Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/89D9A850270711EC8E7E427CC4F9AE02.roa
File: 89D9A850270711EC8E7E427CC4F9AE02.roa (raw, json)
Hash identifier: 3eoGhTy0pi4BtDZr8N8CrpO5ql01s2FyY0UgcIWazSc=
Subject key identifier: 05:BD:8A:32:6B:30:8D:04:5A:DB:9C:04:D3:CE:4A:98:0A:07:76:8E
Certificate issuer: /CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Certificate serial: 02B4
Authority key identifier: 98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/89D9A850270711EC8E7E427CC4F9AE02.roa
Signing time: Fri 31 Dec 2021 17:33:22 +0000
ROA not before: Fri 31 Dec 2021 17:33:22 +0000
ROA not after: Sun 01 May 2022 00:00:00 +0000
asID: 24322
IP address blocks: 103.77.68.0/23 maxlen: 23
103.77.68.0/24 maxlen: 24
103.77.69.0/24 maxlen: 24
103.215.15.0/24 maxlen: 24
116.206.128.0/23 maxlen: 23
116.206.129.0/24 maxlen: 24
2001:df5:8600::/48 maxlen: 48
2407:c280::/32 maxlen: 32
2407:c280:2000::/48 maxlen: 48
2407:c280:2001::/48 maxlen: 48
2407:c280:2002::/48 maxlen: 48
2407:c280:2003::/48 maxlen: 48
2407:c280:2004::/48 maxlen: 48
2407:c280:20ff::/48 maxlen: 48
2407:c280:3000::/48 maxlen: 48
2407:c280:3001::/48 maxlen: 48
2407:c280:3002::/48 maxlen: 48
2407:c280:3003::/48 maxlen: 48
2407:c280:3004::/48 maxlen: 48
2407:c280:30ff::/48 maxlen: 48
2407:c280:a100::/48 maxlen: 48
2407:c280:a101::/48 maxlen: 48
2407:c280:a102::/48 maxlen: 48
2407:c280:a103::/48 maxlen: 48
2407:c280:a104::/48 maxlen: 48
2407:c280:a1ff::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 692 (0x2b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91536B7/serialNumber=981FA227A2A435C2B76E06C9C452D3EC751984D3
Validity
Not Before: Dec 31 17:33:22 2021 GMT
Not After : May 1 00:00:00 2022 GMT
Subject: CN=61cf3ee2-3dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fe:79:d5:18:ca:ff:60:1f:13:1d:90:ac:c9:
4c:f7:ad:24:39:4f:9c:87:01:62:75:da:b2:06:b4:
6d:5c:43:3b:2d:9e:16:a6:6e:e3:01:00:3f:26:ec:
ff:e1:67:aa:30:90:1b:4d:6e:55:d2:f0:7d:b7:38:
b3:ea:4a:a5:a0:be:41:ed:84:8c:13:7d:13:ff:1d:
04:3f:a4:53:7e:73:33:3a:cb:88:de:5d:dc:9b:a5:
d7:15:02:d7:fc:cb:ec:8a:1f:46:1a:28:fa:dd:91:
54:09:91:8e:33:3f:f2:38:12:fb:c1:43:b9:68:6c:
28:c8:f0:5e:3a:c9:d0:0b:2b:36:96:f1:84:5d:5b:
3a:76:df:10:b5:ec:ca:d5:dd:59:44:08:9e:08:2e:
b2:58:14:b6:16:a1:f3:38:f8:f1:5a:48:2f:4c:22:
46:b0:8e:c7:18:7c:64:c5:41:36:c4:f5:3e:00:3e:
00:40:c4:0e:19:66:3d:5d:bf:b1:98:a9:60:49:18:
ea:dc:91:88:1b:48:6c:d2:aa:c1:09:3a:62:98:e2:
81:66:c7:de:97:77:97:46:d8:b1:c9:7a:b1:a7:13:
ce:20:7c:dd:d8:71:84:a3:f5:0c:5d:f6:0b:dc:9c:
46:ed:92:15:00:7d:74:53:4f:60:83:48:2c:0c:96:
7d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BD:8A:32:6B:30:8D:04:5A:DB:9C:04:D3:CE:4A:98:0A:07:76:8E
X509v3 Authority Key Identifier:
