Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/4FE9C3284FD111EF97AE965EC4F9AE02.roa
File: 4FE9C3284FD111EF97AE965EC4F9AE02.roa (raw, json)
Hash identifier: sXoHSfOzYfbnpgPDdLDWzKq1Y9YkXx6JYFNYKr69aVU=
Subject key identifier: 8B:9C:52:6C:89:5D:01:D4:A3:D1:5F:2B:02:5B:B1:5D:01:D5:76:C1
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 33B6
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/4FE9C3284FD111EF97AE965EC4F9AE02.roa
Signing time: Thu 01 Aug 2024 06:43:08 +0000
ROA not before: Thu 01 Aug 2024 06:43:08 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 174
IP address blocks: 122.8.44.0/22 maxlen: 22
122.8.48.0/22 maxlen: 22
122.8.56.0/22 maxlen: 22
122.8.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 08 Aug 2024 06:28:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13238 (0x33b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Aug 1 06:43:08 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66ab2e7c-f3ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:58:6b:b4:45:12:0b:7c:fa:20:70:04:80:96:
d3:34:b1:14:1c:8a:44:01:1f:53:92:e1:b4:d6:30:
7f:70:5f:6c:25:9e:4e:19:c4:0b:2b:b5:45:e4:74:
af:d9:05:65:0c:1b:20:80:72:37:06:cc:99:ff:9b:
94:fa:0b:a5:1f:03:80:47:a8:7a:65:20:67:fc:47:
16:65:67:21:4e:c5:93:7d:35:9f:78:db:12:76:df:
09:f3:b8:fa:e1:de:2f:e5:fd:6a:59:bf:48:58:ea:
f6:b7:87:66:23:ac:ec:35:a3:1b:b1:f7:14:25:a4:
56:9f:c1:76:d7:ff:d7:a6:bb:f4:a2:de:e5:ab:c8:
27:2a:1b:be:83:5c:5e:0e:2a:fb:02:89:56:b5:7d:
fb:46:f8:c5:96:df:d2:27:ba:52:3a:12:8f:32:1c:
86:5b:aa:17:68:c3:ce:ad:25:d1:55:7d:5b:40:73:
00:ce:d2:ba:30:b0:12:52:a6:72:77:4b:a6:ee:7b:
d4:de:ef:8f:bd:b8:ae:f8:45:96:9b:11:93:73:43:
f9:92:13:c1:10:5f:0d:4e:4c:53:ba:a2:88:67:28:
73:80:51:52:e7:6d:7a:04:4b:76:87:5b:c5:70:70:
44:17:f0:e1:e9:a2:05:7e:12:20:98:5f:4c:14:b5:
f9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:9C:52:6C:89:5D:01:D4:A3:D1:5F:2B:02:5B:B1:5D:01:D5:76:C1
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/4FE9C3284FD111EF97AE965EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.44.0-122.8.51.255
122.8.56.0/22
122.8.72.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:ec:47:75:66:05:3c:eb:39:aa:fd:bf:aa:ff:bc:68:3f:88:
7d:9d:c7:c3:8c:6a:e3:45:fa:35:9f:0e:51:af:37:b1:12:83:
af:ae:6e:a3:df:82:f6:f9:b6:99:64:2c:e3:e4:f4:af:01:01:
9f:0f:3d:6f:21:84:12:ce:0c:4c:1c:e3:b5:eb:c8:85:52:bd:
bb:64:f9:8d:82:9b:9f:0f:0e:ab:64:39:2d:7c:b1:ef:ff:10:
ca:0b:f3:bc:ae:f6:d4:68:4a:0f:63:3c:c8:ed:7a:a5:6e:70:
7f:43:47:16:5a:36:b8:7a:ba:5f:af:2f:c8:33:81:1d:78:5f:
ca:ef:82:88:3a:4b:e2:ff:b0:21:71:c2:e9:56:0a:1d:03:33:
c2:8b:27:15:bb:8d:2a:fe:98:f9:93:07:e5:a8:69:6c:0d:60:
ab:49:f4:16:98:18:4c:a7:31:3f:c4:b8:1e:b7:46:a8:96:87:
bc:3c:30:1e:d7:2f:0f:3a:a7:e8:b7:e4:30:15:7a:6c:3a:b4:
67:67:36:0d:5d:7d:a5:0b:e3:89:ce:d5:dc:db:5c:2a:cf:08:
28:60:3c:f0:c6:9a:81:a1:3d:b4:1f:b8:85:96:72:62:3b:c9:
5a:c0:2d:5b:cf:96:fe:ca:a0:c7:f2:0f:8e:7f:b6:14:58:53:
7b:a8:ec:3b
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICM7YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjQwODAxMDY0MzA4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFiMmU3Yy1mM2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApVhrtEUSC3z6IHAEgJbTNLEUHIpEAR9TkuG01jB/cF9sJZ5OGcQLK7VF5HSv
2QVlDBsggHI3BsyZ/5uU+gulHwOAR6h6ZSBn/EcWZWchTsWTfTWfeNsSdt8J87j6
4d4v5f1qWb9IWOr2t4dmI6zsNaMbsfcUJaRWn8F21//Xprv0ot7lq8gnKhu+g1xe
Dir7AolWtX37RvjFlt/SJ7pSOhKPMhyGW6oXaMPOrSXRVX1bQHMAztK6MLASUqZy
d0um7nvU3u+Pvbiu+EWWmxGTc0P5khPBEF8NTkxTuqKIZyhzgFFS5216BEt2h1vF
cHBEF/Dh6aIFfhIgmF9MFLX5BwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFIucUmyJ
XQHUo9FfKwJbsV0B1XbBMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvNEZFOUMzMjg0
RkQxMTFFRjk3QUU5NjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAnoILAMEAnoIMAMEAnoIOAMEAnoISDANBgkqhkiG9w0B
AQsFAAOCAQEAXuxHdWYFPOs5qv2/qv+8aD+IfZ3Hw4xq40X6NZ8OUa83sRKDr65u
o9+C9vm2mWQs4+T0rwEBnw89byGEEs4MTBzjtevIhVK9u2T5jYKbnw8Oq2Q5LXyx
7/8QygvzvK721GhKD2M8yO16pW5wf0NHFlo2uHq6X68vyDOBHXhfyu+CiDpL4v+w
IXHC6VYKHQMzwosnFbuNKv6Y+ZMH5ahpbA1gq0n0FpgYTKcxP8S4HrdGqJaHvDww
HtcvDzqn6LfkMBV6bDq0Z2c2DV19pQvjic7V3NtcKs8IKGA88MaagaE9tB+4hZZy
YjvJWsAtW8+W/sqgx/IPjn+2FFhTe6jsOw==
-----END CERTIFICATE-----
Generated at Thu Aug 8 08:00:14 2024 by rpki-client on console-ams.rpki-client.org