Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C07F/9F9E1ECA0B6311EB8105B374C4F9AE02/9EA0622C8D4311EC86D95B19C4F9AE02.roa
File: 9EA0622C8D4311EC86D95B19C4F9AE02.roa (raw, json)
Hash identifier: xzxbjUFl52gO0+vb9UrZu0maO18VguHJt9LgH+ElCI8=
Subject key identifier: AB:95:CD:B9:1F:A9:E9:7F:FD:7E:83:BF:04:A6:1D:12:45:81:2C:F1
Certificate issuer: /CN=A914C07F/serialNumber=D91F77BE22011D7E1D575D9F9ADB5F8E160E5FD9
Certificate serial: 03F1
Authority key identifier: D9:1F:77:BE:22:01:1D:7E:1D:57:5D:9F:9A:DB:5F:8E:16:0E:5F:D9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2R93viIBHX4dV12fmttfjhYOX9k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C07F/9F9E1ECA0B6311EB8105B374C4F9AE02/9EA0622C8D4311EC86D95B19C4F9AE02.roa
Signing time: Mon 14 Feb 2022 03:10:11 +0000
ROA not before: Mon 14 Feb 2022 03:10:10 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 49466
IP address blocks: 103.101.176.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1009 (0x3f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C07F/serialNumber=D91F77BE22011D7E1D575D9F9ADB5F8E160E5FD9
Validity
Not Before: Feb 14 03:10:10 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=6209c812-0607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9f:6e:e5:ad:52:ae:e9:32:7b:7b:8f:eb:ea:
ab:26:f1:5f:23:78:6d:87:44:35:00:f1:cc:29:2f:
2b:09:d5:14:1c:34:92:81:56:de:eb:e3:39:09:76:
73:eb:7d:6c:a9:e2:74:d6:41:f3:57:8f:8a:39:0b:
0c:c0:54:4a:e7:cc:62:ad:20:3a:cb:fd:08:50:e1:
4e:f7:24:fe:0a:26:63:8d:3f:02:de:7e:40:fb:0b:
8b:3e:2a:c9:ed:c1:94:60:89:3b:ca:a6:1d:3f:9e:
d1:c3:10:30:5d:7a:5a:ea:a9:9d:ab:59:a8:ef:bf:
e3:c0:10:a1:04:19:1f:2d:14:50:09:76:4e:dd:5e:
ed:8f:f1:0d:f4:7b:b1:12:d8:62:8a:c4:ba:27:e5:
0b:2f:88:9b:7a:e5:b0:ac:f5:b4:28:7c:4b:92:dd:
bb:21:51:01:48:7f:11:1d:f8:62:10:b6:c6:59:19:
22:17:a4:39:81:41:5a:c3:14:09:4d:01:b7:41:46:
89:ea:5d:09:08:1f:ba:22:93:f9:80:5c:8c:be:1f:
b3:5c:61:83:41:bb:a9:ac:8d:ea:39:c2:5f:a0:5b:
c7:45:a0:bb:6a:f5:3f:66:b7:4c:a6:72:c1:52:a2:
f4:69:3c:cb:9f:2c:53:b8:a1:4c:f8:49:8e:9d:26:
1d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:95:CD:B9:1F:A9:E9:7F:FD:7E:83:BF:04:A6:1D:12:45:81:2C:F1
X509v3 Authority Key Identifier:
keyid:D9:1F:77:BE:22:01:1D:7E:1D:57:5D:9F:9A:DB:5F:8E:16:0E:5F:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C07F/9F9E1ECA0B6311EB8105B374C4F9AE02/2R93viIBHX4dV12fmttfjhYOX9k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2R93viIBHX4dV12fmttfjhYOX9k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C07F/9F9E1ECA0B6311EB8105B374C4F9AE02/9EA0622C8D4311EC86D95B19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.176.0/22
