Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/9B21ED20F77011EE87C1441EC4F9AE02.roa
File: 9B21ED20F77011EE87C1441EC4F9AE02.roa (raw, json)
Hash identifier: Wodi/aL4KJznaBMPDgongcuJuplEc+TWjWZ5laDUzfY=
Subject key identifier: FE:77:7D:17:28:6C:B2:6C:38:BF:E7:EF:1B:50:2D:C9:B2:5D:D8:4D
Certificate issuer: /CN=A9110D07/serialNumber=4AC95C8A975E4CF310842C95564051753DEB0289
Certificate serial: 74
Authority key identifier: 4A:C9:5C:8A:97:5E:4C:F3:10:84:2C:95:56:40:51:75:3D:EB:02:89
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SslcipdeTPMQhCyVVkBRdT3rAok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/9B21ED20F77011EE87C1441EC4F9AE02.roa
Signing time: Wed 10 Apr 2024 19:35:59 +0000
ROA not before: Wed 10 Apr 2024 19:35:59 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 152300
IP address blocks: 36.50.18.0/24 maxlen: 31
36.50.19.0/24 maxlen: 31
2001:df3:51c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116 (0x74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9110D07
Validity
Not Before: Apr 10 19:35:59 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6616ea1f-347c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6f:ec:8c:c8:39:82:f9:48:61:4d:17:61:26:
5d:af:97:a9:30:81:54:54:e0:0d:a6:9b:34:2a:c6:
ec:dc:2c:e4:1f:2c:a2:0a:aa:7d:04:01:7c:ef:2d:
c5:e8:43:cd:1e:cd:f2:0f:f4:a4:dc:f0:b4:20:a1:
d4:18:a8:86:dd:e5:be:92:46:43:04:f0:e8:b8:ac:
dd:d7:77:60:e6:b1:39:52:fa:d8:b0:fc:68:2a:6a:
25:0b:bf:67:c3:63:c2:e5:a5:f9:0a:32:13:21:2e:
cf:25:46:70:9c:d1:9f:6e:8a:77:f4:69:27:2e:d9:
3a:20:d3:13:17:ae:f7:c4:88:33:22:69:d8:83:da:
a7:6d:1b:f2:dc:68:40:16:99:d7:c4:91:99:85:e8:
5f:08:bd:34:06:8e:bd:d6:86:93:4c:b0:b8:52:10:
15:a4:e3:4c:28:d5:36:95:e7:78:0d:4d:94:01:ac:
e8:d6:59:ff:95:f9:8d:a1:09:55:d6:43:a4:21:5e:
8c:13:97:b5:9f:7f:fd:8e:46:52:8f:04:da:a4:37:
28:74:c3:01:4f:be:2d:74:4c:72:e0:58:a4:62:34:
94:24:a3:09:55:18:d3:2e:3c:e6:22:ee:cb:bb:db:
b7:0a:81:7c:ed:10:50:41:cd:00:83:30:55:db:d3:
a6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:77:7D:17:28:6C:B2:6C:38:BF:E7:EF:1B:50:2D:C9:B2:5D:D8:4D
X509v3 Authority Key Identifier:
keyid:4A:C9:5C:8A:97:5E:4C:F3:10:84:2C:95:56:40:51:75:3D:EB:02:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/SslcipdeTPMQhCyVVkBRdT3rAok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SslcipdeTPMQhCyVVkBRdT3rAok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/9B21ED20F77011EE87C1441EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.18.0/23
IPv6:
2001:df3:51c0::/48
Signature Algorithm: sha256WithRSAEncryption
