Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8E9B/69EB42C0960E11ED9A4CEA65C4F9AE02/667A3930961211EDBBBDF50AC4F9AE02.roa
File: 667A3930961211EDBBBDF50AC4F9AE02.roa (raw, json)
Hash identifier: 7Ug1qbag2j8Ss5L5k8dogjvnODDA2xnV0ELLRLDWTYk=
Subject key identifier: 46:38:98:A7:56:A3:5A:68:24:17:40:E3:F5:F2:EC:C1:B3:BC:70:3F
Certificate issuer: /CN=A91F8E9B/serialNumber=446792439258182A7A1E4DA4B2C06FAD2AAEE4B9
Certificate serial: 02
Authority key identifier: 44:67:92:43:92:58:18:2A:7A:1E:4D:A4:B2:C0:6F:AD:2A:AE:E4:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RGeSQ5JYGCp6Hk2kssBvrSqu5Lk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8E9B/69EB42C0960E11ED9A4CEA65C4F9AE02/667A3930961211EDBBBDF50AC4F9AE02.roa
Signing time: Tue 17 Jan 2023 02:55:29 +0000
ROA not before: Tue 17 Jan 2023 02:55:29 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 24324
IP address blocks: 2400:b400::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8E9B/serialNumber=446792439258182A7A1E4DA4B2C06FAD2AAEE4B9
Validity
Not Before: Jan 17 02:55:29 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63c60e21-523f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:20:6a:b2:53:03:90:5d:cf:17:19:ed:1a:f5:
68:81:d0:a2:13:9f:30:76:dd:c4:53:52:c0:cf:ea:
5d:d8:7a:76:f1:52:ce:cd:1b:ca:76:47:7b:dc:09:
61:28:72:bc:48:04:ba:67:54:33:aa:c3:46:dd:67:
aa:ac:11:74:78:ba:35:0b:22:08:fd:df:c8:18:8d:
40:af:ac:2b:5b:f1:e0:55:61:68:f3:b5:ca:11:34:
20:75:70:d8:67:1d:5c:13:d5:97:ed:27:94:2c:4d:
75:1f:74:3c:88:f0:85:d2:8e:0f:a8:c7:1e:d2:f8:
5c:28:dc:06:e6:03:ba:0f:6f:ef:b9:36:8a:6a:85:
a9:87:50:da:0c:68:3d:31:2a:14:08:f4:eb:aa:33:
a4:88:de:65:9f:6d:6e:c5:ba:63:ca:07:2f:f1:4f:
49:52:0b:94:e5:a6:72:3b:f9:ae:62:0b:74:fb:e2:
08:fa:8b:f7:c9:4e:c3:8c:93:50:ee:19:dd:cc:59:
4c:1f:8a:d7:4a:e0:fc:f7:0f:c4:08:3e:b1:b4:33:
45:8b:4b:ca:1b:73:a6:c8:58:4d:b2:e4:8b:e1:99:
18:be:4d:e0:78:83:0d:74:62:8b:1d:a0:d6:51:45:
2d:07:be:20:d2:72:8b:80:02:80:93:e4:09:f3:66:
e4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:38:98:A7:56:A3:5A:68:24:17:40:E3:F5:F2:EC:C1:B3:BC:70:3F
X509v3 Authority Key Identifier:
keyid:44:67:92:43:92:58:18:2A:7A:1E:4D:A4:B2:C0:6F:AD:2A:AE:E4:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8E9B/69EB42C0960E11ED9A4CEA65C4F9AE02/RGeSQ5JYGCp6Hk2kssBvrSqu5Lk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RGeSQ5JYGCp6Hk2kssBvrSqu5Lk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8E9B/69EB42C0960E11ED9A4CEA65C4F9AE02/667A3930961211EDBBBDF50AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:b400::/48
