Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA9BC/BE2CEFF0B3AA11EDAF31623FC4F9AE02/780F435CB3AE11EDB9C7ED44C4F9AE02.roa
File: 780F435CB3AE11EDB9C7ED44C4F9AE02.roa (raw, json)
Hash identifier: P0OVUNde0SeH54sJmD/iaJNJAmiKo7Uy3bBVPplolTE=
Subject key identifier: 9F:E6:84:04:28:57:7E:BA:5C:CF:77:2F:A0:D8:71:89:8F:B8:1F:13
Certificate issuer: /CN=A91FA9BC/serialNumber=4ABBD7301CFF7FB4ACB6A04A14F0A36CCE85611C
Certificate serial: 02
Authority key identifier: 4A:BB:D7:30:1C:FF:7F:B4:AC:B6:A0:4A:14:F0:A3:6C:CE:85:61:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SrvXMBz_f7SstqBKFPCjbM6FYRw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FA9BC/BE2CEFF0B3AA11EDAF31623FC4F9AE02/780F435CB3AE11EDB9C7ED44C4F9AE02.roa
Signing time: Thu 23 Feb 2023 19:15:44 +0000
ROA not before: Thu 23 Feb 2023 19:15:44 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 141780
IP address blocks: 2001:df6:3480::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FA9BC/serialNumber=4ABBD7301CFF7FB4ACB6A04A14F0A36CCE85611C
Validity
Not Before: Feb 23 19:15:44 2023 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=63f7bb60-68bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:46:ce:9c:1e:aa:17:f8:96:9c:26:12:84:eb:
d4:96:33:ed:0c:5c:c2:9b:aa:71:de:b4:d5:86:a7:
f3:46:14:36:9b:0c:d9:d9:cc:a7:96:83:67:48:09:
6a:c6:86:6a:d6:a8:b1:4e:4c:2e:c6:d7:33:76:ef:
53:ad:42:42:64:f6:de:4e:0e:c8:b1:97:ec:08:62:
6d:0e:73:01:6b:4a:a9:ed:9a:33:36:05:2f:02:fc:
06:a9:22:62:74:47:19:59:6e:7d:8b:27:b3:db:5c:
ad:35:12:10:e4:d3:00:0e:a2:20:cb:ab:d5:8c:fe:
43:ed:aa:f9:e8:54:3a:0a:44:79:8a:a1:ba:0b:66:
ce:74:dd:c4:0b:aa:b1:99:cf:52:95:db:11:85:a0:
11:68:70:1c:d2:24:f5:7c:1d:01:c0:a2:1f:85:0c:
b2:fb:4a:fd:0c:49:22:98:45:1b:bc:d0:4b:3c:99:
28:72:19:dc:5a:6b:d6:07:41:f5:30:d5:1c:3b:7c:
08:2c:cb:a9:bc:bd:7e:75:ed:ea:35:b4:eb:d3:41:
34:55:a2:b8:f7:34:41:4b:38:73:75:d3:06:67:5f:
21:87:3e:f9:18:f3:60:54:88:e6:b7:42:12:c3:77:
28:a6:8a:9a:6c:cf:d4:53:cf:e7:c3:e4:6c:b1:ee:
51:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E6:84:04:28:57:7E:BA:5C:CF:77:2F:A0:D8:71:89:8F:B8:1F:13
X509v3 Authority Key Identifier:
keyid:4A:BB:D7:30:1C:FF:7F:B4:AC:B6:A0:4A:14:F0:A3:6C:CE:85:61:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FA9BC/BE2CEFF0B3AA11EDAF31623FC4F9AE02/SrvXMBz_f7SstqBKFPCjbM6FYRw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SrvXMBz_f7SstqBKFPCjbM6FYRw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA9BC/BE2CEFF0B3AA11EDAF31623FC4F9AE02/780F435CB3AE11EDB9C7ED44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df6:3480::/48
