Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914D5F5/9B18B43088F211EA899EBE67C4F9AE02/033AD246931B11EA974F0D67C4F9AE02.roa
File: 033AD246931B11EA974F0D67C4F9AE02.roa (raw, json)
Hash identifier: 0/BqrZIGiUftxKhpFSgUUOOnOj8M8ZaSpt5W5laWnZA=
Subject key identifier: 55:36:98:EC:77:01:BD:EE:A8:F8:EC:AF:C3:95:9D:2B:E8:2F:E5:85
Certificate issuer: /CN=A914D5F5/serialNumber=45D8610FCE17D9FF4E8C9E2D7A253DA5C2F87F9B
Certificate serial: 0939
Authority key identifier: 45:D8:61:0F:CE:17:D9:FF:4E:8C:9E:2D:7A:25:3D:A5:C2:F8:7F:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RdhhD84X2f9OjJ4teiU9pcL4f5s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914D5F5/9B18B43088F211EA899EBE67C4F9AE02/033AD246931B11EA974F0D67C4F9AE02.roa
Signing time: Thu 04 Jul 2024 20:58:32 +0000
ROA not before: Thu 04 Jul 2024 20:58:32 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 16509
IP address blocks: 122.252.145.0/24 maxlen: 24
122.252.146.0/24 maxlen: 24
122.252.147.0/24 maxlen: 24
122.252.148.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 26 Jul 2024 01:26:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2361 (0x939)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914D5F5/serialNumber=45D8610FCE17D9FF4E8C9E2D7A253DA5C2F87F9B
Validity
Not Before: Jul 4 20:58:32 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66870cf8-8c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e0:26:10:89:7d:72:14:f8:8d:af:2b:18:65:
15:24:e2:9a:57:b2:b8:eb:b3:20:ad:4b:4f:7b:4a:
4d:5e:5c:ae:2c:cb:c4:8e:68:86:81:0e:a1:07:d0:
0b:6d:75:51:2a:aa:a5:23:4b:6f:ea:69:ca:94:61:
e2:e2:a0:50:58:76:39:f5:a6:05:79:30:07:f0:da:
e9:fa:a7:9a:37:93:4d:83:f1:24:9d:98:47:62:94:
13:54:c9:72:01:4b:89:95:12:f3:2b:62:4e:88:d1:
57:07:71:91:86:c5:2e:cd:f5:f0:39:af:76:c6:aa:
56:9f:c9:f3:3f:61:9b:2f:32:e9:14:34:9c:7c:b3:
0c:97:4f:a0:18:ec:2e:60:cb:d7:85:34:cd:a4:a5:
43:47:aa:ae:1c:6f:2f:cf:70:ba:b5:a7:7d:bc:57:
dc:cc:75:5a:ec:a0:f0:1d:12:18:61:65:db:a4:8d:
c7:e0:ba:73:8e:f8:3e:ae:fd:a0:99:0a:4f:36:d2:
5d:86:8a:7c:8d:21:ae:73:ee:fd:48:c1:8b:5d:0d:
f8:13:ba:b8:1b:e9:68:e3:fd:65:7c:4b:9c:7f:cf:
4b:89:4d:64:5d:74:1a:be:cf:e1:64:68:f3:9e:2f:
30:5d:4f:3c:f2:e2:bf:51:94:f9:52:e8:1a:85:0f:
0d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:36:98:EC:77:01:BD:EE:A8:F8:EC:AF:C3:95:9D:2B:E8:2F:E5:85
X509v3 Authority Key Identifier:
keyid:45:D8:61:0F:CE:17:D9:FF:4E:8C:9E:2D:7A:25:3D:A5:C2:F8:7F:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914D5F5/9B18B43088F211EA899EBE67C4F9AE02/RdhhD84X2f9OjJ4teiU9pcL4f5s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RdhhD84X2f9OjJ4teiU9pcL4f5s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D5F5/9B18B43088F211EA899EBE67C4F9AE02/033AD246931B11EA974F0D67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.252.145.0-122.252.151.255
