Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B0EA/4D8E49B00B7411EAA584001CC4F9AE02/167E91580B0111EC83314B7FC4F9AE02.roa
File: 167E91580B0111EC83314B7FC4F9AE02.roa (raw, json)
Hash identifier: qHMECxDQs3Sw0SLuF9Zt65+eXzHpOEhFVOjTGsD3dME=
Subject key identifier: BB:E4:37:23:7F:10:B3:AF:92:62:AC:0C:8A:21:52:E4:0F:2A:6C:10
Certificate issuer: /CN=A916B0EA/serialNumber=15DF79A00739BC39B7178925958DFEE99BE00D42
Certificate serial: 0395
Authority key identifier: 15:DF:79:A0:07:39:BC:39:B7:17:89:25:95:8D:FE:E9:9B:E0:0D:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fd95oAc5vDm3F4kllY3-6ZvgDUI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B0EA/4D8E49B00B7411EAA584001CC4F9AE02/167E91580B0111EC83314B7FC4F9AE02.roa
Signing time: Mon 29 Nov 2021 20:35:59 +0000
ROA not before: Mon 29 Nov 2021 20:35:59 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 59332
IP address blocks: 45.116.248.0/22 maxlen: 23
45.116.248.0/24 maxlen: 24
45.116.249.0/24 maxlen: 24
45.116.250.0/24 maxlen: 24
45.116.251.0/24 maxlen: 24
103.228.0.0/22 maxlen: 22
103.228.0.0/23 maxlen: 24
103.228.2.0/24 maxlen: 24
103.228.3.0/24 maxlen: 24
2400:dc80::/32 maxlen: 32
2400:dc80::/36 maxlen: 36
2400:dc80:1000::/36 maxlen: 36
2400:dc80:2000::/36 maxlen: 36
2400:dc80:3000::/36 maxlen: 36
2400:dc80:4000::/36 maxlen: 36
2400:dc80:5000::/36 maxlen: 36
2400:dc80:6000::/36 maxlen: 36
2400:dc80:7000::/36 maxlen: 36
2400:dc80:8000::/36 maxlen: 36
2400:dc80:9000::/36 maxlen: 36
2400:dc80:a000::/36 maxlen: 36
2400:dc80:b000::/36 maxlen: 36
2400:dc80:c000::/36 maxlen: 36
2400:dc80:d000::/36 maxlen: 36
2400:dc80:e000::/36 maxlen: 36
2400:dc80:f000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 917 (0x395)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B0EA/serialNumber=15DF79A00739BC39B7178925958DFEE99BE00D42
Validity
Not Before: Nov 29 20:35:59 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=61a539af-0461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:84:1d:34:3e:f9:10:74:39:ff:76:36:a6:1d:
3d:68:6a:06:1c:31:1d:a1:38:4b:55:f5:ff:8a:f2:
40:cf:b5:26:b8:57:38:01:0a:40:2e:5f:c8:6e:b3:
63:3f:de:22:23:f2:89:09:b5:5c:a0:51:f8:34:34:
bf:1b:63:6d:51:f6:0a:16:20:f0:29:43:e0:03:4a:
12:e8:5e:6d:00:38:4f:da:26:47:49:27:0f:71:a0:
1b:fe:a0:5b:08:ab:a4:96:98:c2:8f:ee:92:e9:73:
b0:f5:e7:ec:13:87:52:5c:08:86:69:26:fa:08:a1:
aa:63:fc:08:9f:86:ac:e0:b7:dc:2f:c7:d6:1d:37:
c9:18:9e:1e:a1:27:85:45:b2:c8:ff:5e:3c:f6:a4:
1c:6c:6a:1d:a1:77:57:bf:ed:fd:31:2f:2a:b8:02:
58:29:36:59:10:7f:ba:ee:05:de:18:6e:9a:a8:e9:
cd:95:b2:93:9d:c9:ed:48:4f:6a:fd:5e:e2:10:03:
e2:d8:53:63:cd:e5:63:f5:08:07:44:49:cd:0f:29:
b6:5a:0a:5f:7b:ab:82:92:04:bf:b9:c4:42:03:ab:
bb:7b:b6:25:b9:1f:ea:0d:63:a1:d6:17:24:84:ce:
8a:75:27:21:ae:b8:b0:7d:94:36:c7:3b:4a:ad:b2:
02:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E4:37:23:7F:10:B3:AF:92:62:AC:0C:8A:21:52:E4:0F:2A:6C:10
X509v3 Authority Key Identifier:
keyid:15:DF:79:A0:07:39:BC:39:B7:17:89:25:95:8D:FE:E9:9B:E0:0D:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B0EA/4D8E49B00B7411EAA584001CC4F9AE02/Fd95oAc5vDm3F4kllY3-6ZvgDUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fd95oAc5vDm3F4kllY3-6ZvgDUI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B0EA/4D8E49B00B7411EAA584001CC4F9AE02/167E91580B0111EC83314B7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.248.0/22
103.228.0.0/22
IPv6:
2400:dc80::/32
Signature Algorithm: sha256WithRSAEncryption
09:c3:fa:5e:c0:71:d1:60:dd:8c:b0:07:2d:c2:5e:c0:27:72:
91:67:56:2f:a9:72:47:ea:6c:6e:7e:5b:fb:c6:12:89:d6:54:
47:85:72:7c:c6:8d:4d:bb:6e:58:bc:d2:9a:27:c6:09:6c:87:
a7:6d:2a:08:86:6f:a4:76:c8:02:d8:1d:89:8a:39:45:ff:d7:
0b:01:50:37:68:75:74:40:eb:83:14:a5:88:82:12:66:76:42:
8e:c7:67:1d:22:9d:ee:eb:2d:ec:57:a5:4a:02:26:1e:54:e1:
e6:9a:34:c2:c1:ff:00:89:71:57:b3:49:19:14:2c:62:cd:8e:
c1:43:8d:7e:cb:67:7d:b2:58:95:bf:3b:49:e0:b5:6f:de:1c:
ae:c2:47:fc:47:53:bb:71:c7:f9:4c:4a:70:31:3a:1f:ec:1a:
b4:44:40:cf:21:97:60:49:ff:85:74:2c:4e:47:59:f1:8a:5d:
1b:c9:d2:7b:e0:c6:a7:0b:31:30:7f:c7:e5:77:23:07:f3:a6:
58:6b:18:52:59:18:ff:ba:65:a1:9f:ab:45:41:76:2a:48:0e:
a6:bd:56:2b:23:96:94:dc:56:02:21:72:49:9c:fc:32:82:3a:
dc:2b:61:38:64:48:53:29:ed:da:bd:04:74:0a:ab:69:bc:fe:
9e:32:7d:ac
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICA5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkIwRUExMTAvBgNVBAUTKDE1REY3OUEwMDczOUJDMzlCNzE3ODkyNTk1OERGRUU5
OUJFMDBENDIwHhcNMjExMTI5MjAzNTU5WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWE1MzlhZi0wNDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyoQdND75EHQ5/3Y2ph09aGoGHDEdoThLVfX/ivJAz7UmuFc4AQpALl/IbrNj
P94iI/KJCbVcoFH4NDS/G2NtUfYKFiDwKUPgA0oS6F5tADhP2iZHSScPcaAb/qBb
CKuklpjCj+6S6XOw9efsE4dSXAiGaSb6CKGqY/wIn4as4LfcL8fWHTfJGJ4eoSeF
RbLI/1489qQcbGodoXdXv+39MS8quAJYKTZZEH+67gXeGG6aqOnNlbKTncntSE9q
/V7iEAPi2FNjzeVj9QgHREnNDym2Wgpfe6uCkgS/ucRCA6u7e7YluR/qDWOh1hck
hM6KdSchrriwfZQ2xztKrbIC9wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLvkNyN/
ELOvkmKsDIohUuQPKmwQMB8GA1UdIwQYMBaAFBXfeaAHObw5txeJJZWN/umb4A1C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjBFQS80RDhFNDlCMDBC
NzQxMUVBQTU4NDAwMUNDNEY5QUUwMi9GZDk1b0FjNXZEbTNGNGtsbFkzLTZadmdE
VUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZkOTVvQWM1dkRtM0Y0a2xsWTMtNlp2Z0RVSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkIwRUEvNEQ4RTQ5QjAwQjc0MTFFQUE1ODQwMDFDQzRGOUFFMDIvMTY3RTkxNTgw
QjAxMTFFQzgzMzE0QjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAItdPgDBAJn5AAwDQQCAAIwBwMFACQA3IAwDQYJKoZIhvcN
AQELBQADggEBAAnD+l7AcdFg3YywBy3CXsAncpFnVi+pckfqbG5+W/vGEonWVEeF
cnzGjU27bli80ponxglsh6dtKgiGb6R2yALYHYmKOUX/1wsBUDdodXRA64MUpYiC
EmZ2Qo7HZx0ine7rLexXpUoCJh5U4eaaNMLB/wCJcVezSRkULGLNjsFDjX7LZ32y
WJW/O0ngtW/eHK7CR/xHU7txx/lMSnAxOh/sGrREQM8hl2BJ/4V0LE5HWfGKXRvJ
0nvgxqcLMTB/x+V3IwfzplhrGFJZGP+6ZaGfq0VBdipIDqa9VisjlpTcVgIhckmc
/DKCOtwrYThkSFMp7dq9BHQKq2m8/p4yfaw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:45 2023 by rpki-client on console-fra.rpki-client.org