Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127726/F9FFF6AC1DA711E2963AFAA108B02CD2/D69E10CE628C11ED81B20942C4F9AE02.roa
File: D69E10CE628C11ED81B20942C4F9AE02.roa (raw, json)
Hash identifier: Y7OtUqpsPxdhTVyAAGwIfGO2fR+2A+YYEER8aj2xD6E=
Subject key identifier: 79:CB:6A:72:ED:A5:22:36:EF:08:16:0F:28:39:43:26:58:6C:09:0F
Certificate issuer: /CN=A9127726/serialNumber=BD87855CB681E23359BFEC1A34F1992B671E5EEE
Certificate serial: 32FC
Authority key identifier: BD:87:85:5C:B6:81:E2:33:59:BF:EC:1A:34:F1:99:2B:67:1E:5E:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vYeFXLaB4jNZv-waNPGZK2ceXu4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127726/F9FFF6AC1DA711E2963AFAA108B02CD2/D69E10CE628C11ED81B20942C4F9AE02.roa
Signing time: Sun 13 Nov 2022 13:00:56 +0000
ROA not before: Sun 13 Nov 2022 13:00:56 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 56264
IP address blocks: 103.3.224.0/24 maxlen: 24
103.3.225.0/24 maxlen: 24
103.3.226.0/24 maxlen: 24
103.3.227.0/24 maxlen: 24
2401:9440::/33 maxlen: 33
2406:9b00::/33 maxlen: 36
2406:9b00::/48 maxlen: 48
2406:9b00:1::/48 maxlen: 48
2406:9b00:2::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13052 (0x32fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127726/serialNumber=BD87855CB681E23359BFEC1A34F1992B671E5EEE
Validity
Not Before: Nov 13 13:00:56 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6370ea88-d5fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:12:42:40:80:c1:fa:be:28:14:5e:9f:d7:48:
d8:a4:70:9c:46:ea:63:5f:55:92:59:e9:c2:60:28:
bd:6c:4a:aa:e0:f8:56:0e:b9:19:a8:0f:19:46:73:
23:15:0f:87:cc:42:a4:2b:53:33:d2:d1:2f:6f:d2:
90:49:40:ae:14:1e:f2:4f:a5:b8:bb:93:0d:79:ef:
d7:89:10:fe:fd:0d:0b:e8:c2:9e:95:7f:52:06:b6:
74:bb:ad:37:48:89:43:82:f2:b8:4d:3e:fa:e9:58:
00:05:99:44:d6:f5:df:83:28:29:3b:10:8d:36:fc:
82:02:6e:58:fc:89:1c:ec:d0:da:30:a6:c1:74:0d:
09:0a:80:68:b2:59:69:0f:a2:38:67:37:15:a1:75:
dd:a5:81:06:fa:55:53:34:72:41:4f:b4:1b:85:7f:
21:42:93:7b:8a:99:f9:86:d1:f6:37:a8:cd:18:d6:
de:35:ce:69:46:d7:81:22:e5:37:64:54:11:c6:b9:
d6:bb:2a:27:cf:80:aa:1b:b6:01:c4:5f:f9:b2:67:
7f:b4:d6:61:0d:7a:01:d4:05:86:9a:89:c3:d2:de:
b8:f6:2c:1e:fc:ca:f8:ba:f8:b3:e2:7b:f0:0d:88:
d4:78:2f:31:74:d0:96:1e:53:66:ff:82:df:14:9a:
47:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:CB:6A:72:ED:A5:22:36:EF:08:16:0F:28:39:43:26:58:6C:09:0F
X509v3 Authority Key Identifier:
keyid:BD:87:85:5C:B6:81:E2:33:59:BF:EC:1A:34:F1:99:2B:67:1E:5E:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127726/F9FFF6AC1DA711E2963AFAA108B02CD2/vYeFXLaB4jNZv-waNPGZK2ceXu4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vYeFXLaB4jNZv-waNPGZK2ceXu4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127726/F9FFF6AC1DA711E2963AFAA108B02CD2/D69E10CE628C11ED81B20942C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.3.224.0/22
