Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/DD0888DC05B511EE95562E2AC4F9AE02.roa
File: DD0888DC05B511EE95562E2AC4F9AE02.roa (raw, json)
Hash identifier: 7sT2EM9GXm3FJL9/jf0L/uiNJ0/C37TMqqGi0ZjapDE=
Subject key identifier: 31:C2:DB:E3:E9:E3:9E:9F:8D:BD:44:64:CF:7D:8F:AB:29:A0:C5:AA
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 199A
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/DD0888DC05B511EE95562E2AC4F9AE02.roa
Signing time: Thu 08 Jun 2023 04:35:15 +0000
ROA not before: Thu 08 Jun 2023 04:35:15 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 140716
IP address blocks: 122.193.120.0/23 maxlen: 23
122.193.128.0/23 maxlen: 23
122.193.130.0/23 maxlen: 23
122.193.136.0/23 maxlen: 23
122.193.158.0/23 maxlen: 23
122.193.168.0/23 maxlen: 23
122.193.198.0/24 maxlen: 24
122.193.199.0/24 maxlen: 24
122.193.204.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6554 (0x199a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 04:35:15 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64815a83-939a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:f3:9f:8d:74:3c:92:9d:d3:ed:97:df:37:35:
40:14:6a:8e:dc:94:a2:35:05:00:a7:15:63:3c:40:
55:e4:de:c4:f6:6d:63:28:08:8e:69:30:19:b9:98:
b8:4f:d9:40:9c:07:c3:b2:5b:6d:26:f7:81:6f:d8:
6b:cf:af:e3:e4:78:cd:a4:f2:66:a4:99:43:5c:6c:
63:0b:20:86:df:0b:bd:b2:54:d0:4d:d3:f8:73:02:
1c:ef:30:49:90:33:6c:e2:8b:15:b2:a6:0d:e6:50:
46:a2:f1:a3:27:a1:51:00:a9:c4:e4:20:93:e3:ee:
87:26:a1:cf:f1:36:72:e7:af:9a:57:af:b8:c7:3d:
71:d7:7b:00:16:09:fb:d1:ef:43:a9:1a:6c:4a:a1:
9e:f2:53:a9:dd:78:dc:be:86:d6:f3:27:e9:5c:80:
37:c7:00:65:b2:51:1b:a0:f4:26:87:fa:5f:ef:c4:
bd:58:21:20:d0:86:cd:48:63:28:aa:26:5b:c2:69:
90:c6:c1:79:85:65:8c:e3:e8:59:0e:cf:35:78:7f:
7e:96:69:71:11:b5:b7:83:74:c5:5a:40:1b:9c:68:
df:8e:85:7a:07:1e:2c:be:e2:6e:e1:52:a4:df:29:
10:e0:cf:71:28:8d:88:4c:33:c9:f4:29:d6:e8:24:
90:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C2:DB:E3:E9:E3:9E:9F:8D:BD:44:64:CF:7D:8F:AB:29:A0:C5:AA
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/DD0888DC05B511EE95562E2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.193.120.0/23
122.193.128.0/22
122.193.136.0/23
122.193.158.0/23
122.193.168.0/23
122.193.198.0/23
122.193.204.0/23
Signature Algorithm: sha256WithRSAEncryption
02:bf:49:18:68:ef:7f:70:d3:73:b1:f0:ad:3f:38:25:fa:c4:
8c:5a:90:ec:23:ea:57:82:e0:50:9a:28:cf:22:b7:df:1d:34:
75:a0:62:7c:91:5b:5b:d3:df:6c:48:17:19:c6:42:bb:07:75:
13:41:c1:10:cb:8f:62:02:3e:74:1a:10:be:d0:c6:01:c8:4f:
ad:05:64:f1:4b:30:a4:18:ea:5c:da:71:f7:50:50:56:06:0a:
7f:2f:52:0a:83:71:fa:96:a8:26:c5:b2:aa:6d:86:1f:70:b0:
e8:73:1a:97:f8:c4:64:16:df:f5:c6:bc:e0:23:82:1f:c0:cd:
a8:35:76:92:b5:86:51:84:5c:08:70:0f:09:8a:aa:06:6e:66:
d1:4d:db:cc:9f:bf:fc:03:0c:06:ed:f9:44:91:07:1c:8e:1e:
a2:16:45:74:a4:68:49:2d:1b:8b:f2:cd:3b:4e:73:54:93:2b:
7d:e4:30:46:3d:da:92:2e:0e:11:aa:8c:3a:1f:af:ad:f6:2f:
ac:ea:5c:d9:4a:a3:ce:19:06:3d:f4:e9:00:d0:82:66:e0:99:
cd:b2:61:03:9e:93:1e:32:ca:df:c4:d2:be:4e:b1:6c:49:15:
4d:51:28:9d:ec:3c:58:d4:d3:75:dc:77:0f:a7:0a:dc:43:f7:
59:04:ce:8c
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICGZowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDQzNTE1WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxNWE4My05MzlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6POfjXQ8kp3T7ZffNzVAFGqO3JSiNQUApxVjPEBV5N7E9m1jKAiOaTAZuZi4
T9lAnAfDslttJveBb9hrz6/j5HjNpPJmpJlDXGxjCyCG3wu9slTQTdP4cwIc7zBJ
kDNs4osVsqYN5lBGovGjJ6FRAKnE5CCT4+6HJqHP8TZy56+aV6+4xz1x13sAFgn7
0e9DqRpsSqGe8lOp3XjcvobW8yfpXIA3xwBlslEboPQmh/pf78S9WCEg0IbNSGMo
qiZbwmmQxsF5hWWM4+hZDs81eH9+lmlxEbW3g3TFWkAbnGjfjoV6Bx4svuJu4VKk
3ykQ4M9xKI2ITDPJ9CnW6CSQFQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFDHC2+Pp
456fjb1EZM99j6spoMWqMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvREQwODg4REMw
NUI1MTFFRTk1NTYyRTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAF6wXgDBAJ6wYADBAF6wYgDBAF6wZ4DBAF6wagDBAF6wcYD
BAF6wcwwDQYJKoZIhvcNAQELBQADggEBAAK/SRho739w03Ox8K0/OCX6xIxakOwj
6leC4FCaKM8it98dNHWgYnyRW1vT32xIFxnGQrsHdRNBwRDLj2ICPnQaEL7QxgHI
T60FZPFLMKQY6lzacfdQUFYGCn8vUgqDcfqWqCbFsqpthh9wsOhzGpf4xGQW3/XG
vOAjgh/Azag1dpK1hlGEXAhwDwmKqgZuZtFN28yfv/wDDAbt+USRBxyOHqIWRXSk
aEktG4vyzTtOc1STK33kMEY92pIuDhGqjDofr632L6zqXNlKo84ZBj306QDQgmbg
mc2yYQOekx4yyt/E0r5OsWxJFU1RKJ3sPFjU03Xcdw+nCtxD91kEzow=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org