Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123B8B/7ACCCB409C6F11EA8C659B3FC4F9AE02/FFDB217C9CEE11EA9423B864C4F9AE02.roa
File: FFDB217C9CEE11EA9423B864C4F9AE02.roa (raw, json)
Hash identifier: Tv2QZGRTtQ5hMDuFUvu70FRX9OvIkB+O/8v2fgO2tnM=
Subject key identifier: 01:0C:F9:6E:B2:94:B7:CC:E3:81:49:DB:3E:28:C4:AA:12:6B:D2:FF
Certificate issuer: /CN=A9123B8B/serialNumber=B6BB6364BCE485CEC06D3399491587A482591CBC
Certificate serial: 063A
Authority key identifier: B6:BB:63:64:BC:E4:85:CE:C0:6D:33:99:49:15:87:A4:82:59:1C:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/trtjZLzkhc7AbTOZSRWHpIJZHLw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123B8B/7ACCCB409C6F11EA8C659B3FC4F9AE02/FFDB217C9CEE11EA9423B864C4F9AE02.roa
Signing time: Sat 21 May 2022 16:42:46 +0000
ROA not before: Sat 21 May 2022 16:42:46 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 140671
IP address blocks: 103.151.134.0/23 maxlen: 23
2001:df3:c180::/48 maxlen: 48
2400:7f20::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1594 (0x63a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123B8B/serialNumber=B6BB6364BCE485CEC06D3399491587A482591CBC
Validity
Not Before: May 21 16:42:46 2022 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=62891686-b9c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fd:40:49:73:1b:84:7f:95:8f:44:67:f9:6c:
ee:c7:c5:1b:6d:66:fd:c7:14:d4:4f:a0:94:32:8e:
54:94:fc:f5:f8:07:28:11:a0:1b:03:a3:23:e3:1c:
bc:21:85:9c:9d:b5:e2:3a:85:f8:5c:e4:d3:fd:15:
88:08:47:4e:8e:07:8b:09:bf:11:22:35:8a:ab:46:
2e:12:83:f5:67:43:17:c3:05:49:05:68:30:b4:6b:
a2:fa:71:7e:b3:c6:8a:15:14:d2:69:b1:07:62:7d:
18:d5:53:2c:29:29:75:95:d2:0a:3f:64:90:3a:6f:
f7:de:1e:11:ff:cd:06:16:d6:79:65:9c:c2:cc:97:
d1:46:0a:b9:46:c1:57:67:7c:66:03:af:98:3f:9d:
b7:24:ce:88:8b:f0:be:18:5d:86:fe:d9:7a:b5:69:
79:24:bb:eb:59:72:9c:2a:4d:aa:7b:17:b0:20:30:
6b:cb:ae:56:e0:80:c4:9f:eb:22:15:2f:1e:15:b9:
1e:8d:ae:fe:b3:44:b6:0a:6c:70:d9:9b:39:4b:b5:
18:ce:87:88:4d:06:09:9b:d9:b1:1e:29:80:9b:b4:
41:c2:c6:4d:dc:12:b3:a0:3e:77:5c:8e:61:13:fe:
69:2b:3f:a8:ba:18:22:c1:b0:ee:18:1b:0e:ec:22:
9e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:0C:F9:6E:B2:94:B7:CC:E3:81:49:DB:3E:28:C4:AA:12:6B:D2:FF
X509v3 Authority Key Identifier:
keyid:B6:BB:63:64:BC:E4:85:CE:C0:6D:33:99:49:15:87:A4:82:59:1C:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123B8B/7ACCCB409C6F11EA8C659B3FC4F9AE02/trtjZLzkhc7AbTOZSRWHpIJZHLw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/trtjZLzkhc7AbTOZSRWHpIJZHLw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123B8B/7ACCCB409C6F11EA8C659B3FC4F9AE02/FFDB217C9CEE11EA9423B864C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.134.0/23
