Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F36/480D01AC2E5011EBB2B10F3CC4F9AE02/97E121442E5111EB9F362D3DC4F9AE02.roa
File: 97E121442E5111EB9F362D3DC4F9AE02.roa (raw, json)
Hash identifier: WhIsZJVUf3yVAqvVHU5AHSAp7hKaYNCAeLWyxh1qfiU=
Subject key identifier: 31:76:43:10:D6:F1:A4:AC:F3:9E:A9:8B:46:7E:1F:CA:86:EB:70:F5
Certificate issuer: /CN=A91B6F36/serialNumber=7E73E51C19681B263571F1C4CAA37614EF8AFB0B
Certificate serial: 02BA
Authority key identifier: 7E:73:E5:1C:19:68:1B:26:35:71:F1:C4:CA:A3:76:14:EF:8A:FB:0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fnPlHBloGyY1cfHEyqN2FO-K-ws.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F36/480D01AC2E5011EBB2B10F3CC4F9AE02/97E121442E5111EB9F362D3DC4F9AE02.roa
Signing time: Wed 10 Nov 2021 13:09:45 +0000
ROA not before: Wed 10 Nov 2021 13:09:45 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 55699
IP address blocks: 103.77.48.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 698 (0x2ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6F36/serialNumber=7E73E51C19681B263571F1C4CAA37614EF8AFB0B
Validity
Not Before: Nov 10 13:09:45 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=618bc498-7ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a1:cd:c8:b1:69:bf:4d:a1:44:9b:a9:31:02:
c6:f6:c6:68:6d:5b:5a:2f:5f:3f:48:82:0c:64:c1:
02:2b:db:10:4c:5d:0e:31:6f:0f:23:cc:05:3b:4f:
c7:4f:16:56:35:85:2c:6c:c1:cb:16:7b:6b:8a:2d:
48:0d:9b:a4:f9:12:7b:17:7e:33:86:1e:a0:0f:d3:
8f:b0:56:1f:dc:d3:6c:e7:c2:18:39:74:56:e3:94:
c8:25:23:f8:3f:16:ca:fb:3f:6c:58:0a:22:22:78:
9a:c2:e2:9c:74:91:7c:98:ef:1f:29:56:ae:87:f8:
68:65:48:e3:96:8b:2f:35:58:5f:d2:53:fa:0d:c2:
51:6e:de:2a:74:9e:33:a1:4e:0d:2d:21:26:b8:f9:
b2:d6:17:a5:ce:b1:df:9b:c6:d0:55:1e:c4:8d:6e:
21:2c:33:5f:b1:3d:81:bc:24:ce:8e:09:11:04:9e:
b9:82:50:ff:ad:2a:48:94:2c:a0:cd:85:21:0b:00:
d3:e8:46:32:1e:2d:a1:a2:b5:80:b9:bf:37:15:0f:
89:c7:fb:a8:0d:df:da:a9:76:72:ae:90:6e:e0:f7:
1e:42:a1:44:94:11:58:2a:77:2f:2e:9b:4c:4b:ae:
70:97:34:13:85:c8:b8:46:a9:b7:af:d9:24:c3:ec:
45:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:76:43:10:D6:F1:A4:AC:F3:9E:A9:8B:46:7E:1F:CA:86:EB:70:F5
X509v3 Authority Key Identifier:
keyid:7E:73:E5:1C:19:68:1B:26:35:71:F1:C4:CA:A3:76:14:EF:8A:FB:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6F36/480D01AC2E5011EBB2B10F3CC4F9AE02/fnPlHBloGyY1cfHEyqN2FO-K-ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fnPlHBloGyY1cfHEyqN2FO-K-ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F36/480D01AC2E5011EBB2B10F3CC4F9AE02/97E121442E5111EB9F362D3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.77.48.0/22
