Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/64E9BF46A2A011E9AC584C7DC4F9AE02.roa
File: 64E9BF46A2A011E9AC584C7DC4F9AE02.roa (raw, json)
Hash identifier: QNTBlTOeMHX7NnBanWKyKLGN2EwYQeAl9GNe7LBzx50=
Subject key identifier: 2E:1B:65:CC:7E:6F:57:E2:74:CE:D2:8F:5A:35:FE:E6:63:D8:76:25
Certificate issuer: /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial: 0A87
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/64E9BF46A2A011E9AC584C7DC4F9AE02.roa
Signing time: Sun 08 Aug 2021 07:15:06 +0000
ROA not before: Sun 08 Aug 2021 07:15:06 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 139023
IP address blocks: 2404:f4c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2695 (0xa87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Validity
Not Before: Aug 8 07:15:06 2021 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=610f847a-b5cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d4:e4:2e:aa:b1:74:96:5c:6a:20:4d:a8:2b:
78:d8:8c:5c:7d:c9:b1:1f:aa:27:bd:30:44:91:f8:
87:7e:c8:64:e2:21:b2:1f:78:41:59:29:fd:c6:8c:
2f:b6:aa:37:1d:97:33:39:45:b8:4d:ce:ba:f4:d3:
15:b7:fa:f1:4d:b4:54:25:2e:76:4c:90:a4:e3:6e:
20:fe:53:09:20:6f:34:e3:c7:ee:3f:db:ad:ae:82:
1f:90:d5:49:94:16:ac:b6:e9:bb:07:7a:9f:f6:2d:
bd:3e:d4:cf:9c:08:aa:21:09:f5:af:87:5f:a7:02:
0b:42:36:d0:dd:c5:6c:c7:d7:a0:a1:ca:95:72:db:
3c:fb:a1:59:3a:90:31:70:ee:fd:75:ee:bf:9f:ca:
a6:3d:30:e2:62:da:af:83:f4:8f:ec:46:5f:08:8b:
aa:df:04:40:49:cc:31:68:9c:16:fe:87:ee:88:ad:
ba:d3:c5:a4:14:9c:04:95:ad:2a:9d:75:bc:4e:f5:
83:b8:11:be:54:d5:ee:f2:df:0a:b1:06:2b:eb:bb:
1b:7a:5d:3f:70:71:a2:8f:6f:23:ec:0c:00:db:71:
43:4b:b9:45:f3:b7:e6:73:28:15:38:f6:44:2d:28:
3b:cb:d9:f2:7f:2f:38:a9:6f:c6:3f:fa:b8:49:8b:
78:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1B:65:CC:7E:6F:57:E2:74:CE:D2:8F:5A:35:FE:E6:63:D8:76:25
X509v3 Authority Key Identifier:
keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/64E9BF46A2A011E9AC584C7DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:81:b5:76:d5:93:31:af:74:14:0e:16:c2:a8:83:e1:ee:69:
01:96:64:18:5b:a3:61:5d:83:dd:ca:08:58:62:86:9d:b5:7a:
21:d2:90:10:c5:d1:6a:8e:d5:72:19:b3:e8:96:cf:40:d8:93:
e4:86:16:06:13:c7:7f:df:82:1b:e8:a5:a3:41:cb:98:79:10:
dd:be:5f:b0:61:1f:53:08:08:b5:66:82:66:e2:a3:fe:2d:1b:
4c:aa:12:c1:05:5c:95:11:c1:15:5e:b6:6f:83:40:33:7d:5f:
d9:e1:c9:9d:81:5a:4b:ab:ab:75:fa:9d:dd:96:46:84:9e:74:
8b:1a:11:62:ff:f7:4c:2b:6d:2c:9a:0f:f9:5c:87:87:33:3b:
99:e3:91:bd:f4:89:b6:b6:03:fe:52:37:4a:74:31:d4:18:e4:
63:5e:37:43:93:12:1a:48:8d:19:92:05:a5:6d:e2:cc:1e:a1:
af:e2:2b:fc:84:a8:b2:e0:5e:42:19:98:cf:aa:7b:13:2e:8c:
76:07:12:54:6d:72:4f:25:49:b8:4a:f8:af:93:2e:cc:15:bc:
14:90:6a:35:38:53:f6:6c:64:0e:a5:d5:da:27:11:6a:92:6f:
0c:f7:7e:54:0f:cd:1b:d5:dc:17:4d:55:ab:52:b9:a3:00:f2:
22:1d:91:b7
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICCocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjEwODA4MDcxNTA2WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTBmODQ3YS1iNWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAttTkLqqxdJZcaiBNqCt42IxcfcmxH6onvTBEkfiHfshk4iGyH3hBWSn9xowv
tqo3HZczOUW4Tc669NMVt/rxTbRUJS52TJCk424g/lMJIG8048fuP9utroIfkNVJ
lBastum7B3qf9i29PtTPnAiqIQn1r4dfpwILQjbQ3cVsx9egocqVcts8+6FZOpAx
cO79de6/n8qmPTDiYtqvg/SP7EZfCIuq3wRAScwxaJwW/ofuiK2608WkFJwEla0q
nXW8TvWDuBG+VNXu8t8KsQYr67sbel0/cHGij28j7AwA23FDS7lF87fmcygVOPZE
LSg7y9nyfy84qW/GP/q4SYt4hQIDAQABo4ICljCCApIwHQYDVR0OBBYEFC4bZcx+
b1fidM7Sj1o1/uZj2HYlMB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvNjRFOUJGNDZB
MkEwMTFFOUFDNTg0QzdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBPTAMA0GCSqGSIb3DQEBCwUAA4IBAQCOgbV21ZMxr3QU
DhbCqIPh7mkBlmQYW6NhXYPdyghYYoadtXoh0pAQxdFqjtVyGbPols9A2JPkhhYG
E8d/34Ib6KWjQcuYeRDdvl+wYR9TCAi1ZoJm4qP+LRtMqhLBBVyVEcEVXrZvg0Az
fV/Z4cmdgVpLq6t1+p3dlkaEnnSLGhFi//dMK20smg/5XIeHMzuZ45G99Im2tgP+
UjdKdDHUGORjXjdDkxIaSI0ZkgWlbeLMHqGv4iv8hKiy4F5CGZjPqnsTLox2BxJU
bXJPJUm4Svivky7MFbwUkGo1OFP2bGQOpdXaJxFqkm8M935UD80b1dwXTVWrUrmj
APIiHZG3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:48 2023 by rpki-client on console-fra.rpki-client.org