Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/50E9601E717311EDA1723F13C4F9AE02.roa
File: 50E9601E717311EDA1723F13C4F9AE02.roa (raw, json)
Hash identifier: 0UuvyFtmuYQi/W1vsMd9fEFIrZw4OefkNsoehtHg93w=
Subject key identifier: 43:10:14:08:EC:2B:B7:05:D5:87:79:10:60:13:95:3D:4E:82:56:3A
Certificate issuer: /CN=A918D808/serialNumber=0725F2491801505185C9069A4013635C38B56B72
Certificate serial: 054E
Authority key identifier: 07:25:F2:49:18:01:50:51:85:C9:06:9A:40:13:63:5C:38:B5:6B:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/50E9601E717311EDA1723F13C4F9AE02.roa
Signing time: Sat 25 Mar 2023 19:26:31 +0000
ROA not before: Sat 25 Mar 2023 19:26:31 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 137189
IP address blocks: 103.104.141.0/24 maxlen: 24
103.104.142.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1358 (0x54e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D808/serialNumber=0725F2491801505185C9069A4013635C38B56B72
Validity
Not Before: Mar 25 19:26:31 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=641f4ae7-7e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:58:fe:00:12:03:64:01:1b:e3:83:a3:8a:b0:
54:da:0b:d2:36:fd:bc:65:cd:52:01:28:77:0f:50:
47:24:fc:9c:64:cc:0f:56:a3:25:6b:a6:13:d4:2f:
2d:b3:55:62:05:c3:73:9a:ee:62:9b:28:bc:ec:ba:
48:06:ac:40:25:9f:c6:32:2b:34:cc:05:cb:da:80:
10:e4:a9:fb:ef:03:98:36:b1:e3:d8:13:d3:70:3b:
2c:1d:a6:e8:4c:4e:56:b7:b2:36:e8:fb:df:99:5a:
fb:75:d7:5c:a0:48:a8:eb:44:f1:59:ba:4c:11:fc:
4e:e0:11:f1:d6:8d:69:72:80:52:3d:6a:c7:fe:94:
98:f5:68:3b:52:83:fe:1f:ab:c2:5f:db:b8:32:b4:
19:87:bb:68:52:b2:fc:b5:6f:6a:6d:a0:6c:fe:34:
e2:7d:97:38:8e:ac:3d:05:6b:06:f3:06:76:ac:1f:
de:93:13:65:30:7c:a9:fd:d7:bb:35:72:0c:ef:b4:
9e:17:ba:7e:0b:a1:a2:d3:65:72:b1:02:ba:0b:81:
88:e8:2e:4a:ee:3c:5c:a1:a8:8c:18:18:24:4e:65:
00:3a:97:a2:99:28:70:c3:1e:3d:85:d1:34:17:86:
6a:97:16:d7:bf:51:76:c5:2b:be:e2:7b:c7:5f:e1:
1e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:10:14:08:EC:2B:B7:05:D5:87:79:10:60:13:95:3D:4E:82:56:3A
X509v3 Authority Key Identifier:
keyid:07:25:F2:49:18:01:50:51:85:C9:06:9A:40:13:63:5C:38:B5:6B:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/ByXySRgBUFGFyQaaQBNjXDi1a3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/50E9601E717311EDA1723F13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.141.0-103.104.143.255
Signature Algorithm: sha256WithRSAEncryption
