Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/4577475498C411EEA6B7355CC4F9AE02.roa
File: 4577475498C411EEA6B7355CC4F9AE02.roa (raw, json)
Hash identifier: OZgEFCTvMpBeifHl9LylEG15+GiRznLYf103lTpfNb8=
Subject key identifier: 28:CF:7C:C1:3D:11:AD:8C:F4:59:24:03:BB:6C:88:4C:BD:39:AC:ED
Certificate issuer: /CN=A91F006D/serialNumber=46F972D7B83DCA061DB9DFAAF0177F2DDF1EE90A
Certificate serial: 0D
Authority key identifier: 46:F9:72:D7:B8:3D:CA:06:1D:B9:DF:AA:F0:17:7F:2D:DF:1E:E9:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Rvly17g9ygYdud-q8Bd_Ld8e6Qo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/4577475498C411EEA6B7355CC4F9AE02.roa
Signing time: Wed 13 Dec 2023 06:09:21 +0000
ROA not before: Wed 13 Dec 2023 06:09:21 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137970
IP address blocks: 36.50.74.0/23 maxlen: 23
36.50.74.0/24 maxlen: 24
36.50.75.0/24 maxlen: 24
2001:df3:43c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F006D
Validity
Not Before: Dec 13 06:09:21 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65794a91-50c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:78:1f:ba:38:6d:c4:58:a1:22:49:5a:3e:3f:
82:c3:98:27:71:af:4d:0e:91:6a:dd:d4:98:6c:c5:
34:74:04:63:ec:22:60:dd:de:3a:06:f3:f3:94:d6:
68:77:14:4f:d9:32:92:f4:3a:ba:be:a8:62:7c:eb:
cf:66:c0:06:5f:1d:a8:34:fa:26:61:c0:01:17:74:
e6:18:ed:5b:0b:6a:48:9d:af:2b:7c:9d:99:55:18:
65:e4:35:52:df:bf:a9:ea:41:80:cd:90:9c:84:9c:
71:f4:5c:84:75:02:05:38:27:cb:6b:f1:ec:05:fc:
0f:8b:f1:8e:fd:59:50:26:8d:7c:c7:bf:57:fc:92:
b4:90:10:02:6f:45:60:4d:bd:92:70:ce:6a:bd:9a:
ec:51:de:05:3f:0c:12:ec:6c:9d:b6:23:22:89:5b:
52:a4:12:f4:d5:4f:b9:57:55:da:4a:83:61:6b:3c:
07:b0:7c:81:ce:f0:4d:31:75:49:dd:df:4d:55:65:
74:1e:0e:51:de:ce:f4:6b:81:97:2d:39:38:6c:b0:
d5:fc:ba:01:2d:84:b4:1f:53:5f:fb:33:8b:d3:a9:
8f:d9:06:f8:f2:cb:c6:ee:7e:29:f7:2e:41:51:75:
cf:fc:c4:1f:74:be:8d:d2:49:a9:1c:31:b8:dc:b3:
0a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CF:7C:C1:3D:11:AD:8C:F4:59:24:03:BB:6C:88:4C:BD:39:AC:ED
X509v3 Authority Key Identifier:
keyid:46:F9:72:D7:B8:3D:CA:06:1D:B9:DF:AA:F0:17:7F:2D:DF:1E:E9:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/Rvly17g9ygYdud-q8Bd_Ld8e6Qo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Rvly17g9ygYdud-q8Bd_Ld8e6Qo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/4577475498C411EEA6B7355CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.74.0/23
IPv6:
2001:df3:43c0::/48
