Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91103CF/17D6E4C2A68A11ECA9A63551C4F9AE02/B4524566A8C511EC8F560C42C4F9AE02.roa
File: B4524566A8C511EC8F560C42C4F9AE02.roa (raw, json)
Hash identifier: LR1u6BpFe5W4h0kdi7uH3bvTpEgZBFZRz00Naf5vN08=
Subject key identifier: ED:1D:14:A4:D9:35:8E:4D:A3:BD:CE:21:99:AF:60:6B:88:55:8D:D5
Certificate issuer: /CN=A91103CF/serialNumber=B8AD8D916CD9482B6DA55D307CE95C07A95B2F74
Certificate serial: 0A
Authority key identifier: B8:AD:8D:91:6C:D9:48:2B:6D:A5:5D:30:7C:E9:5C:07:A9:5B:2F:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uK2NkWzZSCttpV0wfOlcB6lbL3Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91103CF/17D6E4C2A68A11ECA9A63551C4F9AE02/B4524566A8C511EC8F560C42C4F9AE02.roa
Signing time: Tue 22 Mar 2022 00:33:46 +0000
ROA not before: Tue 22 Mar 2022 00:33:46 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 140994
IP address blocks: 103.154.154.0/23 maxlen: 23
2001:df4:8e80::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91103CF/serialNumber=B8AD8D916CD9482B6DA55D307CE95C07A95B2F74
Validity
Not Before: Mar 22 00:33:46 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=6239196a-e573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:20:ba:b0:ed:e8:39:06:ba:cd:07:8a:ad:d6:
95:af:52:69:ed:87:9c:9e:1d:6d:5f:4a:be:15:1b:
89:85:2e:ab:28:07:d3:95:8e:4f:29:10:26:86:ea:
9c:07:6c:fc:a5:50:b2:5b:c0:5c:13:23:3a:47:fe:
3d:3f:78:56:0b:ca:a6:a4:6d:b1:5a:84:e7:8c:99:
06:43:03:a1:7b:1e:92:50:8e:76:8f:fa:24:26:9e:
36:b1:58:db:7d:ed:64:cb:35:e2:10:b1:de:a3:c3:
ff:05:3d:59:f1:d4:d1:34:c5:35:2e:11:4c:e5:08:
15:81:b1:e1:8a:26:bb:fb:37:0c:5d:c7:a9:39:32:
4e:69:57:4c:dd:bd:5a:a0:7c:ca:c6:17:3e:2f:50:
5c:2b:7f:b1:4e:3b:eb:6c:08:30:74:a9:43:f0:26:
0e:bb:e0:e6:15:ad:dc:a8:99:3e:d5:ce:4c:7a:f7:
55:7b:bd:76:87:18:67:83:e7:62:be:f9:af:09:ff:
b4:54:af:56:67:53:8d:43:5d:0b:94:b1:20:a5:9c:
97:a4:bb:ee:e3:4f:c2:a8:48:90:6c:27:36:3a:ce:
c9:38:7d:38:4e:52:d0:4e:d5:c8:ac:e9:8a:31:18:
a3:9e:71:fc:d4:e1:51:47:cd:2e:1d:01:b9:c9:8b:
7e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:1D:14:A4:D9:35:8E:4D:A3:BD:CE:21:99:AF:60:6B:88:55:8D:D5
X509v3 Authority Key Identifier:
keyid:B8:AD:8D:91:6C:D9:48:2B:6D:A5:5D:30:7C:E9:5C:07:A9:5B:2F:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91103CF/17D6E4C2A68A11ECA9A63551C4F9AE02/uK2NkWzZSCttpV0wfOlcB6lbL3Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uK2NkWzZSCttpV0wfOlcB6lbL3Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91103CF/17D6E4C2A68A11ECA9A63551C4F9AE02/B4524566A8C511EC8F560C42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.154.154.0/23
