Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/EB4EE84C5C1D11EDA245A268C4F9AE02.roa
File: EB4EE84C5C1D11EDA245A268C4F9AE02.roa (raw, json)
Hash identifier: 54oINuFjoyoaxcaDoMxHiUOaYlqZrer8ktY4hhH+BVA=
Subject key identifier: A9:87:90:05:CE:74:50:3E:DF:C4:22:5C:C6:CD:3F:13:A1:A0:7D:67
Certificate issuer: /CN=A917419E/serialNumber=1445489FDD50AA44AC1D2A3C3A166E06C662AFD5
Certificate serial: 0355
Authority key identifier: 14:45:48:9F:DD:50:AA:44:AC:1D:2A:3C:3A:16:6E:06:C6:62:AF:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FEVIn91QqkSsHSo8OhZuBsZir9U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/EB4EE84C5C1D11EDA245A268C4F9AE02.roa
Signing time: Fri 25 Nov 2022 10:53:11 +0000
ROA not before: Fri 25 Nov 2022 10:53:11 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 147002
IP address blocks: 2407:d340:7121::/48 maxlen: 48
2407:d340:7128::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 853 (0x355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917419E
Validity
Not Before: Nov 25 10:53:11 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63809e97-c974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5d:f7:f8:ec:56:9d:80:42:31:22:ed:4c:5c:
45:71:5f:c7:2f:70:0e:9c:2b:f6:36:42:83:da:7e:
db:b3:3e:6d:f7:0b:29:3d:96:b7:22:b4:87:fc:03:
ee:1c:db:88:35:b3:68:1d:55:6a:3a:69:8e:81:c6:
b8:04:2d:0f:65:15:4a:1c:d7:2d:ee:b8:8a:7a:5b:
87:b7:a7:38:0d:23:63:47:e5:f5:88:06:95:16:12:
0f:c3:84:af:f2:6e:89:f0:20:ba:4e:55:47:69:ed:
fe:8b:e5:d0:36:64:4e:0b:a7:b8:ea:98:0a:9a:ea:
b7:88:81:45:b5:31:6b:16:67:a2:36:24:6c:71:dc:
1e:b2:50:99:c1:e8:3b:36:9b:f3:db:03:4c:ad:f4:
ad:be:75:34:b1:ef:4e:62:46:10:ce:df:fd:3b:56:
40:3d:29:33:74:0c:a8:f2:0e:eb:49:84:a5:6e:7a:
ea:06:ad:d1:a3:4f:6d:39:4e:d8:c6:6c:b2:60:c4:
30:ec:12:af:05:7e:c2:03:28:f3:38:fa:1d:6a:7f:
40:07:b4:e3:74:b7:2e:a4:19:d9:59:a1:98:82:24:
91:42:12:ce:83:cc:07:cc:05:d1:03:08:06:26:02:
11:ae:35:7f:fa:9c:63:96:e4:6d:aa:4d:9a:22:7e:
e4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:87:90:05:CE:74:50:3E:DF:C4:22:5C:C6:CD:3F:13:A1:A0:7D:67
X509v3 Authority Key Identifier:
keyid:14:45:48:9F:DD:50:AA:44:AC:1D:2A:3C:3A:16:6E:06:C6:62:AF:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/FEVIn91QqkSsHSo8OhZuBsZir9U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FEVIn91QqkSsHSo8OhZuBsZir9U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/EB4EE84C5C1D11EDA245A268C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d340:7121::/48
2407:d340:7128::/48
Signature Algorithm: sha256WithRSAEncryption
