Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/260E24560AD111EC90FDA540C4F9AE02.roa
File: 260E24560AD111EC90FDA540C4F9AE02.roa (raw, json)
Hash identifier: CvazRdEiPIxx7GqW3KL3y9oCyDXE89GPPsE9Kj891fI=
Subject key identifier: 5B:4A:9D:8D:C1:2F:F7:41:79:60:1C:51:D6:03:74:00:FF:40:E4:B7
Certificate issuer: /CN=A911E2E0/serialNumber=ED68CA6A2D12A88CC7D296A2BC2BF1519A0B5FF3
Certificate serial: 1DB0
Authority key identifier: ED:68:CA:6A:2D:12:A8:8C:C7:D2:96:A2:BC:2B:F1:51:9A:0B:5F:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7WjKai0SqIzH0paivCvxUZoLX_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/260E24560AD111EC90FDA540C4F9AE02.roa
Signing time: Sun 05 Sep 2021 04:22:39 +0000
ROA not before: Sun 05 Sep 2021 04:22:39 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 55559
IP address blocks: 27.111.8.0/22 maxlen: 22
27.111.8.0/24 maxlen: 24
27.111.9.0/24 maxlen: 24
27.111.10.0/24 maxlen: 24
27.111.11.0/24 maxlen: 24
103.120.120.0/22 maxlen: 22
103.120.120.0/24 maxlen: 24
103.120.121.0/24 maxlen: 24
103.120.122.0/24 maxlen: 24
103.120.123.0/24 maxlen: 24
218.100.71.0/24 maxlen: 24
2403:1600::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7600 (0x1db0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911E2E0/serialNumber=ED68CA6A2D12A88CC7D296A2BC2BF1519A0B5FF3
Validity
Not Before: Sep 5 04:22:39 2021 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6134460e-4e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:8d:be:2c:05:b3:5a:c0:53:41:a5:4c:ee:ed:
14:1b:5c:a1:47:3d:95:b7:c1:2f:f7:03:de:41:5f:
6b:54:a4:d9:fe:a6:b5:3c:2a:e4:e3:e0:86:89:61:
47:4d:e1:62:2e:ad:ab:57:ee:d2:c9:17:28:28:a5:
76:4c:ee:0c:fc:f5:d8:a9:43:35:7b:d6:b6:4f:4a:
09:6d:09:23:62:c3:7d:fe:69:b2:6e:75:91:3e:08:
86:e1:0a:b3:f3:5c:c1:10:71:6a:eb:95:58:0f:dc:
ef:45:8f:ea:69:0b:d6:19:4e:93:fd:ac:58:30:1c:
b4:b2:fd:6f:73:c9:23:e1:37:e8:20:b5:94:f0:71:
0c:b9:dd:b3:e2:87:c1:65:aa:b1:6b:02:f4:a8:76:
a5:1b:e8:1f:05:db:35:d4:10:79:89:3b:8a:e5:48:
de:7e:3f:18:86:08:2a:3e:18:14:3e:41:a2:66:85:
68:71:ae:f0:ca:77:98:b9:6c:85:ec:18:c9:65:46:
67:ba:7a:f0:13:01:e3:3c:e9:24:9f:03:5f:6a:9a:
7d:68:71:a1:33:d3:fd:3e:a6:a1:ec:72:12:2f:da:
62:f7:33:d3:8c:79:c4:98:66:08:05:0b:17:79:f4:
2a:4b:10:4a:61:57:ac:a8:97:75:36:a2:10:ec:5a:
9e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:4A:9D:8D:C1:2F:F7:41:79:60:1C:51:D6:03:74:00:FF:40:E4:B7
X509v3 Authority Key Identifier:
keyid:ED:68:CA:6A:2D:12:A8:8C:C7:D2:96:A2:BC:2B:F1:51:9A:0B:5F:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/7WjKai0SqIzH0paivCvxUZoLX_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7WjKai0SqIzH0paivCvxUZoLX_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/260E24560AD111EC90FDA540C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.8.0/22
