Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/21E30C4E854811EFA776AC73C4F9AE02.roa
File: 21E30C4E854811EFA776AC73C4F9AE02.roa (raw, json)
Hash identifier: ynzvOJb5FYEAZFULQbLLHpWaEP/ELmMj3/s++iQOHWs=
Subject key identifier: 3C:28:84:9A:4B:D0:1F:5D:21:A9:4A:BB:55:33:E7:F5:5B:CA:CE:DE
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 33F6
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/21E30C4E854811EFA776AC73C4F9AE02.roa
Signing time: Fri 11 Oct 2024 02:14:14 +0000
ROA not before: Fri 11 Oct 2024 02:14:13 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 215784
IP address blocks: 122.8.32.0/22 maxlen: 22
122.8.40.0/22 maxlen: 22
122.8.44.0/22 maxlen: 22
122.8.48.0/22 maxlen: 22
122.8.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 21 Oct 2024 02:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13302 (0x33f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Oct 11 02:14:13 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=670889f5-81d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a6:c5:a5:94:1a:72:65:e9:2a:84:cd:1f:8b:
7a:d2:69:80:ce:07:76:98:8b:0a:2f:9c:fd:ef:8e:
df:c3:86:05:4c:94:6d:16:b3:98:b2:3b:36:1d:9f:
3b:3c:5b:a0:59:ae:0b:0f:9e:a6:4e:1d:85:be:bb:
8d:ad:ef:1c:5c:95:a4:9f:30:c1:02:96:61:54:9c:
56:fa:78:ad:c7:5f:06:b5:22:e0:42:11:b6:1d:69:
d4:25:79:e8:33:97:fa:fc:2c:40:a4:77:2b:e8:f9:
43:6f:ec:82:1c:59:bd:96:6e:de:8c:ad:80:b6:78:
57:a8:e3:81:16:78:5e:e2:22:72:4e:aa:23:4a:67:
b9:95:77:9c:4b:93:95:cd:50:27:b2:8d:e8:bb:fd:
29:0b:a5:63:69:ae:26:d5:37:15:fc:67:ee:99:af:
88:64:cc:97:af:12:57:b4:80:5d:bb:08:ae:60:89:
79:2d:c6:43:60:07:44:d2:75:d2:3f:70:37:a9:5a:
94:a4:54:ea:66:6e:5d:ba:30:17:35:71:7a:6d:d7:
c6:65:fd:60:fe:90:e8:18:54:7b:64:23:0e:79:b0:
0a:07:19:63:a8:dc:09:7f:4c:27:09:ca:68:97:c5:
4c:6d:f4:33:89:6e:43:6c:f3:d4:68:c4:1e:c2:c2:
05:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:28:84:9A:4B:D0:1F:5D:21:A9:4A:BB:55:33:E7:F5:5B:CA:CE:DE
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/21E30C4E854811EFA776AC73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.32.0/22
122.8.40.0-122.8.51.255
122.8.72.0/22
Signature Algorithm: sha256WithRSAEncryption
e6:cb:6c:5b:dc:91:ff:9b:2c:81:e1:9d:11:a0:15:4f:01:d0:
ef:c6:e8:c8:6f:fa:da:6a:c4:c0:0d:cb:50:2c:94:dc:e3:34:
6f:a0:4d:e7:40:fb:d2:00:b3:10:6a:b5:ed:42:f2:84:ae:d7:
dd:3e:0f:d1:ed:a4:9a:fa:2f:f5:e6:b4:d9:aa:bb:11:59:29:
78:17:49:9f:7c:44:a9:e8:01:a1:c4:84:fa:18:79:93:2e:52:
d9:83:a2:fb:62:06:6e:71:cc:c0:de:8c:26:30:83:76:d8:cc:
9e:36:5c:38:bd:63:23:68:03:03:06:46:44:67:3c:8c:ad:00:
3e:69:63:4d:89:95:13:eb:96:ff:88:1d:37:4b:63:9c:ae:88:
e0:6f:fb:39:55:64:8c:23:68:ae:6f:69:ee:25:ab:21:2a:dd:
c0:5f:a8:36:c8:fb:21:b8:95:83:c7:33:3b:b3:95:a1:16:b9:
22:9f:1c:28:14:ea:28:b7:d9:30:1c:5a:28:5a:55:68:51:ff:
73:87:bc:33:02:ce:bc:fa:fb:5c:96:45:6d:e0:3e:d6:b7:b7:
49:8b:1c:9a:a1:aa:cc:b1:87:b2:63:20:c2:a9:1c:54:d3:e4:
11:e5:4c:fe:28:9e:36:3e:e4:b8:72:dd:04:ec:96:8d:8e:5b:
93:2a:5d:8f
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICM/YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjQxMDExMDIxNDEzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA4ODlmNS04MWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvabFpZQacmXpKoTNH4t60mmAzgd2mIsKL5z9747fw4YFTJRtFrOYsjs2HZ87
PFugWa4LD56mTh2FvruNre8cXJWknzDBApZhVJxW+nitx18GtSLgQhG2HWnUJXno
M5f6/CxApHcr6PlDb+yCHFm9lm7ejK2AtnhXqOOBFnhe4iJyTqojSme5lXecS5OV
zVAnso3ou/0pC6Vjaa4m1TcV/Gfuma+IZMyXrxJXtIBduwiuYIl5LcZDYAdE0nXS
P3A3qVqUpFTqZm5dujAXNXF6bdfGZf1g/pDoGFR7ZCMOebAKBxljqNwJf0wnCcpo
l8VMbfQziW5DbPPUaMQewsIFiwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFDwohJpL
0B9dIalKu1Uz5/Vbys7eMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvMjFFMzBDNEU4
NTQ4MTFFRkE3NzZBQzczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAJ6CCAwDAMEA3oIKAMEAnoIMAMEAnoISDANBgkqhkiG9w0B
AQsFAAOCAQEA5stsW9yR/5ssgeGdEaAVTwHQ78boyG/62mrEwA3LUCyU3OM0b6BN
50D70gCzEGq17ULyhK7X3T4P0e2kmvov9ea02aq7EVkpeBdJn3xEqegBocSE+hh5
ky5S2YOi+2IGbnHMwN6MJjCDdtjMnjZcOL1jI2gDAwZGRGc8jK0APmljTYmVE+uW
/4gdN0tjnK6I4G/7OVVkjCNorm9p7iWrISrdwF+oNsj7IbiVg8czO7OVoRa5Ip8c
KBTqKLfZMBxaKFpVaFH/c4e8MwLOvPr7XJZFbeA+1re3SYscmqGqzLGHsmMgwqkc
VNPkEeVM/iieNj7kuHLdBOyWjY5bkypdjw==
-----END CERTIFICATE-----
Generated at Mon Oct 21 04:46:19 2024 by rpki-client on console-fra.rpki-client.org