Signature Algorithm: sha256WithRSAEncryption
35:28:96:75:73:a1:d2:83:f1:2f:10:2c:9e:27:c4:51:91:f7:
10:8c:bd:02:d3:95:a0:57:ec:07:ad:f0:ac:d2:59:64:db:bc:
1f:9d:18:54:0d:a6:40:d1:22:5d:11:83:ba:46:60:7c:35:ae:
46:0f:53:f4:08:b1:ba:ff:52:38:33:60:7e:f0:84:f0:14:9f:
31:9f:61:8b:f9:d4:1f:c1:53:08:64:a2:42:d8:14:3e:a6:21:
67:6f:a6:a2:b9:14:d2:9d:59:e1:7d:c4:83:f8:43:95:a0:75:
68:3a:61:6f:a2:86:b6:d4:7a:d2:46:e8:ec:0d:3e:98:1f:a4:
52:c8:55:62:12:1d:5b:e2:43:b0:f7:db:02:42:27:ce:a5:5b:
c1:8c:94:60:3b:24:e6:b0:a7:a7:03:f5:2b:f7:c3:53:52:b6:
fa:1f:5d:f9:7f:d4:a6:f9:b3:87:ab:0b:e1:64:25:23:b0:bd:
a7:09:b3:54:16:f8:69:0c:9f:f6:f7:98:54:be:b1:00:0a:36:
2f:e6:f6:6e:8a:11:36:77:3e:14:87:e4:72:f4:27:c2:b5:3f:
3d:26:24:bb:fe:7a:14:57:31:1d:ee:a7:64:21:ab:c8:37:3d:
2f:d2:e4:6b:cf:1b:2f:f9:d1:a0:44:7e:c9:b2:6a:cf:91:4c:
d6:68:a9:42
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QTlCQzExMC8GA1UEBRMoNEFCQkQ3MzAxQ0ZGN0ZCNEFDQjZBMDRBMTRGMEEzNkND
RTg1NjExQzAeFw0yMzAyMjMxOTE1NDRaFw0yMzA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZjdiYjYwLTY4YmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPRs6cHqoX+JacJhKE69SWM+0MXMKbqnHetNWGp/NGFDabDNnZzKeWg2dICWrG
hmrWqLFOTC7G1zN271OtQkJk9t5ODsixl+wIYm0OcwFrSqntmjM2BS8C/AapImJ0
RxlZbn2LJ7PbXK01EhDk0wAOoiDLq9WM/kPtqvnoVDoKRHmKoboLZs503cQLqrGZ
z1KV2xGFoBFocBzSJPV8HQHAoh+FDLL7Sv0MSSKYRRu80Es8mShyGdxaa9YHQfUw
1Rw7fAgsy6m8vX517eo1tOvTQTRVorj3NEFLOHN10wZnXyGHPvkY82BUiOa3QhLD
dyimippsz9RTz+fD5Gyx7lGfAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUn+aEBChX
frpcz3cvoNhxiY+4HxMwHwYDVR0jBBgwFoAUSrvXMBz/f7SstqBKFPCjbM6FYRww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBOUJDL0JFMkNFRkYwQjNB
QTExRURBRjMxNjIzRkM0RjlBRTAyL1NydlhNQnpfZjdTc3RxQktGUENqYk02RllS
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU3J2WE1Cel9mN1NzdHFCS0ZQQ2piTTZGWVJ3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QTlCQy9CRTJDRUZGMEIzQUExMUVEQUYzMTYyM0ZDNEY5QUUwMi83ODBGNDM1Q0Iz
QUUxMUVEQjlDN0VENDRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfY0gDANBgkqhkiG9w0BAQsFAAOCAQEANSiWdXOh0oPx
LxAsnifEUZH3EIy9AtOVoFfsB63wrNJZZNu8H50YVA2mQNEiXRGDukZgfDWuRg9T
9Aixuv9SODNgfvCE8BSfMZ9hi/nUH8FTCGSiQtgUPqYhZ2+morkU0p1Z4X3Eg/hD
laB1aDphb6KGttR60kbo7A0+mB+kUshVYhIdW+JDsPfbAkInzqVbwYyUYDsk5rCn
pwP1K/fDU1K2+h9d+X/Upvmzh6sL4WQlI7C9pwmzVBb4aQyf9veYVL6xAAo2L+b2
booRNnc+FIfkcvQnwrU/PSYku/56FFcxHe6nZCGryDc9L9Lka88bL/nRoER+ybJq
z5FM1mipQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org