Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B488A/9AEF23DC246911EB8CAE3380C4F9AE02/68E7E8E605E711EC8A36CD1CC4F9AE02.roa
File: 68E7E8E605E711EC8A36CD1CC4F9AE02.roa (raw, json)
Hash identifier: bsTDKhFykAVfa61XPEXX/1X55giW6X8+cmoWhOUKpjs=
Subject key identifier: E9:28:DB:B6:4F:01:1C:EE:26:81:6B:60:9D:F9:D0:D2:BE:23:B9:FA
Certificate issuer: /CN=A91B488A/serialNumber=62FD7C6B6173CC3295664B58680592FB26D2B87A
Certificate serial: 058D
Authority key identifier: 62:FD:7C:6B:61:73:CC:32:95:66:4B:58:68:05:92:FB:26:D2:B8:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yv18a2FzzDKVZktYaAWS-ybSuHo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B488A/9AEF23DC246911EB8CAE3380C4F9AE02/68E7E8E605E711EC8A36CD1CC4F9AE02.roa
Signing time: Thu 08 Dec 2022 12:31:34 +0000
ROA not before: Thu 08 Dec 2022 12:31:34 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 138398
IP address blocks: 103.158.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1421 (0x58d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B488A/serialNumber=62FD7C6B6173CC3295664B58680592FB26D2B87A
Validity
Not Before: Dec 8 12:31:34 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=6391d926-c473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b2:ab:f4:5a:50:a2:ce:91:63:72:6d:43:6d:
22:b2:de:ac:78:10:1f:1a:4a:01:21:89:40:39:dd:
19:5f:6e:39:12:99:05:be:26:30:dd:ed:ef:f2:db:
01:32:5a:07:46:87:c3:a4:09:61:04:16:3e:ad:38:
da:ef:68:45:59:b3:58:90:29:79:21:eb:dc:68:e7:
c4:4f:d3:e2:52:93:78:1f:a8:9e:97:57:18:b6:fd:
ad:24:c7:56:a1:cd:a7:04:5c:d1:fa:07:94:56:c2:
46:2c:a5:81:5c:94:e0:91:ae:f7:73:43:b1:03:6d:
e1:a1:39:1b:33:e8:06:57:83:41:86:eb:82:3a:3e:
30:f7:87:1e:2f:eb:88:32:74:f3:4a:4c:ba:b4:79:
b2:aa:2f:3a:5f:52:f7:72:a5:7e:98:b3:20:b1:42:
cd:0d:e7:c7:96:21:e1:56:f1:c7:1f:d2:1c:52:13:
d2:26:9d:ab:af:ca:41:09:75:00:83:74:52:dc:cd:
cd:19:8f:cd:b5:dc:bb:ab:93:85:ec:20:5b:f1:30:
a3:46:f6:09:a6:f8:75:2a:af:2d:49:cd:6d:f1:cb:
5b:74:6a:8f:3e:11:e9:9e:df:61:02:d0:c8:fd:89:
1f:d9:22:96:6a:c0:5d:68:ab:3a:29:bd:b8:82:6f:
5d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:28:DB:B6:4F:01:1C:EE:26:81:6B:60:9D:F9:D0:D2:BE:23:B9:FA
X509v3 Authority Key Identifier:
keyid:62:FD:7C:6B:61:73:CC:32:95:66:4B:58:68:05:92:FB:26:D2:B8:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B488A/9AEF23DC246911EB8CAE3380C4F9AE02/Yv18a2FzzDKVZktYaAWS-ybSuHo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yv18a2FzzDKVZktYaAWS-ybSuHo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B488A/9AEF23DC246911EB8CAE3380C4F9AE02/68E7E8E605E711EC8A36CD1CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.153.0/24
