Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/09540A94FB7911EC9BA8173BC4F9AE02.roa
File: 09540A94FB7911EC9BA8173BC4F9AE02.roa (raw, json)
Hash identifier: lCJzeL+9MOEnHdQXCFheXBxLpW5VGeKcvBRUahir3cc=
Subject key identifier: 45:F0:F7:20:16:26:12:84:D5:D3:3A:41:7F:88:BF:A0:1D:12:89:52
Certificate issuer: /CN=A911B5B0/serialNumber=87B2C0E829541D2EF5266385EB3946B8D5290608
Certificate serial: 057E
Authority key identifier: 87:B2:C0:E8:29:54:1D:2E:F5:26:63:85:EB:39:46:B8:D5:29:06:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7LA6ClUHS71JmOF6zlGuNUpBgg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/09540A94FB7911EC9BA8173BC4F9AE02.roa
Signing time: Mon 04 Jul 2022 09:09:41 +0000
ROA not before: Mon 04 Jul 2022 09:09:41 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 132442
IP address blocks: 103.66.178.0/24 maxlen: 24
2406:59c0:8000::/36 maxlen: 36
2406:59c0:9000::/36 maxlen: 36
2406:59c0:a000::/36 maxlen: 36
2406:59c0:b000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1406 (0x57e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B5B0/serialNumber=87B2C0E829541D2EF5266385EB3946B8D5290608
Validity
Not Before: Jul 4 09:09:41 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62c2ae55-8b4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9b:0e:fd:e8:0f:6c:fc:d5:96:5a:5f:fd:47:
48:09:44:62:9c:63:00:1d:5a:c8:81:b6:d6:42:6b:
d5:00:0d:db:04:c2:0d:b5:29:8c:28:cf:72:72:11:
42:97:1c:2f:a7:de:d5:28:cb:3a:81:d8:9b:cf:33:
dd:3f:e7:96:2e:fa:73:6f:e7:9f:77:2c:34:ae:be:
8a:f6:bf:bb:e1:53:41:98:88:a7:81:7f:01:3e:e4:
55:ce:16:5a:40:f6:d5:d2:cb:7f:dd:e9:fb:8a:cc:
35:20:8e:d2:55:57:5f:f8:30:5b:5d:51:e8:fb:44:
dc:a5:07:5c:7f:56:c1:37:39:39:09:02:88:62:a7:
02:93:19:1b:e6:98:e4:5f:35:b0:7d:77:65:8e:48:
05:a7:bf:7c:a2:f0:11:09:84:58:71:8c:b7:6d:ac:
0d:83:da:88:c1:27:12:fd:76:65:42:7b:4b:e3:e5:
93:74:db:dc:bd:75:79:3a:f1:6a:e4:2e:49:5b:46:
bf:92:3a:58:b9:ad:4b:2b:c2:0e:df:fb:46:8a:d7:
82:af:d6:6a:d6:88:f8:e6:a0:fe:95:b3:f2:09:41:
55:14:c1:40:c9:d6:13:0e:3a:49:10:e7:db:69:06:
14:67:b8:43:b6:d1:de:c8:7e:21:ba:d6:67:3a:77:
ad:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F0:F7:20:16:26:12:84:D5:D3:3A:41:7F:88:BF:A0:1D:12:89:52
X509v3 Authority Key Identifier:
keyid:87:B2:C0:E8:29:54:1D:2E:F5:26:63:85:EB:39:46:B8:D5:29:06:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/h7LA6ClUHS71JmOF6zlGuNUpBgg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7LA6ClUHS71JmOF6zlGuNUpBgg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/09540A94FB7911EC9BA8173BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.178.0/24
