Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91411B3/C6DA292C184611EA9B842F27C4F9AE02/6F43F5BAFB6211EC9E830E28C4F9AE02.roa
File: 6F43F5BAFB6211EC9E830E28C4F9AE02.roa (raw, json)
Hash identifier: uYyFpFg0tcIZje2pahG821MnEafxmlYvpAmNrLdR9V0=
Subject key identifier: 57:69:3B:81:98:D9:DA:83:08:68:AC:49:53:5F:D1:AE:51:2E:3F:9C
Certificate issuer: /CN=A91411B3/serialNumber=ACD04E49C8B72BBE01E3537559CF4C94730ED5DF
Certificate serial: 0951
Authority key identifier: AC:D0:4E:49:C8:B7:2B:BE:01:E3:53:75:59:CF:4C:94:73:0E:D5:DF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBOSci3K74B41N1Wc9MlHMO1d8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91411B3/C6DA292C184611EA9B842F27C4F9AE02/6F43F5BAFB6211EC9E830E28C4F9AE02.roa
Signing time: Mon 04 Jul 2022 07:06:49 +0000
ROA not before: Mon 04 Jul 2022 07:06:49 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 150001
IP address blocks: 103.126.12.0/22 maxlen: 22
103.126.12.0/23 maxlen: 23
103.126.12.0/24 maxlen: 24
103.126.13.0/24 maxlen: 24
103.126.14.0/23 maxlen: 23
103.126.14.0/24 maxlen: 24
103.126.15.0/24 maxlen: 24
2404:1c0::/32 maxlen: 32
2404:1c0::/33 maxlen: 33
2404:1c0:8000::/33 maxlen: 33
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2385 (0x951)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91411B3/serialNumber=ACD04E49C8B72BBE01E3537559CF4C94730ED5DF
Validity
Not Before: Jul 4 07:06:49 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=62c29188-d540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7a:f2:60:30:61:6b:8d:29:de:f4:5e:8a:c1:
06:61:b1:fa:4c:82:d6:0c:d3:8b:15:0e:cc:05:74:
fb:b7:df:9f:4f:50:90:e3:14:ce:d0:2e:50:9f:45:
32:bb:f9:f3:32:43:4d:fb:ce:77:78:d1:7a:92:bf:
7b:97:84:dd:d0:70:a3:5a:90:34:9e:f9:40:fa:b1:
14:79:19:d7:94:a0:d0:8f:c2:61:e1:c0:b5:68:5a:
0c:74:41:f4:9a:d7:13:38:2c:11:08:c3:3a:33:73:
6c:69:48:f7:d6:43:37:9c:9a:a7:25:53:1f:d8:46:
25:02:3e:5d:28:04:1d:6c:c7:ae:c8:59:be:3d:8e:
a9:db:c1:e4:29:c1:d2:3c:ce:e2:92:68:21:b9:a0:
74:8a:05:00:a0:e2:fd:d6:bc:de:17:9f:f5:d5:cb:
13:e5:3a:2e:8a:04:c0:e9:5b:b7:f9:82:26:e9:cf:
72:54:85:4d:96:10:d6:f1:d4:41:b2:08:43:e5:cb:
fd:4c:5a:d7:fa:ff:d0:62:2b:dc:4b:45:ad:a2:83:
2d:6a:2f:b4:7a:f0:ac:39:4f:2a:6a:d5:c3:6c:a9:
ef:48:74:42:31:9b:a1:a8:c7:9d:bf:e3:ad:d3:a1:
74:79:b3:9f:8e:67:d6:c0:a7:35:66:f6:c8:78:e8:
16:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:69:3B:81:98:D9:DA:83:08:68:AC:49:53:5F:D1:AE:51:2E:3F:9C
X509v3 Authority Key Identifier:
keyid:AC:D0:4E:49:C8:B7:2B:BE:01:E3:53:75:59:CF:4C:94:73:0E:D5:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91411B3/C6DA292C184611EA9B842F27C4F9AE02/rNBOSci3K74B41N1Wc9MlHMO1d8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBOSci3K74B41N1Wc9MlHMO1d8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91411B3/C6DA292C184611EA9B842F27C4F9AE02/6F43F5BAFB6211EC9E830E28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.12.0/22