Signature Algorithm: sha256WithRSAEncryption
02:1f:ef:89:57:3e:99:57:47:2d:5b:65:09:68:60:1e:94:c6:
a1:b8:db:3c:e6:b4:d7:01:ef:4e:6e:43:88:bf:2c:fc:e4:69:
45:57:56:f0:38:96:38:0e:a3:a5:8c:5d:ec:3b:0a:13:76:b5:
0d:42:3a:97:1e:39:e1:c0:9c:b5:7c:f4:ee:9a:ba:8d:97:d3:
60:88:83:ed:f1:ff:8c:61:35:f1:b4:5b:8c:6d:e8:0e:98:ec:
94:56:c4:be:b9:57:94:7c:65:3f:02:79:26:99:46:91:43:eb:
f2:d3:b8:46:74:b9:9a:ce:d9:84:74:7a:45:eb:ab:eb:70:bd:
1a:07:15:49:ba:02:6c:74:94:77:56:8e:d2:7e:23:1a:17:00:
98:2d:5b:68:5c:7d:1e:7f:22:65:a0:47:48:3e:05:8f:ba:e2:
2c:35:95:fc:57:c0:f6:32:42:6e:23:cd:23:92:30:44:d0:e3:
7c:54:32:05:08:d4:13:e2:9f:67:dd:60:00:eb:9d:84:80:3c:
fe:93:11:36:bb:83:8d:f9:1e:48:96:08:d8:58:81:61:f7:df:
23:36:69:c3:45:6d:fd:95:96:32:27:e3:d2:37:9c:f5:6e:1f:
dd:bd:8f:5d:f8:4c:82:66:ab:42:36:71:27:71:06:40:d4:7b:
d3:61:bb:cb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ4OEExMTAvBgNVBAUTKDYyRkQ3QzZCNjE3M0NDMzI5NTY2NEI1ODY4MDU5MkZC
MjZEMkI4N0EwHhcNMjIxMjA4MTIzMTM0WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzkxZDkyNi1jNDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtLKr9FpQos6RY3JtQ20ist6seBAfGkoBIYlAOd0ZX245EpkFviYw3e3v8tsB
MloHRofDpAlhBBY+rTja72hFWbNYkCl5IevcaOfET9PiUpN4H6iel1cYtv2tJMdW
oc2nBFzR+geUVsJGLKWBXJTgka73c0OxA23hoTkbM+gGV4NBhuuCOj4w94ceL+uI
MnTzSky6tHmyqi86X1L3cqV+mLMgsULNDefHliHhVvHHH9IcUhPSJp2rr8pBCXUA
g3RS3M3NGY/Ntdy7q5OF7CBb8TCjRvYJpvh1Kq8tSc1t8ctbdGqPPhHpnt9hAtDI
/Ykf2SKWasBdaKs6Kb24gm9dzQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOko27ZP
ARzuJoFrYJ350NK+I7n6MB8GA1UdIwQYMBaAFGL9fGthc8wylWZLWGgFkvsm0rh6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDg4QS85QUVGMjNEQzI0
NjkxMUVCOENBRTMzODBDNEY5QUUwMi9ZdjE4YTJGenpES1Zaa3RZYUFXUy15YlN1
SG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1l2MThhMkZ6ekRLVlprdFlhQVdTLXliU3VIby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQ4OEEvOUFFRjIzREMyNDY5MTFFQjhDQUUzMzgwQzRGOUFFMDIvNjhFN0U4RTYw
NUU3MTFFQzhBMzZDRDFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnnpkwDQYJKoZIhvcNAQELBQADggEBAAIf74lXPplXRy1b
ZQloYB6UxqG42zzmtNcB705uQ4i/LPzkaUVXVvA4ljgOo6WMXew7ChN2tQ1COpce
OeHAnLV89O6auo2X02CIg+3x/4xhNfG0W4xt6A6Y7JRWxL65V5R8ZT8CeSaZRpFD
6/LTuEZ0uZrO2YR0ekXrq+twvRoHFUm6Amx0lHdWjtJ+IxoXAJgtW2hcfR5/ImWg
R0g+BY+64iw1lfxXwPYyQm4jzSOSMETQ43xUMgUI1BPin2fdYADrnYSAPP6TETa7
g435HkiWCNhYgWH33yM2acNFbf2VljIn49I3nPVuH929j134TIJmq0I2cSdxBkDU
e9Nhu8s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org