Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/80F1F012830F11ECB9EC4581C4F9AE02.roa
File: 80F1F012830F11ECB9EC4581C4F9AE02.roa (raw, json)
Hash identifier: eTvt3xRwdtURubp4qo+Ncywy03jURSc1/qSToG9z8Ts=
Subject key identifier: DF:94:12:53:71:E9:DB:D9:DC:69:58:17:0F:B7:96:C3:5A:B3:C4:1D
Certificate issuer: /CN=A91F1ADD/serialNumber=95460D1585021D39EAD7DD5BB2B553BF474AC943
Certificate serial: 01CA
Authority key identifier: 95:46:0D:15:85:02:1D:39:EA:D7:DD:5B:B2:B5:53:BF:47:4A:C9:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lUYNFYUCHTnq191bsrVTv0dKyUM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/80F1F012830F11ECB9EC4581C4F9AE02.roa
Signing time: Fri 11 Mar 2022 15:33:59 +0000
ROA not before: Fri 11 Mar 2022 15:33:59 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 138497
IP address blocks: 103.127.44.0/22 maxlen: 24
2404:18c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 458 (0x1ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F1ADD/serialNumber=95460D1585021D39EAD7DD5BB2B553BF474AC943
Validity
Not Before: Mar 11 15:33:59 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=622b6be6-3ce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ab:88:88:72:25:ac:fb:d8:d7:f5:2f:3f:32:
30:6f:24:44:9f:68:0f:5a:c9:3e:d7:43:0e:85:8f:
91:41:48:d9:9c:cc:90:ce:17:5a:bf:fe:1e:97:09:
f8:06:48:f2:98:de:cf:e8:73:e1:f3:de:7a:1a:bb:
57:9c:07:63:82:92:e3:f9:8f:c3:58:eb:ca:89:6c:
20:08:55:af:87:59:80:b7:c1:15:3c:76:f6:ae:65:
32:78:15:93:a5:c5:96:46:b8:94:17:d3:b0:4a:dd:
e2:f4:22:12:fd:42:e4:e5:27:80:89:71:58:0e:97:
d5:4d:00:c0:6d:04:ee:de:7f:78:a4:cb:5e:02:95:
99:81:f5:c9:3f:6a:00:ed:8c:0b:33:33:73:ac:ae:
e5:c5:bc:fa:1a:44:e4:51:bb:79:fd:30:dd:33:6f:
74:56:d8:c4:07:7e:10:c9:98:a0:a6:0f:57:e7:ab:
cb:af:7f:cb:05:33:36:ee:c8:7e:bb:2b:6c:fc:08:
10:f8:1a:cd:e6:66:4a:23:fc:5a:45:cd:bf:40:b5:
55:af:5d:d3:2b:67:24:ab:eb:2c:ca:ba:0e:60:f2:
39:e0:79:4b:a4:89:bc:fd:eb:db:cc:2a:c9:09:ee:
eb:05:87:8f:65:c3:9d:84:54:6b:61:82:d3:0c:6e:
1f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:94:12:53:71:E9:DB:D9:DC:69:58:17:0F:B7:96:C3:5A:B3:C4:1D
X509v3 Authority Key Identifier:
keyid:95:46:0D:15:85:02:1D:39:EA:D7:DD:5B:B2:B5:53:BF:47:4A:C9:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/lUYNFYUCHTnq191bsrVTv0dKyUM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lUYNFYUCHTnq191bsrVTv0dKyUM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/80F1F012830F11ECB9EC4581C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.44.0/22
