Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/6A1381687C5A11EDB5D8DA67C4F9AE02.roa
File: 6A1381687C5A11EDB5D8DA67C4F9AE02.roa (raw, json)
Hash identifier: sDDnxk6IwMpOinAmehBkiFUYasHYuq1X5oS7GnSNQB4=
Subject key identifier: 6C:FA:F3:42:04:6F:D7:D5:4D:AC:4D:E5:9A:35:22:07:CE:C1:7A:D2
Certificate issuer: /CN=A91C8EDF/serialNumber=05D365500DA4B2C00189F3C6CA5950E0074C7C4A
Certificate serial: 02
Authority key identifier: 05:D3:65:50:0D:A4:B2:C0:01:89:F3:C6:CA:59:50:E0:07:4C:7C:4A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BdNlUA2kssABifPGyllQ4AdMfEo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/6A1381687C5A11EDB5D8DA67C4F9AE02.roa
Signing time: Thu 15 Dec 2022 09:25:29 +0000
ROA not before: Thu 15 Dec 2022 09:25:29 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 53766
IP address blocks: 152.65.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8EDF/serialNumber=05D365500DA4B2C00189F3C6CA5950E0074C7C4A
Validity
Not Before: Dec 15 09:25:29 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=639ae809-18f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:05:86:39:86:7f:96:1a:09:00:77:38:d7:13:
03:20:28:b4:6f:87:af:da:a0:ec:45:f7:33:a9:3b:
70:ab:87:76:bf:0e:7b:15:cd:40:1e:70:c7:1a:21:
f3:fa:21:82:40:b7:61:e2:42:b9:20:4f:64:6c:24:
49:09:be:66:49:ee:ff:19:00:6e:29:7f:ea:38:ef:
bb:f4:01:bc:97:64:77:22:6d:15:e6:9b:b5:aa:af:
fb:fd:19:c1:42:87:85:0c:34:cc:6b:2c:01:10:54:
63:a1:ec:43:a7:d3:f8:73:41:90:c2:18:3e:85:8d:
6e:d6:9e:4a:9b:63:84:65:7e:93:2e:ca:da:99:ec:
2e:ca:1b:69:a5:ce:80:05:b5:7f:db:50:d4:42:51:
3c:21:49:67:05:48:bc:39:a0:d0:6f:a0:5e:d6:bb:
1a:79:cd:3f:bf:1e:7c:38:c6:c0:2b:d9:32:ba:f4:
89:d8:d1:f2:aa:61:c7:76:5a:b6:43:ee:b8:1b:c7:
b1:0a:fb:1a:d6:51:93:0d:31:10:20:fc:8d:93:1c:
5f:d5:ec:49:b0:3c:30:13:ab:59:6e:05:71:df:c3:
8a:57:b0:0c:1c:26:a5:6f:fc:50:0c:ee:96:d2:15:
b8:f5:ba:09:4c:cf:e7:ce:10:5f:55:8b:9a:37:22:
1a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:FA:F3:42:04:6F:D7:D5:4D:AC:4D:E5:9A:35:22:07:CE:C1:7A:D2
X509v3 Authority Key Identifier:
keyid:05:D3:65:50:0D:A4:B2:C0:01:89:F3:C6:CA:59:50:E0:07:4C:7C:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/BdNlUA2kssABifPGyllQ4AdMfEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BdNlUA2kssABifPGyllQ4AdMfEo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8EDF/EA67A98C7C5711EDBF213767C4F9AE02/6A1381687C5A11EDB5D8DA67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.65.206.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:30:92:b9:ce:5f:9e:5d:35:97:f6:64:11:07:cf:55:5b:fd:
