Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A1D9/4B515576535F11EDAC762E34C4F9AE02/1D078862536311ED9D08443AC4F9AE02.roa
File: 1D078862536311ED9D08443AC4F9AE02.roa (raw, json)
Hash identifier: 0MUv0fnwDsSrWgtJbTJ+s/vy0ERJ1cuAgAUG9qfxZik=
Subject key identifier: B8:8F:A1:19:7A:7C:C1:1E:50:A1:03:05:82:CD:9E:F2:32:5B:D5:84
Certificate issuer: /CN=A915A1D9/serialNumber=CC7562A7588C12095CC233FD46C3B11D723DD4CF
Certificate serial: 84
Authority key identifier: CC:75:62:A7:58:8C:12:09:5C:C2:33:FD:46:C3:B1:1D:72:3D:D4:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHVip1iMEglcwjP9RsOxHXI91M8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A1D9/4B515576535F11EDAC762E34C4F9AE02/1D078862536311ED9D08443AC4F9AE02.roa
Signing time: Mon 03 Jul 2023 03:53:04 +0000
ROA not before: Mon 03 Jul 2023 03:53:04 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 17408
IP address blocks: 103.233.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132 (0x84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A1D9/serialNumber=CC7562A7588C12095CC233FD46C3B11D723DD4CF
Validity
Not Before: Jul 3 03:53:04 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64a24620-d0a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:15:2f:56:e5:fa:29:48:0b:a3:07:96:46:dd:
a7:17:dd:eb:aa:80:06:f9:cf:e0:f6:f5:29:29:76:
09:45:f9:87:b7:25:15:89:52:bc:81:6c:02:55:bb:
f2:44:29:a1:43:84:21:3b:17:2a:5d:4f:bc:cc:ac:
16:c5:49:ed:41:f5:c0:1c:c1:68:64:a8:e4:7b:98:
de:1b:d2:86:ec:dc:d4:cc:42:9b:90:2c:24:ca:c0:
74:61:f6:66:8d:84:4e:18:c2:35:03:61:f8:05:82:
ce:55:7c:58:d3:bb:e6:11:a4:4c:c5:bb:3e:a6:d3:
aa:16:ec:d1:5f:78:e6:1e:73:f7:6b:ca:c1:60:a7:
de:b5:ee:1b:6a:7f:fa:66:e2:25:9e:73:6e:25:67:
1d:75:f9:ab:54:94:f7:8c:c8:29:c9:6c:e9:2e:b0:
e2:53:9e:f0:24:3e:8c:df:9a:7c:55:75:55:0f:fc:
3b:87:19:5a:29:2a:6e:8c:bf:2f:26:f5:cf:58:14:
b6:a0:69:d0:cf:5e:03:77:d4:d3:c5:99:e6:f8:77:
e0:4e:f5:b3:bb:ed:96:07:25:83:dc:ac:81:95:93:
d6:e2:9c:5d:b1:ef:8e:20:d9:54:bb:a0:58:89:09:
cf:1a:35:73:b0:82:06:d2:07:3e:82:39:2d:69:7f:
6e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:8F:A1:19:7A:7C:C1:1E:50:A1:03:05:82:CD:9E:F2:32:5B:D5:84
X509v3 Authority Key Identifier:
keyid:CC:75:62:A7:58:8C:12:09:5C:C2:33:FD:46:C3:B1:1D:72:3D:D4:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A1D9/4B515576535F11EDAC762E34C4F9AE02/zHVip1iMEglcwjP9RsOxHXI91M8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHVip1iMEglcwjP9RsOxHXI91M8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A1D9/4B515576535F11EDAC762E34C4F9AE02/1D078862536311ED9D08443AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.233.212.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:09:f5:61:5d:d0:91:5f:bf:72:a9:5e:f8:74:68:4f:52:ea:
d5:5e:e2:b7:05:98:d4:57:3a:67:3f:b4:46:42:19:da:33:ea:
1c:f8:8e:cb:47:a1:45:90:6f:60:c5:4f:6a:17:05:ea:df:15:
8f:59:c5:17:46:b4:72:1f:b0:5b:49:11:a5:ec:f4:af:55:ba:
d9:d2:56:6e:4c:b9:07:38:cd:55:e6:9b:17:8a:5c:48:d5:68:
2f:0b:8b:f0:ed:4e:33:07:f4:10:75:9d:d6:aa:be:36:2a:45:
f7:de:de:f8:1e:33:35:69:9e:43:5c:b3:78:27:4a:a3:aa:b4:
e1:f2:49:c9:37:4a:e3:61:03:3d:05:7a:04:e4:93:db:3c:6b:
4b:a2:ee:3a:c0:a7:19:73:f0:be:6c:4a:3d:2f:d7:af:30:a1:
eb:6a:95:d2:cf:4d:a0:46:78:01:7c:0e:17:9f:fa:4d:a2:e0:
a6:2c:4b:55:78:75:f6:3b:f2:b3:6f:d8:d6:c7:18:8d:aa:a3:
da:6a:d7:4b:8f:8d:a8:5d:0b:32:32:56:0f:61:2a:6e:56:ef:
43:5e:1b:26:ff:0c:8c:85:58:ee:fe:ba:6b:d8:3c:51:d3:fb:
b3:39:a4:f2:50:61:1e:d9:fc:bb:b1:2d:7f:f2:7f:71:a7:8b:
65:f5:05:81
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUExRDkxMTAvBgNVBAUTKENDNzU2MkE3NTg4QzEyMDk1Q0MyMzNGRDQ2QzNCMTFE
NzIzREQ0Q0YwHhcNMjMwNzAzMDM1MzA0WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGEyNDYyMC1kMGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0BUvVuX6KUgLoweWRt2nF93rqoAG+c/g9vUpKXYJRfmHtyUViVK8gWwCVbvy
RCmhQ4QhOxcqXU+8zKwWxUntQfXAHMFoZKjke5jeG9KG7NzUzEKbkCwkysB0YfZm
jYROGMI1A2H4BYLOVXxY07vmEaRMxbs+ptOqFuzRX3jmHnP3a8rBYKfete4ban/6
ZuIlnnNuJWcddfmrVJT3jMgpyWzpLrDiU57wJD6M35p8VXVVD/w7hxlaKSpujL8v
JvXPWBS2oGnQz14Dd9TTxZnm+HfgTvWzu+2WByWD3KyBlZPW4pxdse+OINlUu6BY
iQnPGjVzsIIG0gc+gjktaX9u3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFLiPoRl6
fMEeUKEDBYLNnvIyW9WEMB8GA1UdIwQYMBaAFMx1YqdYjBIJXMIz/UbDsR1yPdTP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTFEOS80QjUxNTU3NjUz
NUYxMUVEQUM3NjJFMzRDNEY5QUUwMi96SFZpcDFpTUVnbGN3alA5UnNPeEhYSTkx
TTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pIVmlwMWlNRWdsY3dqUDlSc094SFhJOTFNOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUExRDkvNEI1MTU1NzY1MzVGMTFFREFDNzYyRTM0QzRGOUFFMDIvMUQwNzg4NjI1
MzYzMTFFRDlEMDg0NDNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn6dQwDQYJKoZIhvcNAQELBQADggEBAGsJ9WFd0JFfv3Kp
Xvh0aE9S6tVe4rcFmNRXOmc/tEZCGdoz6hz4jstHoUWQb2DFT2oXBerfFY9ZxRdG
tHIfsFtJEaXs9K9VutnSVm5MuQc4zVXmmxeKXEjVaC8Li/DtTjMH9BB1ndaqvjYq
Rffe3vgeMzVpnkNcs3gnSqOqtOHySck3SuNhAz0FegTkk9s8a0ui7jrApxlz8L5s
Sj0v168woetqldLPTaBGeAF8Dhef+k2i4KYsS1V4dfY78rNv2NbHGI2qo9pq10uP
jahdCzIyVg9hKm5W70NeGyb/DIyFWO7+umvYPFHT+7M5pPJQYR7Z/LuxLX/yf3Gn
i2X1BYE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org