IPv6:
2404:1c0::/32
Signature Algorithm: sha256WithRSAEncryption
50:a9:2d:99:52:f2:96:4c:7c:cc:9e:47:50:ac:33:bb:b4:a1:
cd:c5:af:b7:83:e1:3e:83:83:93:25:e9:4b:18:17:93:65:d5:
f5:14:e1:46:88:1a:ab:8c:37:42:58:df:6b:a5:4a:5b:8a:9b:
5a:c4:50:24:f5:a8:ea:51:d2:66:aa:0e:ae:9b:31:ac:f0:2d:
f1:dc:67:60:53:a7:d5:87:bb:28:7e:b2:d7:16:d8:93:e1:37:
8c:26:56:dc:70:59:60:8f:d8:81:76:38:e6:cc:72:55:37:dc:
06:2c:a7:4b:6e:60:20:bc:28:f2:fe:84:63:5a:74:cc:82:18:
9f:a2:91:a8:c0:ba:e6:f2:b1:a7:e8:72:a4:56:e0:7e:b4:db:
b8:e2:58:a9:7b:e7:16:ed:9e:65:47:42:b8:5f:db:8d:71:bb:
83:93:f3:73:5a:21:3b:ed:17:3f:85:34:07:56:4c:45:04:0a:
f0:db:36:fa:7e:d4:94:ae:78:1c:86:8e:84:85:1e:a4:81:27:
12:07:d1:5a:31:b8:e6:74:af:4b:79:e8:6e:6b:6a:9d:8d:50:
81:f2:a8:ce:9c:88:a1:9e:85:7e:36:28:bc:99:e0:49:2f:5a:
16:4b:d3:43:ce:43:91:65:2a:e3:0f:cc:8c:bf:44:a3:76:04:
c4:26:46:2a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDExQjMxMTAvBgNVBAUTKEFDRDA0RTQ5QzhCNzJCQkUwMUUzNTM3NTU5Q0Y0Qzk0
NzMwRUQ1REYwHhcNMjIwNzA0MDcwNjQ5WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmMyOTE4OC1kNTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0XryYDBha40p3vReisEGYbH6TILWDNOLFQ7MBXT7t9+fT1CQ4xTO0C5Qn0Uy
u/nzMkNN+853eNF6kr97l4Td0HCjWpA0nvlA+rEUeRnXlKDQj8Jh4cC1aFoMdEH0
mtcTOCwRCMM6M3NsaUj31kM3nJqnJVMf2EYlAj5dKAQdbMeuyFm+PY6p28HkKcHS
PM7ikmghuaB0igUAoOL91rzeF5/11csT5TouigTA6Vu3+YIm6c9yVIVNlhDW8dRB
sghD5cv9TFrX+v/QYivcS0WtooMtai+0evCsOU8qatXDbKnvSHRCMZuhqMedv+Ot
06F0ebOfjmfWwKc1ZvbIeOgW0wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFdpO4GY
2dqDCGisSVNf0a5RLj+cMB8GA1UdIwQYMBaAFKzQTknItyu+AeNTdVnPTJRzDtXf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTFCMy9DNkRBMjkyQzE4
NDYxMUVBOUI4NDJGMjdDNEY5QUUwMi9yTkJPU2NpM0s3NEI0MU4xV2M5TWxITU8x
ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JOQk9TY2kzSzc0QjQxTjFXYzlNbEhNTzFkOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDExQjMvQzZEQTI5MkMxODQ2MTFFQTlCODQyRjI3QzRGOUFFMDIvNkY0M0Y1QkFG
QjYyMTFFQzlFODMwRTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnfgwwDQQCAAIwBwMFACQEAcAwDQYJKoZIhvcNAQELBQAD
ggEBAFCpLZlS8pZMfMyeR1CsM7u0oc3Fr7eD4T6Dg5Ml6UsYF5Nl1fUU4UaIGquM
N0JY32ulSluKm1rEUCT1qOpR0maqDq6bMazwLfHcZ2BTp9WHuyh+stcW2JPhN4wm
VtxwWWCP2IF2OObMclU33AYsp0tuYCC8KPL+hGNadMyCGJ+ikajAuubysafocqRW
4H6027jiWKl75xbtnmVHQrhf241xu4OT83NaITvtFz+FNAdWTEUECvDbNvp+1JSu
eByGjoSFHqSBJxIH0VoxuOZ0r0t56G5rap2NUIHyqM6ciKGehX42KLyZ4EkvWhZL
00POQ5FlKuMPzIy/RKN2BMQmRio=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org