Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/13D97F0A421311ECA9C45064C4F9AE02.roa
File: 13D97F0A421311ECA9C45064C4F9AE02.roa (raw, json)
Hash identifier: cpaTNx83okFvi0B2OxLWjHyG8RNRjhwOT8rrOdS+hyk=
Subject key identifier: C1:82:54:71:4E:92:AB:E4:28:37:FB:CA:2C:87:E3:F4:AB:8F:22:60
Certificate issuer: /CN=A913992F/serialNumber=1F5FB3A5D7B5CB043E9D9C1B3608D4B2635916F4
Certificate serial: 12B3
Authority key identifier: 1F:5F:B3:A5:D7:B5:CB:04:3E:9D:9C:1B:36:08:D4:B2:63:59:16:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H1-zpde1ywQ-nZwbNgjUsmNZFvQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/13D97F0A421311ECA9C45064C4F9AE02.roa
Signing time: Thu 02 Dec 2021 17:53:53 +0000
ROA not before: Thu 02 Dec 2021 17:53:53 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 61317
IP address blocks: 103.104.60.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4787 (0x12b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913992F/serialNumber=1F5FB3A5D7B5CB043E9D9C1B3608D4B2635916F4
Validity
Not Before: Dec 2 17:53:53 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=61a90831-cd07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d1:f8:90:5f:0b:b3:66:fe:5d:25:a1:1f:b5:
ed:82:34:ed:5d:25:22:41:ca:9e:07:85:4d:2c:c5:
83:4d:00:3b:68:74:0a:ef:b8:c5:8c:78:b4:f7:e0:
c6:d4:72:8b:65:1a:58:71:91:d1:69:c4:05:b4:40:
9f:5b:8a:2c:a9:79:f6:a9:0f:f9:dc:1c:cd:0d:e4:
44:c1:d8:18:59:a6:64:2c:a1:3d:4d:63:9f:4a:ea:
54:a6:82:a0:d0:35:ac:fb:98:04:70:cc:9b:f7:d1:
90:80:85:0a:1a:e3:2d:d7:36:d3:21:88:2e:43:dc:
fa:b1:db:79:6d:67:7a:07:ef:64:c7:30:a3:98:e1:
3f:ed:15:4a:dd:d5:fd:a8:86:88:50:01:1a:5a:89:
c0:ad:1b:f5:cf:9b:13:22:d1:c8:d0:88:47:06:1d:
7b:e2:47:0b:8c:2c:4d:e5:44:71:c5:fa:58:86:d6:
e8:86:ce:01:5b:46:b9:e6:57:80:4b:8f:8d:87:46:
c3:02:23:e1:70:72:46:f8:90:8a:d2:89:76:bd:ea:
53:c6:85:2d:af:47:bf:c0:40:a8:c9:d8:17:16:5d:
4b:75:74:20:a6:1e:21:ec:c4:ef:00:13:04:b3:51:
43:a0:5a:85:ee:a2:3f:4b:54:c7:0f:f3:c7:a4:10:
48:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:82:54:71:4E:92:AB:E4:28:37:FB:CA:2C:87:E3:F4:AB:8F:22:60
X509v3 Authority Key Identifier:
keyid:1F:5F:B3:A5:D7:B5:CB:04:3E:9D:9C:1B:36:08:D4:B2:63:59:16:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/H1-zpde1ywQ-nZwbNgjUsmNZFvQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H1-zpde1ywQ-nZwbNgjUsmNZFvQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/13D97F0A421311ECA9C45064C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.60.0/22