78:d4:6a:8b:7f:22:2f:1f:48:31:cb:5d:99:32:e9:c6:03:31:
e0:19:0f:b8:7e:ee:43:78:44:a1:96:47:d6:47:31:f0:17:2b:
98:4f:dc:42:eb:83:ac:35:72:3e:5d:26:6c:91:2c:ba:3b:cb:
a4:3d:31:44:2c:8d:8e:4b:40:8a:12:47:4b:c7:2d:da:a2:c5:
7f:cb:83:a9:13:ca:5b:76:65:9f:df:64:b2:1f:61:90:fa:2c:
9f:50:90:fd:b2:7c:cd:2d:7e:b3:82:10:07:60:be:cf:d7:dc:
2c:6b:03:b9:88:e4:ec:94:d3:3f:18:6d:5e:64:a5:6f:9e:74:
88:c7:a2:ee:07:cc:24:a7:b6:3f:ca:8b:d6:79:58:24:44:6b:
b9:d8:73:2e:d6:e0:d0:73:c3:28:3b:bb:eb:73:45:73:b7:0b:
90:47:81:42:9f:87:9e:52:3e:5c:d6:b3:09:92:72:9f:02:bc:
cf:26:95:c8:4b:fa:8f:12:22:92:1e:a8:52:8c:9f:6b:ce:fb:
d1:3f:15:a8:96:d3:89:ba:87:6b:be:36:a4:1d:7a:54:29:d3:
ca:30:58:e8:6f:c5:fd:c7:02:46:04:37:12:1c:3c:c0:27:61:
e4:79:64:4c:ed:c1:1b:4c:69:a9:a4:2e:4f:89:a2:a8:ce:0b:
c4:1a:5d:ac
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBdDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MEQwNzExMC8GA1UEBRMoNEFDOTVDOEE5NzVFNENGMzEwODQyQzk1NTY0MDUxNzUz
REVCMDI4OTAeFw0yNDA0MTAxOTM1NTlaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTZlYTFmLTM0N2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSb+yMyDmC+UhhTRdhJl2vl6kwgVRU4A2mmzQqxuzcLOQfLKIKqn0EAXzvLcXo
Q80ezfIP9KTc8LQgodQYqIbd5b6SRkME8Oi4rN3Xd2DmsTlS+tiw/GgqaiULv2fD
Y8LlpfkKMhMhLs8lRnCc0Z9uinf0aScu2Tog0xMXrvfEiDMiadiD2qdtG/LcaEAW
mdfEkZmF6F8IvTQGjr3WhpNMsLhSEBWk40wo1TaV53gNTZQBrOjWWf+V+Y2hCVXW
Q6QhXowTl7Wff/2ORlKPBNqkNyh0wwFPvi10THLgWKRiNJQkowlVGNMuPOYi7su7
27cKgXztEFBBzQCDMFXb06ZXAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU/nd9Fyhs
smw4v+fvG1AtybJd2E0wHwYDVR0jBBgwFoAUSslcipdeTPMQhCyVVkBRdT3rAokw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEwRDA3L0QzRTg4OUQ0OEU3
RjExRUU4RTk3QjQ4NEM0RjlBRTAyL1NzbGNpcGRlVFBNUWhDeVZWa0JSZFQzckFv
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU3NsY2lwZGVUUE1RaEN5VlZrQlJkVDNyQW9rLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MEQwNy9EM0U4ODlENDhFN0YxMUVFOEU5N0I0ODRDNEY5QUUwMi85QjIxRUQyMEY3
NzAxMUVFODdDMTQ0MUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEASQyEjAPBAIAAjAJAwcAIAEN81HAMA0GCSqGSIb3DQEBCwUA
A4IBAQB41GqLfyIvH0gxy12ZMunGAzHgGQ+4fu5DeEShlkfWRzHwFyuYT9xC64Os
NXI+XSZskSy6O8ukPTFELI2OS0CKEkdLxy3aosV/y4OpE8pbdmWf32SyH2GQ+iyf
UJD9snzNLX6zghAHYL7P19wsawO5iOTslNM/GG1eZKVvnnSIx6LuB8wkp7Y/yovW
eVgkRGu52HMu1uDQc8MoO7vrc0VztwuQR4FCn4eeUj5c1rMJknKfArzPJpXIS/qP
EiKSHqhSjJ9rzvvRPxWoltOJuodrvjakHXpUKdPKMFjob8X9xwJGBDcSHDzAJ2Hk
eWRM7cEbTGmppC5PiaKozgvEGl2s
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:59:15 2025 by rpki-client