Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/AD767A2499F611ECA0663D19C4F9AE02.roa
File: AD767A2499F611ECA0663D19C4F9AE02.roa (raw, json)
Hash identifier: GBqB8UKtub/nisbPlldfnO7bUbwFTFahVmzheayAHMc=
Subject key identifier: 51:BE:88:25:87:20:01:63:4E:F0:87:9A:7C:9C:33:D3:3F:1D:65:FB
Certificate issuer: /CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Certificate serial: 26A5
Authority key identifier: A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/AD767A2499F611ECA0663D19C4F9AE02.roa
Signing time: Wed 02 Mar 2022 07:02:09 +0000
ROA not before: Wed 02 Mar 2022 07:02:09 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 40065
IP address blocks: 43.243.120.0/24 maxlen: 24
43.243.121.0/24 maxlen: 24
43.243.122.0/24 maxlen: 24
43.243.177.0/24 maxlen: 24
43.243.178.0/24 maxlen: 24
43.243.179.0/24 maxlen: 24
103.227.84.0/22 maxlen: 22
183.90.184.0/24 maxlen: 24
183.90.185.0/24 maxlen: 24
183.90.186.0/24 maxlen: 24
183.90.188.0/24 maxlen: 24
183.90.190.0/24 maxlen: 24
183.90.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9893 (0x26a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CA496/serialNumber=A03969BAFFD67AAB75D493837FA1C7C69FFB2717
Validity
Not Before: Mar 2 07:02:09 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=621f1671-09d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d1:18:4a:37:9e:9c:ae:f5:b1:20:76:83:36:
99:bd:ae:d7:61:4a:71:04:d4:9f:47:ad:c5:07:81:
1e:0c:9b:bd:73:ea:2e:0b:8b:9d:3d:76:a4:62:fc:
fd:4e:48:07:f7:8c:eb:dd:d1:19:af:ec:98:f4:c1:
bd:29:d5:79:33:8e:7b:4b:8b:24:80:8b:35:11:98:
c6:28:d2:97:cd:11:7f:d5:49:65:e0:2a:05:11:50:
3c:8c:91:13:e4:b5:4b:f5:63:f9:58:db:91:ef:1c:
89:d2:ab:1b:74:0f:5c:54:d9:2e:79:91:58:13:8e:
31:66:fe:77:9a:8b:9b:54:ae:57:29:96:26:46:48:
60:c3:c1:d5:a9:f0:da:19:8e:5c:d2:f9:8a:bf:90:
95:60:92:75:3b:29:3c:26:8f:28:9b:24:9a:9e:a9:
c1:0f:5a:a0:1d:42:6b:79:f2:80:33:2c:03:43:c5:
da:ce:09:21:6f:b8:93:2c:53:27:bb:30:a9:e4:35:
21:2f:e4:d8:f2:31:17:ec:b1:8d:5e:95:9c:ac:1d:
4f:c8:66:29:ed:36:df:38:00:d1:31:c2:8f:97:87:
ad:c0:57:5c:a8:35:d9:75:43:58:f1:fe:ea:50:4f:
b9:54:4d:41:c5:80:f8:5e:94:44:04:ea:27:86:de:
23:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:BE:88:25:87:20:01:63:4E:F0:87:9A:7C:9C:33:D3:3F:1D:65:FB
X509v3 Authority Key Identifier:
keyid:A0:39:69:BA:FF:D6:7A:AB:75:D4:93:83:7F:A1:C7:C6:9F:FB:27:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/oDlpuv_Weqt11JODf6HHxp_7Jxc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oDlpuv_Weqt11JODf6HHxp_7Jxc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA496/FB12A2783C0F11E4B788FF4AC4F9AE02/AD767A2499F611ECA0663D19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.120.0-43.243.122.255
