Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/6CC8FD22D8A711ECAA131D29C4F9AE02.roa
File: 6CC8FD22D8A711ECAA131D29C4F9AE02.roa (raw, json)
Hash identifier: E1D9NjmxC2GH9mw3HuzKA+Kpgp7ZPqghrzijWi/c5JA=
Subject key identifier: EB:45:C9:F0:57:0E:3A:FC:67:B1:C4:62:D3:04:38:4E:5E:4F:C5:DD
Certificate issuer: /CN=A91B7770/serialNumber=7D55469926D1F934F3AF29645EB6C10BB6069BC9
Certificate serial: 061A
Authority key identifier: 7D:55:46:99:26:D1:F9:34:F3:AF:29:64:5E:B6:C1:0B:B6:06:9B:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/6CC8FD22D8A711ECAA131D29C4F9AE02.roa
Signing time: Sat 21 May 2022 01:43:34 +0000
ROA not before: Sat 21 May 2022 01:43:34 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 38074
IP address blocks: 2001:df4:1780::/48 maxlen: 56
2001:df4:1781::/48 maxlen: 48
2406:7ec0:2000::/35 maxlen: 39
2406:7ec0:2000::/40 maxlen: 48
2406:7ec0:3000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1562 (0x61a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7770/serialNumber=7D55469926D1F934F3AF29645EB6C10BB6069BC9
Validity
Not Before: May 21 01:43:34 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=628843c6-cf78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:90:7c:ea:14:2f:05:a3:51:f0:f4:1b:5d:83:
5a:ad:ff:5e:e6:8c:55:b3:2d:43:1d:0e:f4:5c:4b:
7d:4e:4b:9e:3e:e7:be:a8:1c:5c:4a:46:a2:b3:cc:
f7:98:1f:a7:15:c6:e3:a1:c5:7d:ba:75:68:06:ba:
e5:b4:29:aa:c8:1d:8c:e9:eb:ec:29:64:72:26:12:
c2:19:d1:78:b2:1e:d2:b5:fc:66:cf:f2:3d:b9:36:
7c:63:66:57:5a:48:f2:c9:3e:bb:a9:e5:db:94:4c:
35:9f:55:e1:a9:cd:30:e1:a0:db:2d:22:73:9e:b6:
13:18:bc:3b:de:19:2d:f1:f4:c9:99:b2:38:40:0f:
a3:03:60:52:ca:94:3d:e4:b6:09:13:38:f2:00:d5:
b5:ca:b1:54:4f:54:5e:12:e1:aa:2d:11:d5:e3:e4:
e8:bd:a9:b5:cc:dd:61:80:14:73:61:3e:8b:f7:1f:
1b:f4:2c:80:df:b3:f2:e2:5d:77:e0:ea:1a:41:db:
50:ab:35:f7:15:92:ac:6d:b5:e3:e3:d5:18:9a:57:
53:9d:6c:44:b7:8f:d9:92:a8:91:96:bc:91:59:39:
a8:61:1f:89:10:c3:52:1d:03:a6:be:db:c2:d9:a3:
c1:1e:32:fc:70:6c:cc:63:7f:71:f7:49:a5:75:bf:
87:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:45:C9:F0:57:0E:3A:FC:67:B1:C4:62:D3:04:38:4E:5E:4F:C5:DD
X509v3 Authority Key Identifier:
keyid:7D:55:46:99:26:D1:F9:34:F3:AF:29:64:5E:B6:C1:0B:B6:06:9B:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/fVVGmSbR-TTzrylkXrbBC7YGm8k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/6CC8FD22D8A711ECAA131D29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:1780::/47
2406:7ec0:2000::/35
Signature Algorithm: sha256WithRSAEncryption
