Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9128963/986B18648DFC11E990231648C4F9AE02/C510CEC48DFF11E9A9B8D451C4F9AE02.roa
File: C510CEC48DFF11E9A9B8D451C4F9AE02.roa (raw, json)
Hash identifier: 3Ld6bXCLV/HmH+3uxObdWN7HyMCaBqrZrajRihao1L8=
Subject key identifier: 6A:09:B8:41:6A:D4:D7:FC:8B:14:5C:75:44:DE:F6:68:50:0E:19:42
Certificate issuer: /CN=A9128963/serialNumber=7B5FB6970D374BFF75872EB87DBB4030437A6188
Certificate serial: 0BC7
Authority key identifier: 7B:5F:B6:97:0D:37:4B:FF:75:87:2E:B8:7D:BB:40:30:43:7A:61:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1-2lw03S_91hy64fbtAMEN6YYg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9128963/986B18648DFC11E990231648C4F9AE02/C510CEC48DFF11E9A9B8D451C4F9AE02.roa
Signing time: Wed 01 Jun 2022 19:18:02 +0000
ROA not before: Wed 01 Jun 2022 19:18:02 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 35829
IP address blocks: 45.250.60.0/22 maxlen: 24
103.219.56.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3015 (0xbc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9128963/serialNumber=7B5FB6970D374BFF75872EB87DBB4030437A6188
Validity
Not Before: Jun 1 19:18:02 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=6297bb6a-8aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cf:ee:28:a0:4c:08:6f:be:a6:fd:53:20:29:
02:26:a1:6d:47:99:73:ae:59:c5:b1:41:53:5c:4c:
33:a3:76:a9:6b:78:e4:2c:da:26:e4:87:ac:42:68:
43:72:4b:d0:28:99:1c:e1:2f:2b:b1:fb:91:c5:67:
40:8b:e8:29:e8:df:8e:03:a2:7b:52:5b:92:08:9a:
1f:b4:3c:32:01:79:f5:c7:7e:98:2c:f4:66:e6:28:
c9:19:7a:06:e6:b7:2f:25:e3:b6:5c:9e:0f:c0:4e:
bc:8d:84:90:33:22:c4:c7:94:80:81:68:f9:ca:63:
91:c1:57:3b:7c:b0:df:4e:d8:54:a5:f7:c1:a4:bc:
2b:d1:0b:af:16:fd:73:c1:84:1b:16:50:e1:9a:44:
72:96:63:a9:a8:a4:5f:f6:81:f0:9f:e8:47:a6:74:
d8:9f:13:c8:0b:e4:e2:48:b9:8b:64:c8:55:3d:29:
06:04:77:1c:8d:69:e5:e8:f1:63:0b:8a:3a:a1:72:
19:c8:1e:df:6c:d0:75:e8:dd:8a:e4:52:91:8d:88:
af:5a:e4:7a:c5:b6:f9:cd:6f:b6:5c:5b:38:38:d6:
af:96:fc:84:36:14:6e:fc:6a:71:61:32:05:cb:c3:
ba:08:0f:23:ac:47:88:dc:01:1f:c4:4d:d4:1f:86:
83:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:09:B8:41:6A:D4:D7:FC:8B:14:5C:75:44:DE:F6:68:50:0E:19:42
X509v3 Authority Key Identifier:
keyid:7B:5F:B6:97:0D:37:4B:FF:75:87:2E:B8:7D:BB:40:30:43:7A:61:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9128963/986B18648DFC11E990231648C4F9AE02/e1-2lw03S_91hy64fbtAMEN6YYg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1-2lw03S_91hy64fbtAMEN6YYg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128963/986B18648DFC11E990231648C4F9AE02/C510CEC48DFF11E9A9B8D451C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.60.0/22
