Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91754CB/53BE4DBEFDD111ED98733067C4F9AE02/D94DFD78B0F311EEAAD7EA3AC4F9AE02.roa
File: D94DFD78B0F311EEAAD7EA3AC4F9AE02.roa (raw, json)
Hash identifier: RA+Pk/sfnLnSdAvpjhED8oeo8IJVWidD9XWVc6pDS3o=
Subject key identifier: EA:9A:27:4A:1F:2C:7D:3C:A2:93:56:FC:5A:C8:01:F4:69:A2:4A:11
Certificate issuer: /CN=A91754CB/serialNumber=DD02A7E8D7C9757C657BDA6AD9D57F05881FFA57
Certificate serial: 85
Authority key identifier: DD:02:A7:E8:D7:C9:75:7C:65:7B:DA:6A:D9:D5:7F:05:88:1F:FA:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3QKn6NfJdXxle9pq2dV_BYgf-lc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91754CB/53BE4DBEFDD111ED98733067C4F9AE02/D94DFD78B0F311EEAAD7EA3AC4F9AE02.roa
Signing time: Fri 12 Jan 2024 02:39:47 +0000
ROA not before: Fri 12 Jan 2024 02:39:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215938
IP address blocks: 103.211.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133 (0x85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91754CB/serialNumber=DD02A7E8D7C9757C657BDA6AD9D57F05881FFA57
Validity
Not Before: Jan 12 02:39:47 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65a0a672-14fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:19:bb:2a:7d:4c:d1:58:71:01:d5:44:a9:3a:
b5:f7:df:f0:f1:c1:54:51:6b:eb:e0:66:e9:99:79:
45:2e:c5:06:36:11:fa:37:43:db:29:78:df:7d:d2:
ec:65:ab:3c:e0:fa:96:b6:74:35:fd:06:cf:79:f8:
dd:0e:91:a7:da:21:61:42:bd:5b:38:1e:d9:7a:20:
7d:af:38:02:2c:f2:8e:d1:fd:49:0b:8f:05:b7:5a:
59:c6:57:9b:6b:49:b5:2c:ee:c4:36:f9:02:a8:c7:
4a:78:ec:3b:ae:be:75:cb:65:7e:62:7b:08:11:77:
a7:01:39:69:d8:76:c9:fa:25:39:c0:27:31:15:99:
53:db:17:57:9e:a9:13:77:fd:27:12:7c:09:e0:06:
17:0a:06:98:82:6b:69:3c:24:dc:66:0e:3c:df:75:
71:f2:28:b2:94:97:91:29:eb:33:6f:73:cb:82:f4:
76:85:75:a4:64:57:d0:61:20:32:52:2b:cf:75:8a:
34:8e:71:0e:3d:59:10:37:ef:8e:c5:c9:89:1b:21:
5e:b6:7e:74:9a:36:02:97:64:74:67:84:c7:99:fd:
ff:87:4d:fb:5a:28:f8:54:78:40:a2:3d:ee:9c:74:
66:71:99:99:d4:7c:04:d7:e0:72:78:f1:7b:62:92:
58:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:9A:27:4A:1F:2C:7D:3C:A2:93:56:FC:5A:C8:01:F4:69:A2:4A:11
X509v3 Authority Key Identifier:
keyid:DD:02:A7:E8:D7:C9:75:7C:65:7B:DA:6A:D9:D5:7F:05:88:1F:FA:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91754CB/53BE4DBEFDD111ED98733067C4F9AE02/3QKn6NfJdXxle9pq2dV_BYgf-lc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3QKn6NfJdXxle9pq2dV_BYgf-lc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91754CB/53BE4DBEFDD111ED98733067C4F9AE02/D94DFD78B0F311EEAAD7EA3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.211.100.0/24
