Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/13583E90421311ECA9C45064C4F9AE02.roa
File: 13583E90421311ECA9C45064C4F9AE02.roa (raw, json)
Hash identifier: QkkbzKcq2tNnhgvs7uoZvjcCofpxdY3ykrlO6nPVIYU=
Subject key identifier: 88:40:52:A9:3E:2F:E4:FE:C7:01:68:32:35:66:F4:1E:54:CD:C3:68
Certificate issuer: /CN=A913992F/serialNumber=1F5FB3A5D7B5CB043E9D9C1B3608D4B2635916F4
Certificate serial: 12B0
Authority key identifier: 1F:5F:B3:A5:D7:B5:CB:04:3E:9D:9C:1B:36:08:D4:B2:63:59:16:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H1-zpde1ywQ-nZwbNgjUsmNZFvQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/13583E90421311ECA9C45064C4F9AE02.roa
Signing time: Thu 02 Dec 2021 17:53:50 +0000
ROA not before: Thu 02 Dec 2021 17:53:50 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 29802
IP address blocks: 103.104.60.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4784 (0x12b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913992F/serialNumber=1F5FB3A5D7B5CB043E9D9C1B3608D4B2635916F4
Validity
Not Before: Dec 2 17:53:50 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=61a9082e-aa1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:65:3f:01:0a:69:f5:14:c6:f9:d6:73:9f:7e:
d6:7d:9b:bf:03:64:7f:d4:5f:a2:3a:1a:df:0c:e4:
6f:4a:f2:d4:28:26:64:4e:5b:6f:45:aa:86:10:cd:
09:07:7b:b2:5d:cb:62:49:08:25:7a:97:5a:ad:40:
a1:ca:8a:79:27:e1:22:5a:d2:e3:bf:1a:94:5e:f5:
cf:7e:b2:a9:fc:6b:13:0a:98:f2:c8:8f:0b:2f:52:
9f:af:59:79:23:09:8a:64:88:a4:2e:f9:c6:eb:eb:
5f:5c:29:99:08:be:0a:be:c5:20:27:d2:e3:94:f5:
bd:a0:ef:a0:1b:18:fc:76:b6:98:47:65:ac:1b:cf:
9b:3f:a3:85:f6:d1:1b:55:d8:62:c3:df:4d:9e:32:
73:a2:55:48:cd:ce:54:17:3a:26:e6:c2:98:5a:1d:
eb:be:6e:23:ba:ea:f7:5f:33:a5:ed:38:87:23:a8:
b5:63:f8:a7:58:23:dd:be:99:00:a7:39:a3:a8:f2:
2a:40:af:34:df:07:97:c5:2a:d6:32:a9:bd:43:e2:
d4:32:81:00:a0:12:55:e9:7c:ab:ef:95:ee:6e:92:
cc:76:96:e1:c4:bc:c2:96:cf:08:b2:a8:17:7d:45:
65:df:da:25:6f:c5:f7:eb:f9:66:80:c5:5f:09:1e:
f0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:40:52:A9:3E:2F:E4:FE:C7:01:68:32:35:66:F4:1E:54:CD:C3:68
X509v3 Authority Key Identifier:
keyid:1F:5F:B3:A5:D7:B5:CB:04:3E:9D:9C:1B:36:08:D4:B2:63:59:16:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/H1-zpde1ywQ-nZwbNgjUsmNZFvQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H1-zpde1ywQ-nZwbNgjUsmNZFvQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/13583E90421311ECA9C45064C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.60.0/22
