Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/6F807CCCA1DB11EDA7229653C4F9AE02.roa
File: 6F807CCCA1DB11EDA7229653C4F9AE02.roa (raw, json)
Hash identifier: QA6UlzD0N6e+Eyi15HwTmbayDYdGfb6zpf+NRWFj4RA=
Subject key identifier: D2:73:5E:F9:62:47:D4:45:6A:D0:4A:52:C5:F5:83:BA:25:8E:FD:12
Certificate issuer: /CN=A91F1ADD/serialNumber=95460D1585021D39EAD7DD5BB2B553BF474AC943
Certificate serial: 0466
Authority key identifier: 95:46:0D:15:85:02:1D:39:EA:D7:DD:5B:B2:B5:53:BF:47:4A:C9:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lUYNFYUCHTnq191bsrVTv0dKyUM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/6F807CCCA1DB11EDA7229653C4F9AE02.roa
Signing time: Thu 25 Jan 2024 01:23:28 +0000
ROA not before: Thu 25 Jan 2024 01:23:28 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 138497
IP address blocks: 103.127.44.0/22 maxlen: 24
2404:18c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1126 (0x466)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F1ADD/serialNumber=95460D1585021D39EAD7DD5BB2B553BF474AC943
Validity
Not Before: Jan 25 01:23:28 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65b1b810-957d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:38:af:8f:2f:86:b2:71:21:d3:43:68:d8:28:
4f:ab:74:ce:70:53:ef:ee:fe:a6:2b:c8:89:8c:82:
be:d7:d3:c7:49:a6:1b:19:4b:ea:65:b3:45:9f:e7:
90:4c:20:4d:b6:15:8d:25:26:a2:4e:07:5a:d1:de:
fd:3d:0d:fc:c5:a2:0f:5f:3a:f4:f0:6f:12:87:72:
23:6b:75:6c:84:96:d4:ba:11:1c:60:2f:bf:9b:e6:
d6:cd:91:97:04:af:94:fd:d0:04:7d:f7:78:b0:5d:
66:f5:27:75:24:9e:a6:d0:b6:2b:ef:9c:1f:6b:a5:
ca:6b:e3:fa:46:93:83:c4:4d:67:2b:64:84:54:c1:
d5:e3:e5:4e:f7:70:2b:3e:02:52:2c:b5:b5:58:e5:
8f:6c:e3:62:01:df:66:79:fd:a9:79:c8:55:97:1c:
b2:cc:9e:fa:37:47:3b:f6:a9:ae:be:98:31:99:c1:
28:51:cb:24:1b:f4:1d:c2:69:94:4d:7a:8e:c2:a1:
0b:4f:9e:97:dd:e9:87:90:50:82:4f:ba:cc:d0:f7:
9f:5f:3c:19:39:c9:be:03:5b:8f:3c:e5:a6:8b:d9:
ad:56:cb:94:f4:6b:54:34:24:28:f9:d8:92:b9:5a:
c4:3a:72:3d:d2:be:8e:4b:63:f3:0e:f1:90:9c:21:
c5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:73:5E:F9:62:47:D4:45:6A:D0:4A:52:C5:F5:83:BA:25:8E:FD:12
X509v3 Authority Key Identifier:
keyid:95:46:0D:15:85:02:1D:39:EA:D7:DD:5B:B2:B5:53:BF:47:4A:C9:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/lUYNFYUCHTnq191bsrVTv0dKyUM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lUYNFYUCHTnq191bsrVTv0dKyUM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/6F807CCCA1DB11EDA7229653C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.44.0/22
IPv6:
