Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/3038F2C40B6D11ED81E33B71C4F9AE02.roa
File: 3038F2C40B6D11ED81E33B71C4F9AE02.roa (raw, json)
Hash identifier: EGLJdnwpn8mpuvZNDNpZErpK3+BGR0EG3EkLuGE60Yw=
Subject key identifier: D4:2E:45:31:BF:F7:87:48:48:A6:57:1A:01:75:36:CB:C9:C0:2B:30
Certificate issuer: /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial: 0DB7
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/3038F2C40B6D11ED81E33B71C4F9AE02.roa
Signing time: Sun 24 Jul 2022 16:25:11 +0000
ROA not before: Sun 24 Jul 2022 16:25:11 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 203804
IP address blocks: 2404:f4c0:2233::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3511 (0xdb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Validity
Not Before: Jul 24 16:25:11 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62dd7266-b5bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:96:7e:f1:2f:76:69:a4:5f:01:3e:be:59:12:
5b:b6:44:5b:48:1a:f5:89:38:a0:1c:76:4f:ef:bf:
a5:5b:af:e2:e6:2f:74:38:9e:4f:62:e8:d6:75:4a:
ec:95:97:80:f3:e6:6f:20:32:c8:8c:21:63:0c:85:
fb:be:51:df:7a:f0:5c:1b:f9:5e:fd:ed:4e:d7:c2:
d8:7f:48:9f:a6:2f:ec:24:fc:77:29:56:6f:6c:cb:
85:7d:c6:c4:af:2b:0d:6c:ee:40:1f:bf:06:6b:97:
7e:3c:83:5a:1e:4e:25:e0:05:a9:65:d4:db:3a:46:
e5:3e:1a:a5:1f:e3:92:46:16:55:37:b9:86:54:f1:
06:69:5e:4c:51:1f:ff:04:a7:54:b9:e8:69:49:82:
ff:7b:79:13:df:21:52:f7:4b:70:40:fb:91:bb:9e:
16:f5:7f:6b:1a:59:72:86:64:42:07:bf:11:f6:a7:
d3:c3:b7:ce:a9:2d:2e:b7:d5:c8:ba:65:03:64:6a:
95:51:ea:05:96:cc:71:d7:b3:a1:73:b9:c3:3a:f0:
7e:49:b5:7a:20:70:d0:a2:18:b0:f7:55:7d:67:00:
cf:4e:b5:6e:73:3e:35:95:ea:4b:2c:12:85:2a:74:
43:bc:38:9c:d7:73:82:37:6f:ef:24:c7:dc:e0:3d:
02:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:2E:45:31:BF:F7:87:48:48:A6:57:1A:01:75:36:CB:C9:C0:2B:30
X509v3 Authority Key Identifier:
keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/3038F2C40B6D11ED81E33B71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:f4c0:2233::/48
Signature Algorithm: sha256WithRSAEncryption
d8:74:d1:c7:3d:cc:d5:13:58:0c:f9:29:2f:84:92:e6:46:70:
5d:82:29:e5:0c:8d:37:4b:66:f0:ff:27:9a:7b:a4:13:6f:6d:
6e:c7:8f:c8:c2:09:93:97:30:1d:51:02:93:c1:6d:e1:c9:12:
bc:8f:8a:a0:e9:01:c1:4a:d7:77:7f:73:02:bd:53:a5:b7:0c:
34:ac:d9:b7:4e:12:87:a0:21:a6:ee:c3:73:c5:54:ed:76:45:
e5:36:6e:a6:5a:0a:07:ba:21:69:68:4f:f8:85:29:ca:13:9b:
40:7d:0b:96:d9:9b:ce:19:78:f8:aa:96:bf:f0:61:3d:fb:3f:
94:9a:f4:6c:db:5e:b5:27:a6:33:4b:3c:9b:a2:e1:1e:b7:51:
ee:ed:cb:91:c6:69:84:a2:bc:90:75:b0:c6:a1:7e:d6:06:0e:
7e:77:d0:57:03:00:ea:98:27:9d:ac:22:f3:a2:fd:50:a6:6e:
11:56:e1:3c:bc:15:73:c1:c8:a9:6a:4c:6f:53:b9:37:48:44:
05:dc:71:0b:e8:3d:07:a5:fd:d6:de:68:1b:a4:e2:fd:37:75:
41:36:b3:ba:91:6a:0c:07:0a:70:dc:0d:f7:f1:6b:30:4c:5f:
c3:c5:cc:c8:28:1a:36:7e:f1:4b:25:d9:5e:ac:72:38:47:8b:
38:44:26:55
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICDbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjIwNzI0MTYyNTExWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmRkNzI2Ni1iNWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ZZ+8S92aaRfAT6+WRJbtkRbSBr1iTigHHZP77+lW6/i5i90OJ5PYujWdUrs
lZeA8+ZvIDLIjCFjDIX7vlHfevBcG/le/e1O18LYf0ifpi/sJPx3KVZvbMuFfcbE
rysNbO5AH78Ga5d+PINaHk4l4AWpZdTbOkblPhqlH+OSRhZVN7mGVPEGaV5MUR//
BKdUuehpSYL/e3kT3yFS90twQPuRu54W9X9rGllyhmRCB78R9qfTw7fOqS0ut9XI
umUDZGqVUeoFlsxx17Ohc7nDOvB+SbV6IHDQohiw91V9ZwDPTrVucz41lepLLBKF
KnRDvDic13OCN2/vJMfc4D0CwQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNQuRTG/
94dISKZXGgF1NsvJwCswMB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvMzAzOEYyQzQw
QjZEMTFFRDgxRTMzQjcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkBPTAIjMwDQYJKoZIhvcNAQELBQADggEBANh00cc9zNUT
WAz5KS+EkuZGcF2CKeUMjTdLZvD/J5p7pBNvbW7Hj8jCCZOXMB1RApPBbeHJEryP
iqDpAcFK13d/cwK9U6W3DDSs2bdOEoegIabuw3PFVO12ReU2bqZaCge6IWloT/iF
KcoTm0B9C5bZm84ZePiqlr/wYT37P5Sa9GzbXrUnpjNLPJui4R63Ue7ty5HGaYSi
vJB1sMahftYGDn530FcDAOqYJ52sIvOi/VCmbhFW4Ty8FXPByKlqTG9TuTdIRAXc
cQvoPQel/dbeaBuk4v03dUE2s7qRagwHCnDcDffxazBMX8PFzMgoGjZ+8Usl2V6s
cjhHizhEJlU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:48 2023 by rpki-client on console-fra.rpki-client.org