Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/666366489F4811EE8A9B8150C4F9AE02.roa
File: 666366489F4811EE8A9B8150C4F9AE02.roa (raw, json)
Hash identifier: rCWECIL5IwWSHW8jrQpB7Jh3UvF07jvabiwcr32dVj8=
Subject key identifier: 2F:2B:D1:A3:C8:05:09:10:E5:55:C1:7B:81:ED:E4:DE:2F:58:AA:F6
Certificate issuer: /CN=A91CF9B0/serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65
Certificate serial: 1B
Authority key identifier: A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/666366489F4811EE8A9B8150C4F9AE02.roa
Signing time: Wed 20 Dec 2023 15:03:46 +0000
ROA not before: Wed 20 Dec 2023 15:03:46 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 152185
IP address blocks: 36.50.182.0/23 maxlen: 23
36.50.182.0/24 maxlen: 24
36.50.183.0/24 maxlen: 24
2001:df3:4d40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27 (0x1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CF9B0, serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65
Validity
Not Before: Dec 20 15:03:46 2023 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65830252-8bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:70:05:30:e2:b4:93:28:d7:6f:8f:64:ae:f1:
d0:46:13:2c:8f:5a:1a:aa:dc:f5:e4:30:88:a2:b7:
ef:bb:1b:5b:45:a7:d1:ac:03:71:27:6d:82:83:fa:
c6:23:43:ac:42:de:84:e1:cf:4b:cd:5b:1f:b1:ae:
4b:66:82:47:c6:53:3a:9d:27:5f:ca:68:fd:66:e7:
2b:de:57:4c:0a:30:65:d7:24:c9:14:e8:cc:78:15:
0c:d7:e9:8e:61:2c:6d:3c:74:02:f4:20:53:30:e9:
33:c1:f1:29:b1:48:55:18:dc:bb:a3:40:97:aa:a0:
d3:11:a0:6f:24:e8:7b:a2:77:cc:d9:09:af:54:07:
6e:3c:8b:a7:17:7e:46:de:61:4a:c2:b1:35:6e:79:
97:48:ac:2a:a3:45:9b:5b:fd:3c:a4:e5:17:e1:de:
f8:78:db:9b:0a:24:78:ab:b8:6b:99:62:ee:c4:65:
81:75:0e:10:0d:9a:7c:75:2b:0e:24:22:d9:24:f7:
b3:5a:f8:58:a8:38:4f:5d:43:dd:aa:38:c2:1d:98:
3d:c5:53:b3:59:c3:b1:1d:1e:f9:94:47:ed:f5:4b:
cb:f0:d1:15:57:09:88:f5:0d:aa:c1:e5:bf:4e:cf:
84:b9:dd:15:97:f4:fd:37:8a:3a:0b:da:1c:cc:b1:
00:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2B:D1:A3:C8:05:09:10:E5:55:C1:7B:81:ED:E4:DE:2F:58:AA:F6
X509v3 Authority Key Identifier:
keyid:A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/666366489F4811EE8A9B8150C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.182.0/23
IPv6:
2001:df3:4d40::/48
Signature Algorithm: sha256WithRSAEncryption
9c:c3:3a:7a:f6:1d:6e:de:c4:40:6b:63:e4:74:d7:b5:8a:1f:
ad:b9:3a:2f:1c:53:94:bb:d8:67:93:b0:c0:51:d6:88:34:8f:
64:f3:21:d1:5a:3d:3a:b5:3b:01:2d:dc:e1:b1:a0:22:d7:ca:
ce:30:17:4d:a3:6d:25:4e:a4:ca:c0:0c:06:46:35:4b:c6:c2:
f0:15:67:3e:03:3c:0b:7b:1f:79:ae:0a:b9:71:ef:72:40:96:
2c:26:61:28:82:71:28:7e:57:d8:26:64:31:e7:c3:cd:6a:78:
f2:cc:0a:81:fc:d4:c3:c5:fd:94:5a:ef:73:71:94:8f:04:be:
67:1d:22:57:cf:80:84:5d:e7:fa:54:c3:3d:15:c3:53:e6:05:
f1:74:1d:ab:76:e2:c5:fd:66:5b:a6:fd:33:c6:fd:7d:6f:20:
7f:2a:f2:ce:a9:cb:d8:5c:c9:d3:94:1b:86:cd:67:59:a8:04:
c9:b5:e2:24:32:09:08:d3:90:54:9d:ba:fc:39:e0:b1:08:aa:
a8:80:0b:2f:7d:fd:c9:13:41:0f:79:fc:f6:4d:7a:73:43:15:
e0:81:5c:4e:12:5a:7c:87:76:ed:4e:9d:aa:57:f3:49:7f:49:
3e:4e:ff:b1:48:8e:62:28:d1:e1:22:4e:5a:bf:00:f4:36:5e:
e9:51:71:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBGzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RjlCMDExMC8GA1UEBRMoQTJBMjE3RDRBNDEyRkI1MzhGNUM5MUEzNEIzNkNFNzE4
NzlEREI2NTAeFw0yMzEyMjAxNTAzNDZaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ODMwMjUyLThiY2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDfcAUw4rSTKNdvj2Su8dBGEyyPWhqq3PXkMIiit++7G1tFp9GsA3EnbYKD+sYj
Q6xC3oThz0vNWx+xrktmgkfGUzqdJ1/KaP1m5yveV0wKMGXXJMkU6Mx4FQzX6Y5h
LG08dAL0IFMw6TPB8SmxSFUY3LujQJeqoNMRoG8k6Huid8zZCa9UB248i6cXfkbe
YUrCsTVueZdIrCqjRZtb/Tyk5Rfh3vh425sKJHiruGuZYu7EZYF1DhANmnx1Kw4k
Itkk97Na+FioOE9dQ92qOMIdmD3FU7NZw7EdHvmUR+31S8vw0RVXCYj1DarB5b9O
z4S53RWX9P03ijoL2hzMsQAHAgMBAAGjggKmMIICojAdBgNVHQ4EFgQULyvRo8gF
CRDlVcF7ge3k3i9YqvYwHwYDVR0jBBgwFoAUoqIX1KQS+1OPXJGjSzbOcYed22Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGOUIwLzE0Qzk0OTZFOUYz
RjExRUU4MDFCMUQ2MkM0RjlBRTAyL29xSVgxS1FTLTFPUFhKR2pTemJPY1llZDIy
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvb3FJWDFLUVMtMU9QWEpHalN6Yk9jWWVkMjJVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RjlCMC8xNEM5NDk2RTlGM0YxMUVFODAxQjFENjJDNEY5QUUwMi82NjYzNjY0ODlG
NDgxMUVFOEE5QjgxNTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEASQytjAPBAIAAjAJAwcAIAEN801AMA0GCSqGSIb3DQEBCwUA
A4IBAQCcwzp69h1u3sRAa2PkdNe1ih+tuTovHFOUu9hnk7DAUdaINI9k8yHRWj06
tTsBLdzhsaAi18rOMBdNo20lTqTKwAwGRjVLxsLwFWc+AzwLex95rgq5ce9yQJYs
JmEognEoflfYJmQx58PNanjyzAqB/NTDxf2UWu9zcZSPBL5nHSJXz4CEXef6VMM9
FcNT5gXxdB2rduLF/WZbpv0zxv19byB/KvLOqcvYXMnTlBuGzWdZqATJteIkMgkI
05BUnbr8OeCxCKqogAsvff3JE0EPefz2TXpzQxXggVxOElp8h3btTp2qV/NJf0k+
Tv+xSI5iKNHhIk5avwD0Nl7pUXEP
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:20:37 2025 by rpki-client