33:e9:9b:00:a4:73:bb:5c:da:65:12:9d:2e:33:62:ba:aa:44:
66:a4:36:df:07:f8:2a:f4:20:34:78:09:dc:98:1f:a3:68:3a:
ff:9a:08:7e:0d:56:60:d9:c7:d2:a4:6a:e3:d4:36:a0:b5:0a:
70:22:a0:1d:6f:62:98:cb:c5:91:c0:8a:ab:62:1a:cd:ff:58:
04:61:74:37:8b:20:cf:0e:ff:26:ee:2a:98:79:8d:77:38:08:
e0:af:b2:4b:6c:26:c1:31:7e:c7:0b:a0:09:54:bc:6f:4c:1b:
24:da:cf:f1:4c:12:0a:26:9b:e0:75:22:c9:b6:22:0d:93:ed:
d8:f9:0c:51:ae:76:1b:d1:3e:7b:8d:97:e8:f3:4f:29:53:05:
c1:87:aa:bf:dc:64:ac:9f:25:37:a7:5e:16:69:9b:07:6e:21:
29:fe:49:c2:df:6c:da:13:fb:47:98:f2:06:10:01:68:c0:0a:
b6:d0:4c:89:c6:7b:cb:c3:bd:1a:8f:37:4f:58:f4:cc:46:77:
8d:cc:3e:6e:48:38:aa:ed:7a:2d:de:49:4e:dc:5f:87:e8:7b:
ee:72:19:90:d8:49:4c:05:df:f0:6c:c6:97:0b:8a:c5:d0:b4:
2b:ec:c8:a6:62:1b:0c:94:2e:3e:4a:20:29:65:c2:ec:3e:6e:
64:8c:25:4d
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgICBhowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc3NzAxMTAvBgNVBAUTKDdENTU0Njk5MjZEMUY5MzRGM0FGMjk2NDVFQjZDMTBC
QjYwNjlCQzkwHhcNMjIwNTIxMDE0MzM0WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg4NDNjNi1jZjc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr5B86hQvBaNR8PQbXYNarf9e5oxVsy1DHQ70XEt9TkuePue+qBxcSkais8z3
mB+nFcbjocV9unVoBrrltCmqyB2M6evsKWRyJhLCGdF4sh7Stfxmz/I9uTZ8Y2ZX
WkjyyT67qeXblEw1n1Xhqc0w4aDbLSJznrYTGLw73hkt8fTJmbI4QA+jA2BSypQ9
5LYJEzjyANW1yrFUT1ReEuGqLRHV4+Tovam1zN1hgBRzYT6L9x8b9CyA37Py4l13
4OoaQdtQqzX3FZKsbbXj49UYmldTnWxEt4/ZkqiRlryRWTmoYR+JEMNSHQOmvtvC
2aPBHjL8cGzMY39x90mldb+HuQIDAQABo4ICoDCCApwwHQYDVR0OBBYEFOtFyfBX
Djr8Z7HEYtMEOE5eT8XdMB8GA1UdIwQYMBaAFH1VRpkm0fk0868pZF62wQu2BpvJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzc3MC9FNjgxMDQxMEMw
QUUxMUVBQjk1QUI1NzJDNEY5QUUwMi9mVlZHbVNiUi1UVHpyeWxrWHJiQkM3WUdt
OGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZWVkdtU2JSLVRUenJ5bGtYcmJCQzdZR204ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc3NzAvRTY4MTA0MTBDMEFFMTFFQUI5NUFCNTcyQzRGOUFFMDIvNkNDOEZEMjJE
OEE3MTFFQ0FBMTMxRDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E
GzAZMBcEAgACMBEDBwEgAQ30F4ADBgUkBn7AIDANBgkqhkiG9w0BAQsFAAOCAQEA
M+mbAKRzu1zaZRKdLjNiuqpEZqQ23wf4KvQgNHgJ3Jgfo2g6/5oIfg1WYNnH0qRq
49Q2oLUKcCKgHW9imMvFkcCKq2Iazf9YBGF0N4sgzw7/Ju4qmHmNdzgI4K+yS2wm
wTF+xwugCVS8b0wbJNrP8UwSCiab4HUiybYiDZPt2PkMUa52G9E+e42X6PNPKVMF
wYeqv9xkrJ8lN6deFmmbB24hKf5Jwt9s2hP7R5jyBhABaMAKttBMicZ7y8O9Go83
T1j0zEZ3jcw+bkg4qu16Ld5JTtxfh+h77nIZkNhJTAXf8GzGlwuKxdC0K+zIpmIb
DJQuPkogKWXC7D5uZIwlTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org