Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911862D/32879D3AE8BA11E78A6A7042C4F9AE02/45E90148B5D311ED959B7970C4F9AE02.roa
File: 45E90148B5D311ED959B7970C4F9AE02.roa (raw, json)
Hash identifier: uc0X6xP3o3hZftfG15rgtYoTxsK5GyXkTlxOotNZDMQ=
Subject key identifier: 25:40:C2:79:8B:B7:B2:78:3F:AD:6E:4A:7E:A6:FE:43:44:8B:DD:A2
Certificate issuer: /CN=A911862D/serialNumber=D8C673095E82A9B7E7DFCD46580F7831A8D18ACA
Certificate serial: 157D
Authority key identifier: D8:C6:73:09:5E:82:A9:B7:E7:DF:CD:46:58:0F:78:31:A8:D1:8A:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2MZzCV6Cqbfn381GWA94MajRiso.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911862D/32879D3AE8BA11E78A6A7042C4F9AE02/45E90148B5D311ED959B7970C4F9AE02.roa
Signing time: Sun 26 Feb 2023 12:44:15 +0000
ROA not before: Sun 26 Feb 2023 12:44:15 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 137255
IP address blocks: 103.106.56.0/23 maxlen: 23
103.106.56.0/24 maxlen: 24
103.106.57.0/24 maxlen: 24
103.106.58.0/23 maxlen: 23
2402:3c40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5501 (0x157d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911862D/serialNumber=D8C673095E82A9B7E7DFCD46580F7831A8D18ACA
Validity
Not Before: Feb 26 12:44:15 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63fb541d-541e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2f:91:7d:9e:ff:e7:18:29:68:30:93:f0:36:
b1:44:b4:15:3d:7f:6c:81:ea:53:63:da:bf:fa:e8:
e9:bd:a7:31:b7:d4:39:20:94:6a:54:74:a9:8e:5c:
fd:a9:34:5c:14:28:2b:83:6e:4b:00:b2:0a:e7:b0:
ea:88:96:2f:32:35:e6:fa:a0:79:7e:60:c6:26:a0:
48:c3:f7:41:63:03:18:a2:89:1a:3a:43:f0:15:b6:
36:a9:e7:c1:2b:84:83:f3:f8:24:5c:51:0b:1e:7b:
ec:aa:88:8a:1d:f9:6b:90:c8:79:85:f3:83:99:d7:
80:81:43:3a:8e:7b:35:fb:c2:10:a7:36:67:9b:6b:
7c:b5:e2:8b:34:34:09:58:ab:b6:75:bf:3c:11:43:
8c:dd:a6:13:10:34:8f:f2:82:d3:53:12:57:8b:52:
75:4e:14:56:36:53:a6:04:45:59:fd:66:d3:02:bd:
51:87:7c:6a:28:ec:53:ae:9b:ff:25:23:57:ea:26:
bd:3f:4a:a7:f5:b6:3d:08:cc:02:7a:66:1a:ee:70:
48:28:3a:71:67:67:24:05:5e:b1:57:cb:0f:60:08:
b8:a8:d1:1e:f9:e4:df:c8:41:be:69:4e:ee:5f:d3:
5d:8e:74:48:b8:4b:99:9b:d1:85:95:51:f3:48:34:
05:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:40:C2:79:8B:B7:B2:78:3F:AD:6E:4A:7E:A6:FE:43:44:8B:DD:A2
X509v3 Authority Key Identifier:
keyid:D8:C6:73:09:5E:82:A9:B7:E7:DF:CD:46:58:0F:78:31:A8:D1:8A:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911862D/32879D3AE8BA11E78A6A7042C4F9AE02/2MZzCV6Cqbfn381GWA94MajRiso.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2MZzCV6Cqbfn381GWA94MajRiso.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911862D/32879D3AE8BA11E78A6A7042C4F9AE02/45E90148B5D311ED959B7970C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.56.0/22
