Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/99282B3C069011EE888C2865C4F9AE02.roa
File: 99282B3C069011EE888C2865C4F9AE02.roa (raw, json)
Hash identifier: ndWli7CC7U9S1NuCw/kDZiCGV8IDG0Dor8Gih0NEMsE=
Subject key identifier: EB:DC:10:48:2E:5C:C5:4D:AF:8A:9F:7B:DF:9E:ED:0B:82:60:AC:1D
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 3252
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/99282B3C069011EE888C2865C4F9AE02.roa
Signing time: Fri 09 Jun 2023 06:41:01 +0000
ROA not before: Fri 09 Jun 2023 06:41:01 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 21700
IP address blocks: 122.8.16.0/22 maxlen: 22
122.8.28.0/22 maxlen: 22
122.8.40.0/22 maxlen: 22
122.8.92.0/22 maxlen: 22
122.8.96.0/22 maxlen: 22
122.8.104.0/22 maxlen: 22
122.8.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12882 (0x3252)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Jun 9 06:41:01 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6482c97d-853c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f6:a9:3b:3d:5c:c2:68:d4:01:3d:71:35:2d:
7a:c0:01:9b:3b:13:2a:fd:1f:c6:5f:33:ce:4b:66:
33:40:eb:00:73:a4:e3:22:4c:b7:29:e3:0e:0a:7b:
98:20:a1:85:cc:71:fc:95:fc:f2:de:9b:39:dd:10:
e7:f6:82:a7:d3:d9:73:d1:fc:dd:3d:02:19:c9:45:
57:fa:11:e8:81:f6:2a:36:96:02:1c:d6:17:dd:b6:
3d:41:7e:dd:d9:63:f2:ae:08:00:05:a2:55:0c:a2:
1f:11:ed:38:1a:ea:22:0c:ea:71:88:fe:47:30:d0:
d3:d1:c4:9b:c6:29:03:92:11:2f:27:6a:f1:55:cc:
2d:9d:35:6e:0b:fa:b8:5a:92:06:28:6e:0e:24:a4:
4e:62:ad:58:fb:ef:93:53:10:30:71:86:16:26:a7:
a8:12:65:7c:97:53:0b:4e:b0:33:e9:50:99:99:07:
47:79:ca:6f:ce:78:a5:fb:37:84:b3:43:2a:7e:ba:
b5:d2:30:1f:da:ed:67:9f:b0:e7:a4:09:1a:c9:f6:
e1:e1:1c:10:00:1d:77:bd:8c:24:16:f6:11:03:61:
8d:73:f6:c9:76:56:76:fd:0d:c2:32:6a:47:97:24:
a3:f3:8a:ac:9b:47:cd:89:4a:aa:ed:af:d3:87:ae:
36:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DC:10:48:2E:5C:C5:4D:AF:8A:9F:7B:DF:9E:ED:0B:82:60:AC:1D
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/99282B3C069011EE888C2865C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.16.0/22
122.8.28.0/22
122.8.40.0/22
122.8.92.0-122.8.99.255
122.8.104.0/21
Signature Algorithm: sha256WithRSAEncryption
67:02:33:3d:c9:19:55:2e:90:b3:41:c3:ea:9a:31:ab:8f:59:
0e:5b:14:42:86:cc:a5:84:36:41:f0:d7:83:bb:17:c8:60:59:
3c:5e:4a:13:2a:98:b2:0e:4b:89:3d:a5:29:76:e4:44:9b:b9:
6a:69:e4:ae:3f:0a:66:b7:5b:aa:95:f9:f4:a0:d4:cc:2c:53:
50:f9:f3:6c:f6:72:28:0e:eb:38:3b:b2:4f:55:e3:41:b0:28:
66:4c:d5:5d:ed:f7:d9:6a:77:fd:e4:09:d9:08:76:74:2d:1e:
ea:30:1e:72:a9:4a:fd:93:a0:a1:33:68:44:2e:d2:1c:a2:b3:
33:af:b1:33:34:18:ed:89:d7:c5:87:1d:40:c0:f6:42:14:5e:
67:8d:ce:94:df:99:b1:be:a9:d4:cc:04:7b:be:2d:31:ab:0a:
e4:73:86:58:85:67:35:e9:42:41:01:78:6f:4c:03:f8:20:2d:
da:d7:4c:e4:56:b0:7a:51:46:83:53:34:41:93:49:7d:79:dd:
c4:13:74:47:33:43:fc:5e:3e:92:8d:47:d4:a8:c8:ae:27:4b:
42:e0:e5:9b:9a:cd:64:d4:5d:8a:90:16:2e:2e:9e:29:7f:1a:
d6:69:f8:9c:ee:ad:64:b5:b9:65:dc:da:9f:a3:37:ce:ec:de:
c0:fa:eb:4c
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICMlIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjMwNjA5MDY0MTAxWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgyYzk3ZC04NTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsPapOz1cwmjUAT1xNS16wAGbOxMq/R/GXzPOS2YzQOsAc6TjIky3KeMOCnuY
IKGFzHH8lfzy3ps53RDn9oKn09lz0fzdPQIZyUVX+hHogfYqNpYCHNYX3bY9QX7d
2WPyrggABaJVDKIfEe04GuoiDOpxiP5HMNDT0cSbxikDkhEvJ2rxVcwtnTVuC/q4
WpIGKG4OJKROYq1Y+++TUxAwcYYWJqeoEmV8l1MLTrAz6VCZmQdHecpvznil+zeE
s0Mqfrq10jAf2u1nn7DnpAkayfbh4RwQAB13vYwkFvYRA2GNc/bJdlZ2/Q3CMmpH
lySj84qsm0fNiUqq7a/Th642NwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFOvcEEgu
XMVNr4qfe9+e7QuCYKwdMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvOTkyODJCM0Mw
NjkwMTFFRTg4OEMyODY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAJ6CBADBAJ6CBwDBAJ6CCgwDAMEAnoIXAMEAnoIYAMEA3oI
aDANBgkqhkiG9w0BAQsFAAOCAQEAZwIzPckZVS6Qs0HD6poxq49ZDlsUQobMpYQ2
QfDXg7sXyGBZPF5KEyqYsg5LiT2lKXbkRJu5amnkrj8KZrdbqpX59KDUzCxTUPnz
bPZyKA7rODuyT1XjQbAoZkzVXe332Wp3/eQJ2Qh2dC0e6jAecqlK/ZOgoTNoRC7S
HKKzM6+xMzQY7YnXxYcdQMD2QhReZ43OlN+Zsb6p1MwEe74tMasK5HOGWIVnNelC
QQF4b0wD+CAt2tdM5FawelFGg1M0QZNJfXndxBN0RzND/F4+ko1H1KjIridLQuDl
m5rNZNRdipAWLi6eKX8a1mn4nO6tZLW5Zdzan6M3zuzewPrrTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org