Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC2A9/D8DDC1A634C611EEB4EBB070C4F9AE02/3696524A34C711EEADFD9071C4F9AE02.roa
File: 3696524A34C711EEADFD9071C4F9AE02.roa (raw, json)
Hash identifier: K7Gq4npWf6s2Vqig4HFtq98TRGw56sWRg4XLtnuTXvw=
Subject key identifier: 69:36:EE:5F:B7:81:9A:C6:B7:51:AB:5C:86:B2:61:88:EA:B6:49:94
Certificate issuer: /CN=A91DC2A9/serialNumber=3F996261AB3D1EF041661B3AEF7D8932B5702637
Certificate serial: 04
Authority key identifier: 3F:99:62:61:AB:3D:1E:F0:41:66:1B:3A:EF:7D:89:32:B5:70:26:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P5liYas9HvBBZhs6732JMrVwJjc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC2A9/D8DDC1A634C611EEB4EBB070C4F9AE02/3696524A34C711EEADFD9071C4F9AE02.roa
Signing time: Mon 07 Aug 2023 05:55:55 +0000
ROA not before: Mon 07 Aug 2023 05:55:55 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 7477
IP address blocks: 103.206.236.0/22 maxlen: 24
114.129.128.0/19 maxlen: 24
114.129.160.0/20 maxlen: 24
114.129.176.0/21 maxlen: 24
180.181.128.0/19 maxlen: 24
180.181.160.0/19 maxlen: 24
210.16.68.0/22 maxlen: 24
2401:a400::/32 maxlen: 32
2401:a400:100::/40 maxlen: 40
2401:a400:200::/40 maxlen: 40
2401:a400:300::/40 maxlen: 40
2401:a400:400::/40 maxlen: 40
2401:a400:500::/40 maxlen: 40
2401:a400:2000::/36 maxlen: 36
2401:a400:3000::/36 maxlen: 36
2401:a400:4000::/36 maxlen: 36
2401:a400:5000::/36 maxlen: 36
2401:a400:6000::/36 maxlen: 36
2401:a400:7000::/36 maxlen: 36
2401:a400:c200::/40 maxlen: 40
2401:a400:c300::/40 maxlen: 40
2401:a400:c400::/40 maxlen: 40
2401:a400:c500::/40 maxlen: 40
2401:a400:c600::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC2A9/serialNumber=3F996261AB3D1EF041661B3AEF7D8932B5702637
Validity
Not Before: Aug 7 05:55:55 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64d0876b-2eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:87:5d:d7:e5:ed:30:3b:e7:5b:f1:c6:97:38:
26:b0:c6:23:2a:54:1e:69:79:0b:03:0e:82:20:2b:
13:13:e5:01:d3:f5:12:e2:ab:34:65:4f:6b:3d:b1:
47:48:0b:09:4e:3b:84:a8:fc:3d:ca:69:98:20:1e:
cb:d2:50:ad:4c:9a:8d:f3:b7:ab:c0:5b:22:05:e4:
d3:ce:ce:0d:97:fc:32:1a:a8:d7:08:c7:18:46:dc:
3b:53:f5:ca:84:06:84:43:79:b9:38:ce:63:98:27:
25:e4:23:75:cb:1b:14:ca:ba:58:2d:21:7d:9e:96:
62:aa:27:a8:ba:46:78:2e:e3:91:d7:a5:3e:b4:f4:
36:56:8c:d8:3c:0e:61:4b:bf:09:90:96:77:17:f5:
9f:26:ce:5f:bd:7b:38:ff:94:2f:9c:dd:89:e7:a7:
4c:cc:86:fc:37:a8:32:40:1d:24:9f:4e:7c:86:fa:
e1:4f:ac:77:66:4c:06:52:31:48:03:9f:74:44:9c:
0a:78:ee:9d:1f:c4:43:27:12:e9:ab:d8:f4:cd:c4:
30:f6:ac:77:22:a3:f1:22:2f:27:bb:ed:ce:bc:b6:
26:97:93:5c:f7:94:d9:1d:87:fa:22:e4:ee:d9:24:
5d:98:e1:77:e7:a2:91:d6:44:63:bf:cb:63:ca:a9:
05:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:36:EE:5F:B7:81:9A:C6:B7:51:AB:5C:86:B2:61:88:EA:B6:49:94
X509v3 Authority Key Identifier:
keyid:3F:99:62:61:AB:3D:1E:F0:41:66:1B:3A:EF:7D:89:32:B5:70:26:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC2A9/D8DDC1A634C611EEB4EBB070C4F9AE02/P5liYas9HvBBZhs6732JMrVwJjc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P5liYas9HvBBZhs6732JMrVwJjc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC2A9/D8DDC1A634C611EEB4EBB070C4F9AE02/3696524A34C711EEADFD9071C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.206.236.0/22
114.129.128.0-114.129.183.255
180.181.128.0/18
210.16.68.0/22
IPv6:
2401:a400::/32
Signature Algorithm: sha256WithRSAEncryption
cf:e6:08:4e:95:f7:cc:e1:38:b6:51:db:06:fa:0e:08:bf:a8:
85:f9:4a:9a:69:7d:75:dc:a9:57:c2:01:b6:43:09:4e:fc:88:
50:38:37:ab:a6:b2:64:b1:3d:ca:aa:dd:35:89:41:57:d9:ce:
bc:4a:ee:6c:79:53:fd:ac:2d:b5:20:fc:b5:54:3d:1c:30:3c:
88:1a:b0:3b:f6:d7:e5:cf:56:3a:0c:fc:8c:d3:08:3a:f3:21:
d1:f0:bc:7e:95:62:3f:62:78:63:dd:40:ee:4b:bc:5c:cc:0f:
2d:7e:28:c7:a8:b5:3d:a1:39:60:0e:35:48:d5:6b:78:65:fa:
fd:cc:d3:34:75:cc:6a:32:2f:6f:40:51:71:44:23:0c:43:bc:
be:5f:97:d1:5c:06:66:3b:fc:5c:a8:94:a9:e6:da:76:21:81:
bf:b6:56:3b:08:a5:d8:21:18:e8:c3:b2:34:74:11:9f:0b:a1:
e7:9b:cf:2e:82:d0:f8:13:9a:16:c0:df:74:06:b4:f2:9a:d4:
d6:ed:31:25:45:ff:7e:87:fa:43:6d:09:a0:42:76:a3:7b:36:
b3:3d:68:e1:df:22:b0:36:4a:c4:68:35:b6:f4:27:d8:2a:37:
7c:93:e9:d0:e4:30:1f:31:b3:82:a5:d5:37:03:19:0b:31:82:
f3:45:c1:25
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
QzJBOTExMC8GA1UEBRMoM0Y5OTYyNjFBQjNEMUVGMDQxNjYxQjNBRUY3RDg5MzJC
NTcwMjYzNzAeFw0yMzA4MDcwNTU1NTVaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZDA4NzZiLTJlZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEh13X5e0wO+db8caXOCawxiMqVB5peQsDDoIgKxMT5QHT9RLiqzRlT2s9sUdI
CwlOO4So/D3KaZggHsvSUK1Mmo3zt6vAWyIF5NPOzg2X/DIaqNcIxxhG3DtT9cqE
BoRDebk4zmOYJyXkI3XLGxTKulgtIX2elmKqJ6i6Rngu45HXpT609DZWjNg8DmFL
vwmQlncX9Z8mzl+9ezj/lC+c3Ynnp0zMhvw3qDJAHSSfTnyG+uFPrHdmTAZSMUgD
n3REnAp47p0fxEMnEumr2PTNxDD2rHcio/EiLye77c68tiaXk1z3lNkdh/oi5O7Z
JF2Y4XfnopHWRGO/y2PKqQUrAgMBAAGjggK+MIICujAdBgNVHQ4EFgQUaTbuX7eB
msa3UatchrJhiOq2SZQwHwYDVR0jBBgwFoAUP5liYas9HvBBZhs6732JMrVwJjcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURDMkE5L0Q4RERDMUE2MzRD
NjExRUVCNEVCQjA3MEM0RjlBRTAyL1A1bGlZYXM5SHZCQlpoczY3MzJKTXJWd0pq
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUDVsaVlhczlIdkJCWmhzNjczMkpNclZ3SmpjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QzJBOS9EOEREQzFBNjM0QzYxMUVFQjRFQkIwNzBDNEY5QUUwMi8zNjk2NTI0QTM0
QzcxMUVFQURGRDkwNzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBIBggrBgEFBQcBBwEB/wQ5
MDcwJgQCAAEwIAMEAmfO7DAMAwQHcoGAAwQDcoGwAwQGtLWAAwQC0hBEMA0EAgAC
MAcDBQAkAaQAMA0GCSqGSIb3DQEBCwUAA4IBAQDP5ghOlffM4Ti2UdsG+g4Iv6iF
+UqaaX113KlXwgG2QwlO/IhQODerprJksT3Kqt01iUFX2c68Su5seVP9rC21IPy1
VD0cMDyIGrA79tflz1Y6DPyM0wg68yHR8Lx+lWI/Ynhj3UDuS7xczA8tfijHqLU9
oTlgDjVI1Wt4Zfr9zNM0dcxqMi9vQFFxRCMMQ7y+X5fRXAZmO/xcqJSp5tp2IYG/
tlY7CKXYIRjow7I0dBGfC6Hnm88ugtD4E5oWwN90BrTymtTW7TElRf9+h/pDbQmg
QnajezazPWjh3yKwNkrEaDW29CfYKjd8k+nQ5DAfMbOCpdU3AxkLMYLzRcEl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org