Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129FD1/F85C25E2651F11EABB632C6DC4F9AE02/12B924B8F84811ECBEDA3B6DC4F9AE02.roa
File: 12B924B8F84811ECBEDA3B6DC4F9AE02.roa (raw, json)
Hash identifier: KVpOHGF5PuRntk71b0XtlWgbp5HejJkCAGZsziXoCBg=
Subject key identifier: 3C:C7:D2:D4:5E:06:4F:BD:B9:5D:FD:C6:2C:CF:E3:12:E6:65:E1:26
Certificate issuer: /CN=A9129FD1/serialNumber=6C6989AF18EEAFDE0CAF2EEBB514883C75ED4456
Certificate serial: 07E1
Authority key identifier: 6C:69:89:AF:18:EE:AF:DE:0C:AF:2E:EB:B5:14:88:3C:75:ED:44:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bGmJrxjur94Mry7rtRSIPHXtRFY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129FD1/F85C25E2651F11EABB632C6DC4F9AE02/12B924B8F84811ECBEDA3B6DC4F9AE02.roa
Signing time: Sat 23 Jul 2022 13:47:08 +0000
ROA not before: Sat 23 Jul 2022 13:47:08 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 136516
IP address blocks: 103.91.146.0/24 maxlen: 24
103.91.147.0/24 maxlen: 24
2403:6640::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2017 (0x7e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129FD1/serialNumber=6C6989AF18EEAFDE0CAF2EEBB514883C75ED4456
Validity
Not Before: Jul 23 13:47:08 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62dbfbdb-dbd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a0:8f:c6:e0:55:0d:55:c6:5d:66:0a:7e:7c:
09:97:2a:ae:08:3e:cf:c7:2a:a7:34:9e:9c:73:f9:
58:8e:ec:07:3f:6d:01:5b:26:a9:6a:b4:87:8e:e3:
98:9a:41:69:53:24:09:ff:6f:0d:c2:a6:60:50:2f:
74:52:fa:0a:81:d3:4c:99:02:f8:db:75:ed:60:1d:
0c:75:50:fc:da:b6:3c:18:cd:34:f5:7a:62:52:37:
76:9e:0f:71:b2:44:f8:57:3a:ed:ad:46:cb:36:5f:
8c:a8:b4:eb:6d:14:40:38:f1:aa:a0:81:8f:a6:b3:
b9:d3:82:ad:06:63:b5:88:a1:40:1e:9b:e2:39:08:
fd:3a:20:20:de:07:17:da:0a:41:8c:86:3d:52:80:
ea:ed:96:c1:5d:5a:3d:dd:d6:2b:82:4d:18:ef:9c:
0e:7d:1f:52:91:11:45:58:fe:60:78:e6:24:cd:45:
70:e7:9d:52:3f:d8:6e:08:ce:18:d4:d6:d1:36:6d:
14:d7:40:6c:2c:b0:8d:8f:14:c3:02:3e:eb:60:6d:
bd:9a:ea:45:35:c8:ac:35:71:ba:63:89:e9:9c:6e:
41:66:bd:46:43:82:39:52:fc:39:0d:bb:de:cf:ee:
e2:ea:24:53:10:b4:4d:67:d5:39:c5:65:63:5f:c4:
e3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C7:D2:D4:5E:06:4F:BD:B9:5D:FD:C6:2C:CF:E3:12:E6:65:E1:26
X509v3 Authority Key Identifier:
keyid:6C:69:89:AF:18:EE:AF:DE:0C:AF:2E:EB:B5:14:88:3C:75:ED:44:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129FD1/F85C25E2651F11EABB632C6DC4F9AE02/bGmJrxjur94Mry7rtRSIPHXtRFY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bGmJrxjur94Mry7rtRSIPHXtRFY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129FD1/F85C25E2651F11EABB632C6DC4F9AE02/12B924B8F84811ECBEDA3B6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.146.0/23