dd:44:f9:f7:d1:67:41:32:72:6d:40:dd:ec:ac:43:2a:c7:d9:
a5:d2:b1:20:eb:88:1a:db:ac:20:d3:7e:5d:de:57:94:7a:f0:
a1:75:3a:8a:4d:d7:2c:fd:b9:00:63:14:e2:ca:26:77:d1:eb:
0e:fe:9e:5b:6b:8b:47:96:98:9b:73:f3:9e:0b:77:12:2c:c4:
59:10:a2:5a:1d:10:a7:0f:63:48:e4:2f:38:86:37:f3:28:6e:
03:53:35:99:2c:58:c3:8b:f1:18:cc:4f:7d:b8:63:a3:3f:d9:
55:04:f3:71:a8:19:45:5b:fc:1b:33:a9:4a:b9:37:e4:06:e8:
f2:10:db:1e:47:77:76:8f:a3:ff:26:54:93:6c:25:08:16:c0:
24:d1:80:d8:44:9d:1f:02:21:68:ad:61:07:e6:d7:66:b3:d4:
a5:4d:5a:6e:3f:d2:b3:84:6c:a8:d5:64:ee:0c:79:4f:b1:f9:
c3:fe:19:a4:18:77:89:01:b4:5f:bc:46:8e:07:95:c4:6a:0e:
f4:02:88:de:56:07:ea:8f:4e:78:35:ef:78:ed:2c:72:74:3f:
17:58:05:29:19:80:ac:66:a8:02:95:3e:50:93:01:b6:44:8c:
66:00:66:d9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
OEVERjExMC8GA1UEBRMoMDVEMzY1NTAwREE0QjJDMDAxODlGM0M2Q0E1OTUwRTAw
NzRDN0M0QTAeFw0yMjEyMTUwOTI1MjlaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOWFlODA5LTE4ZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9BYY5hn+WGgkAdzjXEwMgKLRvh6/aoOxF9zOpO3Crh3a/DnsVzUAecMcaIfP6
IYJAt2HiQrkgT2RsJEkJvmZJ7v8ZAG4pf+o477v0AbyXZHcibRXmm7Wqr/v9GcFC
h4UMNMxrLAEQVGOh7EOn0/hzQZDCGD6FjW7WnkqbY4RlfpMuytqZ7C7KG2mlzoAF
tX/bUNRCUTwhSWcFSLw5oNBvoF7Wuxp5zT+/Hnw4xsAr2TK69InY0fKqYcd2WrZD
7rgbx7EK+xrWUZMNMRAg/I2THF/V7EmwPDATq1luBXHfw4pXsAwcJqVv/FAM7pbS
Fbj1uglMz+fOEF9Vi5o3IhpnAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUbPrzQgRv
19VNrE3lmjUiB87BetIwHwYDVR0jBBgwFoAUBdNlUA2kssABifPGyllQ4AdMfEow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4RURGL0VBNjdBOThDN0M1
NzExRURCRjIxMzc2N0M0RjlBRTAyL0JkTmxVQTJrc3NBQmlmUEd5bGxRNEFkTWZF
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvQmRObFVBMmtzc0FCaWZQR3lsbFE0QWRNZkVvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
OEVERi9FQTY3QTk4QzdDNTcxMUVEQkYyMTM3NjdDNEY5QUUwMi82QTEzODE2ODdD
NUExMUVEQjVEOERBNjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAJhBzjANBgkqhkiG9w0BAQsFAAOCAQEAWzCSuc5fnl01l/Zk
EQfPVVv93UT599FnQTJybUDd7KxDKsfZpdKxIOuIGtusINN+Xd5XlHrwoXU6ik3X
LP25AGMU4somd9HrDv6eW2uLR5aYm3Pzngt3EizEWRCiWh0Qpw9jSOQvOIY38yhu
A1M1mSxYw4vxGMxPfbhjoz/ZVQTzcagZRVv8GzOpSrk35Abo8hDbHkd3do+j/yZU
k2wlCBbAJNGA2ESdHwIhaK1hB+bXZrPUpU1abj/Ss4RsqNVk7gx5T7H5w/4ZpBh3
iQG0X7xGjgeVxGoO9AKI3lYH6o9OeDXveO0scnQ/F1gFKRmArGaoApU+UJMBtkSM
ZgBm2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org