Signature Algorithm: sha256WithRSAEncryption
79:d9:1e:ce:4e:45:f4:2b:8b:47:6f:8e:5f:92:b9:52:d4:5c:
ed:1c:61:c1:3e:a9:65:8a:cc:98:bf:34:5d:67:c8:09:10:4f:
2d:d8:54:c9:49:2f:60:8d:51:98:a5:c6:2d:dd:3f:8f:4f:41:
02:79:e5:67:52:ee:8f:80:95:23:14:ed:af:f4:ac:7f:7d:42:
43:45:3e:12:a8:1d:22:ed:27:76:04:e5:19:89:48:31:32:ef:
4c:8d:de:8d:78:22:90:25:c3:0a:8c:55:67:c2:8f:09:c5:ae:
d8:da:59:01:12:97:ed:32:3b:95:b8:8b:2d:e7:b0:23:70:21:
71:9e:3d:11:0e:f9:14:ed:06:e6:ea:d0:4d:1d:48:fc:96:1b:
91:c7:2b:4c:5d:5b:8e:68:d0:77:b2:ad:77:47:1c:f1:21:0b:
48:47:a2:00:1c:db:96:32:dd:bb:d2:c5:a9:19:45:95:02:66:
3b:01:a5:d8:09:e5:89:22:e4:6b:7d:d3:8e:d1:59:62:89:c9:
70:8c:5a:7e:25:63:cb:c5:e8:cd:21:ad:4b:77:d3:a2:36:5b:
b1:3a:d6:04:7b:50:89:82:cd:c2:59:71:80:c0:67:8c:b3:92:
37:00:02:7d:0c:1b:a1:df:dc:2c:09:d5:48:8d:0f:71:ac:ee:
30:16:3d:1e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MDA2RDExMC8GA1UEBRMoNDZGOTcyRDdCODNEQ0EwNjFEQjlERkFBRjAxNzdGMkRE
RjFFRTkwQTAeFw0yMzEyMTMwNjA5MjFaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1Nzk0YTkxLTUwYzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4eB+6OG3EWKEiSVo+P4LDmCdxr00OkWrd1JhsxTR0BGPsImDd3joG8/OU1mh3
FE/ZMpL0Orq+qGJ8689mwAZfHag0+iZhwAEXdOYY7VsLakidryt8nZlVGGXkNVLf
v6nqQYDNkJyEnHH0XIR1AgU4J8tr8ewF/A+L8Y79WVAmjXzHv1f8krSQEAJvRWBN
vZJwzmq9muxR3gU/DBLsbJ22IyKJW1KkEvTVT7lXVdpKg2FrPAewfIHO8E0xdUnd
301VZXQeDlHezvRrgZctOThssNX8ugEthLQfU1/7M4vTqY/ZBvjyy8bufin3LkFR
dc/8xB90vo3SSakcMbjcswr7AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUKM98wT0R
rYz0WSQDu2yITL05rO0wHwYDVR0jBBgwFoAURvly17g9ygYdud+q8Bd/Ld8e6Qow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYwMDZELzNDMTAwQzkyOThC
RTExRUVCMURERTgzNUM0RjlBRTAyL1J2bHkxN2c5eWdZZHVkLXE4QmRfTGQ4ZTZR
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUnZseTE3Zzl5Z1lkdWQtcThCZF9MZDhlNlFvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MDA2RC8zQzEwMEM5Mjk4QkUxMUVFQjFEREU4MzVDNEY5QUUwMi80NTc3NDc1NDk4
QzQxMUVFQTZCNzM1NUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEASQySjAPBAIAAjAJAwcAIAEN80PAMA0GCSqGSIb3DQEBCwUA
A4IBAQB52R7OTkX0K4tHb45fkrlS1FztHGHBPqllisyYvzRdZ8gJEE8t2FTJSS9g
jVGYpcYt3T+PT0ECeeVnUu6PgJUjFO2v9Kx/fUJDRT4SqB0i7Sd2BOUZiUgxMu9M
jd6NeCKQJcMKjFVnwo8Jxa7Y2lkBEpftMjuVuIst57AjcCFxnj0RDvkU7Qbm6tBN
HUj8lhuRxytMXVuOaNB3sq13RxzxIQtIR6IAHNuWMt270sWpGUWVAmY7AaXYCeWJ
IuRrfdOO0VliiclwjFp+JWPLxejNIa1Ld9OiNluxOtYEe1CJgs3CWXGAwGeMs5I3
AAJ9DBuh39wsCdVIjQ9xrO4wFj0e
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:19 2025 by rpki-client