Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A220/00EE08D6412811EA8E5E4B83C4F9AE02/910F301EAC9711EEB59EC51EC4F9AE02.roa
File: 910F301EAC9711EEB59EC51EC4F9AE02.roa (raw, json)
Hash identifier: xKlTGF4D+G1xUCuMNgSViCRZ2MjN24T0o7bpOEHTrn4=
Subject key identifier: D4:E9:AC:F0:18:DA:69:2D:E6:98:9F:57:2D:1B:5A:34:24:B7:F5:72
Certificate issuer: /CN=A917A220/serialNumber=5F6AECA272D56C98494A10A5A5897E2C2CF95F01
Certificate serial: 6A
Authority key identifier: 5F:6A:EC:A2:72:D5:6C:98:49:4A:10:A5:A5:89:7E:2C:2C:F9:5F:01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2rsonLVbJhJShClpYl-LCz5XwE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A220/00EE08D6412811EA8E5E4B83C4F9AE02/910F301EAC9711EEB59EC51EC4F9AE02.roa
Signing time: Sat 06 Jan 2024 13:29:07 +0000
ROA not before: Sat 06 Jan 2024 13:29:07 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 138465
IP address blocks: 103.126.48.0/23 maxlen: 23
103.126.48.0/24 maxlen: 24
103.126.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106 (0x6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A220/serialNumber=5F6AECA272D56C98494A10A5A5897E2C2CF95F01
Validity
Not Before: Jan 6 13:29:07 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=659955a3-9aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:46:c7:d1:5c:18:b4:af:16:4c:22:c0:7d:8b:
c3:7a:a3:cf:ca:2c:1e:ad:cd:d0:aa:7f:28:eb:f6:
49:f4:cc:b6:2b:66:db:95:bf:6b:ae:4f:27:70:c3:
26:21:0d:81:d7:71:91:4e:39:be:8e:98:83:1b:58:
8c:c9:d1:c0:36:9a:ec:d2:3a:93:0c:23:af:2c:ed:
47:f8:e6:eb:ab:1d:c8:f3:a3:97:93:6c:46:47:e3:
b8:a4:d9:6f:92:1e:09:f3:1d:ae:eb:2e:9a:6b:a0:
15:0b:69:50:c9:0d:48:f1:5f:41:08:2b:03:9a:1c:
0b:eb:92:ac:db:68:ee:13:ff:ac:7e:ad:cc:7d:0a:
3f:7f:4f:00:f4:8f:eb:e1:79:49:84:85:17:28:a7:
21:40:c2:db:cc:7e:97:1f:77:de:58:75:50:9b:15:
92:33:48:9e:b7:17:b5:a0:e1:00:fe:ae:0f:91:4b:
d2:09:6f:e0:51:d9:ba:d5:41:68:d6:00:d1:fd:3d:
1f:8b:ae:3c:de:62:f2:62:6e:c6:67:63:7c:7d:31:
6b:7c:fd:17:f1:75:c5:07:17:42:89:31:55:29:b1:
0d:4e:3c:56:e6:e6:d2:a0:fe:ff:16:a4:6f:f2:c5:
52:73:7c:77:ff:83:dc:b6:f4:f0:71:7e:60:e7:2d:
7f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E9:AC:F0:18:DA:69:2D:E6:98:9F:57:2D:1B:5A:34:24:B7:F5:72
X509v3 Authority Key Identifier:
keyid:5F:6A:EC:A2:72:D5:6C:98:49:4A:10:A5:A5:89:7E:2C:2C:F9:5F:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A220/00EE08D6412811EA8E5E4B83C4F9AE02/X2rsonLVbJhJShClpYl-LCz5XwE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2rsonLVbJhJShClpYl-LCz5XwE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A220/00EE08D6412811EA8E5E4B83C4F9AE02/910F301EAC9711EEB59EC51EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.48.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:8b:5c:e7:78:c9:91:9e:bd:e3:03:86:d6:01:49:a0:eb:12:
d3:bd:94:4b:18:93:e9:a7:21:a5:5d:02:7f:e4:0e:be:9f:99:
03:3d:78:86:78:76:24:c8:da:19:9e:19:93:9e:ba:4a:dc:3e:
df:ea:06:70:c4:70:ef:f6:29:31:4d:c8:b7:d6:be:66:63:17:
93:4c:dd:1e:e5:12:0e:7a:fa:51:34:0b:57:4c:ca:69:e6:e5:
60:9c:0c:e7:0a:22:b1:ce:7f:d1:d0:6d:52:ff:3b:bd:ff:83:
bf:bf:6f:9f:7a:2d:bd:13:f5:0d:b0:d9:cb:a4:9f:38:8b:7c:
bd:86:2f:a6:02:32:dd:3f:05:0c:9a:ab:39:41:76:e8:97:2f:
97:f6:ee:18:6f:de:b8:47:94:8f:49:ac:c9:98:c0:5e:a4:67:
22:06:ea:f9:d0:76:b9:33:38:c2:2d:f5:2a:f9:a0:57:c5:8c:
61:0a:7a:65:53:a9:b1:ae:c2:ba:d6:55:36:85:1e:79:fe:38:
e1:97:a7:e6:d1:3a:ef:e7:51:c2:a7:cb:35:09:3e:d2:6b:2a:
ec:76:da:da:c5:1d:bd:9a:15:d5:a2:ba:da:23:49:5e:37:4f:
0a:d8:13:e8:f8:47:72:be:5a:2e:a5:3f:a4:84:b7:8e:ce:db:
97:0d:a8:45
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBajANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QTIyMDExMC8GA1UEBRMoNUY2QUVDQTI3MkQ1NkM5ODQ5NEExMEE1QTU4OTdFMkMy
Q0Y5NUYwMTAeFw0yNDAxMDYxMzI5MDdaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OTk1NWEzLTlhYWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYRsfRXBi0rxZMIsB9i8N6o8/KLB6tzdCqfyjr9kn0zLYrZtuVv2uuTydwwyYh
DYHXcZFOOb6OmIMbWIzJ0cA2muzSOpMMI68s7Uf45uurHcjzo5eTbEZH47ik2W+S
HgnzHa7rLpproBULaVDJDUjxX0EIKwOaHAvrkqzbaO4T/6x+rcx9Cj9/TwD0j+vh
eUmEhRcopyFAwtvMfpcfd95YdVCbFZIzSJ63F7Wg4QD+rg+RS9IJb+BR2brVQWjW
ANH9PR+LrjzeYvJibsZnY3x9MWt8/RfxdcUHF0KJMVUpsQ1OPFbm5tKg/v8WpG/y
xVJzfHf/g9y29PBxfmDnLX9NAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU1Oms8Bja
aS3mmJ9XLRtaNCS39XIwHwYDVR0jBBgwFoAUX2rsonLVbJhJShClpYl+LCz5XwEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdBMjIwLzAwRUUwOEQ2NDEy
ODExRUE4RTVFNEI4M0M0RjlBRTAyL1gycnNvbkxWYkpoSlNoQ2xwWWwtTEN6NVh3
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWDJyc29uTFZiSmhKU2hDbHBZbC1MQ3o1WHdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QTIyMC8wMEVFMDhENjQxMjgxMUVBOEU1RTRCODNDNEY5QUUwMi85MTBGMzAxRUFD
OTcxMUVFQjU5RUM1MUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWd+MDANBgkqhkiG9w0BAQsFAAOCAQEAo4tc53jJkZ694wOG
1gFJoOsS072USxiT6achpV0Cf+QOvp+ZAz14hnh2JMjaGZ4Zk566Stw+3+oGcMRw
7/YpMU3It9a+ZmMXk0zdHuUSDnr6UTQLV0zKaeblYJwM5woisc5/0dBtUv87vf+D
v79vn3otvRP1DbDZy6SfOIt8vYYvpgIy3T8FDJqrOUF26Jcvl/buGG/euEeUj0ms
yZjAXqRnIgbq+dB2uTM4wi31KvmgV8WMYQp6ZVOpsa7CutZVNoUeef444Zen5tE6
7+dRwqfLNQk+0msq7Hba2sUdvZoV1aK62iNJXjdPCtgT6PhHcr5aLqU/pIS3js7b
lw2oRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org