Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/1623C4D494CA11EAB806F37EC4F9AE02.roa
File: 1623C4D494CA11EAB806F37EC4F9AE02.roa (raw, json)
Hash identifier: tGszNqVkWLF2De62wzWf5AkKNjWfDtqlE0juGiLxKzU=
Subject key identifier: B8:4B:F1:24:B6:F4:16:97:26:78:88:91:35:7E:42:F9:E1:69:CF:DC
Certificate issuer: /CN=A91F6FC3/serialNumber=66025976B75F5C29F42C1D80CF4888F7D46058D7
Certificate serial: 338D
Authority key identifier: 66:02:59:76:B7:5F:5C:29:F4:2C:1D:80:CF:48:88:F7:D4:60:58:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/1623C4D494CA11EAB806F37EC4F9AE02.roa
Signing time: Sat 02 Dec 2023 15:00:47 +0000
ROA not before: Sat 02 Dec 2023 15:00:47 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 18405
IP address blocks: 122.200.160.0/21 maxlen: 21
122.200.168.0/24 maxlen: 24
122.200.169.0/24 maxlen: 24
122.200.170.0/23 maxlen: 23
122.200.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 08 Feb 2024 00:25:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13197 (0x338d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F6FC3/serialNumber=66025976B75F5C29F42C1D80CF4888F7D46058D7
Validity
Not Before: Dec 2 15:00:47 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=656b469f-9a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:01:7f:66:40:d7:23:f5:66:3e:c8:fe:fb:bb:
a3:e6:ef:b2:de:62:8e:0f:32:1c:5b:56:1a:c7:d2:
78:e4:92:12:7c:1f:04:c2:7a:d8:a0:a4:cd:8a:a3:
6b:9c:89:01:62:c1:fe:e5:36:6a:34:45:1a:59:ae:
20:68:81:42:44:ca:0b:74:09:c7:81:2a:d4:d6:f3:
d2:09:ab:0b:f0:6f:86:c8:39:d0:ab:23:a1:cf:a1:
07:8f:b4:56:1b:e8:33:8d:cb:19:fd:40:ab:e3:89:
d7:ed:90:fa:e9:31:c8:29:b3:cb:22:f4:37:22:db:
a1:cf:64:fc:78:d7:dc:97:2a:ff:e2:93:76:53:c5:
4e:7c:a7:95:0a:ea:13:27:5b:1d:db:61:84:85:7b:
26:bc:74:26:8e:81:ee:77:5b:60:25:60:da:ee:f0:
a4:34:7b:70:47:15:d2:f7:f9:3d:66:1e:3f:2c:8e:
2f:c3:9e:2b:59:0f:ca:73:1a:94:35:df:89:4a:a9:
27:94:19:20:6b:3f:a7:d6:a1:ee:45:57:90:4d:1f:
ee:90:50:e0:78:fc:42:fe:93:be:77:cc:0c:55:a0:
1f:cf:b9:41:64:ef:98:3d:90:3e:3f:c7:d1:2b:f9:
83:92:01:ff:09:95:f4:31:36:ac:e6:5b:ab:79:dc:
b5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4B:F1:24:B6:F4:16:97:26:78:88:91:35:7E:42:F9:E1:69:CF:DC
X509v3 Authority Key Identifier:
keyid:66:02:59:76:B7:5F:5C:29:F4:2C:1D:80:CF:48:88:F7:D4:60:58:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/1623C4D494CA11EAB806F37EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.200.160.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:a2:c5:9b:18:e8:0b:97:8c:ad:70:55:e1:b3:e5:42:1c:ce:
