Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/A7F2BA64D42811ED83339D21C4F9AE02.roa
File: A7F2BA64D42811ED83339D21C4F9AE02.roa (raw, json)
Hash identifier: OXkMlTzT98H/asSnSVfkiFzJpRwz9SIH958fuLFmmWs=
Subject key identifier: 89:B1:55:2F:3A:E6:80:6B:A1:54:0D:82:9C:16:F2:89:C0:D9:73:29
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 3222
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/A7F2BA64D42811ED83339D21C4F9AE02.roa
Signing time: Thu 06 Apr 2023 03:11:00 +0000
ROA not before: Thu 06 Apr 2023 03:11:00 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 21700
IP address blocks: 122.8.16.0/22 maxlen: 22
122.8.28.0/22 maxlen: 22
122.8.40.0/22 maxlen: 22
122.8.44.0/22 maxlen: 22
122.8.48.0/22 maxlen: 22
122.8.64.0/22 maxlen: 22
122.8.80.0/22 maxlen: 22
122.8.92.0/22 maxlen: 22
122.8.96.0/22 maxlen: 22
122.8.100.0/22 maxlen: 22
122.8.104.0/22 maxlen: 22
122.8.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12834 (0x3222)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Apr 6 03:11:00 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=642e3844-17cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:bf:74:82:18:17:92:e6:03:db:92:cf:9e:c2:
fe:f6:e7:10:68:3c:a8:ef:4f:7f:83:68:36:67:32:
0e:ff:b3:32:af:2b:c0:8c:a4:c3:e6:69:3d:10:41:
76:27:56:0a:08:d8:d9:fa:1c:4e:72:3f:45:01:09:
90:37:ac:04:e0:8d:07:6b:61:92:67:a3:5d:a1:15:
ea:0b:68:72:13:17:ab:3a:97:fc:e5:55:61:e5:27:
47:70:c1:dc:d6:47:ee:43:90:0e:61:25:63:22:74:
d7:11:bc:4f:41:84:fa:22:9f:2e:40:2d:dc:bf:54:
72:f7:74:44:6b:26:0a:47:e1:5a:12:b9:1d:e8:cf:
29:d6:96:92:4d:84:9e:05:03:d8:85:04:27:dc:fa:
ea:3c:16:08:35:e9:ae:98:b7:81:38:17:60:8d:51:
98:26:c4:8a:0e:db:c8:e2:39:80:e5:05:5f:98:2b:
0f:5f:73:44:c1:36:1a:5d:97:99:96:80:0c:85:1b:
18:89:a4:cd:03:4b:e3:ce:3d:f0:66:60:bf:70:f0:
87:8f:2a:97:57:d8:04:cc:c6:7c:b9:9c:e0:9f:32:
fd:e7:22:3b:b8:ee:2b:0f:84:51:a9:b1:f3:1b:91:
5e:f9:00:69:95:ab:07:83:53:9e:d7:e2:fd:b0:4f:
4a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B1:55:2F:3A:E6:80:6B:A1:54:0D:82:9C:16:F2:89:C0:D9:73:29
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/A7F2BA64D42811ED83339D21C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.16.0/22
122.8.28.0/22
122.8.40.0-122.8.51.255
122.8.64.0/22
122.8.80.0/22
122.8.92.0-122.8.111.255
Signature Algorithm: sha256WithRSAEncryption
19:f9:b8:d2:5c:df:65:ae:20:7e:b0:c7:8a:ce:fa:0f:f9:7a:
d4:27:6b:e6:99:6b:97:d6:95:ce:a3:20:ed:29:c8:b7:2c:ec:
9e:1b:4e:51:ca:89:62:9d:8e:69:17:0d:0a:a2:b6:6f:17:fc:
e6:b3:b0:55:9b:81:5b:de:5c:ff:44:55:33:fa:0f:a8:13:a1:
12:8b:96:35:8d:24:95:9c:77:4d:75:42:3d:b3:19:f9:4d:24:
d5:03:24:4e:b3:60:b5:26:72:fa:f6:ce:6f:4f:17:b1:e7:79:
82:22:22:17:06:0e:4b:00:d8:36:c3:cc:de:84:2e:7c:ee:d8:
a3:87:ed:f0:aa:da:01:1b:f3:87:bc:4a:78:d6:de:c2:52:74:
0a:9e:74:d8:e9:b3:e0:12:f4:ea:88:ab:d2:31:dd:31:f6:46:
87:5b:8c:c9:50:f6:0d:d3:23:15:1e:7f:8e:11:3c:f5:47:31:
8c:31:6b:6e:b9:92:4f:9e:0c:1b:78:35:62:5f:01:73:b4:8d:
d8:a2:1c:34:b3:ba:ec:74:9a:9e:6e:01:1a:b2:43:c7:48:8b:
eb:1e:5b:75:d3:16:60:be:56:6c:82:ce:ad:8b:8b:9f:75:95:
f2:18:a2:b1:26:a6:a3:73:63:4f:9d:d4:ae:90:e8:ff:44:6d:
b7:5c:f4:40
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICMiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjMwNDA2MDMxMTAwWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJlMzg0NC0xN2NjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8r90ghgXkuYD25LPnsL+9ucQaDyo709/g2g2ZzIO/7MyryvAjKTD5mk9EEF2
J1YKCNjZ+hxOcj9FAQmQN6wE4I0Ha2GSZ6NdoRXqC2hyExerOpf85VVh5SdHcMHc
1kfuQ5AOYSVjInTXEbxPQYT6Ip8uQC3cv1Ry93REayYKR+FaErkd6M8p1paSTYSe
BQPYhQQn3PrqPBYINemumLeBOBdgjVGYJsSKDtvI4jmA5QVfmCsPX3NEwTYaXZeZ
loAMhRsYiaTNA0vjzj3wZmC/cPCHjyqXV9gEzMZ8uZzgnzL95yI7uO4rD4RRqbHz
G5Fe+QBplasHg1Oe1+L9sE9KsQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFImxVS86
5oBroVQNgpwW8onA2XMpMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvQTdGMkJBNjRE
NDI4MTFFRDgzMzM5RDIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MDoEAgABMDQDBAJ6CBADBAJ6CBwwDAMEA3oIKAMEAnoIMAMEAnoIQAMEAnoI
UDAMAwQCeghcAwQEeghgMA0GCSqGSIb3DQEBCwUAA4IBAQAZ+bjSXN9lriB+sMeK
zvoP+XrUJ2vmmWuX1pXOoyDtKci3LOyeG05RyolinY5pFw0KorZvF/zms7BVm4Fb
3lz/RFUz+g+oE6ESi5Y1jSSVnHdNdUI9sxn5TSTVAyROs2C1JnL69s5vTxex53mC
IiIXBg5LANg2w8zehC587tijh+3wqtoBG/OHvEp41t7CUnQKnnTY6bPgEvTqiKvS
Md0x9kaHW4zJUPYN0yMVHn+OETz1RzGMMWtuuZJPngwbeDViXwFztI3Yohw0s7rs
dJqebgEaskPHSIvrHlt10xZgvlZsgs6ti4ufdZXyGKKxJqajc2NPndSukOj/RG23
XPRA
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org