Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/892727E053ED11EBA77C870DC4F9AE02.roa
File: 892727E053ED11EBA77C870DC4F9AE02.roa (raw, json)
Hash identifier: MyuXZZbF+GG8QjfYzUCmExtC5au6aijB6uwiOOvmXDs=
Subject key identifier: C4:18:96:5D:3F:0C:62:EA:E6:6E:25:4A:B9:3E:8B:87:AC:47:43:A8
Certificate issuer: /CN=A9146944/serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Certificate serial: 06EC
Authority key identifier: ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/892727E053ED11EBA77C870DC4F9AE02.roa
Signing time: Sat 25 Jun 2022 22:02:40 +0000
ROA not before: Sat 25 Jun 2022 22:02:40 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 131340
IP address blocks: 45.250.229.0/24 maxlen: 24
103.202.220.0/24 maxlen: 24
103.202.221.0/24 maxlen: 24
103.209.197.0/24 maxlen: 24
103.209.198.0/24 maxlen: 24
202.133.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1772 (0x6ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146944/serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Validity
Not Before: Jun 25 22:02:40 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62b78600-c256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3a:3e:f8:7a:fe:56:0c:f2:7d:1e:40:55:1c:
ab:15:8d:29:90:ba:f3:9f:04:63:8b:1e:da:a6:93:
68:8e:c9:fb:16:f1:5e:3f:3d:38:1b:5c:82:f5:2c:
95:ed:21:08:c8:af:35:df:ab:a0:56:5a:c0:cd:4a:
d4:d4:40:e6:87:2f:a8:a1:8a:b8:ac:cd:1b:ed:97:
fc:0b:fc:8e:4b:48:2f:96:31:32:02:d6:ed:4c:2a:
c0:d0:53:2a:69:64:aa:b5:ca:63:55:9f:ec:b9:a6:
5f:c1:cc:49:59:50:67:3a:9a:9d:f5:42:c4:3d:88:
95:c7:1c:9f:bd:eb:25:97:9b:9c:7a:80:06:e3:3d:
01:29:c4:3e:e0:80:bb:ad:c7:c8:8d:98:d2:26:69:
96:82:16:f0:17:b8:e0:42:41:f6:76:96:01:a1:e7:
2f:9f:e4:d6:d3:bc:3b:cb:d1:1d:50:84:23:5a:1b:
87:a6:5c:72:da:90:71:c0:db:e2:3e:89:2d:07:88:
8d:74:0d:4f:d7:b1:59:25:5f:00:11:b0:45:67:00:
01:4d:30:b1:85:66:88:12:a7:62:c2:5c:2e:4b:99:
8e:d3:fc:03:54:d8:70:e0:9c:06:88:69:1d:f1:ce:
34:c3:3e:99:94:69:18:70:ae:4c:74:84:36:51:dd:
5e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:18:96:5D:3F:0C:62:EA:E6:6E:25:4A:B9:3E:8B:87:AC:47:43:A8
X509v3 Authority Key Identifier:
keyid:ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/892727E053ED11EBA77C870DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.229.0/24
103.202.220.0/23
103.209.197.0-103.209.198.255
202.133.90.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f7:da:32:22:27:10:3d:30:ba:3d:29:36:fd:08:e6:fe:b3:
31:c2:de:de:6a:5c:39:0d:ca:ff:44:29:11:74:0b:6f:c0:8c:
fe:92:f9:0d:c9:b4:64:ba:c9:99:81:e6:79:ba:50:b0:0e:43:
56:6d:8c:f0:dd:8c:ca:a4:3a:c0:6e:b8:b2:fd:f3:1e:60:19:
b6:e6:74:c1:d5:ef:e5:b8:c8:53:20:d2:78:c6:38:ac:0e:01:
a6:c1:dc:7e:07:02:07:d5:19:9f:79:fe:b5:e3:4b:6e:e2:3b:
be:39:85:ca:16:4d:6b:b0:85:eb:1f:fe:2b:77:fa:27:62:ae:
29:77:bb:fd:c1:58:7c:94:33:f3:b6:c7:87:3f:9b:b2:78:22:
15:0e:5e:c4:ab:c8:3e:36:2c:9f:78:6b:21:d5:52:19:f7:ea:
66:84:0c:37:1a:f1:78:ce:08:51:55:ae:ef:61:1b:81:10:0e:
85:e6:9f:9b:4f:1c:f2:74:88:d3:84:50:ed:c8:48:31:90:75:
a3:7a:aa:09:0c:90:19:8c:9d:d5:43:77:ad:a2:e4:52:57:07:
73:b5:81:72:96:e3:eb:bc:db:b3:a1:1d:d8:8c:7a:b5:bf:8a:
61:06:50:f8:f3:9a:4e:a3:22:27:35:25:2d:35:b5:06:a0:57:
82:15:a7:b3
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICBuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDY5NDQxMTAvBgNVBAUTKEVEMUY5NThDQjYwNEI1NzZFODIyMTRCNENGM0NDMEZF
NjIwRUY5RjQwHhcNMjIwNjI1MjIwMjQwWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmI3ODYwMC1jMjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApTo++Hr+VgzyfR5AVRyrFY0pkLrznwRjix7appNojsn7FvFePz04G1yC9SyV
7SEIyK8136ugVlrAzUrU1EDmhy+ooYq4rM0b7Zf8C/yOS0gvljEyAtbtTCrA0FMq
aWSqtcpjVZ/suaZfwcxJWVBnOpqd9ULEPYiVxxyfvesll5uceoAG4z0BKcQ+4IC7
rcfIjZjSJmmWghbwF7jgQkH2dpYBoecvn+TW07w7y9EdUIQjWhuHplxy2pBxwNvi
PoktB4iNdA1P17FZJV8AEbBFZwABTTCxhWaIEqdiwlwuS5mO0/wDVNhw4JwGiGkd
8c40wz6ZlGkYcK5MdIQ2Ud1emQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFMQYll0/
DGLq5m4lSrk+i4esR0OoMB8GA1UdIwQYMBaAFO0flYy2BLV26CIUtM88wP5iDvn0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Njk0NC80M0JEMUM2RThF
OTUxMUVBQTlENzNBMkVDNEY5QUUwMi83Ui1WakxZRXRYYm9JaFMwenp6QV9tSU8t
ZlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSLVZqTFlFdFhib0loUzB6enpBX21JTy1mUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDY5NDQvNDNCRDFDNkU4RTk1MTFFQUE5RDczQTJFQzRGOUFFMDIvODkyNzI3RTA1
M0VEMTFFQkE3N0M4NzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAAt+uUDBAFnytwwDAMEAGfRxQMEAGfRxgMEAMqFWjANBgkq
hkiG9w0BAQsFAAOCAQEAJ/faMiInED0wuj0pNv0I5v6zMcLe3mpcOQ3K/0QpEXQL
b8CM/pL5Dcm0ZLrJmYHmebpQsA5DVm2M8N2MyqQ6wG64sv3zHmAZtuZ0wdXv5bjI
UyDSeMY4rA4BpsHcfgcCB9UZn3n+teNLbuI7vjmFyhZNa7CF6x/+K3f6J2KuKXe7
/cFYfJQz87bHhz+bsngiFQ5exKvIPjYsn3hrIdVSGffqZoQMNxrxeM4IUVWu72Eb
gRAOheafm08c8nSI04RQ7chIMZB1o3qqCQyQGYyd1UN3raLkUlcHc7WBcpbj67zb
s6Ed2Ix6tb+KYQZQ+POaTqMiJzUlLTW1BqBXghWnsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org