Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/AB41B5C84F1811EFB6ECD54CC4F9AE02.roa
File: AB41B5C84F1811EFB6ECD54CC4F9AE02.roa (raw, json)
Hash identifier: d58mVWw/oPkphJHkyg8BAYE1j8/JvsJpMQi8LQv7kAE=
Subject key identifier: 2A:FD:A8:D5:4B:37:75:57:92:AB:05:5A:29:5E:11:24:6D:4D:80:F9
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 33B7
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/AB41B5C84F1811EFB6ECD54CC4F9AE02.roa
Signing time: Thu 01 Aug 2024 06:43:09 +0000
ROA not before: Thu 01 Aug 2024 06:43:09 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 44317
IP address blocks: 122.8.36.0/22 maxlen: 22
122.8.64.0/22 maxlen: 22
122.8.92.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 08 Nov 2024 02:12:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13239 (0x33b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Aug 1 06:43:09 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66ab2e7c-c75b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:90:a1:8b:9b:d1:9d:38:6b:80:4a:11:a6:16:
49:5e:b8:8f:66:ac:a7:3c:c5:66:a5:f9:d6:15:e9:
98:ad:fc:e7:91:06:08:ee:49:cc:3e:51:9d:86:41:
46:ad:9b:2a:78:53:e3:4e:4c:9d:c7:1c:42:94:03:
16:0a:0f:4f:41:e2:65:69:cb:fd:a7:35:ae:f9:e8:
66:8f:e6:37:b3:0b:fb:82:85:af:05:ee:97:03:04:
1e:27:f5:b9:6d:59:2b:92:bc:17:a3:9e:84:10:30:
39:43:65:16:15:d2:5c:29:e4:18:4f:01:6a:4f:48:
36:68:ac:1e:e5:93:8e:00:5e:93:7e:7a:17:45:10:
b7:94:25:b3:6e:dd:c6:80:ec:68:64:b5:3e:17:cf:
f6:4a:28:55:a8:f5:17:48:63:ad:68:ca:0f:10:74:
50:87:88:2f:a3:63:8c:8e:cb:1f:4f:3a:4a:4e:20:
5c:aa:ba:73:ae:61:24:a3:40:d6:da:a9:fd:d2:86:
cc:84:79:8b:e1:74:04:5c:d5:f2:15:bd:4c:00:46:
82:75:ed:ef:7b:30:b1:88:45:c0:1f:b6:73:a7:73:
0c:72:5c:18:28:b5:31:b6:23:96:f7:54:8e:d0:23:
b2:31:49:22:8b:21:af:54:aa:28:fc:60:40:d2:a4:
13:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FD:A8:D5:4B:37:75:57:92:AB:05:5A:29:5E:11:24:6D:4D:80:F9
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/AB41B5C84F1811EFB6ECD54CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.36.0/22
122.8.64.0/22
122.8.92.0/22
Signature Algorithm: sha256WithRSAEncryption
37:9b:08:4e:80:f4:e6:ea:69:5d:55:10:8c:3b:b3:c9:f8:99:
54:af:f1:0e:17:5e:5a:e5:c0:b9:0c:be:5f:b4:27:8c:cd:ba:
59:13:aa:2e:de:e7:74:ec:ab:01:f4:94:25:4e:5a:a9:0c:e4:
d8:d6:c3:a9:84:0a:80:ff:d9:31:61:d2:50:44:01:7b:da:a2:
1c:c7:5c:8b:5e:b5:bd:49:6f:d8:52:3a:4a:db:35:c4:02:b8:
ce:93:86:72:c6:7a:c7:1a:16:02:7d:60:37:d6:2f:28:4a:61:
bc:39:f3:e3:c1:ad:46:c3:fa:ce:c0:50:28:cc:2f:de:36:26:
ac:38:1b:67:37:1b:55:e0:2a:6f:eb:1c:48:50:ea:7e:dd:34:
27:cd:09:7b:ca:82:88:78:db:fd:cd:aa:10:08:58:ef:88:c6:
06:db:f9:dc:b5:be:81:0e:d1:6d:08:fd:40:da:32:c7:48:6f:
5c:43:2b:b8:6a:0b:ea:84:23:3c:20:87:5b:32:0c:80:62:36:
a0:90:b6:66:94:7a:a5:2c:3a:20:e9:b5:b1:76:0b:4b:1b:58:
9c:35:db:9a:11:8f:66:03:4f:6f:17:b1:6e:d2:98:11:af:13:
29:36:f8:a5:02:6d:91:bf:86:59:c2:ae:95:50:1f:ac:43:17:
be:23:1a:4e
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICM7cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjQwODAxMDY0MzA5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFiMmU3Yy1jNzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ZChi5vRnThrgEoRphZJXriPZqynPMVmpfnWFemYrfznkQYI7knMPlGdhkFG
rZsqeFPjTkydxxxClAMWCg9PQeJlacv9pzWu+ehmj+Y3swv7goWvBe6XAwQeJ/W5
bVkrkrwXo56EEDA5Q2UWFdJcKeQYTwFqT0g2aKwe5ZOOAF6TfnoXRRC3lCWzbt3G
gOxoZLU+F8/2SihVqPUXSGOtaMoPEHRQh4gvo2OMjssfTzpKTiBcqrpzrmEko0DW
2qn90obMhHmL4XQEXNXyFb1MAEaCde3vezCxiEXAH7Zzp3MMclwYKLUxtiOW91SO
0COyMUkiiyGvVKoo/GBA0qQTpwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFCr9qNVL
N3VXkqsFWileESRtTYD5MB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvQUI0MUI1Qzg0
RjE4MTFFRkI2RUNENTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJ6CCQDBAJ6CEADBAJ6CFwwDQYJKoZIhvcNAQELBQADggEB
ADebCE6A9ObqaV1VEIw7s8n4mVSv8Q4XXlrlwLkMvl+0J4zNulkTqi7e53TsqwH0
lCVOWqkM5NjWw6mECoD/2TFh0lBEAXvaohzHXItetb1Jb9hSOkrbNcQCuM6ThnLG
escaFgJ9YDfWLyhKYbw58+PBrUbD+s7AUCjML942Jqw4G2c3G1XgKm/rHEhQ6n7d
NCfNCXvKgoh42/3NqhAIWO+Ixgbb+dy1voEO0W0I/UDaMsdIb1xDK7hqC+qEIzwg
h1syDIBiNqCQtmaUeqUsOiDptbF2C0sbWJw125oRj2YDT28XsW7SmBGvEyk2+KUC
bZG/hlnCrpVQH6xDF74jGk4=
-----END CERTIFICATE-----
Generated at Fri Nov 8 06:31:07 2024 by rpki-client on console-fra.rpki-client.org