Signature Algorithm: sha256WithRSAEncryption
06:1a:48:c9:8b:d9:0c:70:b8:29:b8:3b:27:aa:8c:fb:ad:fd:
d5:2f:c5:6f:e5:5a:e1:29:f8:ac:f8:d9:30:24:f1:de:c3:3e:
9e:6e:3a:20:d1:50:81:86:23:b5:f9:ca:dd:9c:73:c0:d4:49:
75:4f:d6:da:6a:41:9e:4d:93:1f:dd:27:77:f3:e5:a1:0e:fa:
ac:ff:ea:e3:c1:e8:44:8d:dc:9c:bf:b1:05:97:4a:31:e1:21:
f0:5b:21:17:65:53:d9:06:c4:5c:e1:27:95:48:55:0f:67:2e:
52:19:90:2b:ef:d6:be:7a:79:fa:67:0c:42:bd:59:0c:f6:8c:
d1:8a:ff:9b:76:59:a3:aa:8f:de:98:eb:52:4f:54:4c:92:71:
ab:9f:62:4a:6d:b9:7d:cd:a2:46:0e:57:b4:ac:e5:7c:3d:3f:
49:f2:ef:d2:23:f2:37:74:98:da:ec:b2:c8:32:06:de:c0:d4:
7f:84:44:e0:6b:21:06:dc:e9:22:ca:f9:ce:70:ad:fd:4c:a1:
e0:fd:f7:4b:f1:af:43:e5:62:bf:ce:b0:77:d4:e8:26:6c:62:
75:c2:c2:33:c2:83:a9:db:18:6b:64:08:cc:fe:be:c2:93:c1:
58:ee:65:d0:b1:45:47:d4:24:3e:4d:5b:54:84:20:c5:49:c2:
83:c4:32:cc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICErMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzk5MkYxMTAvBgNVBAUTKDFGNUZCM0E1RDdCNUNCMDQzRTlEOUMxQjM2MDhENEIy
NjM1OTE2RjQwHhcNMjExMjAyMTc1MzUzWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWE5MDgzMS1jZDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs9H4kF8Ls2b+XSWhH7XtgjTtXSUiQcqeB4VNLMWDTQA7aHQK77jFjHi09+DG
1HKLZRpYcZHRacQFtECfW4osqXn2qQ/53BzNDeREwdgYWaZkLKE9TWOfSupUpoKg
0DWs+5gEcMyb99GQgIUKGuMt1zbTIYguQ9z6sdt5bWd6B+9kxzCjmOE/7RVK3dX9
qIaIUAEaWonArRv1z5sTItHI0IhHBh174kcLjCxN5URxxfpYhtbohs4BW0a55leA
S4+Nh0bDAiPhcHJG+JCK0ol2vepTxoUtr0e/wECoydgXFl1LdXQgph4h7MTvABME
s1FDoFqF7qI/S1THD/PHpBBI9QIDAQABo4IClTCCApEwHQYDVR0OBBYEFMGCVHFO
kqvkKDf7yiyH4/SrjyJgMB8GA1UdIwQYMBaAFB9fs6XXtcsEPp2cGzYI1LJjWRb0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTkyRi82MjlCNzk5MEVC
QUYxMUU3OTI4OTlFNEVDNEY5QUUwMi9IMS16cGRlMXl3US1uWndiTmdqVXNtTlpG
dlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0gxLXpwZGUxeXdRLW5ad2JOZ2pVc21OWkZ2US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzk5MkYvNjI5Qjc5OTBFQkFGMTFFNzkyODk5RTRFQzRGOUFFMDIvMTNEOTdGMEE0
MjEzMTFFQ0E5QzQ1MDY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnaDwwDQYJKoZIhvcNAQELBQADggEBAAYaSMmL2QxwuCm4
OyeqjPut/dUvxW/lWuEp+Kz42TAk8d7DPp5uOiDRUIGGI7X5yt2cc8DUSXVP1tpq
QZ5Nkx/dJ3fz5aEO+qz/6uPB6ESN3Jy/sQWXSjHhIfBbIRdlU9kGxFzhJ5VIVQ9n
LlIZkCvv1r56efpnDEK9WQz2jNGK/5t2WaOqj96Y61JPVEyScaufYkptuX3NokYO
V7Ss5Xw9P0ny79Ij8jd0mNrsssgyBt7A1H+EROBrIQbc6SLK+c5wrf1MoeD990vx
r0PlYr/OsHfU6CZsYnXCwjPCg6nbGGtkCMz+vsKTwVjuZdCxRUfUJD5NW1SEIMVJ
woPEMsw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org