IPv6:
2403:6640::/32
Signature Algorithm: sha256WithRSAEncryption
5d:1f:25:db:dc:54:92:65:a8:7e:0b:a5:82:da:3c:1e:53:4f:
5b:c1:1d:c6:ff:80:0c:9b:93:8e:7a:fe:fa:97:49:4e:8d:28:
d6:df:1d:2a:e0:49:6a:4c:51:cb:12:55:d6:22:9a:a3:4e:d8:
f7:87:46:f4:97:6f:5f:85:d8:59:2f:ad:23:ba:18:38:ef:2d:
69:92:89:f9:c6:29:c5:0d:27:83:78:36:7f:c7:53:c7:69:ed:
ae:c5:af:c3:b6:d2:c2:31:8c:39:b9:23:56:b9:f7:c0:87:6e:
30:f9:d0:5f:68:28:17:db:6f:98:02:45:21:04:b3:b5:cc:fd:
42:ad:52:c7:59:c1:7b:4e:dc:18:12:f0:ab:9d:4f:c7:54:cc:
c5:39:f2:e6:cd:a3:28:3c:28:6f:e7:cd:f1:14:5d:6f:c3:4b:
3a:02:29:3a:af:14:fb:06:8f:61:44:73:a8:23:a4:e9:26:98:
47:cd:64:ab:9c:ae:a4:b6:d6:7e:09:b8:9c:24:cf:02:cc:fc:
19:26:c3:e4:01:02:c2:99:c0:3e:71:e3:c6:e8:9c:b7:1a:95:
2f:02:e9:48:e4:95:7b:95:81:50:d6:88:9b:5e:72:03:79:db:
33:d3:cb:21:b5:55:21:24:95:9d:51:94:18:8f:36:9e:06:7b:
29:56:47:7a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICB+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjlGRDExMTAvBgNVBAUTKDZDNjk4OUFGMThFRUFGREUwQ0FGMkVFQkI1MTQ4ODND
NzVFRDQ0NTYwHhcNMjIwNzIzMTM0NzA4WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmRiZmJkYi1kYmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz6CPxuBVDVXGXWYKfnwJlyquCD7PxyqnNJ6cc/lYjuwHP20BWyaparSHjuOY
mkFpUyQJ/28NwqZgUC90UvoKgdNMmQL423XtYB0MdVD82rY8GM009XpiUjd2ng9x
skT4VzrtrUbLNl+MqLTrbRRAOPGqoIGPprO504KtBmO1iKFAHpviOQj9OiAg3gcX
2gpBjIY9UoDq7ZbBXVo93dYrgk0Y75wOfR9SkRFFWP5geOYkzUVw551SP9huCM4Y
1NbRNm0U10BsLLCNjxTDAj7rYG29mupFNcisNXG6Y4npnG5BZr1GQ4I5Uvw5Dbve
z+7i6iRTELRNZ9U5xWVjX8TjyQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDzH0tRe
Bk+9uV39xizP4xLmZeEmMB8GA1UdIwQYMBaAFGxpia8Y7q/eDK8u67UUiDx17URW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUZEMS9GODVDMjVFMjY1
MUYxMUVBQkI2MzJDNkRDNEY5QUUwMi9iR21KcnhqdXI5NE1yeTdydFJTSVBIWHRS
RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JHbUpyeGp1cjk0TXJ5N3J0UlNJUEhYdFJGWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjlGRDEvRjg1QzI1RTI2NTFGMTFFQUJCNjMyQzZEQzRGOUFFMDIvMTJCOTI0QjhG
ODQ4MTFFQ0JFREEzQjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnW5IwDQQCAAIwBwMFACQDZkAwDQYJKoZIhvcNAQELBQAD
ggEBAF0fJdvcVJJlqH4LpYLaPB5TT1vBHcb/gAybk456/vqXSU6NKNbfHSrgSWpM
UcsSVdYimqNO2PeHRvSXb1+F2FkvrSO6GDjvLWmSifnGKcUNJ4N4Nn/HU8dp7a7F
r8O20sIxjDm5I1a598CHbjD50F9oKBfbb5gCRSEEs7XM/UKtUsdZwXtO3BgS8Kud
T8dUzMU58ubNoyg8KG/nzfEUXW/DSzoCKTqvFPsGj2FEc6gjpOkmmEfNZKucrqS2
1n4JuJwkzwLM/Bkmw+QBAsKZwD5x48bonLcalS8C6UjklXuVgVDWiJtecgN52zPT
yyG1VSEklZ1RlBiPNp4GeylWR3o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org