keyid:98:1F:A2:27:A2:A4:35:C2:B7:6E:06:C9:C4:52:D3:EC:75:19:84:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mB-iJ6KkNcK3bgbJxFLT7HUZhNM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/89D9A850270711EC8E7E427CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.77.68.0/23
103.215.15.0/24
116.206.128.0/23
IPv6:
2001:df5:8600::/48
2407:c280::/32
Signature Algorithm: sha256WithRSAEncryption
93:ed:a4:19:20:16:66:e2:7b:c1:5d:da:15:81:eb:28:d7:ae:
ff:c3:c7:9c:e5:77:20:6b:d8:39:02:e8:75:48:b3:56:4f:24:
b7:21:64:69:5d:97:2a:9f:60:1e:92:64:38:a2:b8:fb:c8:78:
91:9c:72:12:a4:9b:43:3e:11:81:0b:84:22:d3:d8:46:e5:cd:
a8:77:2e:a9:69:2d:e1:43:3c:4c:d1:2a:75:aa:42:22:0d:3d:
78:a0:a5:ce:0e:c4:23:c6:cb:18:8b:ba:c4:f9:d6:f6:d7:1b:
ef:20:41:2f:3d:2a:f9:32:d5:70:15:1a:c0:e0:52:41:d4:7a:
c1:b1:5c:18:86:f3:ae:c8:04:a6:d3:3a:77:72:b6:1d:79:2d:
1c:cb:4a:30:f8:26:48:6a:66:87:fe:a0:98:14:46:89:b6:e5:
9b:9f:92:d4:02:c6:c8:2c:64:30:de:f1:31:dc:ee:77:fd:aa:
a7:a7:ff:a0:c5:34:16:2c:a0:d5:a0:9c:2c:4c:60:53:56:17:
f3:8d:03:de:56:c3:6c:3c:9c:da:03:82:fc:b5:8e:27:35:3f:
47:1c:03:0a:34:c5:1d:b6:c2:3b:60:73:33:2a:44:b9:38:f2:
25:45:da:87:c3:b0:3a:0c:49:a8:fd:f7:0b:da:11:f3:27:8c:
57:d3:7c:25
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICArQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2QjcxMTAvBgNVBAUTKDk4MUZBMjI3QTJBNDM1QzJCNzZFMDZDOUM0NTJEM0VD
NzUxOTg0RDMwHhcNMjExMjMxMTczMzIyWhcNMjIwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWNmM2VlMi0zZGJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1v551RjK/2AfEx2QrMlM960kOU+chwFiddqyBrRtXEM7LZ4Wpm7jAQA/Juz/
4WeqMJAbTW5V0vB9tziz6kqloL5B7YSME30T/x0EP6RTfnMzOsuI3l3cm6XXFQLX
/Mvsih9GGij63ZFUCZGOMz/yOBL7wUO5aGwoyPBeOsnQCys2lvGEXVs6dt8QtezK
1d1ZRAieCC6yWBS2FqHzOPjxWkgvTCJGsI7HGHxkxUE2xPU+AD4AQMQOGWY9Xb+x
mKlgSRjq3JGIG0hs0qrBCTpimOKBZsfel3eXRtixyXqxpxPOIHzd2HGEo/UMXfYL
3JxG7ZIVAH10U09gg0gsDJZ9BQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFAW9ijJr
MI0EWtucBNPOSpgKB3aOMB8GA1UdIwQYMBaAFJgfoieipDXCt24GycRS0+x1GYTT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzZCNy9GMUNEMjdCNDcz
QUQxMUU3QUNCRDAyNUVDNEY5QUUwMi9tQi1pSjZLa05jSzNiZ2JKeEZMVDdIVVpo
Tk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21CLWlKNktrTmNLM2JnYkp4RkxUN0hVWmhOTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2QjcvRjFDRDI3QjQ3M0FEMTFFN0FDQkQwMjVFQzRGOUFFMDIvODlEOUE4NTAy
NzA3MTFFQzhFN0U0MjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMBgEAgABMBIDBAFnTUQDBABn1w8DBAF0zoAwFgQCAAIwEAMHACABDfWGAAMF
ACQHwoAwDQYJKoZIhvcNAQELBQADggEBAJPtpBkgFmbie8Fd2hWB6yjXrv/Dx5zl
dyBr2DkC6HVIs1ZPJLchZGldlyqfYB6SZDiiuPvIeJGcchKkm0M+EYELhCLT2Ebl
zah3LqlpLeFDPEzRKnWqQiINPXigpc4OxCPGyxiLusT51vbXG+8gQS89Kvky1XAV
GsDgUkHUesGxXBiG867IBKbTOndyth15LRzLSjD4JkhqZof+oJgURom25ZufktQC
xsgsZDDe8THc7nf9qqen/6DFNBYsoNWgnCxMYFNWF/ONA95Ww2w8nNoDgvy1jic1
P0ccAwo0xR22wjtgczMqRLk48iVF2ofDsDoMSaj99wvaEfMnjFfTfCU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org