8f:45:2d:0d:6f:14:94:68:54:c8:48:d8:42:e0:66:16:f6:5e:
23:1c:71:47:7c:32:90:16:58:39:2c:db:b9:2c:8d:10:d4:9c:
22:55:1d:bc:e7:36:0b:76:4c:01:6d:1b:db:30:88:03:16:68:
e3:b8:cb:af:ac:93:42:b1:f1:49:08:c3:46:9e:b7:dd:0e:ae:
f2:7d:72:de:52:64:c1:c2:6f:dd:9a:85:8c:2f:91:e7:5b:03:
58:77:d9:70:3e:dd:a6:67:a8:bb:d0:c9:7f:b2:85:8e:9e:cb:
e8:d5:8a:df:c4:8d:69:cf:33:70:5a:54:2f:2a:0a:43:90:fc:
1d:a9:3b:29:8b:8a:59:bb:95:3e:00:61:dd:70:6e:55:3e:1e:
6a:6b:89:33:fe:8b:ad:f8:a5:1a:21:80:1a:c6:1c:34:9b:e1:
97:c8:44:16:60:da:97:f8:ba:1d:a1:89:43:0a:10:6a:f2:ee:
c4:a0:35:59:90:72:a4:b2:8c:1b:82:08:50:77:7f:e2:cc:f9:
ee:72:e8:9d:0f:c9:d2:40:e1:d4:42:dc:a4:5f:3d:17:0b:c0:
11:56:c7:9d:b6:b2:3a:ee:8f:d5:0e:ce:df:c9:77:02:83:bc:
73:6a:42:e7:f2:8b:3c:92:71:ec:93:ff:2e:10:d6:0f:ce:5e:
b1:bc:6f:5f
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICA1UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQxOUUxMTAvBgNVBAUTKDE0NDU0ODlGREQ1MEFBNDRBQzFEMkEzQzNBMTY2RTA2
QzY2MkFGRDUwHhcNMjIxMTI1MTA1MzExWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzgwOWU5Ny1jOTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxF33+OxWnYBCMSLtTFxFcV/HL3AOnCv2NkKD2n7bsz5t9wspPZa3IrSH/APu
HNuINbNoHVVqOmmOgca4BC0PZRVKHNct7riKeluHt6c4DSNjR+X1iAaVFhIPw4Sv
8m6J8CC6TlVHae3+i+XQNmROC6e46pgKmuq3iIFFtTFrFmeiNiRscdweslCZweg7
Npvz2wNMrfStvnU0se9OYkYQzt/9O1ZAPSkzdAyo8g7rSYSlbnrqBq3Ro09tOU7Y
xmyyYMQw7BKvBX7CAyjzOPodan9AB7TjdLcupBnZWaGYgiSRQhLOg8wHzAXRAwgG
JgIRrjV/+pxjluRtqk2aIn7k2QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKmHkAXO
dFA+38QiXMbNPxOhoH1nMB8GA1UdIwQYMBaAFBRFSJ/dUKpErB0qPDoWbgbGYq/V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDE5RS85ODFFRTk4NjBC
MjExMUVDODQyMTQ5NERDNEY5QUUwMi9GRVZJbjkxUXFrU3NIU284T2hadUJzWmly
OVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZFVkluOTFRcWtTc0hTbzhPaFp1QnNaaXI5VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQxOUUvOTgxRUU5ODYwQjIxMTFFQzg0MjE0OTREQzRGOUFFMDIvRUI0RUU4NEM1
QzFEMTFFREEyNDVBMjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwAkB9NAcSEDBwAkB9NAcSgwDQYJKoZIhvcNAQELBQADggEB
AI9FLQ1vFJRoVMhI2ELgZhb2XiMccUd8MpAWWDks27ksjRDUnCJVHbznNgt2TAFt
G9swiAMWaOO4y6+sk0Kx8UkIw0aet90OrvJ9ct5SZMHCb92ahYwvkedbA1h32XA+
3aZnqLvQyX+yhY6ey+jVit/EjWnPM3BaVC8qCkOQ/B2pOymLilm7lT4AYd1wblU+
HmpriTP+i634pRohgBrGHDSb4ZfIRBZg2pf4uh2hiUMKEGry7sSgNVmQcqSyjBuC
CFB3f+LM+e5y6J0PydJA4dRC3KRfPRcLwBFWx522sjruj9UOzt/JdwKDvHNqQufy
izySceyT/y4Q1g/OXrG8b18=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:25 2025 by rpki-client