Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/0A985CD4B45011EE8CDBB61BC4F9AE02.roa
File: 0A985CD4B45011EE8CDBB61BC4F9AE02.roa (raw, json)
Hash identifier: KfISciMJ6+nMMjy5uEK1x/byCVtDDw6xW+70BguQtJ8=
Subject key identifier: 17:6C:33:53:9C:03:69:12:E5:E2:DA:AE:5A:EF:2D:FE:72:65:9D:E5
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 32E8
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/0A985CD4B45011EE8CDBB61BC4F9AE02.roa
Signing time: Tue 16 Jan 2024 09:17:17 +0000
ROA not before: Tue 16 Jan 2024 09:17:17 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 53356
IP address blocks: 122.8.16.0/22 maxlen: 22
122.8.32.0/22 maxlen: 22
122.8.112.0/22 maxlen: 22
122.8.116.0/22 maxlen: 22
122.8.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 18 Feb 2024 07:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13032 (0x32e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Jan 16 09:17:17 2024 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=65a6499c-aa00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:61:19:2b:71:d1:03:5b:6f:50:5d:15:02:a9:
1b:43:8a:da:ff:be:b3:db:48:75:11:75:7b:57:27:
c9:20:1d:3b:25:81:94:55:f5:8a:5d:ec:77:12:76:
8f:c8:28:2e:41:56:3d:e3:0e:d2:af:11:00:7c:63:
ef:15:c8:8b:ec:fe:df:65:33:52:b1:4e:87:30:3a:
5d:a7:aa:1d:78:77:e0:1f:35:12:d0:f6:4e:24:9f:
f5:77:05:b3:08:34:89:d7:52:40:23:59:fe:00:ce:
a3:e1:3a:68:52:64:db:aa:6c:70:f0:28:e7:36:69:
5c:d0:84:0a:3d:07:8e:e7:fb:aa:4d:19:90:03:07:
20:3b:07:06:69:96:37:8b:a7:81:32:10:7e:8d:31:
4a:12:88:cf:d6:90:aa:37:f0:6c:49:6b:c3:ee:72:
0f:1c:80:9b:73:bf:44:c1:fb:7b:e1:80:c5:f4:c6:
b6:b2:85:85:88:e4:1d:51:86:1e:84:fe:9f:f9:e6:
75:aa:4e:a8:49:84:0a:23:b6:31:72:f9:d4:bb:9d:
d9:bd:a7:33:33:1e:93:97:77:e3:85:d4:d6:7a:93:
7b:b7:43:f8:8e:58:6f:7c:6a:ef:2d:73:8c:b3:5f:
a4:7b:2a:49:01:ea:b4:bd:f0:5c:b3:2e:37:f4:2e:
c9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6C:33:53:9C:03:69:12:E5:E2:DA:AE:5A:EF:2D:FE:72:65:9D:E5
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/0A985CD4B45011EE8CDBB61BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.16.0/22
122.8.32.0/22
122.8.112.0/21
122.8.124.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:2f:fb:27:c2:7c:9f:9c:7f:3c:32:61:18:fa:5e:df:1c:6f:
ae:ee:4f:8c:f2:fd:f2:00:7b:89:5e:21:d1:c9:96:c1:17:70:
db:23:f1:9a:99:ed:c9:08:e5:36:68:07:96:d3:e8:f7:a1:91:
91:29:04:37:68:c8:ca:70:5e:ee:3d:78:da:8b:5d:10:e7:61:
1e:b4:80:38:2f:02:66:b6:b4:67:1d:9a:0d:27:2f:64:7f:08:
2c:c7:cd:c6:0e:80:45:b0:52:2f:9f:ea:65:43:6b:b3:c4:d6:
02:a2:26:1e:1f:0a:22:30:0f:44:e9:0f:85:61:88:14:19:62:
58:85:fe:99:84:a2:51:6a:c1:f5:bf:49:27:bd:a7:11:b1:18:
33:45:0c:33:0f:25:35:4f:ff:ba:ef:f4:97:f0:6c:79:47:ff:
4a:d2:7b:7e:92:3e:e1:86:fe:df:4a:ab:32:75:a2:b0:36:47:
ad:76:ac:dc:22:9a:ea:3e:bb:01:b3:19:ee:14:a3:48:9a:d4:
8c:74:12:eb:1c:c4:ab:73:c7:89:b8:43:03:51:54:d3:3d:35:
55:7d:91:c7:56:68:87:98:f8:5c:9b:53:29:92:d6:c2:c7:27:
df:bd:8e:dd:fb:02:3d:74:d5:31:2d:d5:b5:2c:7b:ad:7e:91:
b1:5c:ce:3d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICMugwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjQwMTE2MDkxNzE3WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE2NDk5Yy1hYTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3GEZK3HRA1tvUF0VAqkbQ4ra/76z20h1EXV7VyfJIB07JYGUVfWKXex3EnaP
yCguQVY94w7SrxEAfGPvFciL7P7fZTNSsU6HMDpdp6odeHfgHzUS0PZOJJ/1dwWz
CDSJ11JAI1n+AM6j4TpoUmTbqmxw8CjnNmlc0IQKPQeO5/uqTRmQAwcgOwcGaZY3
i6eBMhB+jTFKEojP1pCqN/BsSWvD7nIPHICbc79Ewft74YDF9Ma2soWFiOQdUYYe
hP6f+eZ1qk6oSYQKI7YxcvnUu53ZvaczMx6Tl3fjhdTWepN7t0P4jlhvfGrvLXOM
s1+keypJAeq0vfBcsy439C7JeQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFBdsM1Oc
A2kS5eLarlrvLf5yZZ3lMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvMEE5ODVDRDRC
NDUwMTFFRThDREJCNjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAJ6CBADBAJ6CCADBAN6CHADBAJ6CHwwDQYJKoZIhvcNAQEL
BQADggEBAMcv+yfCfJ+cfzwyYRj6Xt8cb67uT4zy/fIAe4leIdHJlsEXcNsj8ZqZ
7ckI5TZoB5bT6PehkZEpBDdoyMpwXu49eNqLXRDnYR60gDgvAma2tGcdmg0nL2R/
CCzHzcYOgEWwUi+f6mVDa7PE1gKiJh4fCiIwD0TpD4VhiBQZYliF/pmEolFqwfW/
SSe9pxGxGDNFDDMPJTVP/7rv9JfwbHlH/0rSe36SPuGG/t9KqzJ1orA2R612rNwi
muo+uwGzGe4Uo0ia1Ix0EuscxKtzx4m4QwNRVNM9NVV9kcdWaIeY+FybUymS1sLH
J9+9jt37Aj101TEt1bUse61+kbFczj0=
-----END CERTIFICATE-----
Generated at Sun Feb 18 09:24:20 2024 by rpki-client on console-fra.rpki-client.org