Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/48AECD1CF44511ED9AAB071EC4F9AE02.roa
File: 48AECD1CF44511ED9AAB071EC4F9AE02.roa (raw, json)
Hash identifier: k7+PXL8T752/7Z8gp3X5mtWaX0lC6zQAE/O8eN3LQKU=
Subject key identifier: 41:CB:1B:9D:E3:18:9D:45:CD:62:61:BC:85:4C:FC:6B:55:63:D6:8D
Certificate issuer: /CN=A913992F/serialNumber=1F5FB3A5D7B5CB043E9D9C1B3608D4B2635916F4
Certificate serial: 158B
Authority key identifier: 1F:5F:B3:A5:D7:B5:CB:04:3E:9D:9C:1B:36:08:D4:B2:63:59:16:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H1-zpde1ywQ-nZwbNgjUsmNZFvQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/48AECD1CF44511ED9AAB071EC4F9AE02.roa
Signing time: Tue 16 May 2023 23:56:33 +0000
ROA not before: Tue 16 May 2023 23:56:33 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 211585
IP address blocks: 103.104.60.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5515 (0x158b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913992F/serialNumber=1F5FB3A5D7B5CB043E9D9C1B3608D4B2635916F4
Validity
Not Before: May 16 23:56:33 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64641831-3fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:31:b0:04:bb:41:a0:87:84:e4:f5:53:d9:15:
37:dd:6a:64:40:b2:f6:6e:f1:63:93:c2:89:d7:73:
1d:25:27:1d:88:e2:61:21:50:b8:10:a5:eb:89:c0:
0a:15:93:84:31:04:5a:d8:91:b7:87:7b:19:35:42:
e7:a6:3d:7a:86:75:8c:32:c4:60:d4:c3:16:d9:71:
af:e6:6c:c0:29:3a:74:c7:b6:ac:9d:46:7a:5c:04:
81:f7:da:c1:32:fe:36:71:cc:ec:a9:f6:9f:cf:22:
dc:a3:2f:8a:6b:20:fb:fb:fe:54:59:77:af:cb:7f:
ba:97:95:05:b2:b8:7c:32:8a:a8:cd:ee:8d:a4:ec:
cb:46:55:0a:6f:aa:e6:6b:07:87:5f:ca:5c:9a:5f:
78:5d:8e:88:ae:6c:26:b4:4c:10:cd:ed:9a:8c:62:
34:ac:c6:31:ba:64:b1:cf:6b:ff:48:40:b3:9a:bc:
bb:10:28:39:1e:df:e6:96:bc:34:80:5e:cd:c8:25:
dc:d0:35:4c:12:b9:25:a7:28:91:1d:03:94:e6:76:
58:4e:01:cd:d0:11:ad:f5:c1:6f:09:eb:ad:65:5c:
70:4f:41:80:d6:21:26:15:ca:52:91:fe:a8:1b:ca:
e5:92:c5:4b:bf:de:ed:eb:34:20:b4:6b:94:c0:f9:
41:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CB:1B:9D:E3:18:9D:45:CD:62:61:BC:85:4C:FC:6B:55:63:D6:8D
X509v3 Authority Key Identifier:
keyid:1F:5F:B3:A5:D7:B5:CB:04:3E:9D:9C:1B:36:08:D4:B2:63:59:16:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/H1-zpde1ywQ-nZwbNgjUsmNZFvQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H1-zpde1ywQ-nZwbNgjUsmNZFvQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913992F/629B7990EBAF11E792899E4EC4F9AE02/48AECD1CF44511ED9AAB071EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.60.0/23