IPv6:
2402:3c40::/32
Signature Algorithm: sha256WithRSAEncryption
8f:64:a2:32:64:bf:ae:02:0d:2b:c5:8e:0c:44:51:45:1d:e6:
13:1d:bd:a3:3e:b9:f0:8e:44:0c:f3:90:eb:01:6c:d7:d2:c9:
e4:44:5c:2c:bd:4f:29:9c:d7:36:6a:f3:5f:77:3d:63:69:b9:
11:68:3a:50:fe:86:24:98:83:af:2c:ca:e6:bf:3a:93:8f:a6:
c1:01:1d:6d:b1:9f:cd:e2:fd:02:38:3c:e5:21:c6:90:3e:d9:
a4:6d:72:39:a3:7d:2d:fa:60:a4:81:be:27:03:92:d1:df:82:
1b:73:a6:fe:8b:ad:24:f0:f5:0b:e9:70:04:89:69:74:9e:0b:
b6:e0:d1:75:99:c8:4f:ad:3f:9c:d1:33:18:4a:58:93:72:89:
0e:7a:28:ce:94:9c:62:34:eb:07:34:e0:f8:47:60:dc:9a:83:
02:04:68:9a:b7:f6:89:ad:b9:90:a1:33:89:c5:bb:c5:95:d3:
7c:ba:de:80:fc:83:10:b7:a9:20:e0:70:75:1d:4e:29:0a:be:
0d:32:02:28:71:cb:00:c3:36:7d:e0:2d:a6:36:fd:5a:7e:fb:
eb:fc:b2:7e:df:0f:98:fe:12:32:d4:29:7f:50:e0:d5:3d:1b:
46:38:97:8b:d2:39:78:09:e0:26:59:8e:9f:c4:1f:ed:1f:01:
d3:5f:7d:33
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICFX0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTg2MkQxMTAvBgNVBAUTKEQ4QzY3MzA5NUU4MkE5QjdFN0RGQ0Q0NjU4MEY3ODMx
QThEMThBQ0EwHhcNMjMwMjI2MTI0NDE1WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZiNTQxZC01NDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3y+RfZ7/5xgpaDCT8DaxRLQVPX9sgepTY9q/+ujpvacxt9Q5IJRqVHSpjlz9
qTRcFCgrg25LALIK57DqiJYvMjXm+qB5fmDGJqBIw/dBYwMYookaOkPwFbY2qefB
K4SD8/gkXFELHnvsqoiKHflrkMh5hfODmdeAgUM6jns1+8IQpzZnm2t8teKLNDQJ
WKu2db88EUOM3aYTEDSP8oLTUxJXi1J1ThRWNlOmBEVZ/WbTAr1Rh3xqKOxTrpv/
JSNX6ia9P0qn9bY9CMwCemYa7nBIKDpxZ2ckBV6xV8sPYAi4qNEe+eTfyEG+aU7u
X9NdjnRIuEuZm9GFlVHzSDQF5wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCVAwnmL
t7J4P61uSn6m/kNEi92iMB8GA1UdIwQYMBaAFNjGcwlegqm359/NRlgPeDGo0YrK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODYyRC8zMjg3OUQzQUU4
QkExMUU3OEE2QTcwNDJDNEY5QUUwMi8yTVp6Q1Y2Q3FiZm4zODFHV0E5NE1halJp
c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJNWnpDVjZDcWJmbjM4MUdXQTk0TWFqUmlzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTg2MkQvMzI4NzlEM0FFOEJBMTFFNzhBNkE3MDQyQzRGOUFFMDIvNDVFOTAxNDhC
NUQzMTFFRDk1OUI3OTcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnajgwDQQCAAIwBwMFACQCPEAwDQYJKoZIhvcNAQELBQAD
ggEBAI9kojJkv64CDSvFjgxEUUUd5hMdvaM+ufCORAzzkOsBbNfSyeREXCy9Tymc
1zZq8193PWNpuRFoOlD+hiSYg68syua/OpOPpsEBHW2xn83i/QI4POUhxpA+2aRt
cjmjfS36YKSBvicDktHfghtzpv6LrSTw9QvpcASJaXSeC7bg0XWZyE+tP5zRMxhK
WJNyiQ56KM6UnGI06wc04PhHYNyagwIEaJq39omtuZChM4nFu8WV03y63oD8gxC3
qSDgcHUdTikKvg0yAihxywDDNn3gLaY2/Vp+++v8sn7fD5j+EjLUKX9Q4NU9G0Y4
l4vSOXgJ4CZZjp/EH+0fAdNffTM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org