Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/48B1C6A02D6111EBA3F55775C4F9AE02.roa
File: 48B1C6A02D6111EBA3F55775C4F9AE02.roa (raw, json)
Hash identifier: i4K+AiA8HvPkmkCPr+CJOlddHuoQG4nCyS5+mvdVbkU=
Subject key identifier: 7C:AE:A5:2A:DC:74:27:40:99:0C:CE:53:2E:D9:46:02:01:C8:D9:0B
Certificate issuer: /CN=A911B5B0/serialNumber=87B2C0E829541D2EF5266385EB3946B8D5290608
Certificate serial: 0565
Authority key identifier: 87:B2:C0:E8:29:54:1D:2E:F5:26:63:85:EB:39:46:B8:D5:29:06:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7LA6ClUHS71JmOF6zlGuNUpBgg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/48B1C6A02D6111EBA3F55775C4F9AE02.roa
Signing time: Thu 23 Jun 2022 11:04:20 +0000
ROA not before: Thu 23 Jun 2022 11:04:20 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 132442
IP address blocks: 103.66.178.0/23 maxlen: 23
103.66.178.0/24 maxlen: 24
103.66.179.0/24 maxlen: 24
2406:59c0:8000::/36 maxlen: 36
2406:59c0:9000::/36 maxlen: 36
2406:59c0:a000::/36 maxlen: 36
2406:59c0:b000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1381 (0x565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B5B0/serialNumber=87B2C0E829541D2EF5266385EB3946B8D5290608
Validity
Not Before: Jun 23 11:04:20 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62b448b3-c0c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6c:e2:55:29:7e:ce:d3:79:cc:f8:89:0a:cb:
08:27:75:d1:e6:c3:6e:37:24:7d:22:3e:6d:a9:61:
df:68:55:ad:7d:fd:fd:ec:a2:ee:da:82:eb:02:07:
04:a3:43:89:77:82:38:0f:1c:6e:ff:a1:ff:fd:b7:
3f:8c:65:e9:f3:51:94:84:d9:be:53:c7:2b:b5:52:
77:ce:5d:97:94:95:cf:4d:74:f4:7c:7b:8d:cd:2e:
6f:67:03:d2:87:d4:e9:0e:04:30:e2:eb:bc:e4:4f:
94:94:e9:7b:ee:a1:9f:ca:3e:f7:ac:25:3c:39:85:
f2:8d:9a:6d:73:f0:9e:73:1d:ad:ed:bc:a1:ee:82:
eb:63:40:cf:0b:68:c2:0f:68:95:75:8a:3c:32:3c:
b1:a2:d0:6a:c7:c7:ea:59:50:65:43:a6:e9:8a:4f:
d8:2d:99:c8:75:70:83:73:c1:a8:a2:ef:77:29:96:
3e:82:ab:6d:c9:9c:fa:b4:46:68:41:8c:93:26:5b:
d4:ac:77:27:99:0c:b0:81:70:f8:84:35:9a:e7:f3:
cf:59:b2:73:d5:52:7c:80:aa:22:ef:2d:29:8e:bb:
ff:7b:ac:33:b5:e7:2f:04:a8:3b:b2:bf:f0:9c:4b:
06:82:74:10:bd:86:70:b5:67:ec:42:6f:e8:e4:89:
13:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:AE:A5:2A:DC:74:27:40:99:0C:CE:53:2E:D9:46:02:01:C8:D9:0B
X509v3 Authority Key Identifier:
keyid:87:B2:C0:E8:29:54:1D:2E:F5:26:63:85:EB:39:46:B8:D5:29:06:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/h7LA6ClUHS71JmOF6zlGuNUpBgg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7LA6ClUHS71JmOF6zlGuNUpBgg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/48B1C6A02D6111EBA3F55775C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.178.0/23
