Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/976DC148A45C11E98C75A87CC4F9AE02.roa
File: 976DC148A45C11E98C75A87CC4F9AE02.roa (raw, json)
Hash identifier: KDYIevSFx84eEsrfL2J+JS7ZyY7wULzr7UueqDfq4N8=
Subject key identifier: 65:DE:31:39:D6:0F:1F:A5:15:33:98:58:0B:12:8D:93:A0:B8:60:C3
Certificate issuer: /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial: 0DDD
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/976DC148A45C11E98C75A87CC4F9AE02.roa
Signing time: Wed 03 Aug 2022 19:05:43 +0000
ROA not before: Wed 03 Aug 2022 19:05:43 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 139298
IP address blocks: 2404:f4c0:fc10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3549 (0xddd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Validity
Not Before: Aug 3 19:05:43 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62eac707-df6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9a:a0:4b:fc:34:55:3b:a5:e4:e4:9f:1f:48:
a2:12:05:ff:68:78:c3:07:49:1e:4d:ce:97:65:03:
5c:ff:14:3a:c8:b8:f8:8b:a0:34:8f:6b:c1:bb:d2:
b7:ee:bb:d7:e8:c3:7a:0f:fd:03:59:64:a6:92:f0:
dd:4f:1a:66:ba:00:cd:0d:22:b6:95:19:d1:16:2a:
51:ec:11:17:b5:e7:f0:6f:e0:bc:f0:6e:7c:10:c0:
3a:f4:4d:38:b9:01:9e:13:54:cc:dc:ff:36:f7:84:
39:87:a4:68:bf:e7:01:0b:cf:d5:b4:46:e3:96:e4:
7e:2e:77:ad:1f:95:14:4a:d5:5b:75:51:1d:01:ee:
1c:50:b3:1b:85:5f:48:1c:b3:18:36:9d:87:90:24:
7a:8a:b4:c4:a0:91:2e:28:f8:2a:0a:24:a0:38:b7:
f0:f4:93:2b:86:bd:18:f5:0f:f3:6a:0a:10:bf:31:
7a:65:52:72:0d:01:85:6b:8a:69:e7:c6:81:f6:8f:
29:fe:63:50:cd:f9:3b:60:d7:c1:61:b6:28:ee:e7:
13:ac:0e:91:69:36:d9:40:b9:93:44:4e:c5:49:2b:
b2:71:db:ef:d1:57:02:03:d1:1d:5e:7e:ea:fd:95:
a0:f9:c8:1c:f4:eb:cd:b7:a3:a1:8c:07:0b:f5:8e:
d7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DE:31:39:D6:0F:1F:A5:15:33:98:58:0B:12:8D:93:A0:B8:60:C3
X509v3 Authority Key Identifier:
keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/976DC148A45C11E98C75A87CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:f4c0:fc10::/48
Signature Algorithm: sha256WithRSAEncryption
8d:a8:e1:77:2a:bd:1d:12:b3:17:02:0e:e6:02:2c:96:9b:ea:
3d:a3:ae:0d:f0:3e:62:97:1e:5c:25:42:90:11:44:4c:d4:04:
bf:f0:aa:c4:18:48:ec:15:e8:2d:49:e3:e5:20:c4:e1:7f:ef:
e3:00:46:a9:ed:ee:13:45:53:3d:2b:67:cf:05:af:bd:dc:5a:
53:af:1c:4d:b6:f3:ce:7f:fa:0b:71:1c:fb:4c:09:aa:28:b4:
8f:4b:20:7c:e7:73:23:30:80:e4:a1:a3:e1:52:f5:52:c0:aa:
ab:70:5f:77:d9:b1:24:6b:3f:3a:61:03:32:fc:21:a5:09:e2:
1a:28:9d:7c:0c:17:4c:6d:af:86:0a:5f:6b:d0:38:24:2c:98:
19:87:9b:13:18:23:ac:d0:2e:a5:c1:96:26:48:38:fa:f2:d1:
8c:6a:41:ac:1a:62:33:91:34:03:a2:d8:e4:ec:5d:0c:e7:1f:
11:ce:87:73:d9:41:d4:3d:c4:5a:e3:77:be:29:fb:de:69:9b:
72:45:23:b3:f2:fb:df:22:af:d7:d7:61:4e:b8:04:99:de:9f:
f3:10:3e:78:b7:cb:6c:90:fe:bf:c7:cb:2a:7c:82:8b:9e:c4:
d6:ab:eb:db:3f:4e:35:22:b8:8b:de:bd:de:0e:3b:3c:20:de:
bd:16:a4:95
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICDd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjIwODAzMTkwNTQzWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVhYzcwNy1kZjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxZqgS/w0VTul5OSfH0iiEgX/aHjDB0keTc6XZQNc/xQ6yLj4i6A0j2vBu9K3
7rvX6MN6D/0DWWSmkvDdTxpmugDNDSK2lRnRFipR7BEXtefwb+C88G58EMA69E04
uQGeE1TM3P8294Q5h6Rov+cBC8/VtEbjluR+LnetH5UUStVbdVEdAe4cULMbhV9I
HLMYNp2HkCR6irTEoJEuKPgqCiSgOLfw9JMrhr0Y9Q/zagoQvzF6ZVJyDQGFa4pp
58aB9o8p/mNQzfk7YNfBYbYo7ucTrA6RaTbZQLmTRE7FSSuycdvv0VcCA9EdXn7q
/ZWg+cgc9OvNt6OhjAcL9Y7XgQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFGXeMTnW
Dx+lFTOYWAsSjZOguGDDMB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvOTc2REMxNDhB
NDVDMTFFOThDNzVBODdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkBPTA/BAwDQYJKoZIhvcNAQELBQADggEBAI2o4XcqvR0S
sxcCDuYCLJab6j2jrg3wPmKXHlwlQpARREzUBL/wqsQYSOwV6C1J4+UgxOF/7+MA
Rqnt7hNFUz0rZ88Fr73cWlOvHE22885/+gtxHPtMCaootI9LIHzncyMwgOSho+FS
9VLAqqtwX3fZsSRrPzphAzL8IaUJ4hoonXwMF0xtr4YKX2vQOCQsmBmHmxMYI6zQ
LqXBliZIOPry0YxqQawaYjORNAOi2OTsXQznHxHOh3PZQdQ9xFrjd74p+95pm3JF
I7Py+98ir9fXYU64BJnen/MQPni3y2yQ/r/Hyyp8gouexNar69s/TjUiuIvevd4O
Ozwg3r0WpJU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org