Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/7FA25AB6A62211EE81275E4DC4F9AE02.roa
File: 7FA25AB6A62211EE81275E4DC4F9AE02.roa (raw, json)
Hash identifier: ESl0rnw6TO+OFgW1nEEy8vN82pEIHM8U4uwdxPASM2g=
Subject key identifier: D0:64:79:A7:1A:94:CE:D2:0A:55:03:E2:38:E1:00:B4:61:7F:AD:93
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 32DC
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/7FA25AB6A62211EE81275E4DC4F9AE02.roa
Signing time: Fri 29 Dec 2023 08:16:00 +0000
ROA not before: Fri 29 Dec 2023 08:16:00 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 53356
IP address blocks: 122.8.16.0/22 maxlen: 22
122.8.20.0/22 maxlen: 22
122.8.32.0/22 maxlen: 22
122.8.112.0/22 maxlen: 22
122.8.116.0/22 maxlen: 22
122.8.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 16 Jan 2024 09:17:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13020 (0x32dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Dec 29 08:16:00 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=658e803f-3fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f8:0a:f6:d3:8a:b9:ab:bb:af:26:91:bc:38:
24:e4:17:49:56:4b:68:80:7b:e7:34:d6:96:61:63:
91:67:48:38:66:31:3b:f4:84:cd:89:f8:f2:87:49:
40:a8:30:b8:1a:2d:19:f4:bf:ae:64:09:c2:27:c0:
fa:fb:df:81:a6:12:b3:c4:1e:c5:49:e7:a5:a3:0a:
f7:6f:d5:ee:55:68:9f:df:13:67:17:80:0b:8c:df:
e6:55:e2:17:60:c2:e5:17:d9:31:27:9d:18:4b:ad:
49:42:72:29:b1:5a:cf:fc:cf:db:e7:7e:f7:8c:e0:
cc:22:17:4a:69:37:8e:8b:71:42:d4:58:73:6e:74:
75:e3:de:9b:6d:aa:7d:e2:1f:b5:4d:83:5d:80:43:
b6:27:29:e4:e6:c1:dd:dc:42:cf:ec:87:57:55:f5:
61:79:ad:72:1d:88:94:63:ae:08:38:ed:b9:75:81:
9c:ef:2d:10:de:ea:4c:81:4d:fe:2b:11:c8:78:8a:
91:77:97:ca:84:23:ed:e0:2e:0f:f7:9b:57:f5:d1:
08:83:7c:ad:60:1b:5d:b3:06:3b:c9:c3:55:30:f1:
fb:c6:18:6f:41:56:46:a7:11:09:f6:72:ef:d5:b0:
be:b9:aa:68:2f:25:48:fe:35:8d:2a:e3:b9:f5:d0:
af:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:64:79:A7:1A:94:CE:D2:0A:55:03:E2:38:E1:00:B4:61:7F:AD:93
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/7FA25AB6A62211EE81275E4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.16.0/21
122.8.32.0/22
122.8.112.0/21
122.8.124.0/22
Signature Algorithm: sha256WithRSAEncryption
01:eb:1c:96:2a:29:60:66:4a:8a:f5:a2:09:1d:3d:92:66:4f:
75:06:8b:f8:d0:6b:aa:51:a9:7b:e1:ba:48:9f:eb:96:17:17:
20:f2:d4:7e:f6:e8:df:77:b0:b6:22:5b:35:a1:0e:d1:f8:6c:
70:5c:09:99:f1:e5:d5:e5:55:05:87:8a:b9:dd:44:4f:cf:69:
c0:f9:d2:6f:b2:89:3c:55:25:43:f5:a0:81:67:11:95:8a:bb:
8c:94:3f:d1:e8:99:e2:09:2b:fb:64:9c:ed:9c:d3:87:73:58:
e7:a2:42:8f:32:25:e6:82:ce:cf:c9:da:e2:e1:40:49:12:d0:
5d:b5:3f:e5:4f:16:ec:4d:5e:ad:79:ae:fe:fe:9f:f5:e3:2c:
df:c6:fb:76:74:0f:2c:50:28:20:3f:9b:1a:04:91:cf:03:7a:
e2:60:7a:ae:43:5b:cf:6d:c2:8e:cb:e4:1a:20:2e:fe:dd:d5:
72:86:dd:3f:99:77:cc:e5:94:cc:2a:80:7f:4e:59:05:d6:30:
db:65:a3:34:4a:45:5c:13:d9:76:76:4d:82:60:4b:1b:af:6c:
d9:62:75:ea:4a:c3:81:52:d0:26:2d:6f:aa:cd:52:b6:a4:a4:
29:13:e4:aa:49:f6:fa:52:90:c6:8c:53:10:c6:a0:30:a1:5d:
a7:15:42:0a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICMtwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjMxMjI5MDgxNjAwWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NThlODAzZi0zZmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxfgK9tOKuau7ryaRvDgk5BdJVktogHvnNNaWYWORZ0g4ZjE79ITNifjyh0lA
qDC4Gi0Z9L+uZAnCJ8D6+9+BphKzxB7FSeelowr3b9XuVWif3xNnF4ALjN/mVeIX
YMLlF9kxJ50YS61JQnIpsVrP/M/b5373jODMIhdKaTeOi3FC1FhzbnR1496bbap9
4h+1TYNdgEO2Jynk5sHd3ELP7IdXVfVhea1yHYiUY64IOO25dYGc7y0Q3upMgU3+
KxHIeIqRd5fKhCPt4C4P95tX9dEIg3ytYBtdswY7ycNVMPH7xhhvQVZGpxEJ9nLv
1bC+uapoLyVI/jWNKuO59dCvkwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFNBkeaca
lM7SClUD4jjhALRhf62TMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvN0ZBMjVBQjZB
NjIyMTFFRTgxMjc1RTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAN6CBADBAJ6CCADBAN6CHADBAJ6CHwwDQYJKoZIhvcNAQEL
BQADggEBAAHrHJYqKWBmSor1ogkdPZJmT3UGi/jQa6pRqXvhukif65YXFyDy1H72
6N93sLYiWzWhDtH4bHBcCZnx5dXlVQWHirndRE/PacD50m+yiTxVJUP1oIFnEZWK
u4yUP9HomeIJK/tknO2c04dzWOeiQo8yJeaCzs/J2uLhQEkS0F21P+VPFuxNXq15
rv7+n/XjLN/G+3Z0DyxQKCA/mxoEkc8DeuJgeq5DW89two7L5BogLv7d1XKG3T+Z
d8zllMwqgH9OWQXWMNtlozRKRVwT2XZ2TYJgSxuvbNlidepKw4FS0CYtb6rNUrak
pCkT5KpJ9vpSkMaMUxDGoDChXacVQgo=
-----END CERTIFICATE-----
Generated at Tue Jan 16 13:17:11 2024 by rpki-client on console-fra.rpki-client.org