Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/158D2B262A9E11EC914C545FC4F9AE02.roa
File: 158D2B262A9E11EC914C545FC4F9AE02.roa (raw, json)
Hash identifier: m6SKE3vZQ7A4pBDNPViYnxDFRkvWJdTeM0Gv/5Y2N4U=
Subject key identifier: 1E:43:1D:EE:73:A4:8C:9E:A7:DD:69:9C:2B:59:77:BA:E6:6C:93:C9
Certificate issuer: /CN=A91E7E45/serialNumber=C4829B6C07FD804DF0925CFFC161C6702807A026
Certificate serial: 064A
Authority key identifier: C4:82:9B:6C:07:FD:80:4D:F0:92:5C:FF:C1:61:C6:70:28:07:A0:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIKbbAf9gE3wklz_wWHGcCgHoCY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/158D2B262A9E11EC914C545FC4F9AE02.roa
Signing time: Mon 07 Mar 2022 10:28:23 +0000
ROA not before: Mon 07 Mar 2022 10:28:23 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 44992
IP address blocks: 103.207.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1610 (0x64a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7E45/serialNumber=C4829B6C07FD804DF0925CFFC161C6702807A026
Validity
Not Before: Mar 7 10:28:23 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=6225de47-a7a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ca:3e:c2:72:ac:f3:53:c9:1f:51:02:a2:b3:
75:55:24:e8:7d:ea:2f:b7:b2:c8:bc:a4:92:25:d6:
99:35:f6:88:b2:d2:ad:7c:9b:91:ee:9e:2d:2e:02:
fc:a5:1e:f4:60:7d:91:35:10:2a:6c:d0:c5:f8:48:
fc:94:66:7d:ad:5f:80:6e:9e:bc:e4:bb:d4:84:79:
8e:dc:f1:57:fc:ff:80:eb:84:3d:de:bb:59:e4:87:
8e:6f:6f:30:86:b0:81:8a:02:8f:1a:22:1b:a5:85:
af:5e:77:17:a6:10:f4:74:d5:4d:d6:b3:9d:64:22:
4b:70:5d:e6:1e:17:89:5f:ea:2a:b2:59:0b:56:5b:
b2:44:fe:0f:d8:1f:89:11:9a:08:a5:9b:dd:7b:6c:
e8:84:f3:01:dd:e8:c5:9a:f6:21:dd:79:10:f5:fe:
91:da:21:cb:ed:c8:e1:47:24:ab:7e:5e:82:41:29:
60:9f:90:8e:b8:50:79:94:fe:45:5f:89:12:01:af:
02:ed:40:da:1a:65:90:09:61:ba:f6:a0:9d:72:91:
a8:27:0e:aa:7c:d0:39:26:98:61:53:aa:a6:4c:eb:
85:e4:c3:c6:b7:cc:d0:18:4a:86:3a:61:c1:27:9a:
38:93:ad:4a:de:43:91:07:10:c6:cd:d6:0d:56:b6:
2f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:43:1D:EE:73:A4:8C:9E:A7:DD:69:9C:2B:59:77:BA:E6:6C:93:C9
X509v3 Authority Key Identifier:
keyid:C4:82:9B:6C:07:FD:80:4D:F0:92:5C:FF:C1:61:C6:70:28:07:A0:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/xIKbbAf9gE3wklz_wWHGcCgHoCY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIKbbAf9gE3wklz_wWHGcCgHoCY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/158D2B262A9E11EC914C545FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.207.68.0/24
