Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D16A3/7727CE5C38C711E9A7B5C233C4F9AE02/B7CC3BC2DC6611ED89F0804EC4F9AE02.roa
File: B7CC3BC2DC6611ED89F0804EC4F9AE02.roa (raw, json)
Hash identifier: h8kYDV95OmVdbFFTSSYra6HxLAYuMFezC++ewjjRrio=
Subject key identifier: 74:CB:B9:EB:99:FC:6F:C5:08:00:79:E1:5C:CB:97:40:09:AA:F4:36
Certificate issuer: /CN=A91D16A3/serialNumber=793766084EFC06250650F0FDC9DBC553C0CECA32
Certificate serial: 0F99
Authority key identifier: 79:37:66:08:4E:FC:06:25:06:50:F0:FD:C9:DB:C5:53:C0:CE:CA:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eTdmCE78BiUGUPD9ydvFU8DOyjI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D16A3/7727CE5C38C711E9A7B5C233C4F9AE02/B7CC3BC2DC6611ED89F0804EC4F9AE02.roa
Signing time: Sun 16 Apr 2023 14:55:25 +0000
ROA not before: Sun 16 Apr 2023 14:55:25 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 147001
IP address blocks: 2404:7ac0:608::/48 maxlen: 48
2404:7ac0:609::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3993 (0xf99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D16A3/serialNumber=793766084EFC06250650F0FDC9DBC553C0CECA32
Validity
Not Before: Apr 16 14:55:25 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=643c0c5d-2b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:56:30:7d:f3:9d:db:cb:a8:13:a9:7e:73:5c:
b9:96:04:a7:7b:cc:e1:8f:63:b4:ba:5e:ab:09:e3:
d0:f1:e0:e5:f1:ab:33:29:f6:21:b8:28:94:3b:41:
87:b2:99:62:af:08:6a:17:36:89:ed:26:f2:8e:23:
e1:c4:46:1f:1c:6b:37:37:83:0e:56:f7:82:06:98:
3b:43:45:c8:3e:0f:39:56:55:89:0f:83:15:6e:13:
1b:df:76:ca:2c:00:d2:bd:f6:90:0d:fb:8f:c1:ce:
68:2b:db:b0:48:0c:23:fd:07:ef:05:60:ac:13:c5:
86:9c:85:74:35:30:ff:ff:5e:1f:01:7a:76:6b:2d:
3a:3d:8d:43:bd:27:eb:cd:b1:b2:39:10:2b:ee:21:
0b:28:a8:c2:8f:ab:02:8c:74:ae:9f:f5:d4:56:ef:
e8:e8:94:fe:c5:ca:29:5f:8d:80:04:1a:8b:89:e8:
52:0e:43:c1:33:be:fb:cf:e4:51:48:66:e3:df:4e:
08:0f:d2:f1:4d:b1:1a:1f:6c:12:68:39:28:35:84:
4b:8e:7e:18:9b:b9:ff:aa:84:80:d6:85:72:8c:08:
70:71:d9:56:a3:eb:00:1a:9b:c3:01:bb:cd:c8:80:
6d:c7:5a:e3:65:34:80:3e:ea:b4:73:f5:48:b2:dd:
a1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CB:B9:EB:99:FC:6F:C5:08:00:79:E1:5C:CB:97:40:09:AA:F4:36
X509v3 Authority Key Identifier:
keyid:79:37:66:08:4E:FC:06:25:06:50:F0:FD:C9:DB:C5:53:C0:CE:CA:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D16A3/7727CE5C38C711E9A7B5C233C4F9AE02/eTdmCE78BiUGUPD9ydvFU8DOyjI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eTdmCE78BiUGUPD9ydvFU8DOyjI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D16A3/7727CE5C38C711E9A7B5C233C4F9AE02/B7CC3BC2DC6611ED89F0804EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:7ac0:608::/47
