Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF8B6/40E7FABA3AA611EAAC8F1875C4F9AE02/F3B5BC4E471A11ED931EC00AC4F9AE02.roa
File: F3B5BC4E471A11ED931EC00AC4F9AE02.roa (raw, json)
Hash identifier: F1yAt8Ygmvt3Sjhz4/bxDdBdP9hpepPfE33XOqAw344=
Subject key identifier: FD:8C:F7:28:32:0E:62:E1:4C:01:53:87:B0:B1:97:3F:7E:C4:51:4A
Certificate issuer: /CN=A91EF8B6/serialNumber=AD84F4BCBEB3C9365F2827153BA69CED2A9912E2
Certificate serial: 0940
Authority key identifier: AD:84:F4:BC:BE:B3:C9:36:5F:28:27:15:3B:A6:9C:ED:2A:99:12:E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rYT0vL6zyTZfKCcVO6ac7SqZEuI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF8B6/40E7FABA3AA611EAAC8F1875C4F9AE02/F3B5BC4E471A11ED931EC00AC4F9AE02.roa
Signing time: Sat 08 Oct 2022 15:07:40 +0000
ROA not before: Sat 08 Oct 2022 15:07:40 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 132438
IP address blocks: 103.73.44.0/22 maxlen: 24
2406:ec80::/32 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2368 (0x940)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF8B6/serialNumber=AD84F4BCBEB3C9365F2827153BA69CED2A9912E2
Validity
Not Before: Oct 8 15:07:40 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6341923c-ab58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:92:2d:44:5f:63:bb:5a:20:73:18:5b:c3:6a:
d8:20:11:15:43:f9:87:d1:9f:a0:83:a5:c7:20:43:
14:d3:ff:f4:a7:98:cd:f7:af:21:39:ed:ce:9b:a5:
97:6a:1d:16:03:22:1e:ab:f7:b4:9c:7a:92:b8:69:
86:70:7c:98:38:a8:1b:bf:e1:7f:cf:4d:02:43:de:
0e:8d:a5:d4:59:f9:e4:15:1e:39:ce:dd:f4:a0:7b:
ad:f6:a6:07:fa:81:ae:c1:d8:70:87:23:49:ca:2e:
59:ea:a8:ff:fc:e4:62:c0:a4:59:63:43:b6:47:91:
76:72:d7:f8:19:09:45:8c:87:e5:1f:a2:e0:17:ff:
c3:c7:ec:97:bf:41:be:38:fd:f0:e2:86:7e:a3:71:
e7:a7:4e:e0:78:ee:99:19:14:8e:a2:a1:a6:ae:58:
5a:5f:3e:70:2a:e2:39:52:65:08:00:ab:ea:06:61:
f6:e5:91:a9:d3:21:e9:e5:db:dc:ea:17:1a:3b:e7:
63:93:d9:9a:24:5f:bd:4e:ef:e3:1b:93:0c:79:27:
18:0c:8f:cd:1d:e3:76:2e:42:dd:a1:53:e3:d9:1f:
3e:48:30:86:d5:d7:b0:7f:a1:bc:43:2d:1b:a3:10:
06:79:2a:02:03:35:c8:19:c4:de:a8:07:ac:80:19:
a6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:8C:F7:28:32:0E:62:E1:4C:01:53:87:B0:B1:97:3F:7E:C4:51:4A
X509v3 Authority Key Identifier:
keyid:AD:84:F4:BC:BE:B3:C9:36:5F:28:27:15:3B:A6:9C:ED:2A:99:12:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF8B6/40E7FABA3AA611EAAC8F1875C4F9AE02/rYT0vL6zyTZfKCcVO6ac7SqZEuI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rYT0vL6zyTZfKCcVO6ac7SqZEuI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF8B6/40E7FABA3AA611EAAC8F1875C4F9AE02/F3B5BC4E471A11ED931EC00AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.44.0/22