IPv6:
2406:59c0:8000::/34
Signature Algorithm: sha256WithRSAEncryption
a1:38:73:ae:a1:09:f6:62:58:3c:14:29:84:05:bc:ee:b9:81:
43:e2:93:c5:46:86:d3:42:19:c5:fd:74:7c:c5:48:64:50:a0:
e3:43:5d:96:1d:57:2d:af:4e:34:89:14:27:31:e1:62:40:75:
f9:00:88:5f:60:7c:6b:94:29:2c:0c:f1:5f:a9:f5:1c:18:01:
b8:a6:56:a6:1a:9e:7d:85:a5:2c:1f:74:52:70:e8:ba:71:ef:
b2:fe:5b:05:dc:50:ca:60:e6:05:15:57:33:39:62:08:ac:3a:
5d:a2:70:15:b8:41:19:78:3c:84:89:75:3f:d8:f6:c5:7b:bd:
b4:04:6c:ba:3f:8a:6b:e8:13:59:8e:46:f2:34:42:cc:89:3d:
95:2a:78:05:95:5a:d4:a5:e6:7d:e7:c9:99:a4:2c:23:5c:58:
14:b3:7d:87:31:ac:16:e6:07:af:49:02:ea:a4:32:29:77:79:
bc:fb:a2:0e:90:89:85:23:ec:35:9f:ff:a9:5d:38:7b:6c:d5:
b0:9f:dd:3c:c9:2f:ea:25:e4:ce:b2:6f:76:ed:fb:dc:73:d7:
fd:1a:b2:81:bc:68:82:15:fb:a9:77:9f:a4:d4:d0:ab:04:60:
aa:38:d7:8e:71:fb:1f:82:be:83:52:da:97:3c:d5:9f:a8:74:
15:e7:23:bf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICBWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI1QjAxMTAvBgNVBAUTKDg3QjJDMEU4Mjk1NDFEMkVGNTI2NjM4NUVCMzk0NkI4
RDUyOTA2MDgwHhcNMjIwNjIzMTEwNDIwWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmI0NDhiMy1jMGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvGziVSl+ztN5zPiJCssIJ3XR5sNuNyR9Ij5tqWHfaFWtff397KLu2oLrAgcE
o0OJd4I4Dxxu/6H//bc/jGXp81GUhNm+U8crtVJ3zl2XlJXPTXT0fHuNzS5vZwPS
h9TpDgQw4uu85E+UlOl77qGfyj73rCU8OYXyjZptc/Cecx2t7byh7oLrY0DPC2jC
D2iVdYo8MjyxotBqx8fqWVBlQ6bpik/YLZnIdXCDc8Goou93KZY+gqttyZz6tEZo
QYyTJlvUrHcnmQywgXD4hDWa5/PPWbJz1VJ8gKoi7y0pjrv/e6wztecvBKg7sr/w
nEsGgnQQvYZwtWfsQm/o5IkThQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHyupSrc
dCdAmQzOUy7ZRgIByNkLMB8GA1UdIwQYMBaAFIeywOgpVB0u9SZjhes5RrjVKQYI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCMC9BMkRGNENFQ0RE
NEQxMUVBQkI3Njk2N0JDNEY5QUUwMi9oN0xBNkNsVUhTNzFKbU9GNnpsR3VOVXBC
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2g3TEE2Q2xVSFM3MUptT0Y2emxHdU5VcEJnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI1QjAvQTJERjRDRUNERDREMTFFQUJCNzY5NjdCQzRGOUFFMDIvNDhCMUM2QTAy
RDYxMTFFQkEzRjU1Nzc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAFnQrIwDgQCAAIwCAMGBiQGWcCAMA0GCSqGSIb3DQEBCwUA
A4IBAQChOHOuoQn2Ylg8FCmEBbzuuYFD4pPFRobTQhnF/XR8xUhkUKDjQ12WHVct
r040iRQnMeFiQHX5AIhfYHxrlCksDPFfqfUcGAG4plamGp59haUsH3RScOi6ce+y
/lsF3FDKYOYFFVczOWIIrDpdonAVuEEZeDyEiXU/2PbFe720BGy6P4pr6BNZjkby
NELMiT2VKngFlVrUpeZ958mZpCwjXFgUs32HMawW5gevSQLqpDIpd3m8+6IOkImF
I+w1n/+pXTh7bNWwn908yS/qJeTOsm927fvcc9f9GrKBvGiCFfupd5+k1NCrBGCq
ONeOcfsfgr6DUtqXPNWfqHQV5yO/
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org