IPv6:
2001:df3:c180::/48
2400:7f20::/36
Signature Algorithm: sha256WithRSAEncryption
a8:fd:04:41:80:ce:93:6c:88:49:87:b9:44:f5:ff:74:89:a8:
28:db:47:fb:14:4b:ae:0d:19:0e:5c:04:f5:72:e9:27:a8:50:
24:df:bb:16:66:6f:57:e2:2f:1e:c4:c8:d7:45:28:c3:18:8c:
a9:61:7e:58:48:b8:14:c5:d3:8a:c0:2f:58:fb:bc:f3:05:90:
67:bd:97:67:23:18:be:14:9c:f3:ee:69:bb:d2:1d:7e:e1:41:
5b:15:0c:d2:d5:28:5a:a7:a6:23:01:b0:50:1f:29:18:ad:85:
5c:3b:2b:71:aa:7d:56:f1:d4:43:bb:c3:56:d5:05:78:a0:db:
0d:55:50:b0:28:7d:72:28:c4:8b:41:77:2a:fe:39:81:72:1b:
87:c6:7e:e1:b2:6e:81:a1:95:1a:24:b0:ba:3d:9a:03:c7:4a:
94:9e:f0:31:07:46:8a:e4:68:55:bb:81:ae:28:42:ab:3c:c5:
0c:dd:c7:d4:46:98:16:2b:fa:e7:16:6e:ca:6a:e9:26:7d:63:
58:c7:ca:48:6f:7e:1d:42:21:8c:0b:69:68:61:4f:5b:ab:9e:
ce:db:97:12:8d:6b:93:ce:1a:24:47:15:b2:07:5a:84:4a:1a:
b2:f7:20:4c:41:d1:d6:22:12:7f:70:96:83:4c:ba:80:eb:92:
f1:c3:03:85
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICBjowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNCOEIxMTAvBgNVBAUTKEI2QkI2MzY0QkNFNDg1Q0VDMDZEMzM5OTQ5MTU4N0E0
ODI1OTFDQkMwHhcNMjIwNTIxMTY0MjQ2WhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg5MTY4Ni1iOWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0f1ASXMbhH+Vj0Rn+Wzux8UbbWb9xxTUT6CUMo5UlPz1+AcoEaAbA6Mj4xy8
IYWcnbXiOoX4XOTT/RWICEdOjgeLCb8RIjWKq0YuEoP1Z0MXwwVJBWgwtGui+nF+
s8aKFRTSabEHYn0Y1VMsKSl1ldIKP2SQOm/33h4R/80GFtZ5ZZzCzJfRRgq5RsFX
Z3xmA6+YP523JM6Ii/C+GF2G/tl6tWl5JLvrWXKcKk2qexewIDBry65W4IDEn+si
FS8eFbkeja7+s0S2Cmxw2Zs5S7UYzoeITQYJm9mxHimAm7RBwsZN3BKzoD53XI5h
E/5pKz+ouhgiwbDuGBsO7CKeewIDAQABo4ICrjCCAqowHQYDVR0OBBYEFAEM+W6y
lLfM44FJ2z4oxKoSa9L/MB8GA1UdIwQYMBaAFLa7Y2S85IXOwG0zmUkVh6SCWRy8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0I4Qi83QUNDQ0I0MDlD
NkYxMUVBOEM2NTlCM0ZDNEY5QUUwMi90cnRqWkx6a2hjN0FiVE9aU1JXSHBJSlpI
THcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RydGpaTHpraGM3QWJUT1pTUldIcElKWkhMdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNCOEIvN0FDQ0NCNDA5QzZGMTFFQThDNjU5QjNGQzRGOUFFMDIvRkZEQjIxN0M5
Q0VFMTFFQTk0MjNCODY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMAwEAgABMAYDBAFnl4YwFwQCAAIwEQMHACABDfPBgAMGBCQAfyAAMA0GCSqG
SIb3DQEBCwUAA4IBAQCo/QRBgM6TbIhJh7lE9f90iago20f7FEuuDRkOXAT1cukn
qFAk37sWZm9X4i8exMjXRSjDGIypYX5YSLgUxdOKwC9Y+7zzBZBnvZdnIxi+FJzz
7mm70h1+4UFbFQzS1Shap6YjAbBQHykYrYVcOytxqn1W8dRDu8NW1QV4oNsNVVCw
KH1yKMSLQXcq/jmBchuHxn7hsm6BoZUaJLC6PZoDx0qUnvAxB0aK5GhVu4GuKEKr
PMUM3cfURpgWK/rnFm7KaukmfWNYx8pIb34dQiGMC2loYU9bq57O25cSjWuTzhok
RxWyB1qEShqy9yBMQdHWIhJ/cJaDTLqA65LxwwOF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-ams.rpki-client.org