IPv6:
2001:df4:8e80::/48
Signature Algorithm: sha256WithRSAEncryption
05:2a:55:34:d7:67:ac:d3:6e:67:58:af:e6:47:68:cd:b1:81:
e8:12:7d:7e:f0:ac:33:72:f1:d6:41:08:88:e3:1e:82:ab:fb:
8b:9d:49:4d:36:26:39:32:16:29:9d:4a:23:17:1a:6c:17:19:
52:56:12:e4:22:33:21:38:3c:e0:c0:e8:2c:9c:57:4a:aa:24:
4b:69:bb:89:04:b2:91:16:ee:d5:35:5b:e5:e3:56:8e:2a:de:
16:a2:b5:4a:c6:35:49:30:6b:80:8f:88:a4:b3:39:1a:51:ba:
59:f9:42:bc:a6:3b:94:b6:48:ef:f1:b1:74:66:f6:f9:5a:f7:
0c:50:8c:64:ab:ad:7c:76:58:63:80:40:16:33:04:cc:91:ba:
3f:a6:49:8d:d9:f9:c7:ec:b3:d5:d2:ca:b3:2a:08:67:2f:f0:
29:ea:73:31:ff:96:64:09:3a:f5:92:96:fd:ea:5f:b5:97:13:
00:1c:80:f8:d3:c2:bb:03:45:c9:af:63:03:33:1d:9b:38:a7:
67:4a:fb:82:44:8a:e3:bf:ad:d7:b9:f1:67:a8:18:09:fd:5e:
46:55:ce:4f:5e:01:5c:92:7d:b5:ae:42:db:7a:53:3f:39:85:
03:eb:f1:43:df:d0:57:e4:68:05:7f:98:ae:b8:5b:fd:d3:05:
2e:29:c2:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MDNDRjExMC8GA1UEBRMoQjhBRDhEOTE2Q0Q5NDgyQjZEQTU1RDMwN0NFOTVDMDdB
OTVCMkY3NDAeFw0yMjAzMjIwMDMzNDZaFw0yMjEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMzkxOTZhLWU1NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDjILqw7eg5BrrNB4qt1pWvUmnth5yeHW1fSr4VG4mFLqsoB9OVjk8pECaG6pwH
bPylULJbwFwTIzpH/j0/eFYLyqakbbFahOeMmQZDA6F7HpJQjnaP+iQmnjaxWNt9
7WTLNeIQsd6jw/8FPVnx1NE0xTUuEUzlCBWBseGKJrv7Nwxdx6k5Mk5pV0zdvVqg
fMrGFz4vUFwrf7FOO+tsCDB0qUPwJg674OYVrdyomT7Vzkx691V7vXaHGGeD52K+
+a8J/7RUr1ZnU41DXQuUsSClnJeku+7jT8KoSJBsJzY6zsk4fThOUtBO1cis6Yox
GKOecfzU4VFHzS4dAbnJi34FAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU7R0UpNk1
jk2jvc4hma9ga4hVjdUwHwYDVR0jBBgwFoAUuK2NkWzZSCttpV0wfOlcB6lbL3Qw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEwM0NGLzE3RDZFNEMyQTY4
QTExRUNBOUE2MzU1MUM0RjlBRTAyL3VLMk5rV3paU0N0dHBWMHdmT2xjQjZsYkwz
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdUsyTmtXelpTQ3R0cFYwd2ZPbGNCNmxiTDNRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MDNDRi8xN0Q2RTRDMkE2OEExMUVDQTlBNjM1NTFDNEY5QUUwMi9CNDUyNDU2NkE4
QzUxMUVDOEY1NjBDNDJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWeamjAPBAIAAjAJAwcAIAEN9I6AMA0GCSqGSIb3DQEBCwUA
A4IBAQAFKlU012es025nWK/mR2jNsYHoEn1+8KwzcvHWQQiI4x6Cq/uLnUlNNiY5
MhYpnUojFxpsFxlSVhLkIjMhODzgwOgsnFdKqiRLabuJBLKRFu7VNVvl41aOKt4W
orVKxjVJMGuAj4ikszkaUbpZ+UK8pjuUtkjv8bF0Zvb5WvcMUIxkq618dlhjgEAW
MwTMkbo/pkmN2fnH7LPV0sqzKghnL/Ap6nMx/5ZkCTr1kpb96l+1lxMAHID408K7
A0XJr2MDMx2bOKdnSvuCRIrjv63XufFnqBgJ/V5GVc5PXgFckn21rkLbelM/OYUD
6/FD39BX5GgFf5iuuFv90wUuKcLK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-ams.rpki-client.org