Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/001C7ABE235211EDBDE52E5BC4F9AE02.roa
File: 001C7ABE235211EDBDE52E5BC4F9AE02.roa (raw, json)
Hash identifier: Q+Nntqa7YPpgpsGXZul2NwgTZejDf+1Co9dQjpsB2Vs=
Subject key identifier: F2:4F:D6:D7:A7:19:5A:82:CA:D8:34:F3:5E:94:18:FF:F7:18:8B:64
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 3146
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/001C7ABE235211EDBDE52E5BC4F9AE02.roa
Signing time: Wed 24 Aug 2022 02:11:02 +0000
ROA not before: Wed 24 Aug 2022 02:11:02 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 1239
IP address blocks: 122.8.16.0/22 maxlen: 22
122.8.112.0/22 maxlen: 22
122.8.116.0/22 maxlen: 22
122.8.124.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12614 (0x3146)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Aug 24 02:11:02 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=630588b5-edcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:69:7b:eb:c3:4e:47:e3:97:d9:02:d3:7d:53:
0e:67:47:ab:50:a0:81:01:85:0d:41:74:0e:5a:17:
d4:4c:9b:5c:fa:97:29:80:88:d8:20:18:07:ca:84:
cc:b3:e3:85:47:93:9b:30:1e:b9:e1:3e:da:ca:2f:
30:54:f0:eb:01:dc:96:dd:2e:62:9f:02:1e:ec:47:
6a:5e:1b:d4:e4:ba:19:cb:37:89:5f:bd:7a:c3:64:
3c:29:47:9b:53:59:0d:34:06:02:68:1b:b0:55:0f:
b3:0c:85:fc:f3:d8:61:48:c7:25:71:f3:13:a5:7d:
ed:0b:b0:19:99:2f:19:df:8a:55:5f:79:9e:98:47:
98:ea:87:8c:cb:75:d5:03:31:d9:9b:c6:f4:d5:42:
32:f1:03:49:8c:22:f5:4f:29:dd:3e:1c:81:39:6b:
a5:0f:d5:fb:f6:bb:fd:7b:9f:69:9e:85:34:69:be:
8d:76:ca:d3:cc:b2:ff:97:1d:70:7d:fa:69:9e:b3:
57:56:ae:7f:86:b8:d3:39:33:87:63:f7:47:02:d1:
28:ec:5d:3a:0c:ea:6e:3d:23:a4:03:0f:32:9c:0a:
ff:85:82:72:f9:f6:ef:f9:d0:88:c9:94:00:41:93:
0e:9c:75:e2:f3:5e:ef:75:e6:d7:c6:cf:bd:6d:50:
93:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4F:D6:D7:A7:19:5A:82:CA:D8:34:F3:5E:94:18:FF:F7:18:8B:64
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/001C7ABE235211EDBDE52E5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.16.0/22
122.8.112.0/21
122.8.124.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:d7:ea:46:cf:1b:21:f0:77:3b:ed:e1:c9:c5:af:ad:94:9d:
0b:36:40:88:8b:80:c6:05:c1:88:69:92:6b:15:dd:1c:6a:d3:
88:45:ef:2d:65:8c:7e:ed:08:c6:02:f6:08:25:64:3a:da:bb:
59:bd:f1:a9:21:d6:58:16:44:83:c6:cb:16:ff:24:91:72:35:
c0:58:8c:2c:ea:32:aa:2d:2e:09:e4:df:b6:1d:e3:92:cd:7c:
65:87:81:5c:6c:91:68:ea:d4:2b:ed:4c:bf:14:b7:96:eb:c4:
ca:09:ef:92:5f:b3:74:23:bb:7b:f2:29:66:01:60:46:da:be:
de:ad:4a:be:eb:2a:32:0b:bb:d7:40:f6:ca:c9:b7:b5:b4:62:
11:34:b0:c4:b1:c8:79:73:f5:2f:d7:0f:ed:87:31:e8:19:08:
61:6a:a4:b7:21:32:64:53:98:dd:38:cc:ca:8c:0d:cc:cb:c2:
0d:fc:f6:14:9a:f3:0f:4d:f8:7d:72:00:16:99:f0:30:6f:e7:
87:5a:44:7c:9b:f8:6f:08:5c:c3:d3:b2:92:08:31:a5:b6:48:
a6:7e:35:8c:13:4d:32:5a:67:f6:70:11:0a:a4:0d:80:f2:b6:
7f:6d:0e:41:fc:1c:eb:00:8e:24:9b:aa:59:f4:41:e8:43:4e:
ca:84:63:0c
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICMUYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjIwODI0MDIxMTAyWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA1ODhiNS1lZGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA22l768NOR+OX2QLTfVMOZ0erUKCBAYUNQXQOWhfUTJtc+pcpgIjYIBgHyoTM
s+OFR5ObMB654T7ayi8wVPDrAdyW3S5inwIe7EdqXhvU5LoZyzeJX716w2Q8KUeb
U1kNNAYCaBuwVQ+zDIX889hhSMclcfMTpX3tC7AZmS8Z34pVX3memEeY6oeMy3XV
AzHZm8b01UIy8QNJjCL1TyndPhyBOWulD9X79rv9e59pnoU0ab6NdsrTzLL/lx1w
ffppnrNXVq5/hrjTOTOHY/dHAtEo7F06DOpuPSOkAw8ynAr/hYJy+fbv+dCIyZQA
QZMOnHXi817vdebXxs+9bVCTKQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPJP1ten
GVqCytg0816UGP/3GItkMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvMDAxQzdBQkUy
MzUyMTFFREJERTUyRTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJ6CBADBAN6CHADBAJ6CHwwDQYJKoZIhvcNAQELBQADggEB
AB7X6kbPGyHwdzvt4cnFr62UnQs2QIiLgMYFwYhpkmsV3Rxq04hF7y1ljH7tCMYC
9gglZDrau1m98akh1lgWRIPGyxb/JJFyNcBYjCzqMqotLgnk37Yd45LNfGWHgVxs
kWjq1CvtTL8Ut5brxMoJ75Jfs3Qju3vyKWYBYEbavt6tSr7rKjILu9dA9srJt7W0
YhE0sMSxyHlz9S/XD+2HMegZCGFqpLchMmRTmN04zMqMDczLwg389hSa8w9N+H1y
ABaZ8DBv54daRHyb+G8IXMPTspIIMaW2SKZ+NYwTTTJaZ/ZwEQqkDYDytn9tDkH8
HOsAjiSbqln0QehDTsqEYww=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org