Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/E74B2942A10D11EDB6423F70C4F9AE02.roa
File: E74B2942A10D11EDB6423F70C4F9AE02.roa (raw, json)
Hash identifier: SCO4AN2QvNZjdjDUMK3JT72FPqqQe7kIXSO5SbEow44=
Subject key identifier: D0:B6:16:41:8A:C1:E4:A4:35:88:45:22:D3:E7:E7:DD:46:0E:4E:78
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 320D
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/E74B2942A10D11EDB6423F70C4F9AE02.roa
Signing time: Thu 16 Mar 2023 16:01:05 +0000
ROA not before: Thu 16 Mar 2023 16:01:05 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 21700
IP address blocks: 122.8.16.0/22 maxlen: 22
122.8.28.0/22 maxlen: 22
122.8.40.0/22 maxlen: 22
122.8.44.0/22 maxlen: 22
122.8.48.0/22 maxlen: 22
122.8.56.0/22 maxlen: 22
122.8.64.0/22 maxlen: 22
122.8.72.0/22 maxlen: 22
122.8.80.0/22 maxlen: 22
122.8.92.0/22 maxlen: 22
122.8.96.0/22 maxlen: 22
122.8.100.0/22 maxlen: 22
122.8.104.0/22 maxlen: 22
122.8.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12813 (0x320d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Mar 16 16:01:05 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64133d41-c30f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cf:37:7c:e4:d4:29:52:3a:2a:4b:87:b3:7b:
57:4e:8a:3f:a6:3e:9b:85:11:a7:a7:3a:f4:85:3c:
2e:c8:5c:d2:04:21:ab:00:9b:f9:35:4c:14:e8:87:
19:9d:03:39:fb:5a:70:84:85:d4:92:30:1b:d4:60:
df:5c:22:11:2d:e6:2e:a0:5a:ac:5f:12:c6:d7:13:
48:a6:cc:b1:81:ac:a2:57:70:5b:f8:cd:8b:1b:e7:
1e:d3:d9:1d:ac:3a:02:c2:f0:43:d0:5f:32:8e:07:
11:a5:a3:25:5a:16:d4:fb:ff:5e:f2:69:09:cf:e4:
cd:83:85:08:66:a0:d3:9c:47:a1:1d:8c:a7:bc:83:
26:34:7e:8b:aa:8c:82:66:81:63:47:c9:51:46:0f:
91:ce:29:c9:9f:5f:9c:47:d9:fb:16:40:85:20:8b:
24:23:4c:2e:80:62:43:86:43:07:cf:06:40:62:2a:
1e:49:2e:dc:cb:4d:c6:16:da:a7:ff:4d:d4:12:05:
20:74:69:78:5d:94:0b:0c:91:51:58:5e:d6:3e:50:
1f:86:20:3d:10:1d:a3:90:ce:d1:62:29:67:5d:5b:
c0:fa:54:45:35:bb:bb:aa:2a:23:bf:a0:2f:08:6b:
ac:70:d2:4f:93:88:c3:25:42:3f:65:36:86:c3:c6:
01:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B6:16:41:8A:C1:E4:A4:35:88:45:22:D3:E7:E7:DD:46:0E:4E:78
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/E74B2942A10D11EDB6423F70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.16.0/22
122.8.28.0/22
122.8.40.0-122.8.51.255
122.8.56.0/22
122.8.64.0/22
122.8.72.0/22
122.8.80.0/22
122.8.92.0-122.8.111.255
Signature Algorithm: sha256WithRSAEncryption
e0:91:02:a3:eb:04:66:36:d3:08:76:1e:a4:f0:24:58:0c:72:
ec:9e:54:74:76:c7:7a:24:5c:34:e8:62:7f:75:ef:a7:21:ca:
53:05:80:ef:5c:e1:37:22:0a:15:d4:89:17:30:61:03:63:10:
19:f9:a1:b7:5c:a3:4e:64:1c:a1:60:37:3f:b6:d8:96:a6:2a:
ff:9f:f4:c1:07:5e:e6:60:d1:e6:77:de:4e:04:7d:de:c4:a5:
f6:a9:69:ac:85:74:eb:b2:2b:5e:34:79:17:9e:37:ca:1a:db:
d2:73:a9:2b:53:bd:13:bd:49:11:09:70:41:1b:f2:39:b4:1b:
a0:c5:9e:16:01:56:3f:3b:12:34:fc:f0:81:e8:46:57:f0:54:
47:8f:c7:da:17:31:de:cf:26:68:e4:19:f8:ee:2f:e6:1d:50:
85:06:e3:28:87:ec:2e:69:60:3b:e7:9d:8c:5f:9c:5f:0a:1f:
d1:da:50:9d:ef:2d:cc:31:0c:44:a9:9e:37:e0:78:07:04:77:
72:9d:c1:0c:02:c2:3b:73:ec:37:50:23:18:3e:5d:0c:63:63:
68:47:30:2d:a9:92:10:4e:cd:46:c7:d3:67:7d:dc:b9:55:94:
f2:a4:1c:ec:7d:02:56:8c:80:7b:8e:75:5a:4a:31:bf:80:f0:
75:07:04:1d
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICMg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjMwMzE2MTYwMTA1WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDEzM2Q0MS1jMzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAws83fOTUKVI6KkuHs3tXToo/pj6bhRGnpzr0hTwuyFzSBCGrAJv5NUwU6IcZ
nQM5+1pwhIXUkjAb1GDfXCIRLeYuoFqsXxLG1xNIpsyxgayiV3Bb+M2LG+ce09kd
rDoCwvBD0F8yjgcRpaMlWhbU+/9e8mkJz+TNg4UIZqDTnEehHYynvIMmNH6LqoyC
ZoFjR8lRRg+RzinJn1+cR9n7FkCFIIskI0wugGJDhkMHzwZAYioeSS7cy03GFtqn
/03UEgUgdGl4XZQLDJFRWF7WPlAfhiA9EB2jkM7RYilnXVvA+lRFNbu7qiojv6Av
CGuscNJPk4jDJUI/ZTaGw8YBDwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFNC2FkGK
weSkNYhFItPn591GDk54MB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvRTc0QjI5NDJB
MTBEMTFFREI2NDIzRjcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADBAJ6CBADBAJ6CBwwDAMEA3oIKAMEAnoIMAMEAnoIOAMEAnoI
QAMEAnoISAMEAnoIUDAMAwQCeghcAwQEeghgMA0GCSqGSIb3DQEBCwUAA4IBAQDg
kQKj6wRmNtMIdh6k8CRYDHLsnlR0dsd6JFw06GJ/de+nIcpTBYDvXOE3IgoV1IkX
MGEDYxAZ+aG3XKNOZByhYDc/ttiWpir/n/TBB17mYNHmd95OBH3exKX2qWmshXTr
siteNHkXnjfKGtvSc6krU70TvUkRCXBBG/I5tBugxZ4WAVY/OxI0/PCB6EZX8FRH
j8faFzHezyZo5Bn47i/mHVCFBuMoh+wuaWA7552MX5xfCh/R2lCd7y3MMQxEqZ43
4HgHBHdyncEMAsI7c+w3UCMYPl0MY2NoRzAtqZIQTs1Gx9Nnfdy5VZTypBzsfQJW
jIB7jnVaSjG/gPB1BwQd
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org