103.120.120.0/22
218.100.71.0/24
IPv6:
2403:1600::/32
Signature Algorithm: sha256WithRSAEncryption
4c:db:53:63:5b:19:68:8e:ff:7b:93:59:0e:72:8e:ee:a5:da:
80:7a:6f:aa:50:17:47:fc:2f:19:8f:2a:33:a3:05:c5:1a:69:
be:93:b9:b4:db:4e:fc:fa:e6:6b:78:6d:90:bb:2b:40:fb:cb:
7e:fa:54:65:04:98:52:90:06:d5:3f:c2:76:6f:c2:9a:2a:58:
4e:f1:5b:73:52:ef:79:6d:83:02:26:87:17:2f:83:d0:80:ec:
3e:41:e6:77:64:a1:f1:06:89:14:51:dd:3f:2e:1e:15:66:15:
0c:49:d6:83:75:d0:2a:72:70:78:a4:8c:1a:be:05:06:8c:3b:
c3:7c:a4:99:54:8f:7a:ba:d6:a1:09:a6:2b:ba:94:78:e4:1d:
d4:25:b4:4b:64:7b:8a:81:5d:92:e7:d6:9e:2d:b8:34:d1:f5:
8e:31:32:8e:21:ea:9f:70:82:f5:a0:e0:cf:5e:70:60:97:0a:
2c:59:05:b1:f7:42:ce:ae:59:ec:dd:f3:34:6c:57:1e:81:0c:
2e:5f:04:7a:92:d6:94:f2:15:41:88:69:7a:b1:f8:68:2c:5e:
29:79:37:4f:54:2b:88:47:dd:b8:f5:cf:02:24:c3:2f:1d:3e:
f2:67:2b:84:69:0d:40:1c:08:8e:27:2d:8c:84:70:e8:1a:ea:
42:b0:7e:17
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICHbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUUyRTAxMTAvBgNVBAUTKEVENjhDQTZBMkQxMkE4OENDN0QyOTZBMkJDMkJGMTUx
OUEwQjVGRjMwHhcNMjEwOTA1MDQyMjM5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTM0NDYwZS00ZTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA642+LAWzWsBTQaVM7u0UG1yhRz2Vt8Ev9wPeQV9rVKTZ/qa1PCrk4+CGiWFH
TeFiLq2rV+7SyRcoKKV2TO4M/PXYqUM1e9a2T0oJbQkjYsN9/mmybnWRPgiG4Qqz
81zBEHFq65VYD9zvRY/qaQvWGU6T/axYMBy0sv1vc8kj4TfoILWU8HEMud2z4ofB
ZaqxawL0qHalG+gfBds11BB5iTuK5Ujefj8YhggqPhgUPkGiZoVoca7wyneYuWyF
7BjJZUZnunrwEwHjPOkknwNfapp9aHGhM9P9Pqah7HISL9pi9zPTjHnEmGYIBQsX
efQqSxBKYVesqJd1NqIQ7FqeTwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFFtKnY3B
L/dBeWAcUdYDdAD/QOS3MB8GA1UdIwQYMBaAFO1oymotEqiMx9KWorwr8VGaC1/z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTJFMC9CM0U4MTVEQzlF
NDYxMUU1ODhENDYwMTZDNEY5QUUwMi83V2pLYWkwU3FJekgwcGFpdkN2eFVab0xY
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdXakthaTBTcUl6SDBwYWl2Q3Z4VVpvTFhfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUUyRTAvQjNFODE1REM5RTQ2MTFFNTg4RDQ2MDE2QzRGOUFFMDIvMjYwRTI0NTYw
QUQxMTFFQzkwRkRBNTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIbbwgDBAJneHgDBADaZEcwDQQCAAIwBwMFACQDFgAwDQYJ
KoZIhvcNAQELBQADggEBAEzbU2NbGWiO/3uTWQ5yju6l2oB6b6pQF0f8LxmPKjOj
BcUaab6TubTbTvz65mt4bZC7K0D7y376VGUEmFKQBtU/wnZvwpoqWE7xW3NS73lt
gwImhxcvg9CA7D5B5ndkofEGiRRR3T8uHhVmFQxJ1oN10CpycHikjBq+BQaMO8N8
pJlUj3q61qEJpiu6lHjkHdQltEtke4qBXZLn1p4tuDTR9Y4xMo4h6p9wgvWg4M9e
cGCXCixZBbH3Qs6uWezd8zRsVx6BDC5fBHqS1pTyFUGIaXqx+GgsXil5N09UK4hH
3bj1zwIkwy8dPvJnK4RpDUAcCI4nLYyEcOga6kKwfhc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org