Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91557F2/233504A44FCC11EB9DBE7F5DC4F9AE02/87F3B7724FCD11EBAB998F5EC4F9AE02.roa
File: 87F3B7724FCD11EBAB998F5EC4F9AE02.roa (raw, json)
Hash identifier: boiJuUnltYaN3WfaoM7ERl3zDA3jzRQ5NV1Ti+QZF1M=
Subject key identifier: 9D:ED:FD:64:11:AE:40:C8:F7:C6:52:18:D1:06:D8:AC:A6:F8:71:56
Certificate issuer: /CN=A91557F2/serialNumber=FAD9B93777D0CEBA2BB7A6B78D507F7790921C06
Certificate serial: 0274
Authority key identifier: FA:D9:B9:37:77:D0:CE:BA:2B:B7:A6:B7:8D:50:7F:77:90:92:1C:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-tm5N3fQzrort6a3jVB_d5CSHAY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91557F2/233504A44FCC11EB9DBE7F5DC4F9AE02/87F3B7724FCD11EBAB998F5EC4F9AE02.roa
Signing time: Thu 18 Nov 2021 13:29:40 +0000
ROA not before: Thu 18 Nov 2021 13:29:40 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 1221
IP address blocks: 103.234.163.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 628 (0x274)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91557F2/serialNumber=FAD9B93777D0CEBA2BB7A6B78D507F7790921C06
Validity
Not Before: Nov 18 13:29:40 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=61965543-e3b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:38:4a:91:f5:31:89:d9:ee:60:53:7c:d5:94:
82:94:75:66:3b:36:a7:af:94:c0:89:7e:45:3a:f7:
f7:11:bb:68:ae:52:7b:32:63:31:26:8a:5d:e0:91:
96:77:ec:c5:17:ee:79:96:ac:92:04:40:e4:2e:7e:
ea:7f:12:bd:6b:e1:16:28:4b:81:2b:7b:ee:6b:ef:
0c:b2:bd:7f:30:0d:6a:ab:c7:36:6a:6c:ad:a4:ae:
bb:5c:19:59:0f:33:07:8c:b2:09:fd:33:19:b5:d2:
bd:7a:ab:a6:54:73:64:b9:29:76:e0:b3:23:19:3d:
61:03:8d:b1:5c:c2:7d:c9:b6:f6:fa:01:e9:4d:52:
72:f0:a4:a3:de:08:6e:af:e3:a7:c2:21:22:1f:62:
85:58:d1:c7:3d:51:ec:c5:ea:30:25:34:8f:4c:54:
88:2a:2c:4e:ca:12:d1:f2:62:59:a6:ac:f7:47:9e:
af:b9:67:51:df:04:ae:01:6c:ba:9b:e8:5b:c8:82:
84:3f:c5:82:51:56:40:a5:a2:ea:5e:30:20:d8:07:
e1:2b:f3:2f:cb:71:4e:70:0b:38:d8:8d:6d:e4:be:
13:88:46:3c:74:6b:71:e4:ef:25:34:d9:ec:40:b1:
95:7d:06:6c:c5:f8:64:f1:8d:df:6d:83:ff:38:c4:
0e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:ED:FD:64:11:AE:40:C8:F7:C6:52:18:D1:06:D8:AC:A6:F8:71:56
X509v3 Authority Key Identifier:
keyid:FA:D9:B9:37:77:D0:CE:BA:2B:B7:A6:B7:8D:50:7F:77:90:92:1C:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91557F2/233504A44FCC11EB9DBE7F5DC4F9AE02/-tm5N3fQzrort6a3jVB_d5CSHAY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-tm5N3fQzrort6a3jVB_d5CSHAY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91557F2/233504A44FCC11EB9DBE7F5DC4F9AE02/87F3B7724FCD11EBAB998F5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.234.163.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a3:ed:4b:1d:81:45:ce:64:0c:9d:d5:48:5f:d1:98:c5:e4:
b8:74:9c:20:d5:e3:9b:fd:04:91:a0:b9:f2:bc:d6:1b:5d:7b:
dc:2c:c3:37:fe:e5:90:23:e8:aa:b9:57:7f:a3:3f:65:d0:13:
46:03:92:bf:dc:55:ae:9f:6b:9f:4b:9c:22:cd:80:b9:30:80:
10:7e:4e:59:c6:bd:b3:d0:c6:f4:96:b6:0a:4c:b0:5a:39:4c:
d6:fd:ff:db:0a:aa:d7:31:47:d3:59:14:30:a4:6c:79:e5:a8:
70:ae:06:fe:13:10:9a:86:f1:8e:6b:75:b5:de:a2:a9:bc:71:
aa:28:7a:69:b3:1a:25:a1:9c:11:c1:2e:a4:a6:f4:d5:3b:ca:
27:29:5f:5b:98:1e:af:b5:73:9c:4e:16:bd:f9:44:0d:05:7c:
f1:58:d5:9d:26:b8:25:b9:3a:8c:8b:54:3a:fb:db:86:16:a7:
50:cf:66:b2:a5:13:1b:1e:9d:86:30:ee:c2:0d:81:26:ab:0c:
02:7d:88:8b:c9:5b:6a:5f:df:04:ee:bd:9f:a1:56:06:c4:d6:
7e:72:4a:5e:13:0b:c3:ea:f2:8e:ee:81:07:8d:63:7d:90:93:
97:d9:62:92:be:80:34:4c:6d:e1:87:18:99:b7:ed:d5:0a:bf:
99:be:1a:48
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTU3RjIxMTAvBgNVBAUTKEZBRDlCOTM3NzdEMENFQkEyQkI3QTZCNzhENTA3Rjc3
OTA5MjFDMDYwHhcNMjExMTE4MTMyOTQwWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTk2NTU0My1lM2I2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzhKkfUxidnuYFN81ZSClHVmOzanr5TAiX5FOvf3EbtorlJ7MmMxJopd4JGW
d+zFF+55lqySBEDkLn7qfxK9a+EWKEuBK3vua+8Msr1/MA1qq8c2amytpK67XBlZ
DzMHjLIJ/TMZtdK9equmVHNkuSl24LMjGT1hA42xXMJ9ybb2+gHpTVJy8KSj3ghu
r+OnwiEiH2KFWNHHPVHsxeowJTSPTFSIKixOyhLR8mJZpqz3R56vuWdR3wSuAWy6
m+hbyIKEP8WCUVZApaLqXjAg2AfhK/Mvy3FOcAs42I1t5L4TiEY8dGtx5O8lNNns
QLGVfQZsxfhk8Y3fbYP/OMQORQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ3t/WQR
rkDI98ZSGNEG2Kym+HFWMB8GA1UdIwQYMBaAFPrZuTd30M66K7emt41Qf3eQkhwG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTdGMi8yMzM1MDRBNDRG
Q0MxMUVCOURCRTdGNURDNEY5QUUwMi8tdG01TjNmUXpyb3J0NmEzalZCX2Q1Q1NI
QVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy10bTVOM2ZRenJvcnQ2YTNqVkJfZDVDU0hBWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTU3RjIvMjMzNTA0QTQ0RkNDMTFFQjlEQkU3RjVEQzRGOUFFMDIvODdGM0I3NzI0
RkNEMTFFQkFCOTk4RjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn6qMwDQYJKoZIhvcNAQELBQADggEBAJ+j7UsdgUXOZAyd
1Uhf0ZjF5Lh0nCDV45v9BJGgufK81htde9wswzf+5ZAj6Kq5V3+jP2XQE0YDkr/c
Va6fa59LnCLNgLkwgBB+TlnGvbPQxvSWtgpMsFo5TNb9/9sKqtcxR9NZFDCkbHnl
qHCuBv4TEJqG8Y5rdbXeoqm8caooemmzGiWhnBHBLqSm9NU7yicpX1uYHq+1c5xO
Fr35RA0FfPFY1Z0muCW5OoyLVDr724YWp1DPZrKlExsenYYw7sINgSarDAJ9iIvJ
W2pf3wTuvZ+hVgbE1n5ySl4TC8Pq8o7ugQeNY32Qk5fZYpK+gDRMbeGHGJm37dUK
v5m+Gkg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org