Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91159B7/A4EC53F6E2B011E99ABB8151C4F9AE02/A10CE0FC691911EB908BEB47C4F9AE02.roa
File: A10CE0FC691911EB908BEB47C4F9AE02.roa (raw, json)
Hash identifier: eDp3nqFdsDbxmixd7RBnnIR7Na1XjPHDk5fctO0im+0=
Subject key identifier: 2C:E4:3A:38:1E:1A:8F:B0:1E:E6:7E:BB:0E:DC:5E:0D:2E:0E:15:83
Certificate issuer: /CN=A91159B7/serialNumber=21F20227559DB1F863849AB643233C3E935776A6
Certificate serial: 074D
Authority key identifier: 21:F2:02:27:55:9D:B1:F8:63:84:9A:B6:43:23:3C:3E:93:57:76:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IfICJ1WdsfhjhJq2QyM8PpNXdqY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91159B7/A4EC53F6E2B011E99ABB8151C4F9AE02/A10CE0FC691911EB908BEB47C4F9AE02.roa
Signing time: Mon 14 Jun 2021 19:46:36 +0000
ROA not before: Mon 14 Jun 2021 19:46:36 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 59378
IP address blocks: 103.234.200.0/22 maxlen: 22
103.234.200.0/24 maxlen: 24
103.234.201.0/24 maxlen: 24
103.234.202.0/23 maxlen: 24
150.129.220.0/22 maxlen: 22
150.129.220.0/24 maxlen: 24
150.129.221.0/24 maxlen: 24
150.129.222.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1869 (0x74d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91159B7/serialNumber=21F20227559DB1F863849AB643233C3E935776A6
Validity
Not Before: Jun 14 19:46:36 2021 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=60c7b21c-8d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:23:e5:28:93:0c:50:d5:be:af:c2:46:24:1a:
48:cc:46:3d:21:94:34:5c:49:99:89:16:d3:17:0f:
bb:7e:27:6d:5a:8b:92:aa:db:93:63:16:e4:92:27:
5c:bd:85:03:3a:83:48:7c:10:5b:c1:f4:4e:8d:12:
51:e4:7f:42:2a:21:14:b5:8b:72:f4:e3:43:b5:b7:
97:d6:c9:bc:47:15:b9:50:f9:6f:95:e0:5f:4e:38:
23:da:74:85:62:55:12:55:7b:85:47:51:51:3a:6b:
c3:cf:66:69:e6:fd:86:9e:c7:66:d5:16:7f:42:83:
c1:79:41:ad:03:63:6f:63:06:fd:56:17:48:ae:ae:
d7:a8:91:e0:84:e9:ed:cb:37:f4:44:1c:27:e5:5e:
31:58:0f:a7:fa:7e:97:91:eb:64:8d:ad:bc:c2:49:
91:0c:de:1b:90:63:c3:08:0a:da:14:23:2e:91:f7:
7c:00:d8:6f:17:04:f6:e6:03:34:1d:30:5a:3a:17:
85:de:75:78:8a:49:82:c9:b6:55:ed:78:f6:90:9c:
1d:e8:ca:01:01:42:e5:b2:67:26:25:20:08:d3:da:
31:54:a4:d6:4a:85:12:bf:f1:cc:b0:28:8b:e5:2f:
b7:47:33:af:5e:1c:d4:45:e9:5d:80:07:f8:e1:54:
2c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:E4:3A:38:1E:1A:8F:B0:1E:E6:7E:BB:0E:DC:5E:0D:2E:0E:15:83
X509v3 Authority Key Identifier:
keyid:21:F2:02:27:55:9D:B1:F8:63:84:9A:B6:43:23:3C:3E:93:57:76:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91159B7/A4EC53F6E2B011E99ABB8151C4F9AE02/IfICJ1WdsfhjhJq2QyM8PpNXdqY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IfICJ1WdsfhjhJq2QyM8PpNXdqY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91159B7/A4EC53F6E2B011E99ABB8151C4F9AE02/A10CE0FC691911EB908BEB47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.234.200.0/22
