Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/ED1F93C2FF4F11ECB035C817C4F9AE02.roa
File: ED1F93C2FF4F11ECB035C817C4F9AE02.roa (raw, json)
Hash identifier: wpk9Qx2e5V6Kpk9Ryo6aqqRuS2N6lrtuRHVHX+9SyJE=
Subject key identifier: 30:38:BD:7B:E5:47:B4:37:AD:9D:80:55:07:16:17:0D:37:19:A7:B9
Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948
Certificate serial: 0B48
Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/ED1F93C2FF4F11ECB035C817C4F9AE02.roa
Signing time: Mon 15 Aug 2022 02:25:44 +0000
ROA not before: Mon 15 Aug 2022 02:25:44 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 137843
IP address blocks: 103.115.132.0/23 maxlen: 23
103.115.132.0/24 maxlen: 24
103.115.133.0/24 maxlen: 24
103.115.134.0/24 maxlen: 24
103.115.135.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2888 (0xb48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948
Validity
Not Before: Aug 15 02:25:44 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62f9aea8-0579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:47:78:88:f2:6b:d0:8c:41:10:f7:eb:81:b2:
5c:da:da:8c:a0:3c:51:e3:3f:78:b3:23:d4:ca:54:
3e:11:15:4b:b9:ca:cf:e1:27:67:aa:9f:10:5d:3d:
0b:dd:a1:25:5f:a7:0a:e6:1c:2c:5f:67:f7:21:ad:
36:80:76:b6:53:9c:3c:db:32:29:d1:da:5e:5a:20:
65:75:0e:76:4b:67:a9:15:6c:38:45:2e:bd:4d:23:
33:86:66:33:6a:f4:52:35:e7:d6:9b:26:7c:11:95:
ea:ff:78:d9:56:94:fd:db:cd:2b:4d:98:a6:8f:81:
ff:d6:15:b1:7c:7f:2b:0c:3e:a7:2f:e3:d4:ae:f3:
0d:81:90:a1:ac:05:03:ea:ec:02:17:ed:e7:42:cc:
0f:6e:f2:13:ba:d7:09:71:51:14:ba:aa:8f:b4:fe:
85:96:95:35:cc:17:1d:1f:45:df:02:38:fa:38:dd:
86:05:9a:5d:e5:46:ee:7f:81:d3:58:be:3c:d3:19:
f5:d3:1d:b7:d6:cf:b4:ae:5b:1e:41:2d:f4:89:bf:
a6:f5:9b:e8:f5:1c:80:d6:76:2b:b5:14:3d:c9:69:
07:fe:85:b8:a9:f1:20:7c:3a:bd:2d:0a:51:70:77:
ae:ae:0e:aa:1f:ee:f1:20:e0:d6:10:43:04:cd:8e:
05:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:38:BD:7B:E5:47:B4:37:AD:9D:80:55:07:16:17:0D:37:19:A7:B9
X509v3 Authority Key Identifier:
keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/ED1F93C2FF4F11ECB035C817C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.115.132.0/22
Signature Algorithm: sha256WithRSAEncryption
82:66:9f:ec:3b:ad:d8:41:2c:44:b1:18:41:68:c1:18:5d:fd:
a3:29:d5:65:86:cb:c3:6f:73:20:88:29:8f:8f:c7:fa:cc:e3:
e8:31:a0:86:17:6b:ad:ed:e2:38:56:a9:1d:3f:78:bc:e0:11:
02:04:28:5f:39:37:99:73:cd:92:5e:21:36:2e:f6:c6:a0:bd:
39:d9:92:29:b0:e1:c0:ae:b1:a1:de:99:8e:76:10:69:ab:ed:
74:0d:6d:30:e7:4a:0b:8a:dc:57:bb:f6:36:d2:99:29:9e:ee:
c0:46:c0:8e:3c:ca:df:eb:c3:9a:4e:f8:c5:41:bb:7e:f8:9d:
b2:9f:96:26:a3:2f:91:e7:10:41:19:6c:f6:b4:ff:76:4f:28:
91:dc:40:5b:d4:70:72:29:7e:f9:e9:17:63:97:17:52:e7:d1:
a1:2c:19:6d:74:d1:67:17:5f:ed:e9:58:b5:d7:69:ec:2a:ab:
ab:74:ed:30:b8:48:44:b7:6b:a1:9b:1c:e2:eb:20:a2:0f:42:
46:42:54:e6:1b:05:e7:8b:bf:aa:78:ac:70:39:63:d8:47:7b:
a5:87:16:40:55:54:36:10:62:b2:7a:0f:c9:f3:a0:29:61:f6:
ef:a9:5e:57:01:67:b4:e7:0a:1d:34:75:a2:87:4a:b4:d6:46:
d9:68:f8:42
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC0gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1
MDc5N0M5NDgwHhcNMjIwODE1MDIyNTQ0WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmY5YWVhOC0wNTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArkd4iPJr0IxBEPfrgbJc2tqMoDxR4z94syPUylQ+ERVLucrP4Sdnqp8QXT0L
3aElX6cK5hwsX2f3Ia02gHa2U5w82zIp0dpeWiBldQ52S2epFWw4RS69TSMzhmYz
avRSNefWmyZ8EZXq/3jZVpT9280rTZimj4H/1hWxfH8rDD6nL+PUrvMNgZChrAUD
6uwCF+3nQswPbvITutcJcVEUuqqPtP6FlpU1zBcdH0XfAjj6ON2GBZpd5Ubuf4HT
WL480xn10x231s+0rlseQS30ib+m9Zvo9RyA1nYrtRQ9yWkH/oW4qfEgfDq9LQpR
cHeurg6qH+7xIODWEEMEzY4F+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFDA4vXvl
R7Q3rZ2AVQcWFw03Gae5MB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2
N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5
VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEY1MjEvMjE2NTg4MjBDNjdFMTFFOUFGM0JBNzY1QzRGOUFFMDIvRUQxRjkzQzJG
RjRGMTFFQ0IwMzVDODE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnc4QwDQYJKoZIhvcNAQELBQADggEBAIJmn+w7rdhBLESx
GEFowRhd/aMp1WWGy8NvcyCIKY+Px/rM4+gxoIYXa63t4jhWqR0/eLzgEQIEKF85
N5lzzZJeITYu9sagvTnZkimw4cCusaHemY52EGmr7XQNbTDnSguK3Fe79jbSmSme
7sBGwI48yt/rw5pO+MVBu374nbKfliajL5HnEEEZbPa0/3ZPKJHcQFvUcHIpfvnp
F2OXF1Ln0aEsGW100WcXX+3pWLXXaewqq6t07TC4SES3a6GbHOLrIKIPQkZCVOYb
BeeLv6p4rHA5Y9hHe6WHFkBVVDYQYrJ6D8nzoClh9u+pXlcBZ7TnCh00daKHSrTW
Rtlo+EI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:59 2024 by rpki-client on console-ams.rpki-client.org