1d:50:7e:3f:b7:6e:bd:a4:1b:87:c9:47:d2:84:d7:9b:88:e9:
c6:ec:29:55:2f:0a:49:20:69:39:e2:c5:43:e7:97:36:cf:a7:
69:a6:5a:fc:1c:6d:09:a2:91:c6:a0:73:e7:4d:b6:0f:18:0f:
bb:68:5f:bd:cd:b7:82:09:3e:d2:1e:d7:dc:e5:4c:63:e6:26:
df:29:81:41:ce:16:45:2f:c2:7d:f0:3c:41:b3:79:3b:7f:8f:
1c:b6:09:88:f0:b8:17:2c:b1:18:03:a3:d0:8b:05:9e:22:14:
bb:6f:24:34:7e:85:b4:2d:d0:56:b4:3f:64:15:5c:16:d0:e8:
62:cf:ab:71:ba:c8:da:e5:c4:6c:a2:46:fe:81:b3:d3:cd:6d:
a1:9f:0e:18:70:a8:3a:53:b5:5d:ca:ea:91:1a:d4:b1:ec:1b:
74:c6:94:4c:6c:58:31:f5:4e:bd:13:ac:d8:be:fa:7c:13:32:
b1:7a:da:f8:bb:7c:d5:f9:09:33:ae:20:59:6f:9e:43:9d:41:
17:e7:4a:9e:35:0f:13:5e:cc:09:6b:87:2b:5a:78:97:12:cb:
83:a2:56:e9:4a:e8:ca:98:30:c7:43:af:44:0f:b6:3b:b7:39:
f0:21:41:e1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICM40wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjZGQzMxMTAvBgNVBAUTKDY2MDI1OTc2Qjc1RjVDMjlGNDJDMUQ4MENGNDg4OEY3
RDQ2MDU4RDcwHhcNMjMxMjAyMTUwMDQ3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZiNDY5Zi05YTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuQF/ZkDXI/VmPsj++7uj5u+y3mKODzIcW1Yax9J45JISfB8EwnrYoKTNiqNr
nIkBYsH+5TZqNEUaWa4gaIFCRMoLdAnHgSrU1vPSCasL8G+GyDnQqyOhz6EHj7RW
G+gzjcsZ/UCr44nX7ZD66THIKbPLIvQ3Ituhz2T8eNfclyr/4pN2U8VOfKeVCuoT
J1sd22GEhXsmvHQmjoHud1tgJWDa7vCkNHtwRxXS9/k9Zh4/LI4vw54rWQ/KcxqU
Nd+JSqknlBkgaz+n1qHuRVeQTR/ukFDgePxC/pO+d8wMVaAfz7lBZO+YPZA+P8fR
K/mDkgH/CZX0MTas5luredy1lQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLhL8SS2
9BaXJniIkTV+Qvnhac/cMB8GA1UdIwQYMBaAFGYCWXa3X1wp9CwdgM9IiPfUYFjX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkZDMy9GQzkwNzgwMjFE
OTIxMUUyQjNCQzJDRjYwOEIwMkNEMi9aZ0paZHJkZlhDbjBMQjJBejBpSTk5UmdX
TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pnSlpkcmRmWENuMExCMkF6MGlJOTlSZ1dOYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjZGQzMvRkM5MDc4MDIxRDkyMTFFMkIzQkMyQ0Y2MDhCMDJDRDIvMTYyM0M0RDQ5
NENBMTFFQUI4MDZGMzdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAR6yKAwDQYJKoZIhvcNAQELBQADggEBAI+ixZsY6AuXjK1w
VeGz5UIczh1Qfj+3br2kG4fJR9KE15uI6cbsKVUvCkkgaTnixUPnlzbPp2mmWvwc
bQmikcagc+dNtg8YD7toX73Nt4IJPtIe19zlTGPmJt8pgUHOFkUvwn3wPEGzeTt/
jxy2CYjwuBcssRgDo9CLBZ4iFLtvJDR+hbQt0Fa0P2QVXBbQ6GLPq3G6yNrlxGyi
Rv6Bs9PNbaGfDhhwqDpTtV3K6pEa1LHsG3TGlExsWDH1Tr0TrNi++nwTMrF62vi7
fNX5CTOuIFlvnkOdQRfnSp41DxNezAlrhytaeJcSy4OiVulK6MqYMMdDr0QPtju3
OfAhQeE=
-----END CERTIFICATE-----
Generated at Thu Feb 8 01:40:38 2024 by rpki-client on console-ams.rpki-client.org