Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/1A83F51AD0F711EC8673072FC4F9AE02.roa
File: 1A83F51AD0F711EC8673072FC4F9AE02.roa (raw, json)
Hash identifier: RAtgbtzhOwM9Pu0kdjsBAmRG/+0YU9Yf69ZNijoHV7M=
Subject key identifier: 46:3F:4A:69:03:17:E0:75:6C:8E:75:CD:19:F7:FE:33:96:F0:E3:F1
Certificate issuer: /CN=A91346B1/serialNumber=2F3EF5B9013714E3174C6700AE04824E2F05C230
Certificate serial: 012D
Authority key identifier: 2F:3E:F5:B9:01:37:14:E3:17:4C:67:00:AE:04:82:4E:2F:05:C2:30
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/1A83F51AD0F711EC8673072FC4F9AE02.roa
Signing time: Tue 04 Oct 2022 05:14:31 +0000
ROA not before: Tue 04 Oct 2022 05:14:31 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 131258
IP address blocks: 103.244.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 301 (0x12d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91346B1/serialNumber=2F3EF5B9013714E3174C6700AE04824E2F05C230
Validity
Not Before: Oct 4 05:14:31 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=633bc137-9869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e2:33:1e:27:35:15:00:61:48:27:6c:ea:02:
20:76:92:4b:b5:ea:70:de:37:10:3c:95:4e:fb:d4:
89:46:98:07:43:46:55:59:e8:30:04:66:6d:c8:5b:
02:28:e5:c2:df:48:cd:77:0d:a6:02:0d:d0:c3:16:
2c:ba:6e:ff:b3:dc:08:88:82:07:cb:4c:42:cb:c5:
c5:9f:70:29:02:fb:2b:47:c8:de:e8:f1:db:ab:d7:
95:0a:4a:0f:19:00:c7:8f:73:10:ad:05:a2:fd:d9:
ee:7b:6d:57:5a:01:22:70:4c:4c:91:de:f6:c8:b6:
f1:bf:0e:8a:be:c4:4d:f4:88:79:68:d8:93:7a:18:
5f:b7:f3:8f:b0:d2:83:3e:66:21:c5:24:c7:77:96:
42:f0:15:82:fb:ce:82:2f:65:77:34:74:c7:14:81:
c4:88:5c:f0:30:1e:ad:0c:3d:53:65:98:0e:08:5a:
5c:a8:3a:fd:99:0e:af:5a:eb:1a:df:cd:ce:3f:04:
f3:60:2b:05:41:b0:2c:f2:86:19:82:33:2d:2a:e0:
51:29:28:65:f2:3c:5a:ad:4a:86:57:dc:e0:f7:e7:
a7:eb:db:32:1a:60:2e:5f:1d:45:27:c8:28:31:7c:
a0:66:f3:a7:35:53:f4:c3:64:b3:20:86:fc:24:f0:
05:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:3F:4A:69:03:17:E0:75:6C:8E:75:CD:19:F7:FE:33:96:F0:E3:F1
X509v3 Authority Key Identifier:
keyid:2F:3E:F5:B9:01:37:14:E3:17:4C:67:00:AE:04:82:4E:2F:05:C2:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/1A83F51AD0F711EC8673072FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.244.194.0/24
Signature Algorithm: sha256WithRSAEncryption
28:28:1c:19:34:2a:f0:a7:75:81:96:b3:b7:38:19:34:5f:74:
34:e6:1b:3c:3a:e4:36:51:b2:47:fa:7a:a1:58:73:76:ce:6e:
c1:c2:74:b6:f4:c3:c7:96:1a:83:12:e0:22:27:ab:3b:86:f4:
6c:dd:a4:a3:05:13:54:9e:57:82:fd:17:b1:cd:46:d3:8d:22:
79:48:c1:e3:2c:b7:e6:c1:4c:e8:4a:c2:d3:8a:bb:32:d3:72:
31:8b:6e:aa:7b:ee:28:e7:39:48:1c:a1:8e:87:d6:e2:59:ee:
eb:e7:50:a3:00:9f:81:25:9f:00:fc:f8:ed:a5:b2:46:5d:00:
15:1a:9e:b0:43:ad:25:a7:a9:d1:a0:45:07:08:ee:a5:8a:15:
16:8e:96:64:36:89:c1:71:9e:fc:0b:28:58:82:ff:09:dc:29:
59:c3:86:46:84:5b:ed:06:13:7d:ef:26:eb:95:48:3c:4f:e9:
cc:9b:50:92:3f:d7:9d:95:c0:19:fa:e9:ad:dd:bf:ed:39:96:
a5:2c:d7:b1:2f:da:96:96:40:25:fe:60:8f:b5:57:60:8d:ab:
66:0a:30:0b:77:0f:31:da:a4:e1:dd:14:68:3f:6c:a3:b6:69:
c7:79:c2:2f:75:a3:66:62:e0:66:82:10:b8:76:01:8c:04:ab:
d8:db:3a:31
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQ2QjExMTAvBgNVBAUTKDJGM0VGNUI5MDEzNzE0RTMxNzRDNjcwMEFFMDQ4MjRF
MkYwNUMyMzAwHhcNMjIxMDA0MDUxNDMxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNiYzEzNy05ODY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoeIzHic1FQBhSCds6gIgdpJLtepw3jcQPJVO+9SJRpgHQ0ZVWegwBGZtyFsC
KOXC30jNdw2mAg3QwxYsum7/s9wIiIIHy0xCy8XFn3ApAvsrR8je6PHbq9eVCkoP
GQDHj3MQrQWi/dnue21XWgEicExMkd72yLbxvw6KvsRN9Ih5aNiTehhft/OPsNKD
PmYhxSTHd5ZC8BWC+86CL2V3NHTHFIHEiFzwMB6tDD1TZZgOCFpcqDr9mQ6vWusa
383OPwTzYCsFQbAs8oYZgjMtKuBRKShl8jxarUqGV9zg9+en69syGmAuXx1FJ8go
MXygZvOnNVP0w2SzIIb8JPAFgwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEY/SmkD
F+B1bI51zRn3/jOW8OPxMB8GA1UdIwQYMBaAFC8+9bkBNxTjF0xnAK4Egk4vBcIw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDZCMS85QTBFQ0UxMEQw
RjAxMUVDOEVDREJGNjNDNEY5QUUwMi9MejcxdVFFM0ZPTVhUR2NBcmdTQ1RpOEZ3
akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0x6NzF1UUUzRk9NWFRHY0FyZ1NDVGk4RndqQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQ2QjEvOUEwRUNFMTBEMEYwMTFFQzhFQ0RCRjYzQzRGOUFFMDIvMUE4M0Y1MUFE
MEY3MTFFQzg2NzMwNzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn9MIwDQYJKoZIhvcNAQELBQADggEBACgoHBk0KvCndYGW
s7c4GTRfdDTmGzw65DZRskf6eqFYc3bObsHCdLb0w8eWGoMS4CInqzuG9GzdpKMF
E1SeV4L9F7HNRtONInlIweMst+bBTOhKwtOKuzLTcjGLbqp77ijnOUgcoY6H1uJZ
7uvnUKMAn4ElnwD8+O2lskZdABUanrBDrSWnqdGgRQcI7qWKFRaOlmQ2icFxnvwL
KFiC/wncKVnDhkaEW+0GE33vJuuVSDxP6cybUJI/152VwBn66a3dv+05lqUs17Ev
2paWQCX+YI+1V2CNq2YKMAt3DzHapOHdFGg/bKO2acd5wi91o2Zi4GaCELh2AYwE
q9jbOjE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:38 2023 by rpki-client on console-fra.rpki-client.org