Signature Algorithm: sha256WithRSAEncryption
48:00:99:26:9a:54:d8:94:ea:e1:5c:f1:63:30:0b:d6:3e:ad:
a9:40:0f:0c:1d:d7:1c:d0:00:59:f8:ec:9f:d2:10:b9:e9:3e:
6b:d6:12:a7:24:74:d3:e8:25:8a:69:fa:d0:0c:28:bb:ab:65:
ca:8e:a4:ba:60:aa:98:a0:ea:6d:59:b4:a6:b7:4a:5d:3c:0d:
45:f8:c8:7e:de:80:9f:08:9d:3d:fb:ff:80:07:0b:6c:3e:3b:
a7:8e:62:b1:f1:a5:57:ec:86:fc:2f:07:1c:0c:d9:ed:5d:f1:
ee:e9:8b:33:3d:9b:87:33:2e:0b:50:f1:03:27:fe:23:7a:87:
23:94:a6:6f:e8:a2:d7:23:c7:da:0b:5a:0c:dd:e3:b8:b1:dd:
29:7b:90:46:19:1d:6d:ca:a9:50:78:e6:f9:89:28:f8:b8:e0:
11:28:80:56:0c:6a:f5:17:72:2b:06:49:32:f5:b1:10:72:c8:
a3:e7:2d:a3:21:57:fa:59:fa:28:d2:95:25:6f:86:1d:f0:3a:
7c:8d:7d:69:a1:c3:d5:d9:87:0b:ea:7f:e5:80:83:17:cd:39:
ff:6b:a3:c1:67:cb:ec:eb:fc:45:58:48:36:a5:63:1d:a1:7b:
c2:93:4d:65:05:e1:09:69:88:ee:34:8b:32:93:d0:48:d3:d3:
c9:f3:d8:5b
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
OEU5QjExMC8GA1UEBRMoNDQ2NzkyNDM5MjU4MTgyQTdBMUU0REE0QjJDMDZGQUQy
QUFFRTRCOTAeFw0yMzAxMTcwMjU1MjlaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYzYwZTIxLTUyM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2IGqyUwOQXc8XGe0a9WiB0KITnzB23cRTUsDP6l3YenbxUs7NG8p2R3vcCWEo
crxIBLpnVDOqw0bdZ6qsEXR4ujULIgj938gYjUCvrCtb8eBVYWjztcoRNCB1cNhn
HVwT1ZftJ5QsTXUfdDyI8IXSjg+oxx7S+Fwo3AbmA7oPb++5NopqhamHUNoMaD0x
KhQI9OuqM6SI3mWfbW7FumPKBy/xT0lSC5TlpnI7+a5iC3T74gj6i/fJTsOMk1Du
Gd3MWUwfitdK4Pz3D8QIPrG0M0WLS8obc6bIWE2y5IvhmRi+TeB4gw10YosdoNZR
RS0HviDScouAAoCT5AnzZuTbAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQURjiYp1aj
WmgkF0Dj9fLswbO8cD8wHwYDVR0jBBgwFoAURGeSQ5JYGCp6Hk2kssBvrSqu5Lkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4RTlCLzY5RUI0MkMwOTYw
RTExRUQ5QTRDRUE2NUM0RjlBRTAyL1JHZVNRNUpZR0NwNkhrMmtzc0J2clNxdTVM
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUkdlU1E1SllHQ3A2SGsya3NzQnZyU3F1NUxrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
OEU5Qi82OUVCNDJDMDk2MEUxMUVEOUE0Q0VBNjVDNEY5QUUwMi82NjdBMzkzMDk2
MTIxMUVEQkJCREY1MEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACQAtAAAADANBgkqhkiG9w0BAQsFAAOCAQEASACZJppU2JTq
4VzxYzAL1j6tqUAPDB3XHNAAWfjsn9IQuek+a9YSpyR00+glimn60Awou6tlyo6k
umCqmKDqbVm0prdKXTwNRfjIft6AnwidPfv/gAcLbD47p45isfGlV+yG/C8HHAzZ
7V3x7umLMz2bhzMuC1DxAyf+I3qHI5Smb+ii1yPH2gtaDN3juLHdKXuQRhkdbcqp
UHjm+Yko+LjgESiAVgxq9RdyKwZJMvWxEHLIo+ctoyFX+ln6KNKVJW+GHfA6fI19
aaHD1dmHC+p/5YCDF805/2ujwWfL7Ov8RVhINqVjHaF7wpNNZQXhCWmI7jSLMpPQ
SNPTyfPYWw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:36:10 2023 by rpki-client on console.sobornost.net