Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912A517/2B19FFB8F50011E8A93A8E63C4F9AE02/80DDCF64C9AB11EC80834A77C4F9AE02.roa
File: 80DDCF64C9AB11EC80834A77C4F9AE02.roa (raw, json)
Hash identifier: hGDXCurW+/t+DRIe2XZ64sltlh94GcyM7lTGFQq5SZ0=
Subject key identifier: F0:37:A1:99:20:37:75:A8:6A:DB:D0:87:EE:B5:86:56:4C:32:B4:08
Certificate issuer: /CN=A912A517/serialNumber=104113CE8F5E01751AF4D0F24968D83924A6C807
Certificate serial: 0EA6
Authority key identifier: 10:41:13:CE:8F:5E:01:75:1A:F4:D0:F2:49:68:D8:39:24:A6:C8:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EEETzo9eAXUa9NDySWjYOSSmyAc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912A517/2B19FFB8F50011E8A93A8E63C4F9AE02/80DDCF64C9AB11EC80834A77C4F9AE02.roa
Signing time: Mon 02 May 2022 00:04:58 +0000
ROA not before: Mon 02 May 2022 00:04:58 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 55850
IP address blocks: 14.137.0.0/19 maxlen: 19
101.53.192.0/19 maxlen: 19
101.53.217.0/24 maxlen: 24
101.53.220.0/22 maxlen: 22
103.26.202.0/24 maxlen: 24
103.241.56.0/22 maxlen: 22
115.69.160.0/19 maxlen: 19
116.251.128.0/18 maxlen: 18
116.251.192.0/21 maxlen: 21
116.251.200.0/22 maxlen: 22
150.107.172.0/22 maxlen: 22
180.148.96.0/19 maxlen: 19
202.74.33.0/24 maxlen: 24
203.94.32.0/19 maxlen: 19
2406:5a00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3750 (0xea6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912A517/serialNumber=104113CE8F5E01751AF4D0F24968D83924A6C807
Validity
Not Before: May 2 00:04:58 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=626f202a-cdfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a1:ed:01:6a:dc:35:27:f8:80:34:f0:aa:68:
9c:a2:18:2f:c2:78:c6:7e:10:5b:9e:ca:db:3a:56:
3a:c9:5b:a3:4f:e2:26:11:94:2e:96:98:cd:75:a6:
ff:17:50:a9:5b:64:1a:b8:a2:9a:a8:84:50:0b:24:
ca:7f:3b:3d:c4:bf:91:76:91:89:33:f5:26:27:e4:
ed:fb:db:bd:c9:47:4a:6d:bc:53:17:a3:94:3d:9d:
63:30:83:59:48:38:c9:4f:f4:dc:bc:dd:42:7e:28:
74:41:cf:9b:ee:aa:58:8f:d8:4b:d8:a3:c9:c0:93:
24:0b:03:5d:41:00:9b:55:69:7a:94:b3:cb:d4:6b:
6f:de:98:17:01:a5:3f:9e:97:30:4c:3c:19:37:c8:
ae:ec:c0:7c:ef:86:60:97:c4:d1:21:9c:6f:7d:6c:
77:24:63:4f:65:a3:05:28:eb:ba:03:c4:e4:0e:f3:
79:eb:ea:7a:0f:c5:a0:62:f6:64:7f:44:d3:93:0d:
3f:91:f5:07:0b:75:b3:ee:62:19:11:11:74:c2:4e:
87:c9:94:66:e2:36:ed:4a:ec:c2:a8:ad:8e:9c:df:
40:38:3c:fa:cf:a4:54:cb:59:46:d3:f1:e5:06:81:
a4:43:4f:ba:03:8c:91:9f:ff:e5:35:03:53:64:69:
a5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:37:A1:99:20:37:75:A8:6A:DB:D0:87:EE:B5:86:56:4C:32:B4:08
X509v3 Authority Key Identifier:
keyid:10:41:13:CE:8F:5E:01:75:1A:F4:D0:F2:49:68:D8:39:24:A6:C8:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912A517/2B19FFB8F50011E8A93A8E63C4F9AE02/EEETzo9eAXUa9NDySWjYOSSmyAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EEETzo9eAXUa9NDySWjYOSSmyAc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A517/2B19FFB8F50011E8A93A8E63C4F9AE02/80DDCF64C9AB11EC80834A77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.0.0/19
