Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182047/33ADB3E66E0011EC9A63BD6AC4F9AE02/5A03BFC46E0311EC9F481971C4F9AE02.roa
File: 5A03BFC46E0311EC9F481971C4F9AE02.roa (raw, json)
Hash identifier: ezxty9fzUnWjKRT6IrIzeRz8UY6G5BwI6gEo4bUDghk=
Subject key identifier: 61:25:A5:4F:2D:EC:DF:A4:4A:88:89:CF:AA:A2:AC:B5:63:0D:3B:B1
Certificate issuer: /CN=A9182047/serialNumber=65012AF0571086B9EAB30346F624B6312A551C38
Certificate serial: 53
Authority key identifier: 65:01:2A:F0:57:10:86:B9:EA:B3:03:46:F6:24:B6:31:2A:55:1C:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZQEq8FcQhrnqswNG9iS2MSpVHDg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182047/33ADB3E66E0011EC9A63BD6AC4F9AE02/5A03BFC46E0311EC9F481971C4F9AE02.roa
Signing time: Sat 12 Feb 2022 08:13:12 +0000
ROA not before: Sat 12 Feb 2022 08:13:12 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 141731
IP address blocks: 103.179.15.0/24 maxlen: 24
2400:4a20:f000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83 (0x53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182047/serialNumber=65012AF0571086B9EAB30346F624B6312A551C38
Validity
Not Before: Feb 12 08:13:12 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=62076c18-2703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2e:50:03:64:8c:13:19:db:b6:e3:d8:b9:be:
58:6c:6d:7e:11:a4:ed:e9:24:4b:45:d9:b2:c0:e1:
42:05:3b:61:7f:35:62:ba:c3:85:75:b8:1a:e0:73:
2b:4e:f2:97:2c:ad:8e:f8:31:6b:46:31:67:18:4f:
ac:7b:85:d2:0b:e6:6d:db:a5:b1:fb:aa:c4:42:f5:
80:8c:1f:ac:76:af:58:83:2e:37:21:21:7b:df:77:
2d:c7:df:6d:de:e8:b9:d9:57:a0:3a:2a:40:7e:aa:
a1:1d:2a:dd:bf:f2:6f:da:87:d8:4f:9e:95:1d:12:
3d:ea:29:bf:23:0c:bf:ff:27:6e:87:09:fc:61:b0:
e5:f2:e8:82:cf:46:ca:40:34:0f:bb:4a:c1:15:02:
f6:93:e7:c9:4a:28:5c:bd:d6:5d:e3:a2:5e:71:a7:
92:1e:49:ef:6f:e6:69:d4:cf:12:d8:48:19:32:36:
f9:ce:a6:96:0c:33:75:e5:02:6e:e4:7e:e5:ee:f8:
cc:aa:90:5e:3c:e4:ad:3f:ec:d4:8c:06:c3:fd:9a:
e3:96:8e:3e:8a:79:d3:32:b5:1f:b2:2a:df:e7:e1:
cf:30:84:60:60:03:b3:f9:34:69:a1:ae:a1:97:db:
c3:69:54:07:a4:26:45:5b:8d:9f:1d:05:6e:50:4f:
18:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:25:A5:4F:2D:EC:DF:A4:4A:88:89:CF:AA:A2:AC:B5:63:0D:3B:B1
X509v3 Authority Key Identifier:
keyid:65:01:2A:F0:57:10:86:B9:EA:B3:03:46:F6:24:B6:31:2A:55:1C:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182047/33ADB3E66E0011EC9A63BD6AC4F9AE02/ZQEq8FcQhrnqswNG9iS2MSpVHDg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZQEq8FcQhrnqswNG9iS2MSpVHDg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182047/33ADB3E66E0011EC9A63BD6AC4F9AE02/5A03BFC46E0311EC9F481971C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.15.0/24
