Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF3B6/508ACD28BC9911EBA1AB564BC4F9AE02/FEEE21CABC9A11EBA48DF14CC4F9AE02.roa
File: FEEE21CABC9A11EBA48DF14CC4F9AE02.roa (raw, json)
Hash identifier: xydAaO8r8gH7RNg4SGKh9JvGyw/Nis5O2+8d+Zm7Rqs=
Subject key identifier: 7B:7C:03:D8:9B:37:14:4C:16:7D:42:71:50:0C:F7:22:28:08:88:86
Certificate issuer: /CN=A91FF3B6/serialNumber=660EDDBB35D53756C306BD8CD917DACFF7896CBD
Certificate serial: 045D
Authority key identifier: 66:0E:DD:BB:35:D5:37:56:C3:06:BD:8C:D9:17:DA:CF:F7:89:6C:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zg7duzXVN1bDBr2M2Rfaz_eJbL0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF3B6/508ACD28BC9911EBA1AB564BC4F9AE02/FEEE21CABC9A11EBA48DF14CC4F9AE02.roa
Signing time: Wed 31 May 2023 02:30:28 +0000
ROA not before: Wed 31 May 2023 02:30:28 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 132220
IP address blocks: 45.248.16.0/22 maxlen: 22
45.248.16.0/24 maxlen: 24
45.248.17.0/24 maxlen: 24
45.248.18.0/24 maxlen: 24
45.248.19.0/24 maxlen: 24
103.216.164.0/22 maxlen: 22
103.216.164.0/24 maxlen: 24
103.216.165.0/24 maxlen: 24
103.216.166.0/24 maxlen: 24
103.216.167.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1117 (0x45d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF3B6/serialNumber=660EDDBB35D53756C306BD8CD917DACFF7896CBD
Validity
Not Before: May 31 02:30:28 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6476b143-d8bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:cc:44:ae:65:05:a5:9a:df:02:eb:9f:f2:06:
2e:01:4d:53:24:b1:bd:66:b3:ec:5a:87:4c:1f:2a:
93:27:88:76:54:df:b4:47:63:6d:07:1d:f0:1d:d0:
c3:14:f4:c2:47:34:d0:6a:61:f9:be:4a:0f:de:b0:
1f:5b:c2:7f:b5:39:fe:49:3d:ad:0a:f8:b6:d8:0f:
37:c9:38:df:87:d9:55:9a:12:10:53:8d:69:f7:04:
3e:88:88:a2:e0:d9:30:dd:83:bb:c5:7e:82:72:18:
51:79:f4:86:54:c9:a7:e5:3c:b0:be:49:83:ec:07:
17:fa:fb:f9:42:45:83:35:4f:35:62:16:20:de:b5:
f6:63:60:38:33:a3:c5:9b:59:25:45:1c:98:ef:d7:
ed:35:28:fb:b6:45:d0:29:2d:24:57:2b:db:59:b2:
2c:6b:e3:10:a3:fb:10:ba:53:f1:d7:0e:88:4f:6a:
b0:b9:50:a2:3a:a4:32:ee:60:fe:0a:9b:f6:3a:f7:
f6:0b:ae:b1:11:1b:4e:95:d9:45:e7:3a:c1:8e:ad:
d9:74:b9:86:3d:25:6f:78:40:c4:6f:56:c9:fb:b9:
24:0b:d3:0d:d0:76:c6:b3:7e:13:bc:f5:5c:40:0c:
c3:a2:80:cd:aa:a2:7a:e1:88:6e:a1:fd:13:16:f2:
e6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:7C:03:D8:9B:37:14:4C:16:7D:42:71:50:0C:F7:22:28:08:88:86
X509v3 Authority Key Identifier:
keyid:66:0E:DD:BB:35:D5:37:56:C3:06:BD:8C:D9:17:DA:CF:F7:89:6C:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF3B6/508ACD28BC9911EBA1AB564BC4F9AE02/Zg7duzXVN1bDBr2M2Rfaz_eJbL0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zg7duzXVN1bDBr2M2Rfaz_eJbL0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF3B6/508ACD28BC9911EBA1AB564BC4F9AE02/FEEE21CABC9A11EBA48DF14CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.16.0/22