Signature Algorithm: sha256WithRSAEncryption
19:5f:70:23:d7:53:c7:88:31:f8:52:d4:79:e9:a8:60:a0:81:
63:27:50:3c:98:fd:59:ce:34:9d:d8:42:75:00:6a:d6:ae:84:
d2:86:bc:d4:95:b4:05:59:19:b7:a3:32:6a:56:b0:55:9f:1f:
ba:43:80:64:60:d9:b8:00:fe:93:67:c4:08:f3:b6:37:64:92:
ab:38:0f:c3:d2:b7:52:3a:37:fc:1f:23:1e:03:70:cd:6a:d1:
a4:6f:0d:9d:3f:a8:06:62:da:15:86:fb:28:10:f1:1e:d1:fd:
69:d3:28:77:49:c7:f7:08:71:5b:a9:aa:9b:c5:c8:7d:7f:d6:
78:df:ee:f0:4d:c9:48:fa:aa:d2:f1:08:11:32:cb:cb:92:31:
9e:82:b2:c1:9e:89:19:5a:a9:bc:9f:8a:c8:8d:10:b5:f1:e1:
45:00:07:9c:7a:5c:e7:8a:db:0d:dd:1d:c1:f5:9d:76:25:2f:
9c:09:e2:a2:75:7d:0e:89:7a:8b:f9:c6:2b:14:dc:eb:df:de:
f2:29:d1:d2:71:de:f6:2c:71:97:74:72:ae:63:81:16:a5:ae:
1a:04:69:33:8d:cb:1e:65:7d:79:0c:a5:c8:ce:1e:8f:df:91:
00:24:d9:39:8d:8e:16:56:c9:7a:40:b1:be:3e:1d:64:e3:0a:
90:45:4f:b1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzk5MkYxMTAvBgNVBAUTKDFGNUZCM0E1RDdCNUNCMDQzRTlEOUMxQjM2MDhENEIy
NjM1OTE2RjQwHhcNMjMwNTE2MjM1NjMzWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY0MTgzMS0zZmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuDGwBLtBoIeE5PVT2RU33WpkQLL2bvFjk8KJ13MdJScdiOJhIVC4EKXricAK
FZOEMQRa2JG3h3sZNULnpj16hnWMMsRg1MMW2XGv5mzAKTp0x7asnUZ6XASB99rB
Mv42cczsqfafzyLcoy+KayD7+/5UWXevy3+6l5UFsrh8Moqoze6NpOzLRlUKb6rm
aweHX8pcml94XY6IrmwmtEwQze2ajGI0rMYxumSxz2v/SECzmry7ECg5Ht/mlrw0
gF7NyCXc0DVMErklpyiRHQOU5nZYTgHN0BGt9cFvCeutZVxwT0GA1iEmFcpSkf6o
G8rlksVLv97t6zQgtGuUwPlB1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFEHLG53j
GJ1FzWJhvIVM/GtVY9aNMB8GA1UdIwQYMBaAFB9fs6XXtcsEPp2cGzYI1LJjWRb0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTkyRi82MjlCNzk5MEVC
QUYxMUU3OTI4OTlFNEVDNEY5QUUwMi9IMS16cGRlMXl3US1uWndiTmdqVXNtTlpG
dlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0gxLXpwZGUxeXdRLW5ad2JOZ2pVc21OWkZ2US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzk5MkYvNjI5Qjc5OTBFQkFGMTFFNzkyODk5RTRFQzRGOUFFMDIvNDhBRUNEMUNG
NDQ1MTFFRDlBQUIwNzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnaDwwDQYJKoZIhvcNAQELBQADggEBABlfcCPXU8eIMfhS
1HnpqGCggWMnUDyY/VnONJ3YQnUAatauhNKGvNSVtAVZGbejMmpWsFWfH7pDgGRg
2bgA/pNnxAjztjdkkqs4D8PSt1I6N/wfIx4DcM1q0aRvDZ0/qAZi2hWG+ygQ8R7R
/WnTKHdJx/cIcVupqpvFyH1/1njf7vBNyUj6qtLxCBEyy8uSMZ6CssGeiRlaqbyf
isiNELXx4UUAB5x6XOeK2w3dHcH1nXYlL5wJ4qJ1fQ6Jeov5xisU3Ovf3vIp0dJx
3vYscZd0cq5jgRalrhoEaTONyx5lfXkMpcjOHo/fkQAk2TmNjhZWyXpAsb4+HWTj
CpBFT7E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org