IPv6:
2406:59c0:8000::/34
Signature Algorithm: sha256WithRSAEncryption
85:92:19:55:bc:80:2b:13:b9:3e:dd:b7:c4:95:70:88:59:59:
71:5f:b1:1f:61:cc:e7:17:ca:a0:dd:56:7e:68:fd:28:11:9c:
a5:bf:8d:7e:7f:a2:6b:12:24:42:60:9e:62:c4:66:30:d6:19:
e0:2d:fc:fa:e7:0d:65:e6:3f:d4:f4:4b:8b:9a:2b:93:7e:48:
bb:c4:51:3d:bf:30:b5:a9:c0:ab:47:27:50:4e:cc:9f:f4:80:
0b:f2:7b:a5:c9:14:2a:f0:cb:0d:c7:5f:5e:74:90:90:a8:8f:
ec:db:45:46:05:15:62:1a:47:70:91:49:05:89:5a:f9:71:6c:
94:ec:a5:bf:cf:79:b8:a2:88:1c:2c:a9:2b:ae:8c:7e:f5:98:
62:f1:44:d6:ff:18:f2:0f:d7:9e:88:f7:9e:1a:ab:ce:ae:dd:
b9:c8:83:04:51:cf:c6:b7:2a:cc:20:29:a5:d5:9a:78:30:40:
7f:df:61:c8:31:2a:48:8a:a8:7c:7f:19:db:92:68:ef:57:ff:
e4:16:72:84:da:fb:6a:e0:5f:14:fc:d2:35:f7:7b:2f:bb:16:
6d:fe:64:d9:5b:08:e4:9c:5d:ed:4c:97:44:79:8d:05:51:ae:
28:b7:21:30:0f:1b:f7:db:2d:d1:84:5a:5c:76:e1:3a:d0:b4:
d6:46:e3:ff
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICBX4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI1QjAxMTAvBgNVBAUTKDg3QjJDMEU4Mjk1NDFEMkVGNTI2NjM4NUVCMzk0NkI4
RDUyOTA2MDgwHhcNMjIwNzA0MDkwOTQxWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmMyYWU1NS04YjRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnJsO/egPbPzVllpf/UdICURinGMAHVrIgbbWQmvVAA3bBMINtSmMKM9ychFC
lxwvp97VKMs6gdibzzPdP+eWLvpzb+efdyw0rr6K9r+74VNBmIingX8BPuRVzhZa
QPbV0st/3en7isw1II7SVVdf+DBbXVHo+0TcpQdcf1bBNzk5CQKIYqcCkxkb5pjk
XzWwfXdljkgFp798ovARCYRYcYy3bawNg9qIwScS/XZlQntL4+WTdNvcvXV5OvFq
5C5JW0a/kjpYua1LK8IO3/tGiteCr9Zq1oj45qD+lbPyCUFVFMFAydYTDjpJEOfb
aQYUZ7hDttHeyH4hutZnOnet9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEXw9yAW
JhKE1dM6QX+Iv6AdEolSMB8GA1UdIwQYMBaAFIeywOgpVB0u9SZjhes5RrjVKQYI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCMC9BMkRGNENFQ0RE
NEQxMUVBQkI3Njk2N0JDNEY5QUUwMi9oN0xBNkNsVUhTNzFKbU9GNnpsR3VOVXBC
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2g3TEE2Q2xVSFM3MUptT0Y2emxHdU5VcEJnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI1QjAvQTJERjRDRUNERDREMTFFQUJCNzY5NjdCQzRGOUFFMDIvMDk1NDBBOTRG
Qjc5MTFFQzlCQTgxNzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBABnQrIwDgQCAAIwCAMGBiQGWcCAMA0GCSqGSIb3DQEBCwUA
A4IBAQCFkhlVvIArE7k+3bfElXCIWVlxX7EfYcznF8qg3VZ+aP0oEZylv41+f6Jr
EiRCYJ5ixGYw1hngLfz65w1l5j/U9EuLmiuTfki7xFE9vzC1qcCrRydQTsyf9IAL
8nulyRQq8MsNx19edJCQqI/s20VGBRViGkdwkUkFiVr5cWyU7KW/z3m4oogcLKkr
rox+9Zhi8UTW/xjyD9eeiPeeGqvOrt25yIMEUc/GtyrMICml1Zp4MEB/32HIMSpI
iqh8fxnbkmjvV//kFnKE2vtq4F8U/NI193svuxZt/mTZWwjknF3tTJdEeY0FUa4o
tyEwDxv32y3RhFpcduE60LTWRuP/
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org