Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F87BB/9DF0DFBE7DE911ECBEA08E0FC4F9AE02/354800567DED11ECB7B03F18C4F9AE02.roa
File: 354800567DED11ECB7B03F18C4F9AE02.roa (raw, json)
Hash identifier: 782nuAQkJG7yC4M2f0CRCLNzVgwH/RESsvcNP0G3G9U=
Subject key identifier: 0A:D9:F6:F9:08:B6:C3:2F:FC:65:79:16:FA:1B:A6:E0:77:28:11:FA
Certificate issuer: /CN=A91F87BB/serialNumber=B319DF1455D8A2E1498CDC5D491569831C5AFDA1
Certificate serial: 0256
Authority key identifier: B3:19:DF:14:55:D8:A2:E1:49:8C:DC:5D:49:15:69:83:1C:5A:FD:A1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sxnfFFXYouFJjNxdSRVpgxxa_aE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F87BB/9DF0DFBE7DE911ECBEA08E0FC4F9AE02/354800567DED11ECB7B03F18C4F9AE02.roa
Signing time: Wed 29 Mar 2023 04:14:03 +0000
ROA not before: Wed 29 Mar 2023 04:14:03 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 139611
IP address blocks: 103.180.54.0/23 maxlen: 23
103.180.54.0/24 maxlen: 24
103.180.55.0/24 maxlen: 24
2400:51e0::/32 maxlen: 32
2400:51e0:1000::/36 maxlen: 36
2400:51e0:1001::/48 maxlen: 48
2400:51e0:1002::/48 maxlen: 48
2400:51e0:1003::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 598 (0x256)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F87BB/serialNumber=B319DF1455D8A2E1498CDC5D491569831C5AFDA1
Validity
Not Before: Mar 29 04:14:03 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6423bb0b-597d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:74:96:ee:22:df:f0:bc:a8:3b:0a:b2:6b:76:
c3:48:e2:93:56:87:98:b6:61:6e:96:47:9f:02:10:
86:d9:3f:da:5b:9f:ab:ea:0d:55:2d:62:8b:f9:0e:
11:6d:6d:50:fa:40:82:03:18:63:1c:5f:73:5c:93:
47:ab:e8:47:f8:be:73:4d:78:ab:a8:4e:df:9c:0f:
32:48:65:c8:1a:a5:b0:61:85:4c:5a:aa:64:c1:ca:
65:3f:0c:87:40:c0:5b:14:87:d7:e6:f4:81:1c:0a:
7d:22:d0:cf:f2:4a:ae:c9:91:3a:de:3b:09:cc:cf:
ce:62:29:bb:db:9e:d6:8d:a9:9a:66:3f:ed:96:d1:
d3:c0:2a:4c:dc:6f:23:ab:4b:4e:5f:79:0c:52:36:
00:66:99:35:33:2a:08:23:b1:87:26:43:d7:02:6c:
74:99:72:c8:f6:65:21:ad:f2:8c:9f:3a:b9:38:90:
75:a4:d7:5f:75:b4:01:4f:94:f5:11:c2:0c:ac:fc:
6c:c3:46:ba:5d:aa:e6:06:76:fb:61:8d:a0:1a:3f:
32:c5:5a:a3:43:e7:ed:0b:b2:3a:d8:55:bc:f6:27:
08:2b:c6:c1:5c:91:b3:63:03:6a:6f:98:db:36:d2:
44:68:71:61:22:ca:e8:f2:2b:bc:b8:8b:dd:83:6b:
e5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D9:F6:F9:08:B6:C3:2F:FC:65:79:16:FA:1B:A6:E0:77:28:11:FA
X509v3 Authority Key Identifier:
keyid:B3:19:DF:14:55:D8:A2:E1:49:8C:DC:5D:49:15:69:83:1C:5A:FD:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F87BB/9DF0DFBE7DE911ECBEA08E0FC4F9AE02/sxnfFFXYouFJjNxdSRVpgxxa_aE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sxnfFFXYouFJjNxdSRVpgxxa_aE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F87BB/9DF0DFBE7DE911ECBEA08E0FC4F9AE02/354800567DED11ECB7B03F18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.54.0/23