Signature Algorithm: sha256WithRSAEncryption
69:53:5b:79:a1:52:90:db:29:4f:44:94:37:09:fe:03:36:93:
cb:cd:52:41:f3:e1:e6:85:0c:cb:4f:70:4d:e2:c3:02:87:0e:
91:80:39:29:e2:25:59:4b:15:fc:4b:96:47:97:aa:a7:15:a6:
07:c9:77:57:48:9e:b9:05:88:cf:6d:00:bb:bf:6d:30:82:8b:
ad:c7:67:40:f3:08:aa:5e:a6:ea:71:c5:50:8c:4d:45:2d:56:
13:e7:e5:0d:aa:e5:bb:c1:21:85:78:bf:0d:06:32:27:af:a1:
f7:ba:0f:c6:00:12:a2:ea:7d:b1:77:76:2e:53:6a:e9:d2:75:
87:45:2c:6f:33:c4:d4:07:4a:0d:1e:6f:99:70:3f:bc:43:29:
25:24:a3:49:39:f1:52:65:bb:df:20:d0:e9:4e:c8:96:e6:9a:
b3:31:a3:6a:12:4b:bc:d1:0c:b7:e5:d5:bc:7a:45:2e:cd:ad:
18:3b:a5:23:bb:19:d9:62:cc:2a:01:1e:db:52:76:a1:4e:43:
a1:a8:b0:52:30:0e:1e:fa:a7:0d:37:ee:7c:84:81:c9:98:2a:
b0:f8:9e:35:d9:dc:73:a3:d2:c9:5c:8b:d6:66:d2:4c:62:fc:
0f:6a:e3:a6:93:a7:45:96:2b:56:8b:be:b8:75:78:2d:18:e9:
65:64:39:37
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICErAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzk5MkYxMTAvBgNVBAUTKDFGNUZCM0E1RDdCNUNCMDQzRTlEOUMxQjM2MDhENEIy
NjM1OTE2RjQwHhcNMjExMjAyMTc1MzUwWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWE5MDgyZS1hYTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApWU/AQpp9RTG+dZzn37WfZu/A2R/1F+iOhrfDORvSvLUKCZkTltvRaqGEM0J
B3uyXctiSQglepdarUChyop5J+EiWtLjvxqUXvXPfrKp/GsTCpjyyI8LL1Kfr1l5
IwmKZIikLvnG6+tfXCmZCL4KvsUgJ9LjlPW9oO+gGxj8draYR2WsG8+bP6OF9tEb
Vdhiw99NnjJzolVIzc5UFzom5sKYWh3rvm4juur3XzOl7TiHI6i1Y/inWCPdvpkA
pzmjqPIqQK803weXxSrWMqm9Q+LUMoEAoBJV6Xyr75XubpLMdpbhxLzCls8IsqgX
fUVl39olb8X36/lmgMVfCR7wJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIhAUqk+
L+T+xwFoMjVm9B5UzcNoMB8GA1UdIwQYMBaAFB9fs6XXtcsEPp2cGzYI1LJjWRb0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTkyRi82MjlCNzk5MEVC
QUYxMUU3OTI4OTlFNEVDNEY5QUUwMi9IMS16cGRlMXl3US1uWndiTmdqVXNtTlpG
dlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0gxLXpwZGUxeXdRLW5ad2JOZ2pVc21OWkZ2US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzk5MkYvNjI5Qjc5OTBFQkFGMTFFNzkyODk5RTRFQzRGOUFFMDIvMTM1ODNFOTA0
MjEzMTFFQ0E5QzQ1MDY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnaDwwDQYJKoZIhvcNAQELBQADggEBAGlTW3mhUpDbKU9E
lDcJ/gM2k8vNUkHz4eaFDMtPcE3iwwKHDpGAOSniJVlLFfxLlkeXqqcVpgfJd1dI
nrkFiM9tALu/bTCCi63HZ0DzCKpepupxxVCMTUUtVhPn5Q2q5bvBIYV4vw0GMiev
ofe6D8YAEqLqfbF3di5TaunSdYdFLG8zxNQHSg0eb5lwP7xDKSUko0k58VJlu98g
0OlOyJbmmrMxo2oSS7zRDLfl1bx6RS7NrRg7pSO7GdlizCoBHttSdqFOQ6GosFIw
Dh76pw037nyEgcmYKrD4njXZ3HOj0slci9Zm0kxi/A9q46aTp0WWK1aLvrh1eC0Y
6WVkOTc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org