Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A150/85B20D04DA3A11EBB8A9941DC4F9AE02/C3F6D5F2DA3C11EB80DFDB1FC4F9AE02.roa
File: C3F6D5F2DA3C11EB80DFDB1FC4F9AE02.roa (raw, json)
Hash identifier: x3A72FWEsSlZ6MB93f0Uj5Ug//MIMats0Gaj7/0bHNA=
Subject key identifier: 0F:44:45:7B:00:57:B2:11:67:D6:21:52:29:48:EC:90:E2:4B:6C:DE
Certificate issuer: /CN=A918A150/serialNumber=FA97EC098B771104EC52F71D0BD10FA1C77BFB06
Certificate serial: 0109
Authority key identifier: FA:97:EC:09:8B:77:11:04:EC:52:F7:1D:0B:D1:0F:A1:C7:7B:FB:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pfsCYt3EQTsUvcdC9EPocd7-wY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A150/85B20D04DA3A11EBB8A9941DC4F9AE02/C3F6D5F2DA3C11EB80DFDB1FC4F9AE02.roa
Signing time: Thu 11 Nov 2021 15:31:49 +0000
ROA not before: Thu 11 Nov 2021 15:31:49 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 131111
IP address blocks: 103.75.209.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 265 (0x109)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A150/serialNumber=FA97EC098B771104EC52F71D0BD10FA1C77BFB06
Validity
Not Before: Nov 11 15:31:49 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=618d3764-46ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:71:dc:cb:b9:b8:c8:da:ad:96:fe:9e:0d:17:
c8:00:38:5b:69:d3:cc:d8:72:e6:63:a3:f7:f6:ed:
cf:29:6b:97:7b:3c:9f:12:64:6d:62:90:cb:59:2d:
54:aa:b7:ac:33:b2:dc:d2:69:b7:88:16:46:39:04:
b2:78:e5:d8:bf:c7:73:2c:2d:9e:24:e9:69:09:b6:
1c:77:0c:44:10:24:42:a0:41:02:64:11:d9:c5:32:
b4:b0:6e:47:e1:5b:58:82:d2:86:ae:c8:0d:ac:18:
2e:37:f1:7d:d2:ca:19:e5:a5:70:f5:b7:e1:48:f0:
cc:1d:64:6b:2c:f1:11:53:a3:66:02:f0:ff:4f:83:
c2:79:97:b1:22:81:ad:45:fe:4b:5d:f1:b7:94:f7:
0f:ca:67:40:81:68:45:36:88:d9:c7:43:9a:f5:2d:
65:7d:49:53:4e:ed:97:b4:f1:ac:80:32:82:aa:9f:
71:64:5d:da:01:24:1c:ec:50:73:8b:8d:a9:67:bf:
04:2a:03:e0:e0:36:19:10:99:12:9d:dd:40:a2:1f:
5e:5a:34:25:75:5d:ae:84:2d:d7:02:30:6b:1d:39:
a9:ba:fb:f3:c9:4a:2e:08:cb:6c:5c:c5:80:50:77:
46:05:9e:1b:df:ec:63:e8:57:43:59:1f:77:72:51:
52:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:44:45:7B:00:57:B2:11:67:D6:21:52:29:48:EC:90:E2:4B:6C:DE
X509v3 Authority Key Identifier:
keyid:FA:97:EC:09:8B:77:11:04:EC:52:F7:1D:0B:D1:0F:A1:C7:7B:FB:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A150/85B20D04DA3A11EBB8A9941DC4F9AE02/-pfsCYt3EQTsUvcdC9EPocd7-wY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pfsCYt3EQTsUvcdC9EPocd7-wY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A150/85B20D04DA3A11EBB8A9941DC4F9AE02/C3F6D5F2DA3C11EB80DFDB1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.75.209.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:7a:ae:8c:a8:a1:a5:86:2f:bd:7d:9c:c9:b6:a9:29:f7:93:
74:04:f1:56:db:61:76:45:97:bd:35:88:04:e7:5e:79:8e:bf:
6c:f4:f7:47:88:69:90:a5:e9:c8:37:56:ac:7d:10:70:93:18:
f0:38:60:53:ba:dd:8d:0d:16:b6:58:38:1d:23:c4:2f:83:74:
35:a0:9c:ba:4c:14:da:47:9c:1c:74:7e:79:94:88:c3:cf:c6:
7c:71:cf:fd:28:9d:10:79:e0:84:6e:ca:56:2d:22:ba:03:00:
20:7d:df:51:18:80:c8:34:9a:78:1a:3f:7a:99:d7:a9:c1:99:
0b:f4:42:d9:8c:bf:48:f4:a9:1e:04:92:8a:61:9c:71:60:bc:
56:4a:01:f0:90:02:7a:1d:a2:6f:0f:b3:fa:6a:59:93:45:44:
5e:55:a8:de:9b:f7:5e:b0:84:70:c6:1b:a2:6d:0b:c7:9b:0f:
93:7a:c6:3a:e2:10:84:61:9c:66:0c:7d:68:d8:5a:bc:a8:49:
59:ee:b5:eb:e0:b1:7c:e2:7d:0d:b4:62:7d:73:07:f4:bd:aa:
9c:3d:08:dc:04:74:f9:99:dd:01:b1:2a:11:5d:d4:d1:44:71:
eb:84:a0:52:86:e8:1b:db:24:dd:99:c1:55:8a:90:8c:fc:4a:
98:36:19:3a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEExNTAxMTAvBgNVBAUTKEZBOTdFQzA5OEI3NzExMDRFQzUyRjcxRDBCRDEwRkEx
Qzc3QkZCMDYwHhcNMjExMTExMTUzMTQ5WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MThkMzc2NC00NmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0HHcy7m4yNqtlv6eDRfIADhbadPM2HLmY6P39u3PKWuXezyfEmRtYpDLWS1U
qresM7Lc0mm3iBZGOQSyeOXYv8dzLC2eJOlpCbYcdwxEECRCoEECZBHZxTK0sG5H
4VtYgtKGrsgNrBguN/F90soZ5aVw9bfhSPDMHWRrLPERU6NmAvD/T4PCeZexIoGt
Rf5LXfG3lPcPymdAgWhFNojZx0Oa9S1lfUlTTu2XtPGsgDKCqp9xZF3aASQc7FBz
i42pZ78EKgPg4DYZEJkSnd1Aoh9eWjQldV2uhC3XAjBrHTmpuvvzyUouCMtsXMWA
UHdGBZ4b3+xj6FdDWR93clFSBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFA9ERXsA
V7IRZ9YhUilI7JDiS2zeMB8GA1UdIwQYMBaAFPqX7AmLdxEE7FL3HQvRD6HHe/sG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTE1MC84NUIyMEQwNERB
M0ExMUVCQjhBOTk0MURDNEY5QUUwMi8tcGZzQ1l0M0VRVHNVdmNkQzlFUG9jZDct
d1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1wZnNDWXQzRVFUc1V2Y2RDOUVQb2NkNy13WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEExNTAvODVCMjBEMDREQTNBMTFFQkI4QTk5NDFEQzRGOUFFMDIvQzNGNkQ1RjJE
QTNDMTFFQjgwREZEQjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnS9EwDQYJKoZIhvcNAQELBQADggEBABp6royooaWGL719
nMm2qSn3k3QE8VbbYXZFl701iATnXnmOv2z090eIaZCl6cg3Vqx9EHCTGPA4YFO6
3Y0NFrZYOB0jxC+DdDWgnLpMFNpHnBx0fnmUiMPPxnxxz/0onRB54IRuylYtIroD
ACB931EYgMg0mngaP3qZ16nBmQv0QtmMv0j0qR4EkophnHFgvFZKAfCQAnodom8P
s/pqWZNFRF5VqN6b916whHDGG6JtC8ebD5N6xjriEIRhnGYMfWjYWryoSVnutevg
sXzifQ20Yn1zB/S9qpw9CNwEdPmZ3QGxKhFd1NFEceuEoFKG6BvbJN2ZwVWKkIz8
Spg2GTo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:49 2023 by rpki-client on console-fra.rpki-client.org