Signature Algorithm: sha256WithRSAEncryption
48:14:5e:f9:62:f5:24:7f:78:cc:38:04:e6:3f:ff:94:62:39:
c8:4f:94:af:a0:a0:c0:d4:6b:4f:71:77:c0:ea:46:da:fa:35:
72:01:e0:14:c3:b2:06:2f:65:cc:0f:cf:be:cf:16:56:68:a7:
0c:0d:14:8c:b1:69:3b:1b:f7:a9:c8:9e:d2:fe:cc:97:4b:fb:
6a:f6:74:cf:6d:d0:0b:86:2a:09:fb:c2:7c:d2:26:2e:e8:d5:
52:1e:33:5a:6d:9f:b2:25:e1:4f:1d:d9:7d:72:ea:f0:be:b2:
20:12:99:d8:0f:f7:b6:5a:31:13:21:1c:b4:ef:db:65:de:0e:
73:5e:cf:c8:5f:f0:07:9d:6b:7c:f1:86:99:61:b6:9f:e2:97:
b0:2e:55:3d:ce:dd:a0:79:a8:81:20:88:f6:9e:51:24:ef:27:
cd:74:f9:bb:bd:87:40:0d:a9:7d:36:f4:48:7d:33:6b:7f:16:
06:4a:8f:85:4c:d4:1f:51:50:cc:77:47:90:57:31:f5:4b:8d:
6a:38:84:0d:19:65:29:70:de:73:c2:d0:ea:45:8e:d5:13:86:
0a:d4:eb:23:0d:ed:0b:bd:ad:e7:ea:38:40:36:bb:56:c8:d6:
dd:3a:ef:c2:5f:56:b0:1e:56:e1:61:5d:85:62:aa:32:40:f2:
a3:6a:1d:ed
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEQ1RjUxMTAvBgNVBAUTKDQ1RDg2MTBGQ0UxN0Q5RkY0RThDOUUyRDdBMjUzREE1
QzJGODdGOUIwHhcNMjQwNzA0MjA1ODMyWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg3MGNmOC04YzU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzuAmEIl9chT4ja8rGGUVJOKaV7K467MgrUtPe0pNXlyuLMvEjmiGgQ6hB9AL
bXVRKqqlI0tv6mnKlGHi4qBQWHY59aYFeTAH8Nrp+qeaN5NNg/EknZhHYpQTVMly
AUuJlRLzK2JOiNFXB3GRhsUuzfXwOa92xqpWn8nzP2GbLzLpFDScfLMMl0+gGOwu
YMvXhTTNpKVDR6quHG8vz3C6tad9vFfczHVa7KDwHRIYYWXbpI3H4Lpzjvg+rv2g
mQpPNtJdhop8jSGuc+79SMGLXQ34E7q4G+lo4/1lfEucf89LiU1kXXQavs/hZGjz
ni8wXU888uK/UZT5UugahQ8NfQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFFU2mOx3
Ab3uqPjsr8OVnSvoL+WFMB8GA1UdIwQYMBaAFEXYYQ/OF9n/ToyeLXolPaXC+H+b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RDVGNS85QjE4QjQzMDg4
RjIxMUVBODk5RUJFNjdDNEY5QUUwMi9SZGhoRDg0WDJmOU9qSjR0ZWlVOXBjTDRm
NXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JkaGhEODRYMmY5T2pKNHRlaVU5cGNMNGY1cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEQ1RjUvOUIxOEI0MzA4OEYyMTFFQTg5OUVCRTY3QzRGOUFFMDIvMDMzQUQyNDY5
MzFCMTFFQTk3NEYwRDY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAHr8kQMEA3r8kDANBgkqhkiG9w0BAQsFAAOCAQEASBRe
+WL1JH94zDgE5j//lGI5yE+Ur6CgwNRrT3F3wOpG2vo1cgHgFMOyBi9lzA/Pvs8W
VminDA0UjLFpOxv3qcie0v7Ml0v7avZ0z23QC4YqCfvCfNImLujVUh4zWm2fsiXh
Tx3ZfXLq8L6yIBKZ2A/3tloxEyEctO/bZd4Oc17PyF/wB51rfPGGmWG2n+KXsC5V
Pc7doHmogSCI9p5RJO8nzXT5u72HQA2pfTb0SH0za38WBkqPhUzUH1FQzHdHkFcx
9UuNajiEDRllKXDec8LQ6kWO1ROGCtTrIw3tC72t5+o4QDa7VsjW3Trvwl9WsB5W
4WFdhWKqMkDyo2od7Q==
-----END CERTIFICATE-----
Generated at Fri Jul 26 04:12:01 2024 by rpki-client on console-fra.rpki-client.org