
QzY2MkFGRDUwHhcNMjMwNzA2MTMyMDI3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE2YmY5Yi02YTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxhKzxzTHjNq+t0IMPfyy5oV6rlJYKxLpA5PMChMIuB6SgSrTK+FF3Je1jRCZ
Qnb48VuM9uusTKweFOCYBvl0wEetwTfKHZBZ0+huiDIgz6tyoj7BTPnCzOf1q6hW
Y2jdHuEh9wer22p1sXAbRGt1iLAlg8+uEnD/+Qym7vRnu5mP3QQ/hT5qQLp3ftBi
1CLdRzo1TG4QIYclc0LUQUXVm0SU/3nmeHJNJi1GxwXRqKjTujuOvH8XDgU7n7LZ
lV0e/7S0b7z2WpyW5zmaX0+cNWoe4FLnE+m7/7+qqcbhVThLWDaqYvtqTlZz+sX6
kS3qbBpva885pPpWrKBiuy+HLwIDAQABo4ICljCCApIwHQYDVR0OBBYEFFet6Gx6
oGkRCukjkeiTWKZ76xaHMB8GA1UdIwQYMBaAFBRFSJ/dUKpErB0qPDoWbgbGYq/V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDE5RS85ODFFRTk4NjBC
MjExMUVDODQyMTQ5NERDNEY5QUUwMi9GRVZJbjkxUXFrU3NIU284T2hadUJzWmly
OVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZFVkluOTFRcWtTc0hTbzhPaFp1QnNaaXI5VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQxOUUvOTgxRUU5ODYwQjIxMTFFQzg0MjE0OTREQzRGOUFFMDIvMkUzMEYwRUNC
NDM0MTFFREJCQzNCOTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkB9NAMA0GCSqGSIb3DQEBCwUAA4IBAQArKj1H3p/72eqS
kX/O+meu2xlamRQpHyEpvfNHE+prethZnlxOjvJNI5NIZsuan2bchNNEod7ZJzvV
fHFpcK7I0EevMpmILGME6YTlpqG0szpLpVYLi7cJJ5Td8xFUDVVkUgEWH33PdJQC
ryWGFfAm8SHe7KwDoYN7W/W21eCYTtRSk2bDtkRvoVyU58rQrWOFKLKF6DnypW3F
w9Pw72xODFdvD3C/ACoy64SavLlGALh5woVmyDqebdmQFu7nC4Xns0+Gi5n57j8u
B+m3t6YLj8mBpNpTkbcHmrBqjvy8fcBz7L4efiieem28EDyDUHOQvRoaiVcRTByE
Odqyrluv
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:00 2025 by rpki-client