IPv6:
2400:4a20:f000::/36
Signature Algorithm: sha256WithRSAEncryption
b0:a3:94:75:77:cf:4f:2f:7a:a8:13:62:a9:8a:49:49:97:5a:
57:fc:ca:01:76:92:54:43:f5:71:eb:b2:bb:dc:48:ee:b7:a6:
0c:e8:2d:58:af:83:1e:db:df:a9:33:86:fe:f2:45:6a:8e:32:
40:4b:37:1c:be:95:5a:59:4e:c5:a3:66:82:26:cb:31:7a:9a:
af:7c:a1:61:7a:fa:fe:fa:23:6e:40:3b:c0:e3:47:44:c4:a0:
52:bf:1f:fc:08:4b:60:ac:da:0d:28:7f:18:0a:15:cf:5d:e1:
f6:28:f4:13:17:d1:1b:94:e1:5f:e8:77:97:be:7b:e3:ff:39:
19:68:0f:d1:e2:02:9e:55:6b:8a:7c:3b:f5:b9:30:49:57:8c:
92:bb:9d:22:cf:8b:fc:8b:05:fa:9d:6e:34:35:27:8f:92:df:
d9:c5:ac:79:5b:8d:86:f9:20:05:d3:5e:ac:dc:b5:cc:70:c6:
1e:98:d1:11:7b:5f:52:ac:12:d1:8b:bd:ac:88:fd:cf:de:31:
4d:34:5b:41:c6:0a:b7:47:9c:00:57:2d:18:db:92:b3:d2:74:
39:a7:76:14:59:64:94:49:1e:7a:8e:1c:1f:14:7a:8a:07:96:
0e:ac:10:40:16:f9:27:39:a5:8f:20:c1:0d:07:d0:0b:f7:c9:
4e:e0:42:34
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIBUzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
MjA0NzExMC8GA1UEBRMoNjUwMTJBRjA1NzEwODZCOUVBQjMwMzQ2RjYyNEI2MzEy
QTU1MUMzODAeFw0yMjAyMTIwODEzMTJaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMDc2YzE4LTI3MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDbLlADZIwTGdu249i5vlhsbX4RpO3pJEtF2bLA4UIFO2F/NWK6w4V1uBrgcytO
8pcsrY74MWtGMWcYT6x7hdIL5m3bpbH7qsRC9YCMH6x2r1iDLjchIXvfdy3H323e
6LnZV6A6KkB+qqEdKt2/8m/ah9hPnpUdEj3qKb8jDL//J26HCfxhsOXy6ILPRspA
NA+7SsEVAvaT58lKKFy91l3jol5xp5IeSe9v5mnUzxLYSBkyNvnOppYMM3XlAm7k
fuXu+MyqkF485K0/7NSMBsP9muOWjj6KedMytR+yKt/n4c8whGBgA7P5NGmhrqGX
28NpVAekJkVbjZ8dBW5QTxiDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYSWlTy3s
36RKiInPqqKstWMNO7EwHwYDVR0jBBgwFoAUZQEq8FcQhrnqswNG9iS2MSpVHDgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgyMDQ3LzMzQURCM0U2NkUw
MDExRUM5QTYzQkQ2QUM0RjlBRTAyL1pRRXE4RmNRaHJucXN3Tkc5aVMyTVNwVkhE
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWlFFcThGY1Focm5xc3dORzlpUzJNU3BWSERnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
MjA0Ny8zM0FEQjNFNjZFMDAxMUVDOUE2M0JENkFDNEY5QUUwMi81QTAzQkZDNDZF
MDMxMUVDOUY0ODE5NzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAvBggrBgEFBQcBBwEB/wQg
MB4wDAQCAAEwBgMEAGezDzAOBAIAAjAIAwYEJABKIPAwDQYJKoZIhvcNAQELBQAD
ggEBALCjlHV3z08veqgTYqmKSUmXWlf8ygF2klRD9XHrsrvcSO63pgzoLVivgx7b
36kzhv7yRWqOMkBLNxy+lVpZTsWjZoImyzF6mq98oWF6+v76I25AO8DjR0TEoFK/
H/wIS2Cs2g0ofxgKFc9d4fYo9BMX0RuU4V/od5e+e+P/ORloD9HiAp5Va4p8O/W5
MElXjJK7nSLPi/yLBfqdbjQ1J4+S39nFrHlbjYb5IAXTXqzctcxwxh6Y0RF7X1Ks
EtGLvayI/c/eMU00W0HGCrdHnABXLRjbkrPSdDmndhRZZJRJHnqOHB8UeooHlg6s
EEAW+Sc5pY8gwQ0H0Av3yU7gQjQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org