Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/912E6358733C11EC96409D77C4F9AE02.roa
File: 912E6358733C11EC96409D77C4F9AE02.roa (raw, json)
Hash identifier: upy/+kavSalLiQbW9/tdTa5utZh4hQamaKxG8NP22bo=
Subject key identifier: E7:32:1A:52:8F:70:A9:0B:42:E4:49:92:94:90:B1:BB:27:88:AB:90
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 1655
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/912E6358733C11EC96409D77C4F9AE02.roa
Signing time: Thu 16 Feb 2023 05:05:23 +0000
ROA not before: Thu 16 Feb 2023 05:05:23 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 9822
IP address blocks: 2404:b000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5717 (0x1655)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 16 05:05:23 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=63edb992-2e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c0:83:e3:a5:e7:40:d8:c7:14:d8:d3:eb:1e:
02:a7:c8:9c:1f:03:8d:3a:f5:e5:44:bd:75:e9:4e:
af:bf:5e:09:42:86:cb:61:c0:94:3b:39:34:43:bb:
e7:74:9c:d7:e0:0e:14:fe:09:0b:f6:6b:3a:7d:6a:
2c:52:bd:0e:1d:64:dc:82:d2:96:2c:ec:47:36:9d:
29:0f:5e:98:20:46:a6:ce:75:7a:80:44:74:22:c0:
0b:6c:69:a4:87:40:f4:7e:84:dc:36:de:a2:a9:9e:
ad:b1:bd:a3:dc:e8:07:d7:28:ba:98:df:6f:52:3e:
75:f8:eb:11:27:fe:b6:62:3e:c8:c4:43:64:4e:24:
92:3c:b2:e5:cb:8a:19:f9:fe:84:42:38:b8:63:04:
ef:2d:98:05:ba:38:ca:77:bc:ed:98:86:2e:0f:de:
1b:f2:62:91:d8:8d:92:b7:55:18:0d:cd:ca:e3:0d:
c2:60:b3:8b:12:d1:7e:5c:36:68:ba:be:36:46:ee:
d4:cc:4c:1a:22:8a:0d:0c:8f:d2:45:71:6a:00:07:
8b:54:e8:bc:42:27:1c:f3:7f:e7:9c:26:63:3d:99:
75:f9:b7:49:bb:00:90:32:a7:12:8d:91:66:31:7b:
7d:a5:9a:de:3b:ec:ea:9d:0c:66:1b:1a:ea:76:66:
d9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:32:1A:52:8F:70:A9:0B:42:E4:49:92:94:90:B1:BB:27:88:AB:90
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/912E6358733C11EC96409D77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:b000::/36
Signature Algorithm: sha256WithRSAEncryption
97:7e:ba:65:53:26:21:66:4e:43:a5:b9:a0:5c:50:53:02:e1:
79:79:b0:70:74:ab:99:4a:6e:5a:d6:55:a0:f1:49:41:e1:49:
f6:2a:1d:7a:88:5a:a9:44:6b:d4:5b:7e:71:2b:e0:5e:85:5a:
c4:75:3f:33:a6:4b:b7:50:ab:7d:7b:85:f2:b0:ba:c1:db:ca:
b4:2f:95:f4:86:d6:36:d5:b7:84:36:22:51:2c:bf:ad:2d:00:
25:0b:2c:cc:60:20:3b:57:85:ff:ea:18:58:ea:6a:24:bd:8f:
a5:36:ae:ed:3c:69:51:1d:6d:98:44:92:ee:39:1c:2d:a7:64:
12:31:57:c5:f9:c5:46:fd:64:41:86:23:8e:12:01:94:56:2a:
95:54:f7:91:f5:ec:3f:e4:04:c5:f3:bd:79:ae:b6:35:dd:a7:
45:e1:dd:33:bc:08:98:1e:06:f5:b0:a7:93:6b:0f:4a:c3:c2:
8d:aa:a5:fa:1b:dc:f2:65:22:d2:31:1f:90:67:f6:c1:73:5b:
43:3e:4b:fd:93:b3:da:23:64:98:a0:c2:e9:11:3c:00:c9:4c:
cf:9b:d5:a7:ef:37:a4:18:d7:d2:03:d7:7d:4a:7f:c3:7b:dd:
4c:32:53:3e:ef:a6:43:46:d9:f3:48:f8:b2:80:ab:a8:b6:43:
05:14:40:b2
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICFlUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjMwMjE2MDUwNTIzWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2VkYjk5Mi0yZTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvsCD46XnQNjHFNjT6x4Cp8icHwONOvXlRL116U6vv14JQobLYcCUOzk0Q7vn
dJzX4A4U/gkL9ms6fWosUr0OHWTcgtKWLOxHNp0pD16YIEamznV6gER0IsALbGmk
h0D0foTcNt6iqZ6tsb2j3OgH1yi6mN9vUj51+OsRJ/62Yj7IxENkTiSSPLLly4oZ
+f6EQji4YwTvLZgFujjKd7ztmIYuD94b8mKR2I2St1UYDc3K4w3CYLOLEtF+XDZo
ur42Ru7UzEwaIooNDI/SRXFqAAeLVOi8Qicc83/nnCZjPZl1+bdJuwCQMqcSjZFm
MXt9pZreO+zqnQxmGxrqdmbZCwIDAQABo4IClzCCApMwHQYDVR0OBBYEFOcyGlKP
cKkLQuRJkpSQsbsniKuQMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvOTEyRTYzNTg3
MzNDMTFFQzk2NDA5RDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgQkBLAAADANBgkqhkiG9w0BAQsFAAOCAQEAl366ZVMmIWZO
Q6W5oFxQUwLheXmwcHSrmUpuWtZVoPFJQeFJ9iodeohaqURr1Ft+cSvgXoVaxHU/
M6ZLt1CrfXuF8rC6wdvKtC+V9IbWNtW3hDYiUSy/rS0AJQsszGAgO1eF/+oYWOpq
JL2PpTau7TxpUR1tmESS7jkcLadkEjFXxfnFRv1kQYYjjhIBlFYqlVT3kfXsP+QE
xfO9ea62Nd2nReHdM7wImB4G9bCnk2sPSsPCjaql+hvc8mUi0jEfkGf2wXNbQz5L
/ZOz2iNkmKDC6RE8AMlMz5vVp+83pBjX0gPXfUp/w3vdTDJTPu+mQ0bZ80j4soCr
qLZDBRRAsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org