Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6809B9CC8B9F11EA97BB8046C4F9AE02.roa
File: 6809B9CC8B9F11EA97BB8046C4F9AE02.roa (raw, json)
Hash identifier: 2XFH+GMmyQhSdDSQRXl9/Ep2KP3P49FUfcHfnVdO0d8=
Subject key identifier: D3:5B:8D:29:BB:A5:72:1B:38:D2:6A:B5:EA:30:76:26:12:7C:E1:C9
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 13F0
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6809B9CC8B9F11EA97BB8046C4F9AE02.roa
Signing time: Fri 18 Feb 2022 06:24:59 +0000
ROA not before: Fri 18 Feb 2022 06:24:59 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 7469
IP address blocks: 175.45.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5104 (0x13f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 18 06:24:59 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=620f3bbb-fa5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:35:47:f8:88:94:bf:2e:fc:96:32:ea:b6:4a:
24:79:3b:00:3c:96:fd:e7:4d:90:9c:0f:60:47:d3:
6c:c9:6e:39:35:a0:d4:e1:b1:00:00:e3:d3:a7:f6:
3c:c6:e7:b8:ec:a0:e6:89:ac:75:34:fd:9c:51:18:
22:9f:b0:d6:4e:16:e6:b2:47:a2:c8:2f:ee:70:88:
56:1c:75:e6:ca:0d:36:2d:af:c1:8b:90:50:95:6d:
20:04:d9:79:6f:67:25:fc:62:3d:4e:b4:fd:6e:b6:
64:4c:84:c2:49:93:f3:95:41:f8:78:5a:38:38:c6:
db:0a:d3:c8:7e:2e:56:06:0e:52:50:6a:26:ed:30:
0d:ce:a1:96:79:c7:ca:eb:38:41:90:f5:ad:45:fd:
fe:67:33:98:3c:f8:fa:11:91:65:00:7e:02:a6:28:
f8:26:49:11:a4:88:82:c5:b8:af:04:f3:84:22:6a:
d8:2d:2c:96:05:90:8e:99:29:89:24:66:88:99:f8:
85:3c:5c:8d:96:54:73:c0:2b:8a:2f:55:05:d9:f4:
d7:79:b4:7b:17:6a:a5:9a:f7:49:09:2a:d2:2c:a5:
09:1f:32:79:0c:59:6c:e5:00:d6:71:f5:37:fa:ee:
ec:50:aa:94:bc:d4:73:e0:a0:71:6c:cd:bb:ae:5d:
b4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:5B:8D:29:BB:A5:72:1B:38:D2:6A:B5:EA:30:76:26:12:7C:E1:C9
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6809B9CC8B9F11EA97BB8046C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.45.64.0/24
Signature Algorithm: sha256WithRSAEncryption
65:3d:93:e4:bb:cf:5a:e5:e4:9a:55:5f:c9:c7:29:bb:5c:e5:
39:36:17:02:c4:38:c0:97:8e:55:e2:af:a5:da:a7:25:d7:2b:
5b:34:4e:09:5a:c9:6f:26:29:5f:7d:88:65:03:be:65:91:46:
c5:ec:ac:1b:ad:6d:49:74:de:86:ab:e3:ca:2f:0a:6b:ca:4d:
b0:61:95:36:99:1b:3e:4a:ef:d6:f7:03:64:e7:00:48:e5:cb:
91:2e:2c:c7:c8:e3:db:c2:0d:c3:15:6b:6d:03:68:42:39:a5:
0b:28:8c:a1:5e:b9:77:04:60:80:47:44:e3:a2:ea:60:68:17:
41:51:7c:6f:bf:0c:1a:a7:09:cb:85:04:1b:2e:51:96:a8:8c:
cb:82:1d:38:65:40:31:01:bd:9b:31:a9:24:0e:a2:22:64:7b:
61:05:5b:19:dd:02:62:92:d8:87:34:2f:9a:ea:93:b2:b1:5f:
de:92:cd:8b:2e:88:f5:44:ab:c4:cf:fb:c2:11:cb:2d:34:ff:
73:16:eb:09:1b:42:c7:5f:df:ad:38:9c:c0:71:19:5f:2d:83:
fa:d7:bf:0d:8a:b4:37:86:8c:a9:e6:9f:09:2e:fe:fe:ae:70:
f3:b5:54:d3:40:7c:60:55:e2:f4:83:b4:45:b7:d6:b9:60:03:
ca:4d:5f:21
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICE/AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjIwMjE4MDYyNDU5WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBmM2JiYi1mYTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuTVH+IiUvy78ljLqtkokeTsAPJb9502QnA9gR9NsyW45NaDU4bEAAOPTp/Y8
xue47KDmiax1NP2cURgin7DWThbmskeiyC/ucIhWHHXmyg02La/Bi5BQlW0gBNl5
b2cl/GI9TrT9brZkTITCSZPzlUH4eFo4OMbbCtPIfi5WBg5SUGom7TANzqGWecfK
6zhBkPWtRf3+ZzOYPPj6EZFlAH4Cpij4JkkRpIiCxbivBPOEImrYLSyWBZCOmSmJ
JGaImfiFPFyNllRzwCuKL1UF2fTXebR7F2qlmvdJCSrSLKUJHzJ5DFls5QDWcfU3
+u7sUKqUvNRz4KBxbM27rl20pQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNNbjSm7
pXIbONJqteowdiYSfOHJMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNjgwOUI5Q0M4
QjlGMTFFQTk3QkI4MDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACvLUAwDQYJKoZIhvcNAQELBQADggEBAGU9k+S7z1rl5JpV
X8nHKbtc5Tk2FwLEOMCXjlXir6XapyXXK1s0TglayW8mKV99iGUDvmWRRsXsrBut
bUl03oar48ovCmvKTbBhlTaZGz5K79b3A2TnAEjly5EuLMfI49vCDcMVa20DaEI5
pQsojKFeuXcEYIBHROOi6mBoF0FRfG+/DBqnCcuFBBsuUZaojMuCHThlQDEBvZsx
qSQOoiJke2EFWxndAmKS2Ic0L5rqk7KxX96SzYsuiPVEq8TP+8IRyy00/3MW6wkb
Qsdf3604nMBxGV8tg/rXvw2KtDeGjKnmnwku/v6ucPO1VNNAfGBV4vSDtEW31rlg
A8pNXyE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:11 2023 by rpki-client on console-ams.rpki-client.org