43.243.177.0-43.243.179.255
103.227.84.0/22
183.90.184.0-183.90.186.255
183.90.188.0/24
183.90.190.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:8d:7f:a2:44:bd:f4:c3:81:86:46:94:95:86:c6:32:2f:8f:
e7:6e:bd:db:4d:99:ce:1c:90:cf:e7:6d:25:8c:37:56:15:52:
11:60:16:fe:67:20:e0:30:15:cb:da:2d:8e:a7:9f:c0:cb:3c:
52:2c:5c:7a:11:84:09:89:03:57:71:0d:35:73:4b:68:10:8e:
c6:20:56:9d:72:39:30:a9:47:45:87:9e:d1:66:76:ab:3b:ea:
a5:63:9c:35:1f:7c:7c:39:28:01:3e:85:ae:b6:b0:44:86:92:
bc:21:3c:88:37:7b:5c:6f:9f:df:a3:73:dd:e1:a8:72:dc:97:
dd:7c:7e:84:18:85:aa:aa:9f:8a:25:8f:ce:f5:79:c7:29:46:
10:70:ca:6e:aa:82:fd:1f:a4:6e:9b:19:f2:ed:9b:4e:cf:13:
d3:35:4c:cf:ef:fd:00:13:89:50:7d:96:3d:9b:43:0a:6b:19:
ca:7f:82:74:4f:ce:a1:f9:2b:8f:b7:51:5e:72:00:d1:86:57:
ec:e1:9d:36:8c:9d:3a:3b:7b:cc:f2:0e:64:7e:79:0b:4e:4d:
7b:50:d6:ca:3b:32:2c:ec:08:99:e6:0d:b1:24:48:74:49:57:
c2:98:e5:bc:9f:78:4a:66:92:05:68:2f:ac:b7:fc:bb:9e:d8:
11:0f:81:4a
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICJqUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0E0OTYxMTAvBgNVBAUTKEEwMzk2OUJBRkZENjdBQUI3NUQ0OTM4MzdGQTFDN0M2
OUZGQjI3MTcwHhcNMjIwMzAyMDcwMjA5WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFmMTY3MS0wOWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtNEYSjeenK71sSB2gzaZva7XYUpxBNSfR63FB4EeDJu9c+ouC4udPXakYvz9
TkgH94zr3dEZr+yY9MG9KdV5M457S4skgIs1EZjGKNKXzRF/1Ull4CoFEVA8jJET
5LVL9WP5WNuR7xyJ0qsbdA9cVNkueZFYE44xZv53moubVK5XKZYmRkhgw8HVqfDa
GY5c0vmKv5CVYJJ1Oyk8Jo8omySanqnBD1qgHUJrefKAMywDQ8Xazgkhb7iTLFMn
uzCp5DUhL+TY8jEX7LGNXpWcrB1PyGYp7TbfOADRMcKPl4etwFdcqDXZdUNY8f7q
UE+5VE1BxYD4XpREBOonht4jzQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFFG+iCWH
IAFjTvCHmnycM9M/HWX7MB8GA1UdIwQYMBaAFKA5abr/1nqrddSTg3+hx8af+ycX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTQ5Ni9GQjEyQTI3ODND
MEYxMUU0Qjc4OEZGNEFDNEY5QUUwMi9vRGxwdXZfV2VxdDExSk9EZjZISHhwXzdK
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29EbHB1dl9XZXF0MTFKT0RmNkhIeHBfN0p4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0E0OTYvRkIxMkEyNzgzQzBGMTFFNEI3ODhGRjRBQzRGOUFFMDIvQUQ3NjdBMjQ5
OUY2MTFFQ0EwNjYzRDE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwwDAMEAyvzeAMEACvzejAMAwQAK/OxAwQCK/OwAwQCZ+NUMAwD
BAO3WrgDBAC3WroDBAC3WrwDBAG3Wr4wDQYJKoZIhvcNAQELBQADggEBALiNf6JE
vfTDgYZGlJWGxjIvj+duvdtNmc4ckM/nbSWMN1YVUhFgFv5nIOAwFcvaLY6nn8DL
PFIsXHoRhAmJA1dxDTVzS2gQjsYgVp1yOTCpR0WHntFmdqs76qVjnDUffHw5KAE+
ha62sESGkrwhPIg3e1xvn9+jc93hqHLcl918foQYhaqqn4olj871eccpRhBwym6q
gv0fpG6bGfLtm07PE9M1TM/v/QATiVB9lj2bQwprGcp/gnRPzqH5K4+3UV5yANGG
V+zhnTaMnTo7e8zyDmR+eQtOTXtQ1so7MizsCJnmDbEkSHRJV8KY5byfeEpmkgVo
L6y3/Lue2BEPgUo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-ams.rpki-client.org