Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A62F/1CF98726085211EA8DF67349C4F9AE02/C4BC964E6BA911ECAE3C463FC4F9AE02.roa
File: C4BC964E6BA911ECAE3C463FC4F9AE02.roa (raw, json)
Hash identifier: ERJ+4nKYqfKeyX7Fgq12sNqWgEG4eJ7Vase5PG949pI=
Subject key identifier: 3B:A2:4C:01:91:DE:D5:E1:4C:BA:2E:55:1D:2C:04:D7:C4:9B:FD:85
Certificate issuer: /CN=A918A62F/serialNumber=DFB6723672151EC2C46CD04E71C59F9169CAE6F8
Certificate serial: 099A
Authority key identifier: DF:B6:72:36:72:15:1E:C2:C4:6C:D0:4E:71:C5:9F:91:69:CA:E6:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/37ZyNnIVHsLEbNBOccWfkWnK5vg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A62F/1CF98726085211EA8DF67349C4F9AE02/C4BC964E6BA911ECAE3C463FC4F9AE02.roa
Signing time: Tue 05 Jul 2022 20:06:28 +0000
ROA not before: Tue 05 Jul 2022 20:06:28 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 136563
IP address blocks: 103.92.234.0/24 maxlen: 24
103.96.89.0/24 maxlen: 24
103.96.90.0/23 maxlen: 24
123.253.212.0/22 maxlen: 22
123.253.212.0/24 maxlen: 24
123.253.213.0/24 maxlen: 24
123.253.214.0/24 maxlen: 24
123.253.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2458 (0x99a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A62F/serialNumber=DFB6723672151EC2C46CD04E71C59F9169CAE6F8
Validity
Not Before: Jul 5 20:06:28 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62c499c4-38d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:06:8f:0f:72:1a:db:53:f5:db:13:58:75:84:
dd:6f:1a:11:7f:73:e1:2f:11:31:69:29:cc:ec:2f:
c5:68:75:ec:99:bb:04:d7:e5:9f:e1:2e:41:8f:9e:
30:da:2e:d9:f2:aa:7b:54:42:54:75:16:4b:32:c1:
b4:2f:98:ae:9a:f6:0f:6c:01:af:7b:6a:46:2d:25:
33:3e:e8:1d:20:0c:11:f9:43:e6:4f:c5:71:4d:38:
42:e5:8e:e1:a9:5e:27:30:66:47:72:74:50:ae:aa:
ea:b1:ef:f7:71:03:c8:1d:ed:8a:43:dd:88:6a:20:
7e:9c:bd:45:57:9c:29:78:0c:4c:1f:3c:30:9c:81:
13:5d:b9:fb:9b:f8:5b:05:34:9a:45:11:68:6f:c3:
b1:08:1f:1e:98:63:0a:b7:78:43:03:56:17:92:60:
a2:86:f7:35:ca:29:3d:c3:92:6a:37:70:c5:be:9c:
5a:8e:81:f3:0e:02:70:18:ff:4f:93:71:d2:8b:ec:
38:dd:e4:a7:8a:cd:d2:dc:57:2d:48:f5:b5:f4:fb:
8f:35:8e:5b:19:db:39:62:ba:5b:00:ff:21:d2:f8:
d8:5f:fa:12:fa:1b:dc:a0:ee:69:ac:4e:5d:f5:dc:
e7:d3:0e:36:b2:bc:b7:33:4b:ec:65:ea:53:dd:e8:
15:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A2:4C:01:91:DE:D5:E1:4C:BA:2E:55:1D:2C:04:D7:C4:9B:FD:85
X509v3 Authority Key Identifier:
keyid:DF:B6:72:36:72:15:1E:C2:C4:6C:D0:4E:71:C5:9F:91:69:CA:E6:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A62F/1CF98726085211EA8DF67349C4F9AE02/37ZyNnIVHsLEbNBOccWfkWnK5vg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/37ZyNnIVHsLEbNBOccWfkWnK5vg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A62F/1CF98726085211EA8DF67349C4F9AE02/C4BC964E6BA911ECAE3C463FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.92.234.0/24