Signature Algorithm: sha256WithRSAEncryption
ae:a1:96:e8:73:bc:e3:98:56:1f:a8:5d:c1:eb:d4:d1:16:42:
ca:f8:c7:0d:14:0c:5c:d5:1e:f7:98:b9:03:15:9f:be:99:35:
12:be:5c:14:cc:0c:42:30:ce:64:68:dc:c1:f0:f0:2e:48:2a:
b1:dc:9d:69:50:44:65:3c:bc:16:5d:47:29:94:27:a6:3c:34:
36:28:24:0e:ec:9f:e1:99:76:44:4f:1e:94:e9:b1:12:21:b4:
f7:ec:b7:79:23:b6:42:73:67:34:a0:10:55:28:2c:8f:f1:42:
e5:66:e9:ac:42:7f:23:4f:b8:3b:d7:4e:e3:39:d0:95:76:a8:
b3:b0:21:9c:8e:12:0b:7b:f0:de:ed:bc:be:ad:16:f1:d4:13:
4a:a3:7f:99:8f:b7:cc:7e:11:16:4d:88:c5:f5:d8:6a:bb:36:
52:be:bc:0e:1e:bb:bb:d1:7f:f4:42:b0:ac:28:91:98:4c:a6:
eb:6a:40:42:86:af:93:0e:38:c5:ed:ef:7b:3e:04:b7:3b:fa:
d2:62:af:ff:ed:70:e1:d3:e8:33:c5:6a:f3:4d:c0:bf:80:0a:
74:c0:19:a5:3e:aa:bb:33:7f:a2:df:df:ce:59:1b:a1:42:e5:
61:9a:e0:68:dd:a5:89:4a:ca:da:07:41:15:bb:0d:79:4a:fe:
05:0d:37:05
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICD5kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2QTMxMTAvBgNVBAUTKDc5Mzc2NjA4NEVGQzA2MjUwNjUwRjBGREM5REJDNTUz
QzBDRUNBMzIwHhcNMjMwNDE2MTQ1NTI1WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNjMGM1ZC0yYjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzVYwffOd28uoE6l+c1y5lgSne8zhj2O0ul6rCePQ8eDl8aszKfYhuCiUO0GH
splirwhqFzaJ7SbyjiPhxEYfHGs3N4MOVveCBpg7Q0XIPg85VlWJD4MVbhMb33bK
LADSvfaQDfuPwc5oK9uwSAwj/QfvBWCsE8WGnIV0NTD//14fAXp2ay06PY1DvSfr
zbGyORAr7iELKKjCj6sCjHSun/XUVu/o6JT+xcopX42ABBqLiehSDkPBM777z+RR
SGbj304ID9LxTbEaH2wSaDkoNYRLjn4Ym7n/qoSA1oVyjAhwcdlWo+sAGpvDAbvN
yIBtx1rjZTSAPuq0c/VIst2heQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFHTLueuZ
/G/FCAB54VzLl0AJqvQ2MB8GA1UdIwQYMBaAFHk3ZghO/AYlBlDw/cnbxVPAzsoy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTZBMy83NzI3Q0U1QzM4
QzcxMUU5QTdCNUMyMzNDNEY5QUUwMi9lVGRtQ0U3OEJpVUdVUEQ5eWR2RlU4RE95
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VUZG1DRTc4QmlVR1VQRDl5ZHZGVThET3lqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2QTMvNzcyN0NFNUMzOEM3MTFFOUE3QjVDMjMzQzRGOUFFMDIvQjdDQzNCQzJE
QzY2MTFFRDg5RjA4MDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwEkBHrABggwDQYJKoZIhvcNAQELBQADggEBAK6hluhzvOOY
Vh+oXcHr1NEWQsr4xw0UDFzVHveYuQMVn76ZNRK+XBTMDEIwzmRo3MHw8C5IKrHc
nWlQRGU8vBZdRymUJ6Y8NDYoJA7sn+GZdkRPHpTpsRIhtPfst3kjtkJzZzSgEFUo
LI/xQuVm6axCfyNPuDvXTuM50JV2qLOwIZyOEgt78N7tvL6tFvHUE0qjf5mPt8x+
ERZNiMX12Gq7NlK+vA4eu7vRf/RCsKwokZhMputqQEKGr5MOOMXt73s+BLc7+tJi
r//tcOHT6DPFavNNwL+ACnTAGaU+qrszf6Lf385ZG6FC5WGa4GjdpYlKytoHQRW7
DXlK/gUNNwU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org