Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/7DAF5EC0D45111EB830F7E5BC4F9AE02.roa
File: 7DAF5EC0D45111EB830F7E5BC4F9AE02.roa (raw, json)
Hash identifier: umX07jSmWZ5CS191tIgykwwRVbjiYS2dyvzgci+6CJY=
Subject key identifier: 2F:A2:CA:41:5B:C8:CC:9A:A7:85:E7:1E:A2:51:CD:9E:0D:22:83:3C
Certificate issuer: /CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Certificate serial: 0187
Authority key identifier: 03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/7DAF5EC0D45111EB830F7E5BC4F9AE02.roa
Signing time: Tue 21 Dec 2021 02:41:33 +0000
ROA not before: Tue 21 Dec 2021 02:41:33 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 1239
IP address blocks: 122.50.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 391 (0x187)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D8D9
Validity
Not Before: Dec 21 02:41:33 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61c13edd-0b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:39:9d:90:2c:30:05:b6:91:43:01:ad:57:89:
fe:8d:f3:58:d0:7c:81:8f:85:c6:46:3a:b5:72:aa:
eb:a8:9e:05:67:0c:9d:dc:20:48:15:6c:61:86:a4:
45:29:74:d1:13:e0:d9:f9:18:68:b0:d2:15:46:2f:
c2:01:7b:6f:b5:53:f7:d3:f9:b4:d5:80:5f:19:c3:
3a:ad:d8:ed:6f:cf:6a:0d:6b:95:cc:79:3b:cc:d1:
c6:ed:73:a7:cd:43:b0:12:eb:85:fa:d3:fd:dd:85:
f7:a4:be:31:fe:66:2f:b4:f3:22:d5:a4:b8:95:a2:
38:d4:42:ac:39:bd:85:31:d7:ae:35:98:3a:33:00:
cd:77:5d:0d:c8:13:37:e5:5e:4d:d7:ea:8d:f6:2f:
c1:6c:ce:24:7c:2d:c4:dd:5c:bf:11:7a:17:43:fb:
21:b7:a4:26:27:57:08:85:6d:26:8c:80:30:d2:9e:
b2:ae:97:06:6c:f3:80:87:fd:c1:0f:51:8b:62:87:
d0:97:b3:81:36:06:9e:81:ca:64:7d:3b:9e:71:25:
53:5c:f1:8b:f5:69:25:14:a4:84:cb:93:b2:79:74:
84:17:75:ca:98:3f:7a:d8:c3:a9:b3:95:cb:48:e0:
d5:3b:0b:07:62:04:01:0a:6e:ae:07:a9:77:01:78:
44:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A2:CA:41:5B:C8:CC:9A:A7:85:E7:1E:A2:51:CD:9E:0D:22:83:3C
X509v3 Authority Key Identifier:
keyid:03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/AxycJuW6sbAa8YoLsblwq1dzRWs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/7DAF5EC0D45111EB830F7E5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.50.0.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:2a:bd:22:74:f2:7e:04:b9:3c:d3:8f:b4:96:b8:a0:81:0a:
fd:4a:da:e8:3a:ae:2f:85:d4:80:db:19:b3:0e:a5:85:e5:fd:
74:a4:38:64:a5:ee:5d:d6:e6:fb:00:e0:a0:85:a3:4e:f0:43:
0a:6f:6e:d7:46:31:7c:68:ff:c6:81:ad:98:3c:ed:3c:bb:49:
84:18:cc:e7:e2:45:25:8c:44:32:24:99:e5:7d:28:37:b3:9c:
6e:50:a4:d9:41:50:6a:c3:ce:b2:7a:4b:fa:a4:43:73:95:12:
11:42:5b:58:8a:dc:17:f8:c0:62:58:16:0f:0e:48:e7:dd:ca:
13:97:ed:0f:31:99:51:6b:5e:b1:ae:36:d8:ed:12:01:a5:ab:
f9:b8:38:af:53:d9:3d:6c:68:e2:84:7a:9c:04:a0:44:f4:92:
4b:69:57:2d:3f:fd:52:1a:b7:b0:0f:a4:11:11:31:40:8f:6a:
70:6b:87:d6:ee:9f:05:b2:e1:54:34:2b:bd:11:46:37:0c:89:
df:23:06:70:42:7b:53:fc:f9:3a:d2:21:a4:70:fa:65:60:de:
bb:46:d2:86:c6:31:3d:76:be:8a:a4:3f:b0:a2:50:42:3f:6b:
91:9f:9f:84:c1:65:97:4c:cd:95:98:3e:3e:55:49:38:72:60:
26:5a:e5:54
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQ4RDkxMTAvBgNVBAUTKDAzMUM5QzI2RTVCQUIxQjAxQUYxOEEwQkIxQjk3MEFC
NTc3MzQ1NkIwHhcNMjExMjIxMDI0MTMzWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWMxM2VkZC0wYjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzmdkCwwBbaRQwGtV4n+jfNY0HyBj4XGRjq1cqrrqJ4FZwyd3CBIFWxhhqRF
KXTRE+DZ+RhosNIVRi/CAXtvtVP30/m01YBfGcM6rdjtb89qDWuVzHk7zNHG7XOn
zUOwEuuF+tP93YX3pL4x/mYvtPMi1aS4laI41EKsOb2FMdeuNZg6MwDNd10NyBM3
5V5N1+qN9i/BbM4kfC3E3Vy/EXoXQ/sht6QmJ1cIhW0mjIAw0p6yrpcGbPOAh/3B
D1GLYofQl7OBNgaegcpkfTuecSVTXPGL9WklFKSEy5OyeXSEF3XKmD962MOps5XL
SODVOwsHYgQBCm6uB6l3AXhE4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFC+iykFb
yMyap4XnHqJRzZ4NIoM8MB8GA1UdIwQYMBaAFAMcnCblurGwGvGKC7G5cKtXc0Vr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDhEOS81NDgzQkZCNkM4
RkIxMUVCQkE1QkFFNTFDNEY5QUUwMi9BeHljSnVXNnNiQWE4WW9Mc2Jsd3ExZHpS
V3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0F4eWNKdVc2c2JBYThZb0xzYmx3cTFkelJXcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQ4RDkvNTQ4M0JGQjZDOEZCMTFFQkJBNUJBRTUxQzRGOUFFMDIvN0RBRjVFQzBE
NDUxMTFFQjgzMEY3RTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ6MgAwDQYJKoZIhvcNAQELBQADggEBAAoqvSJ08n4EuTzT
j7SWuKCBCv1K2ug6ri+F1IDbGbMOpYXl/XSkOGSl7l3W5vsA4KCFo07wQwpvbtdG
MXxo/8aBrZg87Ty7SYQYzOfiRSWMRDIkmeV9KDeznG5QpNlBUGrDzrJ6S/qkQ3OV
EhFCW1iK3Bf4wGJYFg8OSOfdyhOX7Q8xmVFrXrGuNtjtEgGlq/m4OK9T2T1saOKE
epwEoET0kktpVy0//VIat7APpBERMUCPanBrh9bunwWy4VQ0K70RRjcMid8jBnBC
e1P8+TrSIaRw+mVg3rtG0obGMT12voqkP7CiUEI/a5Gfn4TBZZdMzZWYPj5VSThy
YCZa5VQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:30:12 2025 by rpki-client