101.53.192.0/19
103.26.202.0/24
103.241.56.0/22
115.69.160.0/19
116.251.128.0-116.251.203.255
150.107.172.0/22
180.148.96.0/19
202.74.33.0/24
203.94.32.0/19
IPv6:
2406:5a00::/32
Signature Algorithm: sha256WithRSAEncryption
25:38:04:70:04:46:a7:2d:d7:4d:ce:c3:6c:81:c6:fb:8c:81:
a2:86:a2:b0:c2:92:87:9e:ba:67:f7:d3:ce:f0:3a:27:3f:73:
d4:13:16:bc:b1:86:22:0d:47:97:d6:9c:3d:1a:e2:c2:89:23:
f7:b4:74:26:0f:01:df:09:3f:d9:a3:a4:93:8a:56:c8:86:e2:
2d:f1:1a:a1:ec:90:f1:ab:fa:37:8a:24:a4:b1:ad:be:9b:a3:
dd:74:81:06:ac:2a:87:b6:1b:40:c3:b0:ae:30:73:2f:16:7d:
00:27:0b:86:93:8f:e2:17:cc:12:30:bb:fb:08:7e:57:e5:a8:
3b:7c:a7:a2:68:b1:f9:38:49:6b:aa:a6:2b:06:d6:94:97:41:
96:4a:f6:50:48:5c:07:b3:8a:12:94:73:2b:55:9d:69:6b:8a:
b8:82:c3:f0:aa:26:f9:e2:28:de:39:8e:39:ae:2d:ae:3e:5e:
18:e1:f4:1c:0f:53:97:ca:3d:2c:72:a1:be:f7:b9:bf:13:da:
b6:d2:9b:06:3c:c3:b8:1f:90:84:b4:5a:1e:aa:2e:ab:87:b2:
d9:5b:fd:73:fe:38:49:e3:55:e7:ec:a8:fb:74:ed:2e:69:52:
09:43:22:f5:34:1c:a4:3c:a8:b1:80:94:ca:c9:be:d2:fd:08:
00:f1:55:bf
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgICDqYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkE1MTcxMTAvBgNVBAUTKDEwNDExM0NFOEY1RTAxNzUxQUY0RDBGMjQ5NjhEODM5
MjRBNkM4MDcwHhcNMjIwNTAyMDAwNDU4WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZmMjAyYS1jZGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA86HtAWrcNSf4gDTwqmicohgvwnjGfhBbnsrbOlY6yVujT+ImEZQulpjNdab/
F1CpW2QauKKaqIRQCyTKfzs9xL+RdpGJM/UmJ+Tt+9u9yUdKbbxTF6OUPZ1jMINZ
SDjJT/TcvN1Cfih0Qc+b7qpYj9hL2KPJwJMkCwNdQQCbVWl6lLPL1Gtv3pgXAaU/
npcwTDwZN8iu7MB874Zgl8TRIZxvfWx3JGNPZaMFKOu6A8TkDvN56+p6D8WgYvZk
f0TTkw0/kfUHC3Wz7mIZERF0wk6HyZRm4jbtSuzCqK2OnN9AODz6z6RUy1lG0/Hl
BoGkQ0+6A4yRn//lNQNTZGmlnwIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFPA3oZkg
N3WoatvQh+61hlZMMrQIMB8GA1UdIwQYMBaAFBBBE86PXgF1GvTQ8klo2DkkpsgH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQTUxNy8yQjE5RkZCOEY1
MDAxMUU4QTkzQThFNjNDNEY5QUUwMi9FRUVUem85ZUFYVWE5TkR5U1dqWU9TU215
QWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VFRVR6bzllQVhVYTlORHlTV2pZT1NTbXlBYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkE1MTcvMkIxOUZGQjhGNTAwMTFFOEE5M0E4RTYzQzRGOUFFMDIvODBERENGNjRD
OUFCMTFFQzgwODM0QTc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E
XTBbMEoEAgABMEQDBAUOiQADBAVlNcADBABnGsoDBAJn8TgDBAVzRaAwDAMEB3T7
gAMEAnT7yAMEApZrrAMEBbSUYAMEAMpKIQMEBcteIDANBAIAAjAHAwUAJAZaADAN
BgkqhkiG9w0BAQsFAAOCAQEAJTgEcARGpy3XTc7DbIHG+4yBooaisMKSh566Z/fT
zvA6Jz9z1BMWvLGGIg1Hl9acPRriwokj97R0Jg8B3wk/2aOkk4pWyIbiLfEaoeyQ
8av6N4okpLGtvpuj3XSBBqwqh7YbQMOwrjBzLxZ9ACcLhpOP4hfMEjC7+wh+V+Wo
O3ynomix+ThJa6qmKwbWlJdBlkr2UEhcB7OKEpRzK1WdaWuKuILD8Kom+eIo3jmO
Oa4trj5eGOH0HA9Tl8o9LHKhvve5vxPattKbBjzDuB+QhLRaHqouq4ey2Vv9c/44
SeNV5+yo+3TtLmlSCUMi9TQcpDyosYCUysm+0v0IAPFVvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org