Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129FD1/F85C25E2651F11EABB632C6DC4F9AE02/F3142F2EF78711EC8627E335C4F9AE02.roa
File: F3142F2EF78711EC8627E335C4F9AE02.roa (raw, json)
Hash identifier: 4/vW2xM1+SneW5Pz32Q3dlTHtj2EoNwujTudNQYICWM=
Subject key identifier: E9:DD:CA:F5:E7:BE:67:39:C4:31:24:88:58:45:81:46:37:9E:57:68
Certificate issuer: /CN=A9129FD1/serialNumber=6C6989AF18EEAFDE0CAF2EEBB514883C75ED4456
Certificate serial: 07A9
Authority key identifier: 6C:69:89:AF:18:EE:AF:DE:0C:AF:2E:EB:B5:14:88:3C:75:ED:44:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bGmJrxjur94Mry7rtRSIPHXtRFY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129FD1/F85C25E2651F11EABB632C6DC4F9AE02/F3142F2EF78711EC8627E335C4F9AE02.roa
Signing time: Wed 29 Jun 2022 08:46:22 +0000
ROA not before: Wed 29 Jun 2022 08:46:22 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 136516
IP address blocks: 103.91.146.0/23 maxlen: 24
2403:6640::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1961 (0x7a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129FD1/serialNumber=6C6989AF18EEAFDE0CAF2EEBB514883C75ED4456
Validity
Not Before: Jun 29 08:46:22 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62bc115d-f1c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:25:ef:20:85:e5:f6:81:a9:17:9e:36:bc:20:
02:d1:71:2f:fc:e5:61:07:d6:14:a8:f1:e1:f7:cc:
8c:32:30:aa:74:e7:6d:39:d5:a9:10:d1:0d:df:33:
a5:87:4e:0a:a2:1d:d2:47:a3:0f:8a:b7:06:c8:c7:
bb:92:76:5e:2a:c0:8b:e7:33:6c:85:7a:c6:39:ee:
16:78:b0:c5:71:4e:ca:4d:26:c7:f5:da:a6:3d:3b:
fb:ce:d1:ab:9c:6a:57:2e:32:88:18:2d:a8:34:53:
fc:7e:1e:ec:6f:d9:fa:cd:4d:cb:86:ee:3f:eb:a7:
e8:18:f4:53:b4:6f:0e:4a:d1:f3:fc:48:60:bf:08:
93:0b:9c:72:52:9c:e9:35:fa:30:1a:db:0b:a8:58:
9c:b5:c2:2f:25:4f:ec:ff:70:50:91:d6:32:c5:d7:
b9:3f:85:dc:4b:5e:cf:3b:48:e7:29:16:31:b1:e3:
c9:aa:17:a5:a7:42:d7:4e:af:25:5c:e1:e7:c4:42:
e7:de:98:af:d6:66:9b:b3:13:45:29:bf:ba:91:29:
c0:84:52:26:66:38:d4:3a:e0:8b:61:79:8e:a9:2b:
16:7c:db:fc:61:fe:31:9f:d6:e1:fa:80:45:e2:df:
bc:4a:92:20:5f:2b:55:d7:90:b3:8c:16:72:de:09:
13:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:DD:CA:F5:E7:BE:67:39:C4:31:24:88:58:45:81:46:37:9E:57:68
X509v3 Authority Key Identifier:
keyid:6C:69:89:AF:18:EE:AF:DE:0C:AF:2E:EB:B5:14:88:3C:75:ED:44:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129FD1/F85C25E2651F11EABB632C6DC4F9AE02/bGmJrxjur94Mry7rtRSIPHXtRFY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bGmJrxjur94Mry7rtRSIPHXtRFY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129FD1/F85C25E2651F11EABB632C6DC4F9AE02/F3142F2EF78711EC8627E335C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.146.0/23
