Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/07C57B90FB7911EC9BA8173BC4F9AE02.roa
File: 07C57B90FB7911EC9BA8173BC4F9AE02.roa (raw, json)
Hash identifier: pcVQHz0t3mnSRYpaLEAzvU9DsdVbDRwKjsEpH9fiu44=
Subject key identifier: 06:1E:EA:E6:63:D7:2A:8B:21:92:A0:EE:5A:EB:F2:13:F6:23:A8:CD
Certificate issuer: /CN=A911B5B0/serialNumber=87B2C0E829541D2EF5266385EB3946B8D5290608
Certificate serial: 06B0
Authority key identifier: 87:B2:C0:E8:29:54:1D:2E:F5:26:63:85:EB:39:46:B8:D5:29:06:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7LA6ClUHS71JmOF6zlGuNUpBgg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/07C57B90FB7911EC9BA8173BC4F9AE02.roa
Signing time: Thu 01 Jun 2023 09:30:56 +0000
ROA not before: Thu 01 Jun 2023 09:30:56 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 141723
IP address blocks: 103.66.178.0/23 maxlen: 23
103.66.178.0/24 maxlen: 24
103.66.179.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1712 (0x6b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B5B0/serialNumber=87B2C0E829541D2EF5266385EB3946B8D5290608
Validity
Not Before: Jun 1 09:30:56 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=64786550-ffb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:69:ec:dc:8e:d5:13:37:a9:94:67:ff:7c:01:
82:9b:4b:26:80:ce:d6:15:37:8f:0e:6d:11:6d:21:
31:af:02:4c:97:5a:e0:aa:ee:f2:2b:3c:7c:e6:8f:
fc:c5:3a:2e:2d:1a:62:bd:8b:97:53:12:ef:cd:58:
29:fa:07:94:53:51:41:8a:29:16:44:b0:23:9b:0d:
07:e6:f4:3c:aa:3f:ff:00:62:67:8d:6a:c4:d9:ab:
f0:56:5d:9a:6a:7d:2d:3d:35:c2:c4:2c:13:64:4b:
31:d1:f9:02:aa:14:25:18:6f:3d:29:c6:dc:84:23:
46:6e:3a:4a:52:81:ac:92:68:c5:06:88:e5:4b:66:
0c:af:76:bd:d6:8c:64:7d:dd:4c:d2:f6:60:1e:a8:
b5:f0:e7:04:11:30:01:4f:f6:ea:92:88:d9:3e:3c:
11:eb:5d:3e:3e:cf:2f:50:44:3c:3f:5d:ba:08:c5:
21:cf:94:68:fa:9b:4a:40:68:11:81:b9:39:f9:4a:
86:c3:ab:08:79:81:5e:48:1e:8f:48:82:c4:93:ca:
c2:ad:e7:d4:cc:cf:16:79:c7:ee:e1:11:ab:cb:4b:
77:19:92:e6:ce:26:38:5d:0b:b4:3d:37:6a:3b:08:
85:db:a7:37:8c:a1:15:dd:97:0e:db:37:c3:d0:73:
f7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:1E:EA:E6:63:D7:2A:8B:21:92:A0:EE:5A:EB:F2:13:F6:23:A8:CD
X509v3 Authority Key Identifier:
keyid:87:B2:C0:E8:29:54:1D:2E:F5:26:63:85:EB:39:46:B8:D5:29:06:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/h7LA6ClUHS71JmOF6zlGuNUpBgg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7LA6ClUHS71JmOF6zlGuNUpBgg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/07C57B90FB7911EC9BA8173BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.178.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:69:56:8c:63:89:16:f6:50:c4:87:2e:0a:7e:fd:fd:bc:2f:
75:e2:90:f2:e6:89:ad:15:57:04:15:52:07:be:75:8d:3c:1a:
2d:ee:17:7e:76:3e:19:ae:3d:45:81:c8:06:cb:1e:f4:f0:23:
3b:a7:6a:95:c1:57:a0:fb:01:15:49:73:b9:29:66:da:8e:1c:
8b:51:91:9f:91:e8:69:81:3e:7f:47:db:25:22:40:20:f7:ec:
87:24:a5:f7:90:5e:68:ca:b2:8f:62:fc:c0:79:38:f5:32:49:
14:da:1f:87:a1:1d:9e:ed:1f:a5:38:63:94:87:24:9d:9f:b1:
10:be:6c:a2:69:c0:a9:6b:e3:fa:a5:76:c1:f8:7b:82:e4:5f:
0c:dd:b7:4b:10:d6:53:00:56:26:73:dc:dd:18:f4:de:21:27:
b5:ba:8a:21:9c:2e:ec:a6:20:ce:a1:ba:18:98:20:2b:43:86:
49:8e:5e:e2:c0:c5:57:ae:35:35:e2:17:ec:db:37:3f:e7:51:
00:28:f5:c3:2a:19:3b:86:cd:98:01:3f:9f:65:99:d7:51:78:
1e:5d:e4:c9:f6:85:14:fe:c6:53:8a:c9:f3:bd:33:20:85:32:
cb:85:21:22:f6:6d:1e:bf:14:78:f4:fd:1c:92:f4:64:e1:d5:
2b:fc:13:1e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBrAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI1QjAxMTAvBgNVBAUTKDg3QjJDMEU4Mjk1NDFEMkVGNTI2NjM4NUVCMzk0NkI4
RDUyOTA2MDgwHhcNMjMwNjAxMDkzMDU2WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc4NjU1MC1mZmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3mns3I7VEzeplGf/fAGCm0smgM7WFTePDm0RbSExrwJMl1rgqu7yKzx85o/8
xTouLRpivYuXUxLvzVgp+geUU1FBiikWRLAjmw0H5vQ8qj//AGJnjWrE2avwVl2a
an0tPTXCxCwTZEsx0fkCqhQlGG89KcbchCNGbjpKUoGskmjFBojlS2YMr3a91oxk
fd1M0vZgHqi18OcEETABT/bqkojZPjwR610+Ps8vUEQ8P126CMUhz5Ro+ptKQGgR
gbk5+UqGw6sIeYFeSB6PSILEk8rCrefUzM8Wecfu4RGry0t3GZLmziY4XQu0PTdq
OwiF26c3jKEV3ZcO2zfD0HP3/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFAYe6uZj
1yqLIZKg7lrr8hP2I6jNMB8GA1UdIwQYMBaAFIeywOgpVB0u9SZjhes5RrjVKQYI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCMC9BMkRGNENFQ0RE
NEQxMUVBQkI3Njk2N0JDNEY5QUUwMi9oN0xBNkNsVUhTNzFKbU9GNnpsR3VOVXBC
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2g3TEE2Q2xVSFM3MUptT0Y2emxHdU5VcEJnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI1QjAvQTJERjRDRUNERDREMTFFQUJCNzY5NjdCQzRGOUFFMDIvMDdDNTdCOTBG
Qjc5MTFFQzlCQTgxNzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnQrIwDQYJKoZIhvcNAQELBQADggEBAKRpVoxjiRb2UMSH
Lgp+/f28L3XikPLmia0VVwQVUge+dY08Gi3uF352PhmuPUWByAbLHvTwIzunapXB
V6D7ARVJc7kpZtqOHItRkZ+R6GmBPn9H2yUiQCD37IckpfeQXmjKso9i/MB5OPUy
SRTaH4ehHZ7tH6U4Y5SHJJ2fsRC+bKJpwKlr4/qldsH4e4LkXwzdt0sQ1lMAViZz
3N0Y9N4hJ7W6iiGcLuymIM6huhiYICtDhkmOXuLAxVeuNTXiF+zbNz/nUQAo9cMq
GTuGzZgBP59lmddReB5d5Mn2hRT+xlOKyfO9MyCFMsuFISL2bR6/FHj0/RyS9GTh
1Sv8Ex4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org