Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/320FE17272D611E8A3CD6229C4F9AE02.roa
File: 320FE17272D611E8A3CD6229C4F9AE02.roa (raw, json)
Hash identifier: CbSvAWnQT/H0f+sFkuXZbXTp2GG/0URrIbvfNmandp0=
Subject key identifier: 7A:0E:AE:3E:56:A5:88:C2:2B:68:00:A8:95:4C:8E:65:90:AD:1C:95
Certificate issuer: /CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C
Certificate serial: 160C
Authority key identifier: CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/320FE17272D611E8A3CD6229C4F9AE02.roa
Signing time: Tue 14 Feb 2023 17:44:33 +0000
ROA not before: Tue 14 Feb 2023 17:44:33 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 137910
IP address blocks: 2402:28c0:ffae::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5644 (0x160c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C
Validity
Not Before: Feb 14 17:44:33 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63ebc880-45e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:02:2b:ce:07:9b:d6:5e:1a:1a:1f:bc:7c:0d:
fe:45:69:eb:ed:5f:01:66:1e:e5:72:4d:fc:c2:99:
78:eb:25:d0:4b:09:b3:d3:4b:85:82:ac:5b:ce:78:
69:6b:ef:9a:97:f7:b7:60:77:a6:55:6a:7d:27:cb:
74:ec:78:52:73:ff:4e:78:ba:c1:85:18:65:44:7d:
5a:6e:fa:5d:4c:d6:b8:b5:54:be:b0:5d:5d:cd:5b:
2d:c8:aa:9b:19:42:96:73:fc:13:49:1c:66:d8:05:
d6:ec:6a:90:56:1f:df:57:22:50:d4:85:ba:67:ce:
35:95:37:c7:51:90:2c:99:23:d0:9b:36:17:10:1d:
47:1a:bd:4e:fa:55:1c:b0:52:c5:70:6e:82:26:a6:
1a:d5:72:2a:68:e0:b8:d6:0d:bd:87:bc:61:e7:2b:
a0:41:1e:1d:a6:bb:d6:f5:5e:2b:6c:19:af:6d:60:
a5:b3:4e:eb:25:b0:46:cb:1a:71:90:06:bc:69:56:
d2:8b:cc:60:3a:55:a6:ee:b6:ca:26:46:3e:8a:c6:
b9:92:f7:8e:2c:ed:41:e9:94:47:63:49:50:58:67:
d2:a7:8d:4a:fd:10:7a:dd:0b:1c:09:1a:d5:61:1b:
f5:17:d6:3a:1b:03:63:2b:00:97:1e:17:be:e3:76:
95:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0E:AE:3E:56:A5:88:C2:2B:68:00:A8:95:4C:8E:65:90:AD:1C:95
X509v3 Authority Key Identifier:
keyid:CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/zpBWtMZd44V9TQ4dsAI9YLb30ww.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/320FE17272D611E8A3CD6229C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:28c0:ffae::/48
Signature Algorithm: sha256WithRSAEncryption
61:2d:40:dd:e8:b7:dd:2b:1b:40:59:38:e9:eb:b2:d7:57:36:
ef:d0:09:d7:55:b4:09:62:66:70:28:d5:d3:19:2f:20:df:bf:
eb:6f:be:84:22:a5:c7:d0:68:df:87:98:4d:c1:7f:a5:f6:cf:
95:33:77:bc:e7:65:ae:4a:07:65:93:86:30:a9:e4:18:73:f7:
cd:71:4c:70:7c:67:23:2f:3f:54:9a:59:e6:32:eb:31:d2:39:
7b:93:a4:6d:ea:fe:05:57:fa:bd:0e:37:56:39:5c:97:af:f4:
47:b2:36:a6:d8:cf:94:51:31:7e:14:9d:34:d0:9e:4c:e8:87:
0d:ba:86:fe:e7:07:fc:2f:ec:24:20:24:18:26:74:ef:f7:aa:
e7:a4:a6:f2:a4:30:e1:7d:1c:83:c0:3f:71:be:47:47:d9:1d:
fe:2c:4c:62:b1:17:f9:7e:e2:23:5d:c2:2d:c3:80:cc:58:4a:
ca:15:ad:77:7b:30:8e:50:54:3c:49:6e:ba:f1:d0:95:e5:43:
2f:84:5c:1e:d3:03:22:ad:59:3e:cb:48:8e:e5:37:e4:09:e5:
3d:62:0e:b1:e7:d9:6c:3a:84:fe:fe:79:ff:2c:71:a7:4d:56:
c9:8b:dd:f7:60:95:a8:51:d8:06:3a:15:bb:c2:16:29:db:89:
1c:d5:f4:2f
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICFgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQxMjUxMTAvBgNVBAUTKENFOTA1NkI0QzY1REUzODU3RDREMEUxREIwMDIzRDYw
QjZGN0QzMEMwHhcNMjMwMjE0MTc0NDMzWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ViYzg4MC00NWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0wIrzgeb1l4aGh+8fA3+RWnr7V8BZh7lck38wpl46yXQSwmz00uFgqxbznhp
a++al/e3YHemVWp9J8t07HhSc/9OeLrBhRhlRH1abvpdTNa4tVS+sF1dzVstyKqb
GUKWc/wTSRxm2AXW7GqQVh/fVyJQ1IW6Z841lTfHUZAsmSPQmzYXEB1HGr1O+lUc
sFLFcG6CJqYa1XIqaOC41g29h7xh5yugQR4dprvW9V4rbBmvbWCls07rJbBGyxpx
kAa8aVbSi8xgOlWm7rbKJkY+isa5kveOLO1B6ZRHY0lQWGfSp41K/RB63QscCRrV
YRv1F9Y6GwNjKwCXHhe+43aVkwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFHoOrj5W
pYjCK2gAqJVMjmWQrRyVMB8GA1UdIwQYMBaAFM6QVrTGXeOFfU0OHbACPWC299MM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDEyNS83QTE0MkQwMEQ5
NUUxMUU3ODdBMUE3NjZDNEY5QUUwMi96cEJXdE1aZDQ0VjlUUTRkc0FJOVlMYjMw
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pwQld0TVpkNDRWOVRRNGRzQUk5WUxiMzB3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQxMjUvN0ExNDJEMDBEOTVFMTFFNzg3QTFBNzY2QzRGOUFFMDIvMzIwRkUxNzI3
MkQ2MTFFOEEzQ0Q2MjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAijA/64wDQYJKoZIhvcNAQELBQADggEBAGEtQN3ot90r
G0BZOOnrstdXNu/QCddVtAliZnAo1dMZLyDfv+tvvoQipcfQaN+HmE3Bf6X2z5Uz
d7znZa5KB2WThjCp5Bhz981xTHB8ZyMvP1SaWeYy6zHSOXuTpG3q/gVX+r0ON1Y5
XJev9EeyNqbYz5RRMX4UnTTQnkzohw26hv7nB/wv7CQgJBgmdO/3quekpvKkMOF9
HIPAP3G+R0fZHf4sTGKxF/l+4iNdwi3DgMxYSsoVrXd7MI5QVDxJbrrx0JXlQy+E
XB7TAyKtWT7LSI7lN+QJ5T1iDrHn2Ww6hP7+ef8scadNVsmL3fdglahR2AY6FbvC
FinbiRzV9C8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org