Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B0EA/4D8E49B00B7411EAA584001CC4F9AE02/BC959110E18711EC8BF19C5FC4F9AE02.roa
File: BC959110E18711EC8BF19C5FC4F9AE02.roa (raw, json)
Hash identifier: jDe/3vlg+rrqbCvGcd1JVFWZ7/iB4hm2t9jkEDe5qWM=
Subject key identifier: 8D:DB:F6:F8:63:62:5E:C7:34:97:89:88:6A:B7:63:21:7E:02:4B:CF
Certificate issuer: /CN=A916B0EA/serialNumber=15DF79A00739BC39B7178925958DFEE99BE00D42
Certificate serial: 050E
Authority key identifier: 15:DF:79:A0:07:39:BC:39:B7:17:89:25:95:8D:FE:E9:9B:E0:0D:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fd95oAc5vDm3F4kllY3-6ZvgDUI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B0EA/4D8E49B00B7411EAA584001CC4F9AE02/BC959110E18711EC8BF19C5FC4F9AE02.roa
Signing time: Wed 01 Jun 2022 20:49:19 +0000
ROA not before: Wed 01 Jun 2022 20:49:19 +0000
ROA not after: Sat 01 Oct 2022 00:00:00 +0000
asID: 59332
IP address blocks: 45.116.248.0/22 maxlen: 23
45.116.248.0/24 maxlen: 24
45.116.249.0/24 maxlen: 24
45.116.250.0/24 maxlen: 24
45.116.251.0/24 maxlen: 24
103.228.0.0/22 maxlen: 22
103.228.0.0/23 maxlen: 24
103.228.2.0/24 maxlen: 24
103.228.3.0/24 maxlen: 24
2400:dc80::/32 maxlen: 32
2400:dc80::/36 maxlen: 36
2400:dc80:1000::/36 maxlen: 36
2400:dc80:2000::/36 maxlen: 36
2400:dc80:3000::/36 maxlen: 36
2400:dc80:4000::/36 maxlen: 36
2400:dc80:5000::/36 maxlen: 36
2400:dc80:6000::/36 maxlen: 36
2400:dc80:7000::/36 maxlen: 36
2400:dc80:8000::/36 maxlen: 36
2400:dc80:9000::/36 maxlen: 36
2400:dc80:a000::/36 maxlen: 36
2400:dc80:b000::/36 maxlen: 36
2400:dc80:c000::/36 maxlen: 36
2400:dc80:d000::/36 maxlen: 36
2400:dc80:e000::/36 maxlen: 36
2400:dc80:f000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1294 (0x50e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B0EA/serialNumber=15DF79A00739BC39B7178925958DFEE99BE00D42
Validity
Not Before: Jun 1 20:49:19 2022 GMT
Not After : Oct 1 00:00:00 2022 GMT
Subject: CN=6297d0ce-7a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:00:02:be:3a:2a:d8:aa:a9:d4:76:e9:6b:7f:
86:ec:63:68:dc:14:27:28:2f:dc:3a:1f:a4:2c:47:
98:87:63:14:a1:e2:b9:06:79:24:cd:d4:77:83:86:
11:74:1f:64:31:4b:06:c5:b2:dc:ef:a6:2f:a8:3a:
3e:58:f9:8e:93:bd:4d:e1:c6:2a:a6:a0:2c:31:ac:
b1:2c:13:f9:30:79:43:1a:0a:03:9d:b9:3c:86:59:
8a:69:a8:56:48:2f:64:00:42:16:ed:87:a3:3e:25:
21:1a:09:91:8d:ba:2d:b7:67:ff:3d:6f:f7:0a:15:
60:cd:e9:76:5c:82:33:55:85:8e:eb:76:5f:e4:37:
e3:a6:6b:98:0a:87:c2:28:7b:94:c0:de:98:0d:ad:
79:60:54:c5:f7:69:94:89:4e:72:6a:96:f1:b1:f6:
83:12:2e:10:29:a6:8f:a2:50:d0:e0:b7:30:05:ba:
20:0c:4f:ea:5e:82:de:9b:58:2a:f0:c5:46:b3:b3:
35:64:08:b2:74:e2:48:96:0f:ce:39:01:fe:16:00:
35:a0:e5:26:8a:c4:79:8e:f0:3f:a5:5b:04:20:47:
54:30:29:fe:5a:68:c1:4a:83:b6:51:f9:a4:58:dc:
ac:6a:31:52:e0:9c:c5:a5:43:6a:64:1c:3a:b3:a3:
7d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:DB:F6:F8:63:62:5E:C7:34:97:89:88:6A:B7:63:21:7E:02:4B:CF
X509v3 Authority Key Identifier:
keyid:15:DF:79:A0:07:39:BC:39:B7:17:89:25:95:8D:FE:E9:9B:E0:0D:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B0EA/4D8E49B00B7411EAA584001CC4F9AE02/Fd95oAc5vDm3F4kllY3-6ZvgDUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fd95oAc5vDm3F4kllY3-6ZvgDUI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B0EA/4D8E49B00B7411EAA584001CC4F9AE02/BC959110E18711EC8BF19C5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.248.0/22
103.228.0.0/22
IPv6:
2400:dc80::/32
Signature Algorithm: sha256WithRSAEncryption
1f:19:bb:03:61:11:08:84:04:66:d0:ce:7d:90:fb:3d:98:14:
82:d7:eb:ea:2e:48:22:bf:a1:5a:89:a6:4f:d9:eb:dd:57:51:
2b:fb:f3:66:c7:5e:2b:dc:39:e4:8e:40:8a:aa:98:1c:b0:21:
04:6a:e3:f0:1e:ce:1a:88:1c:54:b3:d7:01:48:55:cd:e0:8a:
61:7a:30:cb:92:4f:2b:bf:3a:b8:1c:d6:3d:b2:d2:01:e4:1d:
f5:1a:96:44:71:49:9e:98:06:52:50:27:9e:85:77:ec:72:2a:
09:74:7a:99:69:99:a2:fb:d7:7a:3b:7c:ce:bd:d2:04:5b:59:
1e:52:1d:53:3e:3e:a9:43:7a:0f:a1:d0:f6:30:51:b0:c1:e2:
83:8d:9c:ae:5c:e3:0d:1a:37:ce:50:a8:85:93:39:43:64:e6:
ae:21:7b:f2:f5:fc:84:be:c9:af:ef:10:4f:c7:1a:e1:6a:68:
c0:34:b9:9c:ad:60:ff:d9:b8:76:5a:cd:9a:79:18:ac:c2:3b:
20:ac:e8:b4:e5:a5:59:23:d8:dc:ff:d3:ed:ba:3b:a4:a7:cd:
60:41:0e:dd:42:cb:b6:10:7f:43:e2:b4:79:9a:4e:10:2f:de:
8e:c3:12:ab:99:8b:aa:9f:76:7b:2e:8e:ee:47:4f:48:3f:ce:
41:f3:b1:30
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkIwRUExMTAvBgNVBAUTKDE1REY3OUEwMDczOUJDMzlCNzE3ODkyNTk1OERGRUU5
OUJFMDBENDIwHhcNMjIwNjAxMjA0OTE5WhcNMjIxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk3ZDBjZS03YTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAogACvjoq2Kqp1Hbpa3+G7GNo3BQnKC/cOh+kLEeYh2MUoeK5BnkkzdR3g4YR
dB9kMUsGxbLc76YvqDo+WPmOk71N4cYqpqAsMayxLBP5MHlDGgoDnbk8hlmKaahW
SC9kAEIW7YejPiUhGgmRjbott2f/PW/3ChVgzel2XIIzVYWO63Zf5DfjpmuYCofC
KHuUwN6YDa15YFTF92mUiU5yapbxsfaDEi4QKaaPolDQ4LcwBbogDE/qXoLem1gq
8MVGs7M1ZAiydOJIlg/OOQH+FgA1oOUmisR5jvA/pVsEIEdUMCn+WmjBSoO2Ufmk
WNysajFS4JzFpUNqZBw6s6N9PwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI3b9vhj
Yl7HNJeJiGq3YyF+AkvPMB8GA1UdIwQYMBaAFBXfeaAHObw5txeJJZWN/umb4A1C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjBFQS80RDhFNDlCMDBC
NzQxMUVBQTU4NDAwMUNDNEY5QUUwMi9GZDk1b0FjNXZEbTNGNGtsbFkzLTZadmdE
VUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZkOTVvQWM1dkRtM0Y0a2xsWTMtNlp2Z0RVSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkIwRUEvNEQ4RTQ5QjAwQjc0MTFFQUE1ODQwMDFDQzRGOUFFMDIvQkM5NTkxMTBF
MTg3MTFFQzhCRjE5QzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAItdPgDBAJn5AAwDQQCAAIwBwMFACQA3IAwDQYJKoZIhvcN
AQELBQADggEBAB8ZuwNhEQiEBGbQzn2Q+z2YFILX6+ouSCK/oVqJpk/Z691XUSv7
82bHXivcOeSOQIqqmBywIQRq4/AezhqIHFSz1wFIVc3gimF6MMuSTyu/Orgc1j2y
0gHkHfUalkRxSZ6YBlJQJ56Fd+xyKgl0eplpmaL713o7fM690gRbWR5SHVM+PqlD
eg+h0PYwUbDB4oONnK5c4w0aN85QqIWTOUNk5q4he/L1/IS+ya/vEE/HGuFqaMA0
uZytYP/ZuHZazZp5GKzCOyCs6LTlpVkj2Nz/0+26O6SnzWBBDt1Cy7YQf0PitHma
ThAv3o7DEquZi6qfdnsuju5HT0g/zkHzsTA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org