Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/B69DF53ED8AB11EC9C95024AC4F9AE02.roa
File: B69DF53ED8AB11EC9C95024AC4F9AE02.roa (raw, json)
Hash identifier: ARKwD5CpdP+lKzhU/jNWe8Iex/u/6vui/Ax90q36dEM=
Subject key identifier: BA:85:66:BB:D8:21:B5:0C:11:9C:25:73:D4:D5:31:B9:B7:20:F1:00
Certificate issuer: /CN=A91B7770/serialNumber=7D55469926D1F934F3AF29645EB6C10BB6069BC9
Certificate serial: 0769
Authority key identifier: 7D:55:46:99:26:D1:F9:34:F3:AF:29:64:5E:B6:C1:0B:B6:06:9B:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/B69DF53ED8AB11EC9C95024AC4F9AE02.roa
Signing time: Sat 21 Jan 2023 12:08:40 +0000
ROA not before: Sat 21 Jan 2023 12:08:40 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 140868
IP address blocks: 2001:df4:1780::/47 maxlen: 48
2406:7ec0::/33 maxlen: 41
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1897 (0x769)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7770/serialNumber=7D55469926D1F934F3AF29645EB6C10BB6069BC9
Validity
Not Before: Jan 21 12:08:40 2023 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=63cbd5c8-1d9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:43:c2:65:d4:3f:b3:ee:88:45:54:fb:37:71:
2b:98:c4:a0:c4:3a:6c:f3:3b:cf:2a:2c:f1:e8:16:
4a:76:1f:0c:66:9d:a2:8f:b3:20:c5:4d:d0:7d:46:
f0:9d:1a:62:b7:78:07:00:88:e6:b0:6f:5c:23:c3:
a7:3d:55:95:ef:df:47:02:fe:4e:7c:39:4d:d7:fb:
ad:01:5b:9c:d5:f5:6f:4d:55:5c:15:75:c5:4e:42:
77:77:0b:6d:38:ce:31:b8:68:55:0f:e2:7d:63:98:
58:1d:08:b0:6d:55:be:f7:50:63:78:70:96:8b:c8:
6f:88:f4:a0:5e:19:0e:46:d9:a1:0e:74:ef:08:0f:
37:f1:ff:44:97:15:bb:8a:28:ca:0d:df:33:19:16:
8f:4d:93:d2:91:13:d1:af:2c:35:a5:71:97:6e:2f:
ee:80:cb:54:a8:24:70:6c:8b:70:c5:e0:b9:1a:21:
3e:ad:fc:d2:44:b1:b4:90:db:11:54:27:e4:fe:ee:
b6:2a:90:c2:c7:39:cc:f1:03:05:24:50:50:5f:92:
25:85:0d:4b:bd:89:1d:85:f5:51:05:50:ec:3a:af:
82:0f:e8:5e:10:c8:d3:8c:5d:49:1d:f0:33:0c:ea:
f3:7b:06:9e:b4:d1:5b:e8:cd:e8:fd:fe:d2:d6:9f:
15:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:85:66:BB:D8:21:B5:0C:11:9C:25:73:D4:D5:31:B9:B7:20:F1:00
X509v3 Authority Key Identifier:
keyid:7D:55:46:99:26:D1:F9:34:F3:AF:29:64:5E:B6:C1:0B:B6:06:9B:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/fVVGmSbR-TTzrylkXrbBC7YGm8k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/B69DF53ED8AB11EC9C95024AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:1780::/47
2406:7ec0::/33
Signature Algorithm: sha256WithRSAEncryption
