Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/D77AED8064BD11EEAB38FB17C4F9AE02.roa
File: D77AED8064BD11EEAB38FB17C4F9AE02.roa (raw, json)
Hash identifier: SPtsBKzyk4Xm9+5vb0/V/1U3p9/yup3JPQfUkfpvytA=
Subject key identifier: 28:DC:04:54:57:3B:E4:98:5C:88:AA:C7:8D:28:2F:01:1F:33:B4:22
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 3328
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/D77AED8064BD11EEAB38FB17C4F9AE02.roa
Signing time: Thu 14 Mar 2024 16:01:10 +0000
ROA not before: Thu 14 Mar 2024 16:01:10 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 174
IP address blocks: 122.8.24.0/22 maxlen: 22
122.8.56.0/22 maxlen: 22
122.8.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 25 Jul 2024 07:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13096 (0x3328)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Mar 14 16:01:10 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65f31f46-414d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:63:5d:33:72:0c:0f:70:05:e9:7c:e7:be:
ef:3b:d3:23:7f:a2:54:2d:5b:88:2d:77:18:a0:b6:
b9:ea:ea:e2:2a:3c:c9:a9:19:24:bc:b2:46:1a:05:
13:68:e5:71:a5:07:cf:64:7a:f2:a7:2d:8b:7e:f9:
1d:cc:02:68:f0:39:e4:1a:58:15:82:0f:cc:d7:32:
c4:5a:bc:3e:19:33:d9:e4:95:0a:7a:39:2f:cd:78:
30:e5:6b:f8:03:40:2e:df:45:b2:03:86:d7:4d:db:
b9:d8:f5:64:e7:ce:d7:01:1c:29:b3:19:78:76:44:
6d:30:10:2c:4f:55:a1:c0:7b:ed:42:74:f7:65:7e:
82:88:c3:80:95:e3:39:6b:56:03:24:2c:34:4a:ec:
f9:f7:d8:6f:bd:23:5e:5c:93:18:11:e5:21:34:53:
e5:31:aa:dd:14:1c:2b:89:2c:43:78:40:20:94:92:
9d:30:21:3f:e3:3e:3d:f5:0e:fd:4c:00:11:8d:79:
69:aa:56:81:9d:4e:7d:39:e2:9a:02:51:d4:8a:61:
c7:88:70:c8:ab:a5:c3:44:9f:2b:6f:c4:48:cb:db:
25:1c:09:4b:8e:be:16:32:dc:b0:9a:d2:44:9f:85:
15:8e:50:c2:ef:2b:77:05:14:8d:63:70:41:51:05:
56:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DC:04:54:57:3B:E4:98:5C:88:AA:C7:8D:28:2F:01:1F:33:B4:22
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/D77AED8064BD11EEAB38FB17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.8.24.0/22
122.8.56.0/22
122.8.72.0/22
Signature Algorithm: sha256WithRSAEncryption
66:43:1a:ad:2e:be:00:4d:f1:2c:aa:7f:e2:94:00:12:e3:21:
b9:03:6a:5f:ab:a7:cf:e9:19:b2:c0:52:cf:59:df:ef:f5:68:
a7:09:3a:44:e5:5f:82:05:6b:5b:c9:cf:16:ad:90:2a:8e:d8:
7d:83:84:1d:3f:82:88:90:1c:90:23:e4:44:a5:99:dd:e2:cb:
0f:6e:3e:87:ce:71:03:bf:2a:f6:78:30:b3:96:c5:4c:d5:65:
14:ab:a1:46:a1:c5:4e:eb:49:a1:c2:1e:3a:fa:64:14:56:ad:
35:26:3b:66:a9:3c:e9:96:f0:bb:ba:bb:d1:24:f9:0f:52:5b:
77:a9:3b:b4:db:87:ec:20:a3:96:31:0a:6b:17:ea:0f:f9:b5:
4f:ce:11:b6:ef:04:1f:e5:c7:d9:12:66:d7:77:f8:7d:3f:e5:
23:69:fa:01:ba:45:20:31:d3:bd:f6:43:ac:99:c8:89:9b:ae:
24:42:4a:b2:fc:6b:e2:a3:f0:f7:60:ba:69:b3:f9:d9:b6:4b:
49:0b:74:c5:7d:83:35:54:b8:40:94:5a:e7:e1:75:1f:a6:5f:
5b:77:e7:05:09:44:29:1d:81:60:8b:41:7b:c1:73:0a:32:af:
37:43:3b:e1:04:d8:e7:a8:e8:d4:68:fd:e4:23:a5:2d:93:2b:
ba:d7:3e:07
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICMygwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjQwMzE0MTYwMTEwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYzMWY0Ni00MTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArn5jXTNyDA9wBel8577vO9Mjf6JULVuILXcYoLa56uriKjzJqRkkvLJGGgUT
aOVxpQfPZHrypy2LfvkdzAJo8DnkGlgVgg/M1zLEWrw+GTPZ5JUKejkvzXgw5Wv4
A0Au30WyA4bXTdu52PVk587XARwpsxl4dkRtMBAsT1WhwHvtQnT3ZX6CiMOAleM5
a1YDJCw0Suz599hvvSNeXJMYEeUhNFPlMardFBwriSxDeEAglJKdMCE/4z499Q79
TAARjXlpqlaBnU59OeKaAlHUimHHiHDIq6XDRJ8rb8RIy9slHAlLjr4WMtywmtJE
n4UVjlDC7yt3BRSNY3BBUQVWsQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFCjcBFRX
O+SYXIiqx40oLwEfM7QiMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvRDc3QUVEODA2
NEJEMTFFRUFCMzhGQjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJ6CBgDBAJ6CDgDBAJ6CEgwDQYJKoZIhvcNAQELBQADggEB
AGZDGq0uvgBN8Syqf+KUABLjIbkDal+rp8/pGbLAUs9Z3+/1aKcJOkTlX4IFa1vJ
zxatkCqO2H2DhB0/goiQHJAj5ESlmd3iyw9uPofOcQO/KvZ4MLOWxUzVZRSroUah
xU7rSaHCHjr6ZBRWrTUmO2apPOmW8Lu6u9Ek+Q9SW3epO7Tbh+wgo5YxCmsX6g/5
tU/OEbbvBB/lx9kSZtd3+H0/5SNp+gG6RSAx0732Q6yZyImbriRCSrL8a+Kj8Pdg
ummz+dm2S0kLdMV9gzVUuECUWufhdR+mX1t35wUJRCkdgWCLQXvBcwoyrzdDO+EE
2Oeo6NRo/eQjpS2TK7rXPgc=
-----END CERTIFICATE-----
Generated at Thu Jul 25 09:27:17 2024 by rpki-client on console-ams.rpki-client.org