Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/B823452EC25C11EAA774862FC4F9AE02.roa
File: B823452EC25C11EAA774862FC4F9AE02.roa (raw, json)
Hash identifier: JG6xiVajUXQZPx9MvWXaTY1M8nx2YEL3och8bZtlbqg=
Subject key identifier: 71:84:CC:49:9B:6E:68:A8:D2:14:14:5A:43:7C:6F:A3:B4:78:3A:75
Certificate issuer: /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial: 0AA8
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/B823452EC25C11EAA774862FC4F9AE02.roa
Signing time: Sun 08 Aug 2021 07:15:40 +0000
ROA not before: Sun 08 Aug 2021 07:15:40 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 213216
IP address blocks: 2404:f4c0:ee00::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2728 (0xaa8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Validity
Not Before: Aug 8 07:15:40 2021 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=610f849c-9836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:df:57:24:11:0b:8d:e6:29:92:f3:f5:fc:ee:
e4:0a:b8:f0:9b:02:f7:77:75:18:14:43:45:24:be:
bc:c0:39:6b:3a:40:83:47:d3:6e:63:05:b3:55:56:
f1:3b:df:b9:ff:ea:60:16:3b:b1:58:54:ea:6e:19:
c7:98:24:cc:db:b1:50:27:69:f0:07:8b:30:ab:5f:
d7:7d:fd:66:58:a6:77:da:17:42:ec:ee:7e:4a:be:
ba:da:eb:ff:96:92:8e:16:70:3f:f1:12:85:8f:e0:
55:6e:7b:f5:af:8f:a9:27:07:4b:db:c0:b7:78:7d:
53:f4:fb:c8:8d:fe:70:d7:f7:63:c4:a7:20:af:bc:
81:9e:b3:6d:ac:cf:ee:c5:71:a6:df:80:0b:45:17:
97:a9:4f:90:33:e5:eb:18:71:47:25:7a:6e:86:ab:
3a:99:07:4d:63:d6:5b:4f:a7:c8:26:80:bb:42:a7:
8a:91:3c:7f:7d:7b:36:8d:0c:a8:6a:21:13:e7:87:
11:ad:15:27:90:27:e0:9b:bb:7f:16:8a:c5:e1:42:
cd:be:19:1b:be:39:a8:2e:b9:ff:a7:45:da:03:c3:
2f:5e:49:90:87:39:6a:9d:78:d4:e7:33:e8:b5:38:
01:7b:e6:72:02:c0:ca:92:08:45:02:f8:16:ac:41:
db:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:84:CC:49:9B:6E:68:A8:D2:14:14:5A:43:7C:6F:A3:B4:78:3A:75
X509v3 Authority Key Identifier:
keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/B823452EC25C11EAA774862FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:f4c0:ee00::/44
Signature Algorithm: sha256WithRSAEncryption
aa:1e:79:e6:ff:31:6c:1f:ff:83:b6:1c:86:ac:b3:3c:55:bc:
89:41:ab:2e:0f:46:01:39:c2:b9:14:00:7d:9e:f8:50:72:ae:
90:da:e5:70:3d:ae:6b:52:e0:d1:27:5d:8f:f6:d7:0c:bb:e3:
c2:5a:11:34:eb:f6:1e:19:7e:c7:7f:49:ed:9b:d3:dd:7e:f7:
89:92:85:bc:79:f8:b4:63:77:8b:5e:c7:f5:86:13:77:1a:3a:
7d:f2:45:93:62:ee:80:bf:65:2b:25:45:86:68:f6:cf:d1:4f:
ce:38:45:eb:42:c5:99:4a:5c:df:53:2a:c3:73:ab:11:19:44:
f4:87:c1:7e:cf:d2:b5:ed:cc:88:00:2d:8b:c6:e4:6e:cc:0e:
98:f4:a1:db:31:a6:2d:a5:fc:77:25:11:1b:f2:cc:e1:81:99:
a2:7e:ec:7e:7d:4a:f1:fe:36:07:2a:38:35:79:28:fd:0b:03:
79:07:b5:0b:b6:8d:4d:15:8c:de:ac:4f:e6:8b:47:c3:c2:c9:
9f:04:a1:5a:0c:14:2a:04:f1:47:6f:ad:bc:8d:10:f1:94:4a:
d4:20:3a:0c:06:a7:09:ce:af:fe:5b:70:8c:ce:0e:64:24:b1:
8d:0c:ca:5d:ef:70:a1:aa:45:46:86:40:b9:dd:41:81:89:73:
d1:60:6f:3c
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjEwODA4MDcxNTQwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTBmODQ5Yy05ODM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA299XJBELjeYpkvP1/O7kCrjwmwL3d3UYFENFJL68wDlrOkCDR9NuYwWzVVbx
O9+5/+pgFjuxWFTqbhnHmCTM27FQJ2nwB4swq1/Xff1mWKZ32hdC7O5+Sr662uv/
lpKOFnA/8RKFj+BVbnv1r4+pJwdL28C3eH1T9PvIjf5w1/djxKcgr7yBnrNtrM/u
xXGm34ALRReXqU+QM+XrGHFHJXpuhqs6mQdNY9ZbT6fIJoC7QqeKkTx/fXs2jQyo
aiET54cRrRUnkCfgm7t/ForF4ULNvhkbvjmoLrn/p0XaA8MvXkmQhzlqnXjU5zPo
tTgBe+ZyAsDKkghFAvgWrEHbFwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFHGEzEmb
bmio0hQUWkN8b6O0eDp1MB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvQjgyMzQ1MkVD
MjVDMTFFQUE3NzQ4NjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBPTA7gAwDQYJKoZIhvcNAQELBQADggEBAKoeeeb/MWwf
/4O2HIasszxVvIlBqy4PRgE5wrkUAH2e+FByrpDa5XA9rmtS4NEnXY/21wy748Ja
ETTr9h4Zfsd/Se2b091+94mShbx5+LRjd4tex/WGE3caOn3yRZNi7oC/ZSslRYZo
9s/RT844RetCxZlKXN9TKsNzqxEZRPSHwX7P0rXtzIgALYvG5G7MDpj0odsxpi2l
/HclERvyzOGBmaJ+7H59SvH+NgcqODV5KP0LA3kHtQu2jU0VjN6sT+aLR8PCyZ8E
oVoMFCoE8UdvrbyNEPGUStQgOgwGpwnOr/5bcIzODmQksY0Myl3vcKGqRUaGQLnd
QYGJc9Fgbzw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:45 2023 by rpki-client on console-ams.rpki-client.org