Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911862D/32879D3AE8BA11E78A6A7042C4F9AE02/2B9355A4F0C211ECB0E27866C4F9AE02.roa
File: 2B9355A4F0C211ECB0E27866C4F9AE02.roa (raw, json)
Hash identifier: wZFOW4xPjlZ7CUr8NKlBNDWhmfp8S+cXRvwZ8b2Zx34=
Subject key identifier: 6E:FD:68:08:B9:CC:55:CA:48:D9:4F:B1:6A:95:F1:E1:AA:CF:57:EA
Certificate issuer: /CN=A911862D/serialNumber=D8C673095E82A9B7E7DFCD46580F7831A8D18ACA
Certificate serial: 145C
Authority key identifier: D8:C6:73:09:5E:82:A9:B7:E7:DF:CD:46:58:0F:78:31:A8:D1:8A:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2MZzCV6Cqbfn381GWA94MajRiso.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911862D/32879D3AE8BA11E78A6A7042C4F9AE02/2B9355A4F0C211ECB0E27866C4F9AE02.roa
Signing time: Mon 20 Jun 2022 17:55:30 +0000
ROA not before: Mon 20 Jun 2022 17:55:30 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 138658
IP address blocks: 103.106.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5212 (0x145c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911862D/serialNumber=D8C673095E82A9B7E7DFCD46580F7831A8D18ACA
Validity
Not Before: Jun 20 17:55:30 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=62b0b491-86c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:77:5d:9c:de:77:9e:76:ae:8e:22:2f:53:1b:
99:9c:dd:d0:32:09:42:ee:f3:7b:f5:3b:13:20:16:
36:9d:f2:6c:16:35:ca:2b:a3:e3:a8:41:15:0e:7a:
a0:4d:86:9c:b7:e0:5e:27:a3:2d:4d:3b:34:8f:60:
a4:b5:15:37:b3:d3:0c:a2:d1:fb:94:87:7e:6a:1d:
a1:7f:c3:a4:e6:14:26:43:5f:63:22:5d:e6:cd:cb:
fe:04:37:9d:db:34:d6:85:a0:ad:78:d1:a4:17:7e:
c0:51:dd:ca:c6:13:de:b6:54:1a:51:80:4b:9b:c0:
13:07:16:96:91:cb:ad:eb:37:43:99:30:ca:74:c7:
21:26:ec:b8:f2:ea:aa:d2:3b:6c:25:c8:97:8b:fe:
88:e7:73:21:aa:3d:d8:ea:af:0c:76:73:b8:58:07:
b7:e0:97:14:da:2e:3c:99:dc:21:f2:19:8a:84:e4:
74:22:4b:17:e8:45:62:89:5f:9f:89:21:9f:35:51:
fa:a1:dd:60:13:da:83:99:c5:65:14:c1:87:12:73:
3d:fe:ba:51:f4:a3:90:b9:4b:6a:31:67:a7:69:d5:
cc:9b:f9:19:5a:c9:f7:84:ca:44:d2:10:1f:25:39:
05:90:f0:4c:8b:6d:9b:d6:a5:3e:b4:26:38:f0:de:
9d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:FD:68:08:B9:CC:55:CA:48:D9:4F:B1:6A:95:F1:E1:AA:CF:57:EA
X509v3 Authority Key Identifier:
keyid:D8:C6:73:09:5E:82:A9:B7:E7:DF:CD:46:58:0F:78:31:A8:D1:8A:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911862D/32879D3AE8BA11E78A6A7042C4F9AE02/2MZzCV6Cqbfn381GWA94MajRiso.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2MZzCV6Cqbfn381GWA94MajRiso.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911862D/32879D3AE8BA11E78A6A7042C4F9AE02/2B9355A4F0C211ECB0E27866C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.59.0/24