IPv6:
2400:51e0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:c9:df:d6:1a:5d:fa:b9:4d:5a:a3:86:94:92:11:d9:44:9f:
9d:2a:95:ab:43:c7:6d:ba:64:ba:fd:8a:0a:14:4c:cb:c1:f7:
a9:a8:de:83:85:c8:f0:93:ed:be:3b:77:90:0f:32:f8:53:84:
d5:29:ea:db:b8:75:54:46:3f:21:7d:49:01:fe:a1:d5:e1:e8:
a0:9e:51:cf:60:8a:de:b2:a8:86:06:26:a7:7c:34:de:69:e3:
c7:d1:4f:cd:b1:51:9a:df:8b:8f:b3:2f:df:d2:fe:12:5c:b3:
40:3a:f3:89:be:31:43:f3:fa:60:e9:21:2c:7a:e5:33:83:63:
26:21:79:9c:70:38:a9:29:4b:04:0b:8e:77:21:30:1e:98:72:
89:14:7c:23:b9:fe:e7:ee:98:a5:37:32:f4:11:45:c6:e7:6f:
fb:c8:46:c8:62:3b:7a:d1:09:56:a1:1c:f5:e9:89:ac:c6:52:
fa:87:5e:d0:73:41:0b:83:8e:51:6c:1a:90:65:c7:8a:c5:2d:
12:05:f2:8f:e9:d5:19:14:7b:b2:f7:a3:5e:0e:2a:37:9a:3c:
7b:32:9e:79:1a:71:12:44:42:9e:3f:f0:76:30:6c:c9:75:c0:
a1:a3:69:e9:36:c6:c2:93:ae:e9:cf:70:d0:4a:f2:bf:a2:da:
10:56:f2:a9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAlYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg3QkIxMTAvBgNVBAUTKEIzMTlERjE0NTVEOEEyRTE0OThDREM1RDQ5MTU2OTgz
MUM1QUZEQTEwHhcNMjMwMzI5MDQxNDAzWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIzYmIwYi01OTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAynSW7iLf8LyoOwqya3bDSOKTVoeYtmFulkefAhCG2T/aW5+r6g1VLWKL+Q4R
bW1Q+kCCAxhjHF9zXJNHq+hH+L5zTXirqE7fnA8ySGXIGqWwYYVMWqpkwcplPwyH
QMBbFIfX5vSBHAp9ItDP8kquyZE63jsJzM/OYim7257WjamaZj/tltHTwCpM3G8j
q0tOX3kMUjYAZpk1MyoII7GHJkPXAmx0mXLI9mUhrfKMnzq5OJB1pNdfdbQBT5T1
EcIMrPxsw0a6XarmBnb7YY2gGj8yxVqjQ+ftC7I62FW89icIK8bBXJGzYwNqb5jb
NtJEaHFhIsro8iu8uIvdg2vllwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFArZ9vkI
tsMv/GV5FvobpuB3KBH6MB8GA1UdIwQYMBaAFLMZ3xRV2KLhSYzcXUkVaYMcWv2h
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODdCQi85REYwREZCRTdE
RTkxMUVDQkVBMDhFMEZDNEY5QUUwMi9zeG5mRkZYWW91RkpqTnhkU1JWcGd4eGFf
YUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3N4bmZGRlhZb3VGSmpOeGRTUlZwZ3h4YV9hRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjg3QkIvOURGMERGQkU3REU5MTFFQ0JFQTA4RTBGQzRGOUFFMDIvMzU0ODAwNTY3
REVEMTFFQ0I3QjAzRjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFntDYwDQQCAAIwBwMFACQAUeAwDQYJKoZIhvcNAQELBQAD
ggEBAIzJ39YaXfq5TVqjhpSSEdlEn50qlatDx226ZLr9igoUTMvB96mo3oOFyPCT
7b47d5APMvhThNUp6tu4dVRGPyF9SQH+odXh6KCeUc9git6yqIYGJqd8NN5p48fR
T82xUZrfi4+zL9/S/hJcs0A684m+MUPz+mDpISx65TODYyYheZxwOKkpSwQLjnch
MB6YcokUfCO5/ufumKU3MvQRRcbnb/vIRshiO3rRCVahHPXpiazGUvqHXtBzQQuD
jlFsGpBlx4rFLRIF8o/p1RkUe7L3o14OKjeaPHsynnkacRJEQp4/8HYwbMl1wKGj
aek2xsKTrunPcNBK8r+i2hBW8qk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:39 2024 by rpki-client on console-ams.rpki-client.org