2404:18c0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:d4:03:07:f8:82:5b:2b:a7:8b:fe:ae:5a:6a:14:32:46:77:
c1:43:86:32:6a:a1:06:71:94:a2:5b:fa:52:23:7c:43:5c:d6:
c7:dd:31:30:5d:3e:63:a4:fb:d3:dc:84:0e:9b:85:8b:99:68:
2f:8a:8f:85:2b:7a:06:7a:cd:58:aa:fb:82:c6:a4:22:cf:4c:
b5:e4:d9:5c:b6:f5:5b:f3:81:ae:43:b7:27:a4:1f:74:0e:31:
97:73:fe:9f:20:5c:8a:9a:d6:cd:35:23:ea:57:94:b7:7e:75:
93:15:64:20:26:ea:a2:6b:cd:86:bc:2d:2f:34:ed:03:52:89:
26:85:79:17:60:37:22:3d:83:79:48:f4:63:5c:9f:a0:6f:56:
e9:f5:cf:5c:a5:01:d8:f2:87:54:27:5d:43:95:e2:2b:0c:f4:
4d:e1:48:f6:25:4b:c7:1a:ca:5d:3a:ea:22:5b:32:48:f4:88:
bc:25:11:1d:27:e6:f9:92:00:da:ee:69:34:2d:73:01:31:61:
c3:34:27:c1:c0:e6:ec:69:b4:fc:db:04:db:12:c6:aa:60:27:
d6:67:76:e1:eb:b9:b0:bc:2c:df:21:b7:1c:f6:92:23:07:b5:
36:ac:91:d2:14:cb:cb:b8:3f:28:e9:15:a6:33:4b:86:13:d6:
9e:c8:2b:81
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBGYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjFBREQxMTAvBgNVBAUTKDk1NDYwRDE1ODUwMjFEMzlFQUQ3REQ1QkIyQjU1M0JG
NDc0QUM5NDMwHhcNMjQwMTI1MDEyMzI4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWIxYjgxMC05NTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyjivjy+GsnEh00No2ChPq3TOcFPv7v6mK8iJjIK+19PHSaYbGUvqZbNFn+eQ
TCBNthWNJSaiTgda0d79PQ38xaIPXzr08G8Sh3Ija3VshJbUuhEcYC+/m+bWzZGX
BK+U/dAEffd4sF1m9Sd1JJ6m0LYr75wfa6XKa+P6RpODxE1nK2SEVMHV4+VO93Ar
PgJSLLW1WOWPbONiAd9mef2pechVlxyyzJ76N0c79qmuvpgxmcEoUcskG/QdwmmU
TXqOwqELT56X3emHkFCCT7rM0PefXzwZOcm+A1uPPOWmi9mtVsuU9GtUNCQo+diS
uVrEOnI90r6OS2PzDvGQnCHFLQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNJzXvli
R9RFatBKUsX1g7oljv0SMB8GA1UdIwQYMBaAFJVGDRWFAh056tfdW7K1U79HSslD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMUFERC9ERkFEOUExQ0Yx
MzIxMUVCOEFCNEQ0NEFDNEY5QUUwMi9sVVlORllVQ0hUbnExOTFic3JWVHYwZEt5
VU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xVWU5GWVVDSFRucTE5MWJzclZUdjBkS3lVTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjFBREQvREZBRDlBMUNGMTMyMTFFQjhBQjRENDRBQzRGOUFFMDIvNkY4MDdDQ0NB
MURCMTFFREE3MjI5NjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnfywwDQQCAAIwBwMFACQEGMAwDQYJKoZIhvcNAQELBQAD
ggEBABzUAwf4glsrp4v+rlpqFDJGd8FDhjJqoQZxlKJb+lIjfENc1sfdMTBdPmOk
+9PchA6bhYuZaC+Kj4UregZ6zViq+4LGpCLPTLXk2Vy29Vvzga5DtyekH3QOMZdz
/p8gXIqa1s01I+pXlLd+dZMVZCAm6qJrzYa8LS807QNSiSaFeRdgNyI9g3lI9GNc
n6BvVun1z1ylAdjyh1QnXUOV4isM9E3hSPYlS8cayl066iJbMkj0iLwlER0n5vmS
ANruaTQtcwExYcM0J8HA5uxptPzbBNsSxqpgJ9ZnduHrubC8LN8htxz2kiMHtTas
kdIUy8u4PyjpFaYzS4YT1p7IK4E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org