Signature Algorithm: sha256WithRSAEncryption
58:64:2c:95:e1:07:83:32:79:65:7a:6d:75:51:96:3d:1b:a3:
7b:f5:43:dc:d9:4b:8d:26:38:4d:00:d1:9a:f8:20:58:18:37:
29:7d:cc:5e:c1:fc:35:9e:0d:ee:16:2d:bd:db:bd:fb:46:77:
03:60:a4:0f:b1:ef:6d:36:11:42:06:08:98:12:ab:a1:b7:6c:
06:08:5f:d1:99:83:b7:29:8f:12:2e:ef:6e:2f:5c:7d:e2:16:
db:5c:e8:9a:08:f0:f8:bb:ea:13:c7:97:d3:a6:81:3f:be:9d:
08:d9:32:56:9d:d9:55:f5:fe:51:47:3c:6b:f4:2a:0d:4c:c3:
15:9d:ab:b4:e2:53:a5:a2:73:50:48:cc:8a:bf:6a:3d:b9:8b:
45:b7:2a:8b:77:87:2f:48:2b:07:d6:2a:bf:d1:a3:c4:1f:9c:
a4:ac:f0:b7:a2:4f:bd:ad:4f:fd:94:1e:f4:d8:e2:41:8b:9f:
fb:81:ef:72:8a:6c:0a:da:30:22:cd:2f:36:ba:12:29:a6:37:
2b:5d:05:f3:0a:4a:e8:7b:9f:9c:b9:a5:f3:a7:9e:df:86:d6:
5a:f0:45:72:fc:c5:ae:d2:ab:8e:5f:82:94:3d:be:a0:66:f6:
9f:24:c5:b1:95:70:1d:1a:eb:ab:33:da:95:41:77:20:b9:4e:
f8:b3:25:cb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICArowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZGMzYxMTAvBgNVBAUTKDdFNzNFNTFDMTk2ODFCMjYzNTcxRjFDNENBQTM3NjE0
RUY4QUZCMEIwHhcNMjExMTEwMTMwOTQ1WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MThiYzQ5OC03Y2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtaHNyLFpv02hRJupMQLG9sZobVtaL18/SIIMZMECK9sQTF0OMW8PI8wFO0/H
TxZWNYUsbMHLFntrii1IDZuk+RJ7F34zhh6gD9OPsFYf3NNs58IYOXRW45TIJSP4
PxbK+z9sWAoiIniawuKcdJF8mO8fKVauh/hoZUjjlosvNVhf0lP6DcJRbt4qdJ4z
oU4NLSEmuPmy1helzrHfm8bQVR7EjW4hLDNfsT2BvCTOjgkRBJ65glD/rSpIlCyg
zYUhCwDT6EYyHi2horWAub83FQ+Jx/uoDd/aqXZyrpBu4PceQqFElBFYKncvLptM
S65wlzQThci4Rqm3r9kkw+xFJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDF2QxDW
8aSs856pi0Z+H8qG63D1MB8GA1UdIwQYMBaAFH5z5RwZaBsmNXHxxMqjdhTvivsL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkYzNi80ODBEMDFBQzJF
NTAxMUVCQjJCMTBGM0NDNEY5QUUwMi9mblBsSEJsb0d5WTFjZkhFeXFOMkZPLUst
d3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZuUGxIQmxvR3lZMWNmSEV5cU4yRk8tSy13cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZGMzYvNDgwRDAxQUMyRTUwMTFFQkIyQjEwRjNDQzRGOUFFMDIvOTdFMTIxNDQy
RTUxMTFFQjlGMzYyRDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnTTAwDQYJKoZIhvcNAQELBQADggEBAFhkLJXhB4MyeWV6
bXVRlj0bo3v1Q9zZS40mOE0A0Zr4IFgYNyl9zF7B/DWeDe4WLb3bvftGdwNgpA+x
7202EUIGCJgSq6G3bAYIX9GZg7cpjxIu724vXH3iFttc6JoI8Pi76hPHl9OmgT++
nQjZMlad2VX1/lFHPGv0Kg1MwxWdq7TiU6Wic1BIzIq/aj25i0W3Kot3hy9IKwfW
Kr/Ro8QfnKSs8LeiT72tT/2UHvTY4kGLn/uB73KKbAraMCLNLza6EimmNytdBfMK
Suh7n5y5pfOnnt+G1lrwRXL8xa7Sq45fgpQ9vqBm9p8kxbGVcB0a66sz2pVBdyC5
TvizJcs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-fra.rpki-client.org