Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/964EBAFAAD3711ED87EC630DC4F9AE02.roa
File: 964EBAFAAD3711ED87EC630DC4F9AE02.roa (raw, json)
Hash identifier: JSeafsDh9MAmtXKLQgVMb8MnQeF1kTQV3FLOizYjors=
Subject key identifier: C7:EE:60:45:07:11:9F:AD:87:07:40:0F:04:14:68:E6:D9:D8:2E:D6
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 09DB
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/964EBAFAAD3711ED87EC630DC4F9AE02.roa
Signing time: Wed 15 Feb 2023 13:49:38 +0000
ROA not before: Wed 15 Feb 2023 13:49:38 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 138632
IP address blocks: 2406:840:fe71::/48 maxlen: 48
2406:840:fef3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2523 (0x9db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Validity
Not Before: Feb 15 13:49:38 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63ece2f1-da1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1e:24:ed:ee:5f:29:0a:7d:45:03:aa:09:e6:
84:95:ea:fd:b6:ed:ca:c9:7d:73:58:b7:4d:88:85:
4f:56:96:ac:32:1b:03:1c:a8:b0:f7:08:43:68:9e:
02:4f:4e:2c:0c:4c:33:df:f9:9c:da:f2:7c:ad:81:
09:55:d8:d5:22:da:2b:20:ae:09:f9:92:70:2a:ef:
bc:99:21:4d:40:52:17:8a:05:5b:f8:33:9a:f2:9f:
80:fa:52:75:dc:99:20:71:4a:ef:b2:fc:f5:43:64:
05:e3:41:f7:72:20:f6:02:15:2d:6c:d4:db:65:e1:
ac:26:79:59:4a:9f:41:d9:9b:a4:69:6d:43:0d:00:
6b:90:a2:64:6c:f0:a2:ea:60:86:78:9e:3e:d8:4d:
36:40:21:18:21:d5:f3:60:c0:96:ff:7e:8e:70:d8:
73:09:e8:5d:d5:90:e8:04:c0:52:ac:e6:79:73:0d:
f8:af:8d:82:16:53:84:9b:a1:08:a2:d1:a8:f5:96:
aa:d6:cb:be:34:d4:5d:96:7e:c7:a7:70:fc:0f:4d:
7a:32:11:7a:4d:30:53:cb:59:cd:c4:22:ca:df:7f:
8a:1f:91:6c:b0:29:a4:21:7f:4d:c8:cd:2a:1b:22:
a7:17:a4:36:14:55:35:71:19:24:67:00:86:b6:13:
3b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:EE:60:45:07:11:9F:AD:87:07:40:0F:04:14:68:E6:D9:D8:2E:D6
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/964EBAFAAD3711ED87EC630DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:fe71::/48
2406:840:fef3::/48
Signature Algorithm: sha256WithRSAEncryption
3f:6b:d4:59:d6:cd:6e:cb:80:a1:db:8f:7c:30:cc:a0:ac:2f:
a2:53:c7:07:8d:0b:1f:4e:06:a5:22:8f:b9:f3:4f:16:aa:1c:
86:1e:2d:bf:b1:98:ed:80:50:12:fd:3c:98:9d:81:eb:cb:f9:
58:5f:4c:22:36:37:81:a2:b7:98:f3:8c:53:d0:a8:4a:4e:fd:
4f:c8:39:e9:b1:31:55:55:9b:77:85:f7:c6:21:cd:11:42:31:
0c:38:6b:dc:0e:6c:84:10:8c:f2:5d:17:12:0d:5d:7a:93:63:
c2:ec:c6:bc:a5:8f:5d:03:2b:82:c9:e2:bf:96:30:e1:45:90:
c4:40:17:00:b4:73:cc:d1:44:d2:18:d6:49:aa:3e:93:ab:ed:
25:d2:d4:a4:cf:40:21:79:da:50:c0:23:f7:7e:74:16:fd:40:
95:eb:d9:e3:cd:f3:79:b4:0f:ac:49:17:97:06:0d:c8:e1:b4:
9b:02:3f:91:f0:09:ec:82:54:96:16:ac:c3:15:da:77:f8:43:
48:10:2c:6b:61:4b:97:3e:b7:8d:fc:28:61:40:b5:67:fe:32:
c1:8c:ae:7b:03:e2:98:71:5e:11:1b:33:76:6b:48:77:49:2a:
46:57:bc:f4:c0:8b:91:77:bd:8c:80:4f:e6:b3:5f:8a:51:fe:
91:82:6b:32
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCdswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjMwMjE1MTM0OTM4WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2VjZTJmMS1kYTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6R4k7e5fKQp9RQOqCeaEler9tu3KyX1zWLdNiIVPVpasMhsDHKiw9whDaJ4C
T04sDEwz3/mc2vJ8rYEJVdjVItorIK4J+ZJwKu+8mSFNQFIXigVb+DOa8p+A+lJ1
3JkgcUrvsvz1Q2QF40H3ciD2AhUtbNTbZeGsJnlZSp9B2ZukaW1DDQBrkKJkbPCi
6mCGeJ4+2E02QCEYIdXzYMCW/36OcNhzCehd1ZDoBMBSrOZ5cw34r42CFlOEm6EI
otGo9Zaq1su+NNRdln7Hp3D8D016MhF6TTBTy1nNxCLK33+KH5FssCmkIX9NyM0q
GyKnF6Q2FFU1cRkkZwCGthM7pwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFMfuYEUH
EZ+thwdADwQUaObZ2C7WMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvOTY0RUJBRkFB
RDM3MTFFRDg3RUM2MzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwAkBghA/nEDBwAkBghA/vMwDQYJKoZIhvcNAQELBQADggEB
AD9r1FnWzW7LgKHbj3wwzKCsL6JTxweNCx9OBqUij7nzTxaqHIYeLb+xmO2AUBL9
PJidgevL+VhfTCI2N4Git5jzjFPQqEpO/U/IOemxMVVVm3eF98YhzRFCMQw4a9wO
bIQQjPJdFxINXXqTY8Lsxrylj10DK4LJ4r+WMOFFkMRAFwC0c8zRRNIY1kmqPpOr
7SXS1KTPQCF52lDAI/d+dBb9QJXr2ePN83m0D6xJF5cGDcjhtJsCP5HwCeyCVJYW
rMMV2nf4Q0gQLGthS5c+t438KGFAtWf+MsGMrnsD4phxXhEbM3ZrSHdJKkZXvPTA
i5F3vYyAT+azX4pR/pGCazI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org