103.96.89.0-103.96.91.255
123.253.212.0/22
Signature Algorithm: sha256WithRSAEncryption
68:2d:9e:cb:d0:1c:21:40:a8:9f:7a:78:bf:b0:72:6d:81:a0:
ca:a4:f9:1e:85:68:c8:7a:39:46:e8:72:93:c6:81:82:bd:4f:
21:6e:33:d0:5e:cf:63:24:90:b7:4b:1c:2b:72:7f:25:47:45:
ba:6b:38:d2:73:14:b6:51:66:63:8d:a8:f7:86:86:fa:bd:52:
df:c3:9d:ca:af:73:84:df:6e:3b:0d:50:19:d6:6c:3b:9d:20:
f6:18:94:bb:3b:53:a8:52:7b:e1:5f:7f:61:58:b8:dd:b1:6c:
9a:81:70:1a:8d:85:22:53:b2:8d:3a:4d:4a:30:ce:af:7d:de:
50:41:12:c3:a2:8b:18:c9:13:ff:22:a0:c3:44:91:a1:4a:1f:
c1:9a:67:86:01:bc:a6:92:dc:08:28:90:1e:53:dd:23:c9:f8:
10:f1:fb:69:8d:3c:a6:84:c4:ea:fc:ae:7b:df:6a:20:36:1f:
ff:83:5d:32:53:68:63:43:e1:ef:65:25:7e:15:c0:17:67:00:
dc:ee:4c:ba:8b:85:2d:2d:0f:c0:bf:c1:08:8a:5a:ff:56:3e:
e6:c6:48:90:31:02:d1:c4:e7:ac:94:11:9b:56:1e:d2:af:ac:
bf:54:90:13:e1:a8:74:49:7c:13:c5:83:2c:99:82:1f:68:97:
c5:9c:b1:53
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCZowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEE2MkYxMTAvBgNVBAUTKERGQjY3MjM2NzIxNTFFQzJDNDZDRDA0RTcxQzU5Rjkx
NjlDQUU2RjgwHhcNMjIwNzA1MjAwNjI4WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmM0OTljNC0zOGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzAaPD3Ia21P12xNYdYTdbxoRf3PhLxExaSnM7C/FaHXsmbsE1+Wf4S5Bj54w
2i7Z8qp7VEJUdRZLMsG0L5iumvYPbAGve2pGLSUzPugdIAwR+UPmT8VxTThC5Y7h
qV4nMGZHcnRQrqrqse/3cQPIHe2KQ92IaiB+nL1FV5wpeAxMHzwwnIETXbn7m/hb
BTSaRRFob8OxCB8emGMKt3hDA1YXkmCihvc1yik9w5JqN3DFvpxajoHzDgJwGP9P
k3HSi+w43eSnis3S3FctSPW19PuPNY5bGds5YrpbAP8h0vjYX/oS+hvcoO5prE5d
9dzn0w42sry3M0vsZepT3egVuwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFDuiTAGR
3tXhTLouVR0sBNfEm/2FMB8GA1UdIwQYMBaAFN+2cjZyFR7CxGzQTnHFn5Fpyub4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTYyRi8xQ0Y5ODcyNjA4
NTIxMUVBOERGNjczNDlDNEY5QUUwMi8zN1p5Tm5JVkhzTEViTkJPY2NXZmtXbks1
dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzM3WnlObklWSHNMRWJOQk9jY1dma1duSzV2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEE2MkYvMUNGOTg3MjYwODUyMTFFQThERjY3MzQ5QzRGOUFFMDIvQzRCQzk2NEU2
QkE5MTFFQ0FFM0M0NjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBABnXOowDAMEAGdgWQMEAmdgWAMEAnv91DANBgkqhkiG9w0B
AQsFAAOCAQEAaC2ey9AcIUCon3p4v7BybYGgyqT5HoVoyHo5Ruhyk8aBgr1PIW4z
0F7PYySQt0scK3J/JUdFums40nMUtlFmY42o94aG+r1S38Odyq9zhN9uOw1QGdZs
O50g9hiUuztTqFJ74V9/YVi43bFsmoFwGo2FIlOyjTpNSjDOr33eUEESw6KLGMkT
/yKgw0SRoUofwZpnhgG8ppLcCCiQHlPdI8n4EPH7aY08poTE6vyue99qIDYf/4Nd
MlNoY0Ph72UlfhXAF2cA3O5MuouFLS0PwL/BCIpa/1Y+5sZIkDEC0cTnrJQRm1Ye
0q+sv1SQE+GodEl8E8WDLJmCH2iXxZyxUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org