Signature Algorithm: sha256WithRSAEncryption
17:4f:f4:ba:a8:e2:c1:ac:97:03:be:0b:ea:b8:94:5e:b3:47:
2b:16:e2:db:17:6d:c1:a3:76:41:68:14:62:0a:96:b4:34:c6:
dd:22:08:c0:b9:ae:ad:32:f7:65:c5:1a:79:1f:a9:63:5d:5e:
22:b5:12:c3:4b:00:1a:40:cb:64:65:98:10:f2:ba:8e:8b:f6:
74:ca:c3:cd:0f:77:65:c2:7c:fe:88:04:5f:c8:02:60:23:b5:
a6:63:b1:77:2d:54:f4:b7:bc:2a:8f:eb:7e:ea:8e:06:e1:b8:
77:34:91:00:98:51:06:26:c4:71:8d:51:76:bf:f9:1f:12:a1:
7c:76:ee:6a:0b:f9:1c:60:49:cb:56:3c:60:aa:ce:e1:8b:1c:
9c:29:6f:f2:3d:47:75:cd:8f:35:3c:84:9a:82:81:ea:39:c7:
e6:f9:da:9e:48:bf:d6:e2:45:51:e4:4a:f5:c7:79:e7:b0:3c:
79:24:9c:7b:9a:64:25:11:51:84:69:84:e7:62:5d:67:08:87:
0a:95:f3:f9:4d:63:0e:b3:52:e8:d7:5c:f9:8c:47:2b:a2:90:
c9:4b:02:35:fd:f2:83:15:92:19:6c:d4:8e:d4:b1:3a:93:f5:
e8:a6:94:7e:20:4b:f4:20:80:f8:77:2a:a7:da:9f:9a:d2:53:
5d:c9:5f:f1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBkowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTdFNDUxMTAvBgNVBAUTKEM0ODI5QjZDMDdGRDgwNERGMDkyNUNGRkMxNjFDNjcw
MjgwN0EwMjYwHhcNMjIwMzA3MTAyODIzWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI1ZGU0Ny1hN2EzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArso+wnKs81PJH1ECorN1VSTofeovt7LIvKSSJdaZNfaIstKtfJuR7p4tLgL8
pR70YH2RNRAqbNDF+Ej8lGZ9rV+Abp685LvUhHmO3PFX/P+A64Q93rtZ5IeOb28w
hrCBigKPGiIbpYWvXncXphD0dNVN1rOdZCJLcF3mHheJX+oqslkLVluyRP4P2B+J
EZoIpZvde2zohPMB3ejFmvYh3XkQ9f6R2iHL7cjhRySrfl6CQSlgn5COuFB5lP5F
X4kSAa8C7UDaGmWQCWG69qCdcpGoJw6qfNA5JphhU6qmTOuF5MPGt8zQGEqGOmHB
J5o4k61K3kORBxDGzdYNVrYv8QIDAQABo4IClTCCApEwHQYDVR0OBBYEFB5DHe5z
pIyep91pnCtZd7rmbJPJMB8GA1UdIwQYMBaAFMSCm2wH/YBN8JJc/8FhxnAoB6Am
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0U0NS8wNkM4NTYzQzgz
RDkxMUVBQTMxMjRGNUNDNEY5QUUwMi94SUtiYkFmOWdFM3drbHpfd1dIR2NDZ0hv
Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hJS2JiQWY5Z0Uzd2tsel93V0hHY0NnSG9DWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdFNDUvMDZDODU2M0M4M0Q5MTFFQUEzMTI0RjVDQzRGOUFFMDIvMTU4RDJCMjYy
QTlFMTFFQzkxNEM1NDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnz0QwDQYJKoZIhvcNAQELBQADggEBABdP9Lqo4sGslwO+
C+q4lF6zRysW4tsXbcGjdkFoFGIKlrQ0xt0iCMC5rq0y92XFGnkfqWNdXiK1EsNL
ABpAy2RlmBDyuo6L9nTKw80Pd2XCfP6IBF/IAmAjtaZjsXctVPS3vCqP637qjgbh
uHc0kQCYUQYmxHGNUXa/+R8SoXx27moL+RxgSctWPGCqzuGLHJwpb/I9R3XNjzU8
hJqCgeo5x+b52p5Iv9biRVHkSvXHeeewPHkknHuaZCURUYRphOdiXWcIhwqV8/lN
Yw6zUujXXPmMRyuikMlLAjX98oMVkhls1I7UsTqT9eimlH4gS/QggPh3Kqfan5rS
U13JX/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org