150.129.220.0/22
Signature Algorithm: sha256WithRSAEncryption
58:63:8b:49:f1:d5:45:f2:f6:7c:ac:dd:21:f6:de:65:5a:ea:
c7:64:3f:6d:c7:96:87:c0:6d:40:05:69:46:31:84:17:20:cf:
80:5d:60:60:6b:51:78:52:ea:e4:8a:64:ee:1d:1a:30:58:70:
92:b8:e4:00:c5:cd:43:d7:f4:77:38:19:c7:6d:74:53:43:a8:
89:e3:38:91:c6:bf:37:eb:fa:a2:99:42:3f:de:ea:d7:67:c1:
0d:a8:ea:bd:9f:0d:9f:54:e7:9e:7f:8d:3e:c4:be:86:42:9a:
44:02:37:18:3e:90:ee:69:13:97:91:54:ab:06:ed:ed:4b:b8:
fc:1d:5a:f0:d0:c2:f8:2d:c0:68:09:01:17:59:35:55:d5:d8:
25:e0:e1:7e:a6:1b:12:86:ab:6c:1a:0a:2c:f1:36:2b:54:9d:
43:e1:72:15:4f:2f:aa:38:5c:fd:45:2f:7b:20:da:76:62:94:
f9:c7:c7:d8:b2:0d:d8:72:ff:e5:c6:2f:a5:5f:23:44:fe:0e:
62:ed:3b:ca:da:7d:64:10:ba:32:cf:c0:86:9e:60:99:11:cb:
7a:56:62:c7:90:1f:ad:ec:9d:33:81:22:ad:b4:4d:e3:99:64:
ed:c6:98:2a:ea:95:91:f4:4b:7b:b7:d5:b8:26:8f:95:cc:13:
3c:87:28:e7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICB00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTU5QjcxMTAvBgNVBAUTKDIxRjIwMjI3NTU5REIxRjg2Mzg0OUFCNjQzMjMzQzNF
OTM1Nzc2QTYwHhcNMjEwNjE0MTk0NjM2WhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGM3YjIxYy04ZDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2SPlKJMMUNW+r8JGJBpIzEY9IZQ0XEmZiRbTFw+7fidtWouSqtuTYxbkkidc
vYUDOoNIfBBbwfROjRJR5H9CKiEUtYty9ONDtbeX1sm8RxW5UPlvleBfTjgj2nSF
YlUSVXuFR1FROmvDz2Zp5v2Gnsdm1RZ/QoPBeUGtA2NvYwb9VhdIrq7XqJHghOnt
yzf0RBwn5V4xWA+n+n6Xketkja28wkmRDN4bkGPDCAraFCMukfd8ANhvFwT25gM0
HTBaOheF3nV4ikmCybZV7Xj2kJwd6MoBAULlsmcmJSAI09oxVKTWSoUSv/HMsCiL
5S+3RzOvXhzUReldgAf44VQsYQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCzkOjge
Go+wHuZ+uw7cXg0uDhWDMB8GA1UdIwQYMBaAFCHyAidVnbH4Y4SatkMjPD6TV3am
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNTlCNy9BNEVDNTNGNkUy
QjAxMUU5OUFCQjgxNTFDNEY5QUUwMi9JZklDSjFXZHNmaGpoSnEyUXlNOFBwTlhk
cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lmSUNKMVdkc2ZoamhKcTJReU04UHBOWGRxWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTU5QjcvQTRFQzUzRjZFMkIwMTFFOTlBQkI4MTUxQzRGOUFFMDIvQTEwQ0UwRkM2
OTE5MTFFQjkwOEJFQjQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn6sgDBAKWgdwwDQYJKoZIhvcNAQELBQADggEBAFhji0nx
1UXy9nys3SH23mVa6sdkP23HlofAbUAFaUYxhBcgz4BdYGBrUXhS6uSKZO4dGjBY
cJK45ADFzUPX9Hc4GcdtdFNDqInjOJHGvzfr+qKZQj/e6tdnwQ2o6r2fDZ9U555/
jT7EvoZCmkQCNxg+kO5pE5eRVKsG7e1LuPwdWvDQwvgtwGgJARdZNVXV2CXg4X6m
GxKGq2waCizxNitUnUPhchVPL6o4XP1FL3sg2nZilPnHx9iyDdhy/+XGL6VfI0T+
DmLtO8rafWQQujLPwIaeYJkRy3pWYseQH63snTOBIq20TeOZZO3GmCrqlZH0S3u3
1bgmj5XMEzyHKOc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:33 2023 by rpki-client on console-ams.rpki-client.org