IPv6:
2406:ec80::/32
Signature Algorithm: sha256WithRSAEncryption
32:79:b7:6c:f6:83:89:d1:bb:91:e8:72:d2:27:7a:35:29:5e:
b0:26:c5:98:4f:44:ec:84:26:00:4c:94:aa:59:fc:94:26:f8:
92:13:6d:f6:f5:c7:d4:9a:19:3f:20:5c:13:a9:d8:3b:da:55:
86:21:8c:75:5a:3b:08:fd:41:39:77:ed:ec:8b:a8:b0:06:3c:
04:2e:9a:30:b1:22:15:ae:b9:6a:0a:67:ea:54:41:e9:74:2b:
b3:b6:55:70:09:38:8e:54:fb:f1:bc:95:61:a7:70:23:43:74:
48:7a:47:9c:70:a4:5d:15:b9:87:79:ad:9a:88:a5:ef:ff:14:
34:ab:32:ca:f7:ed:97:60:47:f7:63:0a:3c:50:36:04:bb:f2:
68:3d:a8:44:75:ca:1b:d2:c3:e3:de:65:97:19:7f:7d:7f:ec:
8c:2f:64:22:a7:2f:13:51:48:ec:3b:e0:1e:a4:4b:d5:4e:8c:
26:90:04:7e:0e:cd:ef:95:8e:df:f4:50:18:4c:fe:3d:51:97:
51:bb:d6:12:1c:a2:52:ad:bc:d8:26:e8:20:8c:b4:e0:94:f7:
e6:22:e8:a7:d6:1d:81:54:6d:d5:c3:98:50:13:f9:f4:da:cb:
72:62:7f:4d:ba:33:f4:27:58:14:65:b9:ed:c3:3c:f0:d6:05:
bf:93:42:dc
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUY4QjYxMTAvBgNVBAUTKEFEODRGNEJDQkVCM0M5MzY1RjI4MjcxNTNCQTY5Q0VE
MkE5OTEyRTIwHhcNMjIxMDA4MTUwNzQwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQxOTIzYy1hYjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ZItRF9ju1ogcxhbw2rYIBEVQ/mH0Z+gg6XHIEMU0//0p5jN968hOe3Om6WX
ah0WAyIeq/e0nHqSuGmGcHyYOKgbv+F/z00CQ94OjaXUWfnkFR45zt30oHut9qYH
+oGuwdhwhyNJyi5Z6qj//ORiwKRZY0O2R5F2ctf4GQlFjIflH6LgF//Dx+yXv0G+
OP3w4oZ+o3Hnp07geO6ZGRSOoqGmrlhaXz5wKuI5UmUIAKvqBmH25ZGp0yHp5dvc
6hcaO+djk9maJF+9Tu/jG5MMeScYDI/NHeN2LkLdoVPj2R8+SDCG1dewf6G8Qy0b
oxAGeSoCAzXIGcTeqAesgBmmrQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFP2M9ygy
DmLhTAFTh7Cxlz9+xFFKMB8GA1UdIwQYMBaAFK2E9Ly+s8k2XygnFTumnO0qmRLi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjhCNi80MEU3RkFCQTNB
QTYxMUVBQUM4RjE4NzVDNEY5QUUwMi9yWVQwdkw2enlUWmZLQ2NWTzZhYzdTcVpF
dUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JZVDB2TDZ6eVRaZktDY1ZPNmFjN1NxWkV1SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUY4QjYvNDBFN0ZBQkEzQUE2MTFFQUFDOEYxODc1QzRGOUFFMDIvRjNCNUJDNEU0
NzFBMTFFRDkzMUVDMDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnSSwwDQQCAAIwBwMFACQG7IAwDQYJKoZIhvcNAQELBQAD
ggEBADJ5t2z2g4nRu5HoctInejUpXrAmxZhPROyEJgBMlKpZ/JQm+JITbfb1x9Sa
GT8gXBOp2DvaVYYhjHVaOwj9QTl37eyLqLAGPAQumjCxIhWuuWoKZ+pUQel0K7O2
VXAJOI5U+/G8lWGncCNDdEh6R5xwpF0VuYd5rZqIpe//FDSrMsr37ZdgR/djCjxQ
NgS78mg9qER1yhvSw+PeZZcZf31/7IwvZCKnLxNRSOw74B6kS9VOjCaQBH4Oze+V
jt/0UBhM/j1Rl1G71hIcolKtvNgm6CCMtOCU9+Yi6KfWHYFUbdXDmFAT+fTay3Ji
f026M/QnWBRlue3DPPDWBb+TQtw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org