Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/4089897CA01411EDA2A41A52C4F9AE02.roa
File: 4089897CA01411EDA2A41A52C4F9AE02.roa (raw, json)
Hash identifier: xJrNBrnNpsV3u2VClIjZp7H0n33Npc0K9RdIIij0CsY=
Subject key identifier: 60:0B:DA:1E:72:F4:98:23:10:15:4E:E6:58:58:D9:E9:E1:BB:1A:57
Certificate issuer: /CN=A91EB4AF/serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42
Certificate serial: 0141
Authority key identifier: A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/4089897CA01411EDA2A41A52C4F9AE02.roa
Signing time: Sun 29 Jan 2023 20:33:56 +0000
ROA not before: Sun 29 Jan 2023 20:33:56 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 3573
IP address blocks: 2404:3d00:41c4::/47 maxlen: 47
2404:3d00:41c4::/48 maxlen: 48
2404:3d00:41c5::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321 (0x141)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB4AF/serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42
Validity
Not Before: Jan 29 20:33:56 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=63d6d834-45fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:02:5d:5c:a6:0f:df:4e:40:af:2a:e7:da:9f:
0b:86:eb:d3:ba:30:af:0d:d5:2e:6b:34:46:0a:da:
3a:aa:b1:32:97:28:98:a6:6a:7f:59:ce:54:48:75:
ef:df:8d:28:c9:1c:46:ac:97:89:79:ba:30:44:21:
45:b1:3b:1a:b9:61:fb:b8:96:33:28:74:32:63:5f:
8f:44:d0:86:a0:b3:42:fb:8c:31:43:66:41:1e:8f:
d3:32:0a:ec:32:37:c2:57:9c:b5:96:1b:dc:89:91:
79:58:b2:6c:65:77:61:b3:8a:7a:f4:2a:b8:e5:37:
8f:d0:1d:b0:92:65:f8:a4:a3:5d:be:bb:2a:2c:17:
30:36:8a:bb:b0:fa:bf:6a:b9:02:b0:57:27:77:17:
8c:33:27:23:43:a7:0a:ec:e5:b4:fe:b0:16:be:09:
29:a1:ee:f7:5a:0c:e5:c5:12:2e:e6:c9:d1:ac:1b:
cc:1c:24:52:99:7a:80:eb:06:61:f8:57:84:19:91:
5d:41:c0:f5:47:56:de:72:ab:39:53:94:46:ca:99:
30:51:94:f8:fd:b4:35:7b:54:18:8d:c6:a4:13:40:
10:87:cc:96:f1:10:35:0c:92:44:74:07:d3:e6:ea:
8d:20:fe:08:e4:67:f3:42:d8:b4:45:8f:0f:50:5f:
6c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0B:DA:1E:72:F4:98:23:10:15:4E:E6:58:58:D9:E9:E1:BB:1A:57
X509v3 Authority Key Identifier:
keyid:A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/4089897CA01411EDA2A41A52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:3d00:41c4::/47
Signature Algorithm: sha256WithRSAEncryption
5a:6e:03:b1:b4:04:98:99:5c:53:ce:bd:aa:42:64:b0:84:80:
6c:43:93:f4:64:5e:9f:27:0f:14:37:0f:80:76:46:81:b0:70:
4f:54:80:d6:10:ae:3d:d4:26:b8:3a:ab:79:3a:a2:a8:b7:88:
f3:75:1b:96:a5:dc:89:0b:64:b5:af:46:ed:b7:04:72:31:03:
08:07:08:70:30:4b:fd:c7:c5:34:8f:05:f5:a4:ca:1e:77:ee:
b2:79:7c:11:d1:69:7d:89:a0:61:d6:04:ca:69:93:ad:e4:7a:
5a:4c:7d:44:06:a0:16:69:76:3f:6e:63:f3:38:6e:86:81:7e:
e6:a3:4d:d5:8d:35:b0:7d:83:01:35:d9:1a:e4:1d:35:73:0b:
3f:d0:61:13:3c:80:78:9e:26:50:2a:16:34:e0:5d:c1:13:d2:
87:40:5f:1b:d5:05:a5:5e:14:cd:08:70:d8:b9:fc:a8:2b:d0:
42:17:ac:0e:b9:c3:c7:a7:bc:3d:ff:d5:1b:cf:85:c3:e1:68:
08:0d:b4:db:21:c3:bb:09:24:f7:25:d1:e0:ae:ad:a2:f5:54:
00:2b:a8:36:e9:21:00:1b:60:20:68:97:7a:a0:93:91:39:e5:
f9:15:bf:44:84:d1:9d:dc:40:88:9f:28:17:07:e3:c4:e7:f4:
0f:e1:55:a8
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUI0QUYxMTAvBgNVBAUTKEE5N0VBQTRENkYxNTVCOEQyN0M0MEFFOEUzMjdEOUJB
NTJDMzRCNDIwHhcNMjMwMTI5MjAzMzU2WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q2ZDgzNC00NWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwAJdXKYP305Aryrn2p8LhuvTujCvDdUuazRGCto6qrEylyiYpmp/Wc5USHXv
340oyRxGrJeJebowRCFFsTsauWH7uJYzKHQyY1+PRNCGoLNC+4wxQ2ZBHo/TMgrs
MjfCV5y1lhvciZF5WLJsZXdhs4p69Cq45TeP0B2wkmX4pKNdvrsqLBcwNoq7sPq/
arkCsFcndxeMMycjQ6cK7OW0/rAWvgkpoe73WgzlxRIu5snRrBvMHCRSmXqA6wZh
+FeEGZFdQcD1R1becqs5U5RGypkwUZT4/bQ1e1QYjcakE0AQh8yW8RA1DJJEdAfT
5uqNIP4I5GfzQti0RY8PUF9szQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFGAL2h5y
9JgjEBVO5lhY2enhuxpXMB8GA1UdIwQYMBaAFKl+qk1vFVuNJ8QK6OMn2bpSw0tC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjRBRi9DQzdCMjU1QURD
QTkxMUVDOTRFM0UwMjlDNEY5QUUwMi9xWDZxVFc4Vlc0MG54QXJvNHlmWnVsTERT
MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FYNnFUVzhWVzQwbnhBcm80eWZadWxMRFMwSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUI0QUYvQ0M3QjI1NUFEQ0E5MTFFQzk0RTNFMDI5QzRGOUFFMDIvNDA4OTg5N0NB
MDE0MTFFREEyQTQxQTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwEkBD0AQcQwDQYJKoZIhvcNAQELBQADggEBAFpuA7G0BJiZ
XFPOvapCZLCEgGxDk/RkXp8nDxQ3D4B2RoGwcE9UgNYQrj3UJrg6q3k6oqi3iPN1
G5al3IkLZLWvRu23BHIxAwgHCHAwS/3HxTSPBfWkyh537rJ5fBHRaX2JoGHWBMpp
k63kelpMfUQGoBZpdj9uY/M4boaBfuajTdWNNbB9gwE12RrkHTVzCz/QYRM8gHie
JlAqFjTgXcET0odAXxvVBaVeFM0IcNi5/Kgr0EIXrA65w8envD3/1RvPhcPhaAgN
tNshw7sJJPcl0eCuraL1VAArqDbpIQAbYCBol3qgk5E55fkVv0SE0Z3cQIifKBcH
48Tn9A/hVag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org