Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/9702C7E4EA8111EC8906F23DC4F9AE02.roa
File: 9702C7E4EA8111EC8906F23DC4F9AE02.roa (raw, json)
Hash identifier: ue6YgZGdbxxw10hoBL40h7dAKa2MZwOCGhK3FY1wlo8=
Subject key identifier: 54:57:80:72:ED:D6:F8:FE:F9:F2:6F:3E:04:4C:9C:CC:61:92:87:B0
Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948
Certificate serial: 0AF3
Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/9702C7E4EA8111EC8906F23DC4F9AE02.roa
Signing time: Thu 07 Jul 2022 08:05:48 +0000
ROA not before: Thu 07 Jul 2022 08:05:48 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 137843
IP address blocks: 103.115.132.0/23 maxlen: 23
103.115.132.0/24 maxlen: 24
103.115.133.0/24 maxlen: 24
103.115.134.0/24 maxlen: 24
103.115.135.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2803 (0xaf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948
Validity
Not Before: Jul 7 08:05:48 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62c693dc-d489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:73:8f:ef:ee:32:e5:79:f7:e0:a6:06:63:ef:
1a:cc:28:51:3b:1d:06:a6:1b:43:3e:9e:6b:64:07:
5f:c5:1a:48:43:9c:95:74:a8:82:bd:54:3e:a6:58:
1f:00:5c:16:6e:5e:f1:f7:7b:2c:e5:5e:d2:8f:e8:
87:c1:3e:21:19:15:1b:7c:70:60:54:27:21:bf:8c:
3d:f7:5f:32:0d:be:3a:93:10:f9:3c:2a:25:71:a1:
d3:65:f4:00:45:16:09:b3:41:6f:35:b1:55:f4:37:
39:47:0a:88:dd:0b:c7:75:95:aa:19:45:02:04:bd:
8a:7a:b2:7c:53:73:ef:64:27:84:95:e8:44:17:31:
c9:a9:aa:7b:2b:a0:72:1b:24:ef:41:48:e3:de:e0:
43:02:58:3a:42:4f:96:bf:d5:d8:34:85:ca:99:03:
13:e5:85:d0:7b:d1:f6:83:ea:9f:06:d7:1f:cf:e3:
9f:36:41:0f:75:06:fb:aa:f7:87:2e:10:58:1e:c9:
84:82:24:97:bc:bd:16:90:45:e8:d1:e1:f1:53:bc:
06:62:73:17:3c:b8:4b:c0:58:20:51:6a:eb:ca:0b:
92:b6:21:e6:2e:d2:9e:c1:17:d1:5c:d6:52:bc:67:
6a:e3:1b:43:3a:62:48:f0:19:0c:ae:ee:47:d2:e9:
a9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:57:80:72:ED:D6:F8:FE:F9:F2:6F:3E:04:4C:9C:CC:61:92:87:B0
X509v3 Authority Key Identifier:
keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/9702C7E4EA8111EC8906F23DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.115.132.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:96:24:dc:47:5c:97:6c:03:2c:36:b3:dd:85:f8:d0:83:5c:
0e:86:e3:18:54:4f:ac:d2:4c:21:c2:4e:24:46:f9:18:68:1d:
49:3b:62:ee:42:90:16:98:3d:a1:d0:4e:41:ca:a3:7a:88:88:
de:81:fc:83:52:f6:96:62:70:2c:07:4f:a2:f0:11:00:21:62:
73:45:ed:75:91:57:7a:da:29:89:72:1f:39:33:64:aa:fa:9e:
a9:d3:29:0a:48:16:2d:96:66:25:6a:dc:e8:fe:c0:09:3b:09:
84:a2:71:2f:89:c9:83:48:e4:43:2d:e3:b0:c4:26:3b:03:76:
cf:d3:0f:f0:e7:dd:67:60:d1:e1:7a:10:16:23:b1:1a:9b:55:
ad:0c:8e:c5:a3:a1:5b:7a:8a:85:96:96:a2:41:5b:51:c9:e3:
15:be:0a:34:55:66:b0:d4:6b:44:2b:f3:da:9c:0d:4c:a8:a3:
01:3a:2c:12:44:6d:63:3f:ec:fb:54:61:77:38:2e:64:8b:d1:
bb:d6:52:68:a2:b3:ed:ab:5a:ab:a0:96:82:e5:7f:31:0c:a1:
fd:ca:86:2d:86:45:12:21:b7:c7:3d:35:c4:29:c8:4d:f2:7e:
7b:a6:8a:d6:bc:be:0a:20:8c:cd:4d:a7:55:eb:9d:2e:82:60:
ce:1b:4f:30
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCvMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1
MDc5N0M5NDgwHhcNMjIwNzA3MDgwNTQ4WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmM2OTNkYy1kNDg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA53OP7+4y5Xn34KYGY+8azChROx0GphtDPp5rZAdfxRpIQ5yVdKiCvVQ+plgf
AFwWbl7x93ss5V7Sj+iHwT4hGRUbfHBgVCchv4w9918yDb46kxD5PColcaHTZfQA
RRYJs0FvNbFV9Dc5RwqI3QvHdZWqGUUCBL2KerJ8U3PvZCeElehEFzHJqap7K6By
GyTvQUjj3uBDAlg6Qk+Wv9XYNIXKmQMT5YXQe9H2g+qfBtcfz+OfNkEPdQb7qveH
LhBYHsmEgiSXvL0WkEXo0eHxU7wGYnMXPLhLwFggUWrryguStiHmLtKewRfRXNZS
vGdq4xtDOmJI8BkMru5H0ump3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFFRXgHLt
1vj++fJvPgRMnMxhkoewMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2
N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5
VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEY1MjEvMjE2NTg4MjBDNjdFMTFFOUFGM0JBNzY1QzRGOUFFMDIvOTcwMkM3RTRF
QTgxMTFFQzg5MDZGMjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnc4QwDQYJKoZIhvcNAQELBQADggEBAH+WJNxHXJdsAyw2
s92F+NCDXA6G4xhUT6zSTCHCTiRG+RhoHUk7Yu5CkBaYPaHQTkHKo3qIiN6B/INS
9pZicCwHT6LwEQAhYnNF7XWRV3raKYlyHzkzZKr6nqnTKQpIFi2WZiVq3Oj+wAk7
CYSicS+JyYNI5EMt47DEJjsDds/TD/Dn3Wdg0eF6EBYjsRqbVa0MjsWjoVt6ioWW
lqJBW1HJ4xW+CjRVZrDUa0Qr89qcDUyoowE6LBJEbWM/7PtUYXc4LmSL0bvWUmii
s+2rWqugloLlfzEMof3Khi2GRRIht8c9NcQpyE3yfnumita8vgogjM1Np1XrnS6C
YM4bTzA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org