103.216.164.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:b3:43:1e:7d:52:ac:dc:8b:72:45:2f:2c:fe:fe:d3:60:9e:
5a:dd:b6:94:4d:f4:6a:74:e0:16:95:32:91:db:6b:23:d2:c0:
d1:16:61:f7:d3:b6:e5:2e:2e:02:aa:10:3c:bc:44:dd:cf:ce:
77:e2:f9:3c:52:ea:de:a6:d9:17:04:fd:55:f9:4b:64:0d:6f:
22:4a:87:56:87:39:95:19:90:cb:bf:1a:59:87:04:71:fa:f2:
bc:b8:fc:0f:21:8b:2d:58:8f:d7:e7:4f:16:44:fd:d7:ac:8e:
91:5b:1a:4e:81:59:7f:f8:26:f8:87:b3:a0:42:4c:4a:c5:c8:
bf:0f:e7:40:0b:3e:90:4a:fd:83:67:be:a9:1d:67:8d:ad:91:
31:bd:2c:22:3a:78:91:97:00:b3:e2:ca:30:f9:d4:8c:65:1a:
ce:52:74:5c:dd:5e:69:32:64:42:b9:26:0a:2b:76:f3:c8:c3:
42:13:ca:8a:47:c6:9a:22:41:62:c9:a0:d8:12:05:a5:93:98:
70:e0:d3:39:a4:a4:b9:df:e3:ac:f6:31:26:5c:1a:3f:97:97:
d8:1a:e6:69:3f:5e:5c:22:ee:ac:66:54:f8:0d:5e:04:87:65:
54:a2:7b:be:e9:6d:1d:d6:cc:c7:46:8d:32:68:a2:7b:8f:66:
fe:54:1e:75
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBF0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkYzQjYxMTAvBgNVBAUTKDY2MEVEREJCMzVENTM3NTZDMzA2QkQ4Q0Q5MTdEQUNG
Rjc4OTZDQkQwHhcNMjMwNTMxMDIzMDI4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc2YjE0My1kOGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2cxErmUFpZrfAuuf8gYuAU1TJLG9ZrPsWodMHyqTJ4h2VN+0R2NtBx3wHdDD
FPTCRzTQamH5vkoP3rAfW8J/tTn+ST2tCvi22A83yTjfh9lVmhIQU41p9wQ+iIii
4Nkw3YO7xX6CchhRefSGVMmn5TywvkmD7AcX+vv5QkWDNU81YhYg3rX2Y2A4M6PF
m1klRRyY79ftNSj7tkXQKS0kVyvbWbIsa+MQo/sQulPx1w6IT2qwuVCiOqQy7mD+
Cpv2Ovf2C66xERtOldlF5zrBjq3ZdLmGPSVveEDEb1bJ+7kkC9MN0HbGs34TvPVc
QAzDooDNqqJ64Yhuof0TFvLm/QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHt8A9ib
NxRMFn1CcVAM9yIoCIiGMB8GA1UdIwQYMBaAFGYO3bs11TdWwwa9jNkX2s/3iWy9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjNCNi81MDhBQ0QyOEJD
OTkxMUVCQTFBQjU2NEJDNEY5QUUwMi9aZzdkdXpYVk4xYkRCcjJNMlJmYXpfZUpi
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pnN2R1elhWTjFiREJyMk0yUmZhel9lSmJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkYzQjYvNTA4QUNEMjhCQzk5MTFFQkExQUI1NjRCQzRGOUFFMDIvRkVFRTIxQ0FC
QzlBMTFFQkE0OERGMTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIt+BADBAJn2KQwDQYJKoZIhvcNAQELBQADggEBAAyzQx59
Uqzci3JFLyz+/tNgnlrdtpRN9Gp04BaVMpHbayPSwNEWYffTtuUuLgKqEDy8RN3P
znfi+TxS6t6m2RcE/VX5S2QNbyJKh1aHOZUZkMu/GlmHBHH68ry4/A8hiy1Yj9fn
TxZE/desjpFbGk6BWX/4JviHs6BCTErFyL8P50ALPpBK/YNnvqkdZ42tkTG9LCI6
eJGXALPiyjD51IxlGs5SdFzdXmkyZEK5JgordvPIw0ITyopHxpoiQWLJoNgSBaWT
mHDg0zmkpLnf46z2MSZcGj+Xl9ga5mk/Xlwi7qxmVPgNXgSHZVSie77pbR3WzMdG
jTJoonuPZv5UHnU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org