IPv6:
2401:9440::/33
2406:9b00::/33
Signature Algorithm: sha256WithRSAEncryption
a2:96:b9:09:0d:ed:62:0c:c0:82:4c:52:37:8d:8d:75:94:44:
21:19:25:0b:a4:02:6f:32:89:fd:44:62:fd:61:9f:45:d1:6c:
7b:7a:c9:b1:74:0a:43:95:35:44:e8:eb:e7:ec:1c:85:00:29:
d7:84:65:29:9d:12:61:1d:9c:6f:79:e8:ea:e6:4a:30:98:56:
6f:73:3a:23:4f:0e:d4:6c:39:d3:65:90:cc:50:40:67:c6:1c:
5d:a4:ba:4b:27:6e:d8:ec:e2:60:60:18:10:5d:d2:0c:37:bb:
e0:8c:ae:24:2e:10:67:1d:fd:db:ef:e9:0d:2f:e0:d0:d8:5c:
ab:ae:50:7f:83:1d:4c:02:52:39:61:15:d2:a7:0c:a7:9b:34:
f9:a3:16:2f:b8:39:86:43:bc:25:09:b1:b6:10:d6:84:a3:27:
7e:ce:69:dc:af:35:1a:fb:4a:11:99:55:14:b2:99:51:bc:3f:
82:5d:c5:cf:06:eb:9c:ba:f8:0a:56:b5:32:20:3a:7e:e8:de:
83:7e:d3:12:54:ac:57:50:56:23:30:63:67:d1:64:b7:1c:8f:
3e:4e:19:24:bf:bc:f5:9f:86:4b:51:41:63:ab:e2:52:9e:91:
17:e0:d7:9d:16:b1:ce:21:8f:bf:ad:86:0d:22:9d:fe:b0:f8:
2d:e5:c5:4e
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICMvwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc3MjYxMTAvBgNVBAUTKEJEODc4NTVDQjY4MUUyMzM1OUJGRUMxQTM0RjE5OTJC
NjcxRTVFRUUwHhcNMjIxMTEzMTMwMDU2WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzcwZWE4OC1kNWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAshJCQIDB+r4oFF6f10jYpHCcRupjX1WSWenCYCi9bEqq4PhWDrkZqA8ZRnMj
FQ+HzEKkK1Mz0tEvb9KQSUCuFB7yT6W4u5MNee/XiRD+/Q0L6MKelX9SBrZ0u603
SIlDgvK4TT766VgABZlE1vXfgygpOxCNNvyCAm5Y/Ikc7NDaMKbBdA0JCoBosllp
D6I4ZzcVoXXdpYEG+lVTNHJBT7QbhX8hQpN7ipn5htH2N6jNGNbeNc5pRteBIuU3
ZFQRxrnWuyonz4CqG7YBxF/5smd/tNZhDXoB1AWGmonD0t649iwe/Mr4uviz4nvw
DYjUeC8xdNCWHlNm/4LfFJpHgwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFHnLanLt
pSI27wgWDyg5QyZYbAkPMB8GA1UdIwQYMBaAFL2HhVy2geIzWb/sGjTxmStnHl7u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzcyNi9GOUZGRjZBQzFE
QTcxMUUyOTYzQUZBQTEwOEIwMkNEMi92WWVGWExhQjRqTlp2LXdhTlBHWksyY2VY
dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZZZUZYTGFCNGpOWnYtd2FOUEdaSzJjZVh1NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc3MjYvRjlGRkY2QUMxREE3MTFFMjk2M0FGQUExMDhCMDJDRDIvRDY5RTEwQ0U2
MjhDMTFFRDgxQjIwOTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMAwEAgABMAYDBAJnA+AwFgQCAAIwEAMGByQBlEAAAwYHJAabAAAwDQYJKoZI
hvcNAQELBQADggEBAKKWuQkN7WIMwIJMUjeNjXWURCEZJQukAm8yif1EYv1hn0XR
bHt6ybF0CkOVNUTo6+fsHIUAKdeEZSmdEmEdnG956OrmSjCYVm9zOiNPDtRsOdNl
kMxQQGfGHF2kuksnbtjs4mBgGBBd0gw3u+CMriQuEGcd/dvv6Q0v4NDYXKuuUH+D
HUwCUjlhFdKnDKebNPmjFi+4OYZDvCUJsbYQ1oSjJ37OadyvNRr7ShGZVRSymVG8
P4Jdxc8G65y6+ApWtTIgOn7o3oN+0xJUrFdQViMwY2fRZLccjz5OGSS/vPWfhktR
QWOr4lKekRfg150Wsc4hj7+thg0inf6w+C3lxU4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org