Signature Algorithm: sha256WithRSAEncryption
19:15:ee:c8:72:97:fc:03:ae:43:3c:47:d5:1d:2b:db:8a:ac:
41:42:c6:c7:18:18:66:a5:43:1d:91:5c:3d:9c:61:15:09:31:
a8:ad:ad:e8:c9:10:e6:1e:18:10:46:75:e1:9d:49:53:f5:ac:
fc:8e:e4:e3:ef:29:20:a9:d7:49:15:b1:3c:8d:70:ed:43:5e:
5b:11:5b:d2:2f:c1:65:99:e0:4f:d7:56:24:03:52:1b:01:0b:
a5:0f:e6:c7:bf:5c:26:43:1b:1d:a0:19:8f:86:11:7e:76:7d:
12:3d:af:62:c9:e9:1f:f3:4a:c6:d5:11:93:7e:78:83:5a:c8:
93:aa:b7:1c:7f:10:ba:be:f4:f9:4e:3d:d8:dc:19:e4:4b:61:
30:2b:d3:45:37:83:3c:f6:b9:7b:fe:2f:e3:42:a6:0a:7a:44:
26:8f:2e:64:06:b1:bd:68:a3:b1:09:89:06:f9:3d:7d:ce:d7:
56:df:2b:30:9e:86:b2:34:c2:0a:06:bb:19:82:5f:05:80:86:
b5:f9:98:d7:85:e8:f2:5e:fd:90:c7:9f:2d:c5:70:92:98:66:
6e:5a:54:a5:03:7f:af:37:e4:be:46:f3:ae:87:b7:30:70:ca:
8c:a5:e4:d3:48:a1:44:f6:ae:97:2d:4e:af:70:f5:c2:cb:ca:
56:cc:0c:9a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFFwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTg2MkQxMTAvBgNVBAUTKEQ4QzY3MzA5NUU4MkE5QjdFN0RGQ0Q0NjU4MEY3ODMx
QThEMThBQ0EwHhcNMjIwNjIwMTc1NTMwWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmIwYjQ5MS04NmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7nddnN53nnaujiIvUxuZnN3QMglC7vN79TsTIBY2nfJsFjXKK6PjqEEVDnqg
TYact+BeJ6MtTTs0j2CktRU3s9MMotH7lId+ah2hf8Ok5hQmQ19jIl3mzcv+BDed
2zTWhaCteNGkF37AUd3KxhPetlQaUYBLm8ATBxaWkcut6zdDmTDKdMchJuy48uqq
0jtsJciXi/6I53Mhqj3Y6q8MdnO4WAe34JcU2i48mdwh8hmKhOR0IksX6EViiV+f
iSGfNVH6od1gE9qDmcVlFMGHEnM9/rpR9KOQuUtqMWenadXMm/kZWsn3hMpE0hAf
JTkFkPBMi22b1qU+tCY48N6dPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG79aAi5
zFXKSNlPsWqV8eGqz1fqMB8GA1UdIwQYMBaAFNjGcwlegqm359/NRlgPeDGo0YrK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODYyRC8zMjg3OUQzQUU4
QkExMUU3OEE2QTcwNDJDNEY5QUUwMi8yTVp6Q1Y2Q3FiZm4zODFHV0E5NE1halJp
c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJNWnpDVjZDcWJmbjM4MUdXQTk0TWFqUmlzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTg2MkQvMzI4NzlEM0FFOEJBMTFFNzhBNkE3MDQyQzRGOUFFMDIvMkI5MzU1QTRG
MEMyMTFFQ0IwRTI3ODY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnajswDQYJKoZIhvcNAQELBQADggEBABkV7shyl/wDrkM8
R9UdK9uKrEFCxscYGGalQx2RXD2cYRUJMaitrejJEOYeGBBGdeGdSVP1rPyO5OPv
KSCp10kVsTyNcO1DXlsRW9IvwWWZ4E/XViQDUhsBC6UP5se/XCZDGx2gGY+GEX52
fRI9r2LJ6R/zSsbVEZN+eINayJOqtxx/ELq+9PlOPdjcGeRLYTAr00U3gzz2uXv+
L+NCpgp6RCaPLmQGsb1oo7EJiQb5PX3O11bfKzCehrI0wgoGuxmCXwWAhrX5mNeF
6PJe/ZDHny3FcJKYZm5aVKUDf6835L5G866HtzBwyoyl5NNIoUT2rpctTq9w9cLL
ylbMDJo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:35 2023 by rpki-client on console-fra.rpki-client.org