Signature Algorithm: sha256WithRSAEncryption
41:c0:6c:a5:1b:4b:78:60:d1:36:fc:21:c8:32:8f:8d:aa:ef:
d6:4c:39:ba:24:20:c1:38:aa:90:3e:47:0c:3b:9f:04:4a:4d:
f9:ae:a2:b7:33:47:f8:d1:38:fd:4f:c4:3d:3e:a5:68:ef:95:
67:f9:96:f6:1d:55:64:37:51:23:66:c7:32:6e:de:30:e9:f1:
45:1f:ea:16:2a:a0:71:2d:a0:fa:28:8a:25:d3:29:25:3b:84:
7d:a7:03:7c:a2:c4:a3:a3:96:84:1f:74:15:42:22:5c:3d:da:
af:3a:9b:fd:2b:91:6d:7d:18:7b:d6:f9:32:c0:ab:dc:d7:6a:
2f:3e:db:cd:fe:36:f2:cf:0c:f0:44:34:47:66:4f:59:f5:6c:
f4:6f:10:04:51:2d:52:d0:4d:2d:27:bd:5d:58:2c:19:eb:6a:
e7:50:e9:46:02:79:9c:62:31:6b:1e:95:f7:61:a8:e8:03:62:
d1:b6:0e:b2:3c:a2:73:f6:12:71:af:d3:d6:f2:12:ce:56:bf:
ca:db:1a:42:b3:4c:11:d4:eb:3e:7a:7a:46:85:26:e0:bc:f8:
c8:bf:d6:43:69:05:68:15:c2:92:a3:12:ad:d0:e4:af:20:4f:
51:86:65:45:c8:5a:c3:75:c7:dc:03:d3:14:15:c5:92:4f:24:
9d:63:36:06
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA/EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEMwN0YxMTAvBgNVBAUTKEQ5MUY3N0JFMjIwMTFEN0UxRDU3NUQ5RjlBREI1RjhF
MTYwRTVGRDkwHhcNMjIwMjE0MDMxMDEwWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA5YzgxMi0wNjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2p9u5a1Srukye3uP6+qrJvFfI3hth0Q1APHMKS8rCdUUHDSSgVbe6+M5CXZz
631sqeJ01kHzV4+KOQsMwFRK58xirSA6y/0IUOFO9yT+CiZjjT8C3n5A+wuLPirJ
7cGUYIk7yqYdP57RwxAwXXpa6qmdq1mo77/jwBChBBkfLRRQCXZO3V7tj/EN9Hux
EthiisS6J+ULL4ibeuWwrPW0KHxLkt27IVEBSH8RHfhiELbGWRkiF6Q5gUFawxQJ
TQG3QUaJ6l0JCB+6IpP5gFyMvh+zXGGDQbuprI3qOcJfoFvHRaC7avU/ZrdMpnLB
UqL0aTzLnyxTuKFM+EmOnSYdEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKuVzbkf
qel//X6DvwSmHRJFgSzxMB8GA1UdIwQYMBaAFNkfd74iAR1+HVddn5rbX44WDl/Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzA3Ri85RjlFMUVDQTBC
NjMxMUVCODEwNUIzNzRDNEY5QUUwMi8yUjkzdmlJQkhYNGRWMTJmbXR0ZmpoWU9Y
OWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJSOTN2aUlCSFg0ZFYxMmZtdHRmamhZT1g5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEMwN0YvOUY5RTFFQ0EwQjYzMTFFQjgxMDVCMzc0QzRGOUFFMDIvOUVBMDYyMkM4
RDQzMTFFQzg2RDk1QjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnZbAwDQYJKoZIhvcNAQELBQADggEBAEHAbKUbS3hg0Tb8
Icgyj42q79ZMObokIME4qpA+Rww7nwRKTfmuorczR/jROP1PxD0+pWjvlWf5lvYd
VWQ3USNmxzJu3jDp8UUf6hYqoHEtoPooiiXTKSU7hH2nA3yixKOjloQfdBVCIlw9
2q86m/0rkW19GHvW+TLAq9zXai8+283+NvLPDPBENEdmT1n1bPRvEARRLVLQTS0n
vV1YLBnraudQ6UYCeZxiMWselfdhqOgDYtG2DrI8onP2EnGv09byEs5Wv8rbGkKz
TBHU6z56ekaFJuC8+Mi/1kNpBWgVwpKjEq3Q5K8gT1GGZUXIWsN1x9wD0xQVxZJP
JJ1jNgY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:41 2023 by rpki-client on console-fra.rpki-client.org