Signature Algorithm: sha256WithRSAEncryption
28:3d:9a:c0:b4:ea:a8:cc:dc:7d:7a:31:32:27:e5:2f:fb:b9:
66:76:2a:76:80:bb:7f:7d:ea:c9:05:8f:f0:29:07:1e:ab:0e:
97:6b:a7:09:e9:ad:5a:ab:1f:74:c4:b4:c8:61:13:bc:fe:fb:
87:13:70:82:25:3b:47:b6:a0:dc:52:2b:dd:b0:ce:45:0b:05:
d4:79:6b:ba:f6:be:7d:d1:a2:f2:4a:c8:64:9f:c3:f7:de:98:
7c:c6:7e:ec:a3:6b:80:70:a0:89:70:d3:5b:f8:15:45:3d:e2:
4e:f3:dd:f4:a1:15:6f:71:ce:6b:8d:ba:bb:00:bc:03:0a:e1:
7a:11:c7:ec:a0:fe:3b:e9:c2:e9:e2:39:2f:ae:92:f7:d2:b9:
d7:46:9a:18:cd:ea:21:ec:1d:dc:f1:b8:15:56:60:ae:13:9a:
44:98:c4:7a:0c:8a:f5:24:ac:d8:f4:c6:c5:09:63:21:a6:d5:
4b:36:44:d6:6c:8d:9c:58:12:86:06:f6:11:52:a0:bf:c5:69:
f9:3d:6e:44:ca:19:0b:17:ef:55:17:a5:07:72:5c:e9:12:0b:
57:90:58:a6:9f:ac:b2:b5:2d:05:69:1e:ca:d0:8a:1a:2e:47:
bf:99:af:10:a5:b3:0e:ea:3b:34:48:fa:1c:24:1a:37:e3:2b:
f7:d3:2d:1f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU0Q0IxMTAvBgNVBAUTKEREMDJBN0U4RDdDOTc1N0M2NTdCREE2QUQ5RDU3RjA1
ODgxRkZBNTcwHhcNMjQwMTEyMDIzOTQ3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWEwYTY3Mi0xNGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAphm7Kn1M0VhxAdVEqTq199/w8cFUUWvr4GbpmXlFLsUGNhH6N0PbKXjffdLs
Zas84PqWtnQ1/QbPefjdDpGn2iFhQr1bOB7ZeiB9rzgCLPKO0f1JC48Ft1pZxleb
a0m1LO7ENvkCqMdKeOw7rr51y2V+YnsIEXenATlp2HbJ+iU5wCcxFZlT2xdXnqkT
d/0nEnwJ4AYXCgaYgmtpPCTcZg4833Vx8iiylJeRKeszb3PLgvR2hXWkZFfQYSAy
UivPdYo0jnEOPVkQN++OxcmJGyFetn50mjYCl2R0Z4THmf3/h037Wij4VHhAoj3u
nHRmcZmZ1HwE1+ByePF7YpJY3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFOqaJ0of
LH08opNW/FrIAfRpokoRMB8GA1UdIwQYMBaAFN0Cp+jXyXV8ZXvaatnVfwWIH/pX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTRDQi81M0JFNERCRUZE
RDExMUVEOTg3MzMwNjdDNEY5QUUwMi8zUUtuNk5mSmRYeGxlOXBxMmRWX0JZZ2Yt
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNRS242TmZKZFh4bGU5cHEyZFZfQllnZi1sYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU0Q0IvNTNCRTREQkVGREQxMTFFRDk4NzMzMDY3QzRGOUFFMDIvRDk0REZENzhC
MEYzMTFFRUFBRDdFQTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn02QwDQYJKoZIhvcNAQELBQADggEBACg9msC06qjM3H16
MTIn5S/7uWZ2KnaAu3996skFj/ApBx6rDpdrpwnprVqrH3TEtMhhE7z++4cTcIIl
O0e2oNxSK92wzkULBdR5a7r2vn3RovJKyGSfw/femHzGfuyja4BwoIlw01v4FUU9
4k7z3fShFW9xzmuNursAvAMK4XoRx+yg/jvpwuniOS+ukvfSuddGmhjN6iHsHdzx
uBVWYK4TmkSYxHoMivUkrNj0xsUJYyGm1Us2RNZsjZxYEoYG9hFSoL/Fafk9bkTK
GQsX71UXpQdyXOkSC1eQWKafrLK1LQVpHsrQihouR7+ZrxClsw7qOzRI+hwkGjfj
K/fTLR8=
-----END CERTIFICATE-----
Generated at Thu Feb 1 10:43:25 2024 by rpki-client on console-fra.rpki-client.org