IPv6:
2403:6640::/32
Signature Algorithm: sha256WithRSAEncryption
09:18:22:29:0f:5d:24:ae:5a:75:66:d1:e8:24:6a:ac:e8:9c:
4b:29:00:db:50:31:93:46:ce:66:29:80:00:ca:51:d3:2c:c1:
13:0e:aa:5e:96:69:31:d3:86:50:16:d2:dc:a0:14:4b:de:69:
2e:53:9c:16:10:8c:02:5c:44:46:97:ae:62:03:c9:f1:17:5f:
25:12:e8:ad:f7:b6:2e:4b:1a:6d:8a:ee:1d:75:7f:90:80:33:
0f:23:89:f0:ca:c3:95:19:dd:ff:fe:5b:90:f2:9a:40:3d:c2:
b9:af:75:a3:3d:38:fc:6e:8a:03:3a:80:89:a8:5b:43:6c:4c:
da:42:27:5b:26:d8:ac:1d:62:d2:16:14:62:28:b8:eb:3b:67:
c3:c8:e4:aa:2e:b6:98:7c:bc:f8:29:8d:1b:12:13:9a:0e:85:
8b:d4:b7:46:e3:02:7f:a4:80:d9:cc:a5:b5:bc:9a:0d:70:b8:
ed:bc:e6:b4:26:5c:eb:ed:99:85:2b:31:f8:4f:c1:d2:f2:99:
2f:ab:b1:14:82:df:71:81:ca:76:2a:6a:66:3b:4a:e4:54:54:
59:8a:ed:7b:7c:8f:cd:72:c7:34:0f:ee:7c:45:96:0d:77:43:
fb:42:94:d4:62:65:1c:14:e0:60:65:c2:6b:3e:c7:2a:5f:aa:
36:3e:e3:f1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICB6kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjlGRDExMTAvBgNVBAUTKDZDNjk4OUFGMThFRUFGREUwQ0FGMkVFQkI1MTQ4ODND
NzVFRDQ0NTYwHhcNMjIwNjI5MDg0NjIyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJjMTE1ZC1mMWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxCXvIIXl9oGpF542vCAC0XEv/OVhB9YUqPHh98yMMjCqdOdtOdWpENEN3zOl
h04Koh3SR6MPircGyMe7knZeKsCL5zNshXrGOe4WeLDFcU7KTSbH9dqmPTv7ztGr
nGpXLjKIGC2oNFP8fh7sb9n6zU3Lhu4/66foGPRTtG8OStHz/EhgvwiTC5xyUpzp
NfowGtsLqFictcIvJU/s/3BQkdYyxde5P4XcS17PO0jnKRYxsePJqhelp0LXTq8l
XOHnxELn3piv1mabsxNFKb+6kSnAhFImZjjUOuCLYXmOqSsWfNv8Yf4xn9bh+oBF
4t+8SpIgXytV15CzjBZy3gkTlQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOndyvXn
vmc5xDEkiFhFgUY3nldoMB8GA1UdIwQYMBaAFGxpia8Y7q/eDK8u67UUiDx17URW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUZEMS9GODVDMjVFMjY1
MUYxMUVBQkI2MzJDNkRDNEY5QUUwMi9iR21KcnhqdXI5NE1yeTdydFJTSVBIWHRS
RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JHbUpyeGp1cjk0TXJ5N3J0UlNJUEhYdFJGWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjlGRDEvRjg1QzI1RTI2NTFGMTFFQUJCNjMyQzZEQzRGOUFFMDIvRjMxNDJGMkVG
Nzg3MTFFQzg2MjdFMzM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnW5IwDQQCAAIwBwMFACQDZkAwDQYJKoZIhvcNAQELBQAD
ggEBAAkYIikPXSSuWnVm0egkaqzonEspANtQMZNGzmYpgADKUdMswRMOql6WaTHT
hlAW0tygFEveaS5TnBYQjAJcREaXrmIDyfEXXyUS6K33ti5LGm2K7h11f5CAMw8j
ifDKw5UZ3f/+W5DymkA9wrmvdaM9OPxuigM6gImoW0NsTNpCJ1sm2KwdYtIWFGIo
uOs7Z8PI5Koutph8vPgpjRsSE5oOhYvUt0bjAn+kgNnMpbW8mg1wuO285rQmXOvt
mYUrMfhPwdLymS+rsRSC33GBynYqamY7SuRUVFmK7Xt8j81yxzQP7nxFlg13Q/tC
lNRiZRwU4GBlwms+xypfqjY+4/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org