66:01:a5:6b:47:e4:12:c4:5b:55:a9:df:59:db:f1:29:a1:1a:
17:77:ec:eb:f6:4f:ce:5d:0a:b0:c2:77:69:e2:e9:06:48:d7:
4d:52:5c:7d:b3:cc:42:ab:10:ba:47:0d:f6:a9:d4:82:3c:8d:
c7:9e:88:cf:01:0c:1a:20:6f:37:74:2b:37:06:7d:08:a2:1a:
ef:ed:4f:6e:5b:1d:49:aa:c5:0f:bf:12:0d:f9:ea:67:ab:35:
80:09:42:b8:9d:3d:2e:19:89:c5:4a:05:9d:9f:b1:77:47:c3:
85:9d:7a:2e:e2:b5:18:07:50:d9:85:99:66:fd:80:bc:70:7a:
b1:79:26:de:91:c1:5e:31:b2:6b:7d:33:34:05:ef:0a:2d:a6:
bb:02:8f:8f:04:27:05:29:84:09:d0:2e:11:26:22:99:7b:1a:
f1:48:18:65:dc:c9:d0:08:9a:c5:04:4b:09:48:cb:4c:56:bf:
bc:e0:11:a3:4f:3c:37:76:23:a6:fa:52:54:59:c8:4d:3e:7e:
81:5f:33:8e:a8:33:1d:8d:a0:c3:c7:f9:cf:56:5c:1a:f6:22:
79:4c:cf:dc:c9:c0:8a:ca:8a:11:34:d4:8c:03:08:8e:8f:8f:
cd:e0:7d:67:39:fc:69:0d:58:4c:c3:62:d2:62:3d:0c:3a:79:
98:8b:07:55
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgICB2kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc3NzAxMTAvBgNVBAUTKDdENTU0Njk5MjZEMUY5MzRGM0FGMjk2NDVFQjZDMTBC
QjYwNjlCQzkwHhcNMjMwMTIxMTIwODQwWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2NiZDVjOC0xZDllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoUPCZdQ/s+6IRVT7N3ErmMSgxDps8zvPKizx6BZKdh8MZp2ij7MgxU3QfUbw
nRpit3gHAIjmsG9cI8OnPVWV799HAv5OfDlN1/utAVuc1fVvTVVcFXXFTkJ3dwtt
OM4xuGhVD+J9Y5hYHQiwbVW+91BjeHCWi8hviPSgXhkORtmhDnTvCA838f9ElxW7
iijKDd8zGRaPTZPSkRPRryw1pXGXbi/ugMtUqCRwbItwxeC5GiE+rfzSRLG0kNsR
VCfk/u62KpDCxznM8QMFJFBQX5IlhQ1LvYkdhfVRBVDsOq+CD+heEMjTjF1JHfAz
DOrzewaetNFb6M3o/f7S1p8VpwIDAQABo4ICoDCCApwwHQYDVR0OBBYEFLqFZrvY
IbUMEZwlc9TVMbm3IPEAMB8GA1UdIwQYMBaAFH1VRpkm0fk0868pZF62wQu2BpvJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzc3MC9FNjgxMDQxMEMw
QUUxMUVBQjk1QUI1NzJDNEY5QUUwMi9mVlZHbVNiUi1UVHpyeWxrWHJiQkM3WUdt
OGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZWVkdtU2JSLVRUenJ5bGtYcmJCQzdZR204ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc3NzAvRTY4MTA0MTBDMEFFMTFFQUI5NUFCNTcyQzRGOUFFMDIvQjY5REY1M0VE
OEFCMTFFQzlDOTUwMjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E
GzAZMBcEAgACMBEDBwEgAQ30F4ADBgckBn7AADANBgkqhkiG9w0BAQsFAAOCAQEA
ZgGla0fkEsRbVanfWdvxKaEaF3fs6/ZPzl0KsMJ3aeLpBkjXTVJcfbPMQqsQukcN
9qnUgjyNx56IzwEMGiBvN3QrNwZ9CKIa7+1PblsdSarFD78SDfnqZ6s1gAlCuJ09
LhmJxUoFnZ+xd0fDhZ16LuK1GAdQ2YWZZv2AvHB6sXkm3pHBXjGya30zNAXvCi2m
uwKPjwQnBSmECdAuESYimXsa8UgYZdzJ0AiaxQRLCUjLTFa/vOARo088N3YjpvpS
VFnITT5+gV8zjqgzHY2gw8f5z1ZcGvYieUzP3MnAisqKETTUjAMIjo+PzeB9Zzn8
aQ1YTMNi0mI9DDp5mIsHVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org