Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/68E5014A355C11EC96291331C4F9AE02.roa
File: 68E5014A355C11EC96291331C4F9AE02.roa (raw, json)
Hash identifier: KxPY2GSftqdJFzgDeoNVtONYbEatx62Ixetc0d07l0M=
Subject key identifier: 3D:8D:B2:83:E9:3F:CB:08:EE:8B:47:7E:6F:EB:76:03:59:29:3E:78
Certificate issuer: /CN=A911C676/serialNumber=A9E95A416BCCEEFD86EA2FA019C25E4D76B8E9D9
Certificate serial: 1129
Authority key identifier: A9:E9:5A:41:6B:CC:EE:FD:86:EA:2F:A0:19:C2:5E:4D:76:B8:E9:D9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qelaQWvM7v2G6i-gGcJeTXa46dk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/68E5014A355C11EC96291331C4F9AE02.roa
Signing time: Mon 20 Nov 2023 17:55:16 +0000
ROA not before: Mon 20 Nov 2023 17:55:16 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 134094
IP address blocks: 45.123.116.0/24 maxlen: 24
45.123.117.0/24 maxlen: 24
45.123.118.0/24 maxlen: 24
45.123.119.0/24 maxlen: 24
103.51.140.0/24 maxlen: 24
103.51.141.0/24 maxlen: 24
103.51.142.0/24 maxlen: 24
103.51.143.0/24 maxlen: 24
103.103.128.0/24 maxlen: 24
103.103.129.0/24 maxlen: 24
103.103.130.0/24 maxlen: 24
103.103.131.0/24 maxlen: 24
203.15.150.0/24 maxlen: 24
2401:f540::/48 maxlen: 48
2401:f540:1::/48 maxlen: 48
2401:f540:2::/48 maxlen: 48
2401:f540:3::/48 maxlen: 48
2401:f540:4::/48 maxlen: 48
2401:f540:5::/48 maxlen: 48
2401:f540:6::/48 maxlen: 48
2401:f540:7::/48 maxlen: 48
2401:f540:10::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4393 (0x1129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C676
Validity
Not Before: Nov 20 17:55:16 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=655b9d84-6105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b3:73:d9:33:3e:0b:e6:b1:6a:97:7b:76:88:
db:20:b4:bc:46:29:13:90:7d:d7:ff:53:d8:9b:7f:
54:ed:9d:f9:ad:e8:b4:69:89:fd:ea:a7:01:a6:6e:
db:d2:d0:39:4d:32:67:74:3b:42:18:09:60:aa:e0:
e0:5f:72:aa:5a:05:97:18:87:77:8e:7c:ee:b6:09:
fa:3e:a9:91:ba:33:07:f1:b7:9b:51:53:1e:5e:0a:
63:4d:9c:5a:fe:5a:89:4a:4d:cd:a1:e9:f3:9d:a2:
b0:4f:98:e8:64:8d:45:c9:73:71:0d:dc:65:6a:2f:
bb:fe:06:0d:03:25:e8:f9:2a:6d:11:32:89:6d:eb:
e3:58:05:89:c3:2f:66:7a:be:59:c3:e9:4f:50:75:
7e:8f:8c:dd:1b:fe:9a:ab:6c:0b:a9:9e:7b:fc:09:
5d:38:21:6d:18:bc:29:97:e0:02:51:2d:f3:c4:5c:
57:94:0d:0c:0c:4a:10:28:5b:f2:f1:7d:5b:44:45:
61:4f:a3:1e:2e:6d:ac:9a:f4:40:9e:1d:1f:40:ac:
eb:45:2a:9c:10:3a:1e:9c:09:97:a5:98:60:7f:79:
d5:63:16:cc:dd:c1:45:28:52:16:7f:76:4d:aa:cb:
b9:1c:5d:51:97:9d:bd:02:fa:df:ca:64:ab:f7:7b:
2b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8D:B2:83:E9:3F:CB:08:EE:8B:47:7E:6F:EB:76:03:59:29:3E:78
X509v3 Authority Key Identifier:
keyid:A9:E9:5A:41:6B:CC:EE:FD:86:EA:2F:A0:19:C2:5E:4D:76:B8:E9:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/qelaQWvM7v2G6i-gGcJeTXa46dk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qelaQWvM7v2G6i-gGcJeTXa46dk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/68E5014A355C11EC96291331C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.123.116.0/22