IPv6:
2404:18c0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:28:b1:0c:af:1c:0d:53:4c:24:d3:ba:cd:ea:b8:c0:06:4d:
00:f3:cc:75:c1:9d:69:cc:ea:32:1d:e2:bf:65:45:9d:aa:bc:
c1:36:71:76:42:ed:66:e1:6e:9d:8d:d9:14:71:1a:68:ab:6d:
d9:b1:eb:bc:d7:18:b7:02:0a:e8:d1:1b:b6:59:0f:ec:37:b8:
56:0a:2e:db:a4:3f:a9:05:a0:4d:db:4e:2b:cf:83:3c:c4:e6:
69:be:53:fa:c9:c5:7c:ff:8f:24:48:2f:c0:0e:c0:f3:69:1f:
ec:32:c7:52:01:e0:a5:6b:c0:6b:fe:91:51:ce:25:ce:58:73:
0c:e9:e7:ad:b3:ff:a7:fc:89:e2:ec:ba:fa:56:ee:e8:dd:f4:
f1:17:e0:71:eb:46:64:65:d0:60:b5:68:f2:75:6e:dd:6f:28:
8c:78:96:56:08:71:64:33:5b:92:55:6a:7b:cb:82:79:4f:67:
d9:8d:fc:26:87:56:bb:23:9b:36:71:cf:2b:b8:9a:db:0d:d6:
7d:5b:f1:e9:db:40:22:7b:8a:1b:ee:de:8d:ef:ea:96:a2:5b:
16:9e:4f:c7:48:a7:6b:d7:5d:bf:27:e6:bc:6d:3c:48:fd:72:
66:18:c1:f8:d6:e4:e7:0b:b7:ff:b7:4e:29:8c:2e:35:d2:65:
9e:46:ea:19
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjFBREQxMTAvBgNVBAUTKDk1NDYwRDE1ODUwMjFEMzlFQUQ3REQ1QkIyQjU1M0JG
NDc0QUM5NDMwHhcNMjIwMzExMTUzMzU5WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjJiNmJlNi0zY2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxauIiHIlrPvY1/UvPzIwbyREn2gPWsk+10MOhY+RQUjZnMyQzhdav/4elwn4
BkjymN7P6HPh8956GrtXnAdjgpLj+Y/DWOvKiWwgCFWvh1mAt8EVPHb2rmUyeBWT
pcWWRriUF9OwSt3i9CIS/ULk5SeAiXFYDpfVTQDAbQTu3n94pMteApWZgfXJP2oA
7YwLMzNzrK7lxbz6GkTkUbt5/TDdM290VtjEB34QyZigpg9X56vLr3/LBTM27sh+
uyts/AgQ+BrN5mZKI/xaRc2/QLVVr13TK2ckq+ssyroOYPI54HlLpIm8/evbzCrJ
Ce7rBYePZcOdhFRrYYLTDG4f2QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFN+UElNx
6dvZ3GlYFw+3lsNas8QdMB8GA1UdIwQYMBaAFJVGDRWFAh056tfdW7K1U79HSslD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMUFERC9ERkFEOUExQ0Yx
MzIxMUVCOEFCNEQ0NEFDNEY5QUUwMi9sVVlORllVQ0hUbnExOTFic3JWVHYwZEt5
VU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xVWU5GWVVDSFRucTE5MWJzclZUdjBkS3lVTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjFBREQvREZBRDlBMUNGMTMyMTFFQjhBQjRENDRBQzRGOUFFMDIvODBGMUYwMTI4
MzBGMTFFQ0I5RUM0NTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnfywwDQQCAAIwBwMFACQEGMAwDQYJKoZIhvcNAQELBQAD
ggEBAG8osQyvHA1TTCTTus3quMAGTQDzzHXBnWnM6jId4r9lRZ2qvME2cXZC7Wbh
bp2N2RRxGmirbdmx67zXGLcCCujRG7ZZD+w3uFYKLtukP6kFoE3bTivPgzzE5mm+
U/rJxXz/jyRIL8AOwPNpH+wyx1IB4KVrwGv+kVHOJc5Ycwzp562z/6f8ieLsuvpW
7ujd9PEX4HHrRmRl0GC1aPJ1bt1vKIx4llYIcWQzW5JVanvLgnlPZ9mN/CaHVrsj
mzZxzyu4mtsN1n1b8enbQCJ7ihvu3o3v6paiWxaeT8dIp2vXXb8n5rxtPEj9cmYY
wfjW5OcLt/+3TimMLjXSZZ5G6hk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org