Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6FE7542490C911EDBA7B882AC4F9AE02.roa
File: 6FE7542490C911EDBA7B882AC4F9AE02.roa (raw, json)
Hash identifier: 5olHK+e0OwHcwQfz4CdprrM2IFj65w3PdFaEn4wK2uA=
Subject key identifier: 6E:66:74:41:84:AB:F4:73:73:03:EA:8F:9B:19:27:C4:31:09:DF:E3
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3BB0
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6FE7542490C911EDBA7B882AC4F9AE02.roa
Signing time: Tue 10 Jan 2023 09:30:36 +0000
ROA not before: Tue 10 Jan 2023 09:30:36 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 149064
IP address blocks: 2001:df0:2040::/48 maxlen: 48
2001:df6:fc80::/48 maxlen: 48
2407:34c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15280 (0x3bb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Jan 10 09:30:36 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63bd303c-354a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dc:c3:65:ab:15:73:75:6e:6b:98:6e:09:73:
68:f7:9e:42:bb:05:54:7f:68:b9:cd:b8:57:c6:d7:
f3:ff:33:a4:89:ef:1b:89:8c:ee:03:67:c2:78:25:
8d:83:9c:3e:43:d4:02:97:e5:07:22:13:35:af:0f:
13:04:8c:0f:f0:c3:af:72:35:56:6a:19:9c:dd:3b:
a3:36:2a:c9:69:7d:f1:23:2f:17:13:8d:ba:61:ef:
ba:6f:25:2b:ee:61:24:c9:31:72:d2:47:99:65:97:
3d:e5:07:b4:fe:6f:92:29:50:9e:b1:ad:0a:86:16:
1b:ae:7c:9d:0f:2f:27:03:42:8a:b4:41:d1:d0:67:
da:c3:3c:51:2f:9f:fc:f2:df:ba:0d:81:d2:41:48:
e4:b7:56:98:9b:ff:2c:69:84:a5:49:7f:e9:4d:c6:
b4:f1:49:a5:5d:56:61:c8:6d:10:67:c2:01:6f:9c:
87:e9:87:2d:8c:74:d5:79:b4:34:1c:46:77:d1:74:
63:64:61:08:8e:95:3e:8d:9d:70:ac:11:c4:48:22:
0d:59:e5:c0:61:f1:09:9a:08:05:30:3f:05:4a:70:
fe:1a:d4:c2:94:e0:28:7c:75:18:e1:1b:bc:b4:64:
4e:dc:fd:ca:4c:6f:b8:04:b8:03:31:f5:99:92:fb:
af:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:66:74:41:84:AB:F4:73:73:03:EA:8F:9B:19:27:C4:31:09:DF:E3
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6FE7542490C911EDBA7B882AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:2040::/48
2001:df6:fc80::/48
2407:34c0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:41:8a:f6:40:7e:a1:5f:23:04:41:36:ca:c7:d1:da:b6:ed:
81:51:8b:cd:cf:19:f0:d1:17:10:aa:4c:f3:e2:f4:32:25:2e:
3b:e7:bb:73:87:88:58:a0:ca:cf:c6:36:fc:3d:97:88:c3:35:
f6:a2:5d:fe:51:3a:a4:82:55:f2:74:ca:3a:16:26:05:29:0a:
94:5d:c0:32:13:df:b9:eb:71:76:4f:f8:2c:73:f2:d7:28:b5:
14:b9:94:5d:dd:04:36:29:d7:ac:39:a3:b5:76:51:be:d3:d9:
f2:0d:fa:5a:bc:ff:6e:85:75:12:37:d6:0b:a1:17:81:4d:14:
f4:da:93:7c:9f:4f:0d:2a:3a:7d:a6:a3:5a:88:d3:21:69:57:
aa:f4:dd:60:0d:97:67:2a:87:b3:e0:71:2e:36:a3:c3:72:67:
88:5a:c8:9e:8e:8f:bf:68:58:31:2d:e4:81:bb:46:88:75:35:
e4:00:6e:ad:fc:fa:a7:cd:28:ec:ad:c9:7a:7c:eb:94:8f:e0:
80:e6:5c:6a:25:a1:d3:48:c7:fe:3d:b7:fb:28:27:ea:53:77:
88:fd:14:3c:32:31:84:94:2b:4f:a8:a2:45:c7:ab:6c:eb:5f:
34:bd:5f:7c:b9:b4:27:10:2d:ba:ab:59:b6:cf:57:2c:b5:2f:
89:f7:fd:6b
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICO7AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwMTEwMDkzMDM2WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2JkMzAzYy0zNTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxNzDZasVc3Vua5huCXNo955CuwVUf2i5zbhXxtfz/zOkie8biYzuA2fCeCWN
g5w+Q9QCl+UHIhM1rw8TBIwP8MOvcjVWahmc3TujNirJaX3xIy8XE426Ye+6byUr
7mEkyTFy0keZZZc95Qe0/m+SKVCesa0KhhYbrnydDy8nA0KKtEHR0GfawzxRL5/8
8t+6DYHSQUjkt1aYm/8saYSlSX/pTca08UmlXVZhyG0QZ8IBb5yH6YctjHTVebQ0
HEZ30XRjZGEIjpU+jZ1wrBHESCINWeXAYfEJmggFMD8FSnD+GtTClOAofHUY4Ru8
tGRO3P3KTG+4BLgDMfWZkvuv5wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFG5mdEGE
q/RzcwPqj5sZJ8QxCd/jMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNkZFNzU0MjQ5
MEM5MTFFREJBN0I4ODJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMCEEAgACMBsDBwAgAQ3wIEADBwAgAQ32/IADBwAkBzTAAAAwDQYJKoZIhvcN
AQELBQADggEBAD9BivZAfqFfIwRBNsrH0dq27YFRi83PGfDRFxCqTPPi9DIlLjvn
u3OHiFigys/GNvw9l4jDNfaiXf5ROqSCVfJ0yjoWJgUpCpRdwDIT37nrcXZP+Cxz
8tcotRS5lF3dBDYp16w5o7V2Ub7T2fIN+lq8/26FdRI31guhF4FNFPTak3yfTw0q
On2mo1qI0yFpV6r03WANl2cqh7PgcS42o8NyZ4hayJ6Oj79oWDEt5IG7Roh1NeQA
bq38+qfNKOytyXp865SP4IDmXGolodNIx/49t/soJ+pTd4j9FDwyMYSUK0+ookXH
q2zrXzS9X3y5tCcQLbqrWbbPVyy1L4n3/Ws=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org