103.51.140.0/22
103.103.128.0/22
203.15.150.0/24
IPv6:
2401:f540::/45
2401:f540:10::/48
Signature Algorithm: sha256WithRSAEncryption
93:e7:4f:09:3e:ae:1e:9b:ff:ad:5a:af:37:51:7c:7c:38:f3:
25:4a:98:0c:1d:ba:66:17:40:52:92:1a:0a:74:55:e5:5a:5e:
a4:eb:59:9a:b9:b7:ac:6e:17:03:b7:0b:2a:47:62:9f:2a:26:
82:f6:d8:49:22:af:7b:cf:3e:7a:95:d4:08:9e:ab:21:72:da:
89:30:41:cd:c6:56:b4:62:06:09:8c:cb:97:47:bf:30:33:75:
3d:8a:78:a3:3e:e8:5b:89:02:ec:d5:1d:20:38:2c:09:43:eb:
64:dc:94:79:55:29:7d:ad:42:33:1a:72:f3:6a:fa:f2:c4:fc:
28:92:be:de:71:7e:1d:db:b7:06:31:69:56:d9:82:7f:0c:9f:
71:d5:66:48:cf:44:53:d1:07:f6:c3:8b:60:de:a2:78:9d:dc:
43:4d:5a:a1:17:f1:1e:1a:8c:cf:12:01:0e:3a:60:d7:01:84:
f4:3c:4a:a3:87:28:06:02:10:33:27:99:5c:75:0f:6b:8c:a2:
b6:18:f9:ca:9b:8e:94:e6:4a:4e:c7:b9:62:4c:0f:23:69:65:
fa:f2:d6:21:ae:f1:ee:7a:df:ea:ae:13:2f:d1:9c:da:cd:e5:
ac:4b:2d:4c:f5:60:52:12:ad:dd:fd:c3:5c:e1:6f:92:64:ad:
08:aa:b4:d5
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICESkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM2NzYxMTAvBgNVBAUTKEE5RTk1QTQxNkJDQ0VFRkQ4NkVBMkZBMDE5QzI1RTRE
NzZCOEU5RDkwHhcNMjMxMTIwMTc1NTE2WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTViOWQ4NC02MTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxrNz2TM+C+axapd7dojbILS8RikTkH3X/1PYm39U7Z35rei0aYn96qcBpm7b
0tA5TTJndDtCGAlgquDgX3KqWgWXGId3jnzutgn6PqmRujMH8bebUVMeXgpjTZxa
/lqJSk3NoenznaKwT5joZI1FyXNxDdxlai+7/gYNAyXo+SptETKJbevjWAWJwy9m
er5Zw+lPUHV+j4zdG/6aq2wLqZ57/AldOCFtGLwpl+ACUS3zxFxXlA0MDEoQKFvy
8X1bREVhT6MeLm2smvRAnh0fQKzrRSqcEDoenAmXpZhgf3nVYxbM3cFFKFIWf3ZN
qsu5HF1Rl529AvrfymSr93srgQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFD2NsoPp
P8sI7otHfm/rdgNZKT54MB8GA1UdIwQYMBaAFKnpWkFrzO79huovoBnCXk12uOnZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzY3Ni9DRDM4QUIxNkRE
RDkxMUU4QUY0NTFGMEFDNEY5QUUwMi9xZWxhUVd2TTd2Mkc2aS1nR2NKZVRYYTQ2
ZGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FlbGFRV3ZNN3YyRzZpLWdHY0plVFhhNDZkay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUM2NzYvQ0QzOEFCMTZEREQ5MTFFOEFGNDUxRjBBQzRGOUFFMDIvNjhFNTAxNEEz
NTVDMTFFQzk2MjkxMzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MB4EAgABMBgDBAIte3QDBAJnM4wDBAJnZ4ADBADLD5YwGAQCAAIwEgMHAyQB
9UAAAAMHACQB9UAAEDANBgkqhkiG9w0BAQsFAAOCAQEAk+dPCT6uHpv/rVqvN1F8
fDjzJUqYDB26ZhdAUpIaCnRV5VpepOtZmrm3rG4XA7cLKkdinyomgvbYSSKve88+
epXUCJ6rIXLaiTBBzcZWtGIGCYzLl0e/MDN1PYp4oz7oW4kC7NUdIDgsCUPrZNyU
eVUpfa1CMxpy82r68sT8KJK+3nF+Hdu3BjFpVtmCfwyfcdVmSM9EU9EH9sOLYN6i
eJ3cQ01aoRfxHhqMzxIBDjpg1wGE9DxKo4coBgIQMyeZXHUPa4yithj5ypuOlOZK
Tse5YkwPI2ll+vLWIa7x7nrf6q4TL9Gc2s3lrEstTPVgUhKt3f3DXOFvkmStCKq0
1Q==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:10 2025 by rpki-client