Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/50D3184C84A711EABF754420C4F9AE02.roa
File: 50D3184C84A711EABF754420C4F9AE02.roa (raw, json)
Hash identifier: iX9EpiAnmpNDkstqUU17ohAk9RkvYFVzSelleAXxcEc=
Subject key identifier: E7:C5:AA:69:C2:8E:53:78:98:EF:79:F5:3D:09:8B:3A:E4:F9:74:83
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 2997
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/50D3184C84A711EABF754420C4F9AE02.roa
Signing time: Tue 31 Dec 2024 15:53:29 +0000
ROA not before: Tue 31 Dec 2024 15:53:29 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 58930
IP address blocks: 58.64.40.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10647 (0x2997)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54
Validity
Not Before: Dec 31 15:53:29 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67741379-74e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:92:2a:db:66:07:9c:9f:a4:b8:6c:97:da:13:
21:ba:82:1f:de:ad:d2:a9:d2:68:dc:0d:6f:95:fe:
70:9e:19:32:55:ba:6c:f3:f2:51:6c:7f:8b:43:c0:
83:6f:4b:1d:5c:dc:15:f6:b0:d6:f9:88:9d:2e:b9:
bd:be:f1:8e:10:c4:77:b6:f9:94:9b:be:4a:ac:87:
b0:d2:87:05:38:be:1b:56:fe:e6:09:1f:05:ee:e1:
f6:ba:13:6a:74:96:d9:86:6b:83:01:96:86:e0:96:
25:b5:19:15:d8:57:d1:02:3d:db:73:30:b7:69:8e:
a0:77:f6:7d:57:cd:b1:0d:c3:50:35:7e:fa:29:bb:
d9:66:89:53:cd:8a:6d:c2:39:bc:5c:99:ff:f0:8f:
6f:a1:0c:bd:10:b5:a7:e6:27:6a:93:c8:d5:62:d7:
14:8f:cd:c7:47:b8:d2:f5:63:75:ac:63:bc:16:ae:
8f:dc:e3:f5:9e:c7:c7:3f:df:ad:07:86:b0:3c:29:
10:51:87:3f:1d:08:59:22:ec:20:b6:19:6c:87:0e:
a6:85:0e:28:4b:7b:77:94:ce:68:32:dc:f5:75:30:
04:d5:f3:5f:d9:06:e0:59:8b:8f:35:b1:07:1e:6d:
b8:a0:b5:14:0f:53:d7:d8:13:f8:f6:72:37:d7:15:
53:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C5:AA:69:C2:8E:53:78:98:EF:79:F5:3D:09:8B:3A:E4:F9:74:83
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/50D3184C84A711EABF754420C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.64.40.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:9c:e4:9c:78:05:54:2b:1d:05:67:e0:96:c7:e9:b5:a9:6b:
b3:18:94:dd:2a:ef:00:fa:c4:f9:cf:26:44:d6:fa:c6:1b:f4:
e2:fa:b3:e1:06:99:dd:87:b9:02:70:a4:39:99:95:fb:ec:0c:
43:66:b6:c6:45:a8:92:3e:36:be:70:1c:b7:86:b6:81:27:70:
72:60:4e:24:7f:91:62:6d:fe:75:d4:c6:88:b3:69:7a:07:18:
8d:ef:ba:b9:47:11:8a:85:ac:1b:b7:f1:f4:3f:4d:a0:6c:61:
9e:29:29:2c:64:43:bb:11:6a:54:6d:8f:5f:59:7e:99:dd:57:
13:15:9a:6d:b7:ef:5c:4d:29:2b:81:a2:d6:7c:06:c0:b9:83:
87:65:e8:e4:9d:5f:57:f7:1d:9d:71:d2:4e:bb:7c:ea:07:99:
bf:12:61:9c:41:af:97:2a:a0:e7:06:0d:01:3a:66:6a:ae:08:
01:f1:f1:32:0f:7f:43:6c:0c:84:bc:84:c4:d5:67:b8:d9:5f:
f1:fe:e4:6c:de:ec:51:8d:08:97:fb:c6:04:5c:f4:c6:9d:1b:
98:55:e2:d2:b2:00:88:1e:c7:70:54:c5:ea:1e:36:8f:4b:2a:
39:4b:4a:77:ef:04:61:91:49:34:e3:79:24:dc:27:3e:01:95:
b7:de:83:af
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjQxMjMxMTU1MzI5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0MTM3OS03NGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyZIq22YHnJ+kuGyX2hMhuoIf3q3SqdJo3A1vlf5wnhkyVbps8/JRbH+LQ8CD
b0sdXNwV9rDW+YidLrm9vvGOEMR3tvmUm75KrIew0ocFOL4bVv7mCR8F7uH2uhNq
dJbZhmuDAZaG4JYltRkV2FfRAj3bczC3aY6gd/Z9V82xDcNQNX76KbvZZolTzYpt
wjm8XJn/8I9voQy9ELWn5idqk8jVYtcUj83HR7jS9WN1rGO8Fq6P3OP1nsfHP9+t
B4awPCkQUYc/HQhZIuwgthlshw6mhQ4oS3t3lM5oMtz1dTAE1fNf2QbgWYuPNbEH
Hm24oLUUD1PX2BP49nI31xVTyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOfFqmnC
jlN4mO959T0Jizrk+XSDMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvNTBEMzE4NEM4
NEE3MTFFQUJGNzU0NDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAA6QCgwDQYJKoZIhvcNAQELBQADggEBAD6c5Jx4BVQrHQVn
4JbH6bWpa7MYlN0q7wD6xPnPJkTW+sYb9OL6s+EGmd2HuQJwpDmZlfvsDENmtsZF
qJI+Nr5wHLeGtoEncHJgTiR/kWJt/nXUxoizaXoHGI3vurlHEYqFrBu38fQ/TaBs
YZ4pKSxkQ7sRalRtj19ZfpndVxMVmm2371xNKSuBotZ8BsC5g4dl6OSdX1f3HZ1x
0k67fOoHmb8SYZxBr5cqoOcGDQE6ZmquCAHx8TIPf0NsDIS8hMTVZ7jZX/H+5Gze
7FGNCJf7xgRc9MadG5hV4tKyAIgex3BUxeoeNo9LKjlLSnfvBGGRSTTjeSTcJz4B
lbfeg68=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:13:17 2025 by rpki-client