04:aa:e5:c8:f2:89:88:89:07:75:9c:7a:41:03:41:74:c8:8b:
e7:34:a7:ef:73:66:1a:7f:d1:e9:ee:8b:b9:0f:72:d6:2f:ca:
ec:d3:1f:e9:7e:9d:b9:67:00:3c:14:79:02:b5:a3:f6:32:73:
0f:d7:31:e6:a1:af:c1:23:16:55:d4:ca:5b:5a:06:83:24:55:
04:9b:79:6d:2b:f6:ef:80:bc:b1:7d:fe:02:dd:d8:67:7d:af:
65:6e:30:ad:a2:7d:38:50:a5:8a:01:26:85:e6:0c:5e:80:d1:
b4:20:1c:04:2a:ec:55:3d:36:53:4b:10:f4:96:d1:e0:be:50:
3a:0b:b1:98:79:a8:39:e2:4c:49:21:c5:84:b2:fb:77:89:d3:
69:c8:be:cf:1e:a5:27:1b:dd:92:bc:f0:54:e5:75:23:57:b7:
9d:24:22:c4:f8:a4:9c:e7:e3:9f:f7:8d:df:2d:90:0a:af:75:
9f:60:55:8e:59:5c:85:5e:ab:0a:ed:83:2b:0a:b0:53:ab:81:
98:3c:5c:22:b9:8e:a4:f2:40:1f:c5:3e:9e:92:bf:c6:c6:4b:
eb:93:bb:16:20:b8:32:93:71:0c:f1:77:7c:77:63:ee:23:e7:
4b:8b:6f:59:13:19:eb:0d:ee:0e:20:89:98:67:98:46:01:72:
f8:f3:fd:f4
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBU4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ4MDgxMTAvBgNVBAUTKDA3MjVGMjQ5MTgwMTUwNTE4NUM5MDY5QTQwMTM2MzVD
MzhCNTZCNzIwHhcNMjMwMzI1MTkyNjMxWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDFmNGFlNy03ZTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAplj+ABIDZAEb44OjirBU2gvSNv28Zc1SASh3D1BHJPycZMwPVqMla6YT1C8t
s1ViBcNzmu5imyi87LpIBqxAJZ/GMis0zAXL2oAQ5Kn77wOYNrHj2BPTcDssHabo
TE5Wt7I26PvfmVr7dddcoEio60TxWbpMEfxO4BHx1o1pcoBSPWrH/pSY9Wg7UoP+
H6vCX9u4MrQZh7toUrL8tW9qbaBs/jTifZc4jqw9BWsG8wZ2rB/ekxNlMHyp/de7
NXIM77SeF7p+C6Gi02VysQK6C4GI6C5K7jxcoaiMGBgkTmUAOpeimShwwx49hdE0
F4ZqlxbXv1F2xSu+4nvHX+Ee7wIDAQABo4ICnTCCApkwHQYDVR0OBBYEFEMQFAjs
K7cF1Yd5EGATlT1OglY6MB8GA1UdIwQYMBaAFAcl8kkYAVBRhckGmkATY1w4tWty
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDgwOC9FMjZCNDY0MkY0
QjIxMUU5QkYzQ0U1NjNDNEY5QUUwMi9CeVh5U1JnQlVGR0Z5UWFhUUJOalhEaTFh
M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0J5WHlTUmdCVUZHRnlRYWFRQk5qWERpMWEzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ4MDgvRTI2QjQ2NDJGNEIyMTFFOUJGM0NFNTYzQzRGOUFFMDIvNTBFOTYwMUU3
MTczMTFFREExNzIzRjEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGdojQMEBGdogDANBgkqhkiG9w0BAQsFAAOCAQEABKrl
yPKJiIkHdZx6QQNBdMiL5zSn73NmGn/R6e6LuQ9y1i/K7NMf6X6duWcAPBR5ArWj
9jJzD9cx5qGvwSMWVdTKW1oGgyRVBJt5bSv274C8sX3+At3YZ32vZW4wraJ9OFCl
igEmheYMXoDRtCAcBCrsVT02U0sQ9JbR4L5QOguxmHmoOeJMSSHFhLL7d4nTaci+
zx6lJxvdkrzwVOV1I1e3nSQixPiknOfjn/eN3y2QCq91n2BVjllchV6rCu2DKwqw
U6uBmDxcIrmOpPJAH8U+npK/xsZL65O7FiC4MpNxDPF3fHdj7iPnS4tvWRMZ6w3u
DiCJmGeYRgFy+PP99A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org