Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/E35EDBDC258111EEA197162DC4F9AE02.roa
File: E35EDBDC258111EEA197162DC4F9AE02.roa (raw, json)
Hash identifier: rvt06TUh8pBsFQA//lvC7OyiQ7n2U4pTpugsbI3wQnc=
Subject key identifier: 65:94:17:F7:FF:16:79:B1:B6:0F:3D:30:8D:09:8B:90:88:B5:2D:57
Certificate issuer: /CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Certificate serial: 04E6
Authority key identifier: 03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/E35EDBDC258111EEA197162DC4F9AE02.roa
Signing time: Fri 29 Dec 2023 00:42:46 +0000
ROA not before: Fri 29 Dec 2023 00:42:46 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 50738
IP address blocks: 122.50.0.0/24 maxlen: 24
122.50.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1254 (0x4e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D8D9
Validity
Not Before: Dec 29 00:42:46 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=658e1606-359c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0b:9b:f9:9e:e9:47:ab:ab:62:7e:e6:30:00:
31:c8:8b:e4:4f:77:82:3e:53:1b:85:e8:22:62:ab:
e9:c6:95:ef:a2:ac:f2:27:9e:fa:50:aa:1a:77:cd:
2a:db:4b:2a:e8:f0:cd:19:dc:1f:71:af:99:93:fd:
62:e2:37:27:1b:cd:c4:b7:c5:9a:2a:42:f5:ed:29:
ab:3b:87:2a:c9:e4:e5:c5:44:81:49:94:e6:61:c9:
4e:a7:68:1e:29:bb:a6:e5:7c:9a:d1:d3:47:0a:90:
1e:83:cb:22:a4:e6:50:be:b0:a2:42:86:5c:b1:2b:
b8:02:f1:a4:8b:10:5d:b8:89:3d:de:fd:b1:05:bc:
6f:1d:75:0c:86:87:ab:a1:99:68:36:45:01:5f:6d:
3d:25:0e:7a:4e:e6:d3:49:61:59:55:e8:b1:e7:9c:
fb:ab:4e:ab:17:41:88:1d:3f:0b:9d:98:ae:8b:0b:
ec:98:17:fc:c9:97:02:c6:30:4f:62:3b:d6:31:ea:
ba:c1:03:d9:31:0f:36:b4:d7:0f:0d:ea:60:6f:a7:
7a:84:db:12:04:b0:0e:f0:e0:83:80:2c:6c:7e:60:
19:5c:73:cd:cc:e7:3a:01:c9:4d:6f:ac:8f:eb:4b:
39:92:d4:59:08:03:45:3c:a3:43:f0:8b:03:ee:98:
c0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:94:17:F7:FF:16:79:B1:B6:0F:3D:30:8D:09:8B:90:88:B5:2D:57
X509v3 Authority Key Identifier:
keyid:03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/AxycJuW6sbAa8YoLsblwq1dzRWs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/E35EDBDC258111EEA197162DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.50.0.0/24
122.50.2.0/24
Signature Algorithm: sha256WithRSAEncryption
80:bd:f8:25:a2:d0:71:4e:78:09:53:c3:01:9e:23:b3:9b:5f:
64:47:8f:fd:4c:5a:1c:70:36:c8:4f:52:7f:04:f8:c2:e5:64:
9a:a2:cf:87:1e:a4:58:1a:58:5b:75:cd:10:88:bd:46:02:60:
92:4c:9c:50:02:a6:d7:dd:81:b0:96:3c:b7:2a:9d:40:38:b9:
6c:7e:b1:b2:ce:92:8b:26:7a:48:8c:db:e8:b6:6f:d8:d2:29:
5d:c4:c2:67:1e:8a:fb:13:fc:74:9e:9d:c6:ea:e5:b7:73:0f:
07:18:2b:0e:93:2a:5c:9d:d6:8d:cf:19:87:69:69:6e:bb:e6:
f2:4a:f7:30:71:da:80:d2:4f:d9:4b:9a:31:cf:d7:08:08:cd:
27:4a:a1:75:f1:74:e4:31:eb:79:a4:dc:e7:43:fb:a0:11:4f:
35:0e:a3:b9:d0:9b:dc:fb:1b:26:48:64:a5:6a:82:e8:65:25:
88:6d:da:73:30:09:b6:bd:2f:cf:8c:8f:17:79:39:79:54:73:
92:bb:dc:f1:3e:76:9c:54:54:7e:37:c9:1d:86:cb:f5:2c:0b:
19:e5:75:cd:d0:35:40:ad:ec:68:e7:49:62:ce:8c:a6:9b:e0:
7a:1f:c2:3c:ef:c1:76:66:6a:cf:99:f6:4a:55:34:17:96:41:
62:c5:69:11
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQ4RDkxMTAvBgNVBAUTKDAzMUM5QzI2RTVCQUIxQjAxQUYxOEEwQkIxQjk3MEFC
NTc3MzQ1NkIwHhcNMjMxMjI5MDA0MjQ2WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThlMTYwNi0zNTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAugub+Z7pR6urYn7mMAAxyIvkT3eCPlMbhegiYqvpxpXvoqzyJ576UKoad80q
20sq6PDNGdwfca+Zk/1i4jcnG83Et8WaKkL17SmrO4cqyeTlxUSBSZTmYclOp2ge
Kbum5Xya0dNHCpAeg8sipOZQvrCiQoZcsSu4AvGkixBduIk93v2xBbxvHXUMhoer
oZloNkUBX209JQ56TubTSWFZVeix55z7q06rF0GIHT8LnZiuiwvsmBf8yZcCxjBP
YjvWMeq6wQPZMQ82tNcPDepgb6d6hNsSBLAO8OCDgCxsfmAZXHPNzOc6AclNb6yP
60s5ktRZCANFPKND8IsD7pjAQwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGWUF/f/
Fnmxtg89MI0Ji5CItS1XMB8GA1UdIwQYMBaAFAMcnCblurGwGvGKC7G5cKtXc0Vr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDhEOS81NDgzQkZCNkM4
RkIxMUVCQkE1QkFFNTFDNEY5QUUwMi9BeHljSnVXNnNiQWE4WW9Mc2Jsd3ExZHpS
V3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0F4eWNKdVc2c2JBYThZb0xzYmx3cTFkelJXcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQ4RDkvNTQ4M0JGQjZDOEZCMTFFQkJBNUJBRTUxQzRGOUFFMDIvRTM1RURCREMy
NTgxMTFFRUExOTcxNjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB6MgADBAB6MgIwDQYJKoZIhvcNAQELBQADggEBAIC9+CWi
0HFOeAlTwwGeI7ObX2RHj/1MWhxwNshPUn8E+MLlZJqiz4cepFgaWFt1zRCIvUYC
YJJMnFACptfdgbCWPLcqnUA4uWx+sbLOkosmekiM2+i2b9jSKV3EwmceivsT/HSe
ncbq5bdzDwcYKw6TKlyd1o3PGYdpaW675vJK9zBx2oDST9lLmjHP1wgIzSdKoXXx
dOQx63mk3OdD+6ARTzUOo7nQm9z7GyZIZKVqguhlJYht2nMwCba9L8+Mjxd5OXlU
c5K73PE+dpxUVH43yR2Gy/UsCxnldc3QNUCt7GjnSWLOjKab4HofwjzvwXZmas+Z
9kpVNBeWQWLFaRE=
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:39:21 2025 by rpki-client