103.219.56.0/23
Signature Algorithm: sha256WithRSAEncryption
74:bb:59:0b:89:9a:32:b5:92:06:10:8f:fb:8b:4c:53:f2:dc:
84:5d:c4:5d:55:5f:9f:7a:2a:d3:b8:47:c8:38:42:1c:c7:6b:
df:d4:e9:50:f3:3e:b0:88:eb:6e:90:14:e5:8e:ec:12:43:5e:
d8:2d:16:16:19:66:ad:fe:67:64:bc:9e:c0:79:8f:a5:5a:93:
ff:3a:27:97:0c:1e:fe:b9:a3:40:8b:05:dd:83:fe:7d:49:ef:
a6:d0:7a:34:79:ff:6f:88:3e:14:31:21:fc:e6:72:96:0d:b2:
8a:d8:71:89:19:cc:a6:be:1b:95:ac:42:0e:fe:74:47:28:1f:
a6:7a:5c:78:d7:9f:eb:c1:c5:71:da:33:ea:10:34:75:ad:a2:
fc:46:4a:af:55:82:c9:e5:31:dc:be:0a:4a:d1:52:96:6b:dc:
85:55:5b:e7:e2:81:5f:15:55:4c:88:cc:f9:13:ba:5e:ee:5f:
ec:be:e9:3f:31:40:9e:3e:19:be:19:63:bc:bd:62:b0:1f:08:
0d:8d:bb:df:60:eb:39:51:32:09:fa:17:fc:3b:65:c8:b5:12:
88:1c:13:7b:79:9e:34:df:d7:51:9f:25:37:0a:97:3a:ff:7d:
65:8b:6f:e2:01:b6:3d:a0:66:eb:46:5a:d1:df:0f:51:cf:8e:
46:b6:11:57
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC8cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjg5NjMxMTAvBgNVBAUTKDdCNUZCNjk3MEQzNzRCRkY3NTg3MkVCODdEQkI0MDMw
NDM3QTYxODgwHhcNMjIwNjAxMTkxODAyWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk3YmI2YS04YWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvs/uKKBMCG++pv1TICkCJqFtR5lzrlnFsUFTXEwzo3apa3jkLNom5IesQmhD
ckvQKJkc4S8rsfuRxWdAi+gp6N+OA6J7UluSCJoftDwyAXn1x36YLPRm5ijJGXoG
5rcvJeO2XJ4PwE68jYSQMyLEx5SAgWj5ymORwVc7fLDfTthUpffBpLwr0QuvFv1z
wYQbFlDhmkRylmOpqKRf9oHwn+hHpnTYnxPIC+TiSLmLZMhVPSkGBHccjWnl6PFj
C4o6oXIZyB7fbNB16N2K5FKRjYivWuR6xbb5zW+2XFs4ONavlvyENhRu/GpxYTIF
y8O6CA8jrEeI3AEfxE3UH4aDUQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGoJuEFq
1Nf8ixRcdUTe9mhQDhlCMB8GA1UdIwQYMBaAFHtftpcNN0v/dYcuuH27QDBDemGI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODk2My85ODZCMTg2NDhE
RkMxMUU5OTAyMzE2NDhDNEY5QUUwMi9lMS0ybHcwM1NfOTFoeTY0ZmJ0QU1FTjZZ
WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2UxLTJsdzAzU185MWh5NjRmYnRBTUVONllZZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjg5NjMvOTg2QjE4NjQ4REZDMTFFOTkwMjMxNjQ4QzRGOUFFMDIvQzUxMENFQzQ4
REZGMTFFOUE5QjhENDUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIt+jwDBAFn2zgwDQYJKoZIhvcNAQELBQADggEBAHS7WQuJ
mjK1kgYQj/uLTFPy3IRdxF1VX596KtO4R8g4QhzHa9/U6VDzPrCI626QFOWO7BJD
XtgtFhYZZq3+Z2S8nsB5j6Vak/86J5cMHv65o0CLBd2D/n1J76bQejR5/2+IPhQx
IfzmcpYNsorYcYkZzKa+G5WsQg7+dEcoH6Z6XHjXn+vBxXHaM+oQNHWtovxGSq9V
gsnlMdy+CkrRUpZr3IVVW+figV8VVUyIzPkTul7uX+y+6T8xQJ4+Gb4ZY7y9YrAf
CA2Nu99g6zlRMgn6F/w7Zci1EogcE3t5njTf11GfJTcKlzr/fWWLb+IBtj2gZutG
WtHfD1HPjka2EVc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-fra.rpki-client.org