Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/B94C70A2187611E8B5464E62C4F9AE02.roa
File: B94C70A2187611E8B5464E62C4F9AE02.roa (raw, json)
Hash identifier: vwnnPXwU02htjTUU2WkhM7GjFUZj+zbUoZWPOcogL+I=
Subject key identifier: 49:80:D6:6D:EF:49:00:A2:A5:AF:DA:16:9B:08:94:BA:CE:0E:15:F6
Certificate issuer: /CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C
Certificate serial: 160B
Authority key identifier: CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/B94C70A2187611E8B5464E62C4F9AE02.roa
Signing time: Tue 14 Feb 2023 17:44:31 +0000
ROA not before: Tue 14 Feb 2023 17:44:31 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 137474
IP address blocks: 2402:28c0:fff7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5643 (0x160b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C
Validity
Not Before: Feb 14 17:44:31 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63ebc87f-86be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e4:c9:05:94:58:4c:a3:1e:ee:78:a0:32:2d:
35:4a:27:b4:17:ca:1f:af:8d:8a:f1:4d:73:38:8c:
b2:27:c8:41:97:25:28:2b:76:ac:aa:7d:14:dc:18:
f3:bb:bf:4e:37:3c:a3:76:ee:82:0d:d6:cb:c4:66:
57:81:a5:c2:2d:01:be:f4:1f:6d:45:6e:46:a5:6e:
91:32:3a:43:65:12:05:97:00:b3:6d:7a:36:78:7f:
45:eb:55:f4:ee:3b:c4:44:d7:ad:53:63:c7:97:12:
37:1c:7b:aa:f4:3d:bc:74:2c:89:9a:81:12:5c:6e:
0f:c5:e6:41:e8:7d:f1:e9:f0:d4:ba:1a:f3:9f:7e:
60:d4:bf:ee:c6:05:ae:ef:68:28:8e:c5:94:06:a0:
a7:6c:e7:21:69:a5:69:5d:dc:d5:47:d6:ed:6f:9f:
56:80:dd:b1:70:30:0a:8a:7f:dd:b8:f2:f6:f7:da:
3b:92:8f:0b:a2:5b:bd:e8:6e:62:ac:d1:52:81:d4:
65:63:46:cf:e2:2a:4e:c5:5f:7b:e9:3b:fc:d5:87:
4e:4f:e0:8a:7a:e6:3b:8a:85:1e:4b:f6:76:be:bf:
ad:97:68:1d:61:c8:8f:f8:97:51:f2:12:33:92:e7:
7e:15:20:02:31:b4:52:36:6b:f7:e2:39:5f:8b:85:
6e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:80:D6:6D:EF:49:00:A2:A5:AF:DA:16:9B:08:94:BA:CE:0E:15:F6
X509v3 Authority Key Identifier:
keyid:CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/zpBWtMZd44V9TQ4dsAI9YLb30ww.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/B94C70A2187611E8B5464E62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:28c0:fff7::/48
Signature Algorithm: sha256WithRSAEncryption
3b:49:0e:51:8f:1f:ec:a9:d7:42:3e:19:2f:c6:63:18:0e:24:
a3:f1:b2:a3:bc:24:a0:35:94:09:60:e8:46:a5:f2:26:f2:16:
0d:9b:b0:42:af:14:94:0d:d7:56:66:bb:10:45:a0:c5:9e:fb:
90:18:1f:d1:bf:3f:fd:b1:92:92:1a:6b:d5:8a:fb:eb:33:ff:
82:61:59:3c:c5:86:1d:6b:55:a1:7c:25:1d:68:93:c5:32:eb:
7f:4d:48:fc:58:34:3b:16:2e:21:5a:f8:b4:aa:fd:d3:bd:56:
7f:62:7a:5f:7c:f5:d8:26:5b:8c:f4:5b:c5:33:0a:59:46:ec:
a4:ba:c1:a9:2d:8f:db:fe:b9:2d:96:32:03:13:b2:26:02:77:
67:ba:5e:73:f8:18:62:17:68:39:ee:79:32:4a:63:9d:60:17:
a0:85:18:c7:21:e3:77:98:88:00:1c:1a:02:60:5e:b2:d8:f0:
c0:1a:ee:8b:b2:f6:a9:13:b9:8b:7e:c5:c4:b2:46:07:84:63:
e4:31:5b:3f:e4:8a:0f:67:a1:fd:fa:db:a5:43:a1:79:69:49:
34:56:b5:a6:fc:31:db:6a:ad:26:6c:5d:29:39:0c:53:27:5f:
a6:e6:05:ec:17:98:9c:40:b7:13:75:8f:4d:2f:eb:4b:60:3e:
ba:70:9c:33
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICFgswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQxMjUxMTAvBgNVBAUTKENFOTA1NkI0QzY1REUzODU3RDREMEUxREIwMDIzRDYw
QjZGN0QzMEMwHhcNMjMwMjE0MTc0NDMxWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ViYzg3Zi04NmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoeTJBZRYTKMe7nigMi01Sie0F8ofr42K8U1zOIyyJ8hBlyUoK3asqn0U3Bjz
u79ONzyjdu6CDdbLxGZXgaXCLQG+9B9tRW5GpW6RMjpDZRIFlwCzbXo2eH9F61X0
7jvERNetU2PHlxI3HHuq9D28dCyJmoESXG4PxeZB6H3x6fDUuhrzn35g1L/uxgWu
72gojsWUBqCnbOchaaVpXdzVR9btb59WgN2xcDAKin/duPL299o7ko8Lolu96G5i
rNFSgdRlY0bP4ipOxV976Tv81YdOT+CKeuY7ioUeS/Z2vr+tl2gdYciP+JdR8hIz
kud+FSACMbRSNmv34jlfi4Vu3wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFEmA1m3v
SQCipa/aFpsIlLrODhX2MB8GA1UdIwQYMBaAFM6QVrTGXeOFfU0OHbACPWC299MM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDEyNS83QTE0MkQwMEQ5
NUUxMUU3ODdBMUE3NjZDNEY5QUUwMi96cEJXdE1aZDQ0VjlUUTRkc0FJOVlMYjMw
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pwQld0TVpkNDRWOVRRNGRzQUk5WUxiMzB3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQxMjUvN0ExNDJEMDBEOTVFMTFFNzg3QTFBNzY2QzRGOUFFMDIvQjk0QzcwQTIx
ODc2MTFFOEI1NDY0RTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAijA//cwDQYJKoZIhvcNAQELBQADggEBADtJDlGPH+yp
10I+GS/GYxgOJKPxsqO8JKA1lAlg6Eal8ibyFg2bsEKvFJQN11ZmuxBFoMWe+5AY
H9G/P/2xkpIaa9WK++sz/4JhWTzFhh1rVaF8JR1ok8Uy639NSPxYNDsWLiFa+LSq
/dO9Vn9iel989dgmW4z0W8UzCllG7KS6waktj9v+uS2WMgMTsiYCd2e6XnP4GGIX
aDnueTJKY51gF6CFGMch43eYiAAcGgJgXrLY8MAa7ouy9qkTuYt+xcSyRgeEY+Qx
Wz/kig9nof3626VDoXlpSTRWtab8MdtqrSZsXSk5DFMnX6bmBewXmJxAtxN1j00v
60tgPrpwnDM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org