Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136A3E/1937615205F611EA8912C129C4F9AE02/86F51460FD8111EDA09EBD60C4F9AE02.roa
File: 86F51460FD8111EDA09EBD60C4F9AE02.roa (raw, json)
Hash identifier: c60Sg/jQHYZzWcUD8Cr5H9E5UVJ3ZkjxOzHo0YwPAJY=
Subject key identifier: D3:81:27:BE:05:C1:9B:0F:75:EF:D7:B7:2D:2B:CE:D3:D3:EB:8E:C9
Certificate issuer: /CN=A9136A3E/serialNumber=ED23F07FE0325446DD0D5A19C1A17E3C8861EF97
Certificate serial: 0AD7
Authority key identifier: ED:23:F0:7F:E0:32:54:46:DD:0D:5A:19:C1:A1:7E:3C:88:61:EF:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7SPwf-AyVEbdDVoZwaF-PIhh75c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136A3E/1937615205F611EA8912C129C4F9AE02/86F51460FD8111EDA09EBD60C4F9AE02.roa
Signing time: Wed 21 Jun 2023 08:29:58 +0000
ROA not before: Wed 21 Jun 2023 08:29:58 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 136207
IP address blocks: 103.83.164.0/22 maxlen: 24
203.89.108.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2775 (0xad7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136A3E/serialNumber=ED23F07FE0325446DD0D5A19C1A17E3C8861EF97
Validity
Not Before: Jun 21 08:29:58 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=6492b505-8d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a0:dd:71:72:80:f5:32:60:60:ab:c2:41:0f:
0a:90:de:40:6a:78:77:fb:e3:88:fe:86:d7:11:8b:
9f:35:7f:fd:a7:b3:ef:c6:8a:71:41:39:93:27:23:
00:fc:1c:21:c5:71:7e:d9:1c:49:56:03:46:91:ed:
58:b4:83:4e:b4:33:6d:e0:db:5f:7e:dc:f9:08:52:
46:89:cd:82:e4:03:41:c5:58:78:67:ad:ff:02:27:
1a:e5:d3:8e:b5:7b:72:e8:73:01:77:e1:31:1b:e8:
20:f0:13:f3:fa:8a:87:cf:67:3e:27:61:fb:b9:dd:
9a:35:7a:5e:c9:71:87:b6:41:b4:cb:09:b8:29:94:
83:56:6b:5f:3a:89:19:17:ec:56:ef:4c:5c:ca:54:
74:f9:9c:2c:02:53:7d:30:5c:f8:9f:96:57:2e:52:
34:fe:7f:10:14:86:6c:44:cc:cc:61:55:e4:fe:f4:
6a:1d:2b:ed:75:90:e8:6c:42:31:0a:c5:e3:01:f2:
18:a8:5c:4c:51:86:df:34:80:1a:12:1f:09:34:4c:
20:ba:d6:e7:bb:15:0a:96:05:0c:72:2a:ed:0b:ae:
24:ed:25:52:7e:92:a0:76:8b:95:11:17:fa:bc:59:
dd:54:5b:e7:a8:35:49:d6:b0:b6:d4:d7:5e:8e:b2:
f1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:81:27:BE:05:C1:9B:0F:75:EF:D7:B7:2D:2B:CE:D3:D3:EB:8E:C9
X509v3 Authority Key Identifier:
keyid:ED:23:F0:7F:E0:32:54:46:DD:0D:5A:19:C1:A1:7E:3C:88:61:EF:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136A3E/1937615205F611EA8912C129C4F9AE02/7SPwf-AyVEbdDVoZwaF-PIhh75c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7SPwf-AyVEbdDVoZwaF-PIhh75c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136A3E/1937615205F611EA8912C129C4F9AE02/86F51460FD8111EDA09EBD60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.164.0/22
203.89.108.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:4a:57:49:b7:1f:d3:dd:6b:20:4f:c7:39:dd:a6:68:6a:7b:
61:c1:01:7d:3f:9b:08:bf:03:98:b0:a6:97:18:0e:b7:29:75:
4e:91:25:d9:6e:be:cd:36:6a:8d:bf:82:1f:96:eb:3d:fb:13:
c5:b5:6e:c5:21:3c:39:a5:82:13:34:bf:f3:f0:b7:b2:cb:1f:
5b:6b:58:52:17:ca:65:54:3e:03:d5:5d:0a:9d:49:c0:1c:91:
94:f6:63:99:91:1c:f0:7c:49:42:96:4f:78:1a:e3:f4:31:52:
22:1a:57:35:17:2c:ce:34:1a:1b:50:bb:84:1c:5f:5e:42:5b:
de:a0:53:fa:aa:11:97:8a:60:36:f0:41:70:ca:17:4b:9f:15:
6c:2e:aa:8f:df:29:b7:13:cb:46:86:c9:0c:57:a5:d7:9c:7a:
8f:1f:fe:e0:7a:3a:d6:cd:ec:71:30:54:76:c9:a9:9e:15:a4:
e2:c2:81:c3:8f:aa:74:39:a4:e4:89:b5:7e:60:fe:99:31:65:
f6:e1:9b:39:30:1e:f4:c4:5b:ce:84:11:7d:06:8d:2f:6d:7b:
a3:f3:79:fc:cc:04:74:e3:51:a1:b4:f1:ff:c5:41:f2:91:6b:
a4:d2:07:9c:0c:92:45:cc:79:4f:95:87:26:0e:f6:5e:60:55:
c6:5f:96:d9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCtcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzZBM0UxMTAvBgNVBAUTKEVEMjNGMDdGRTAzMjU0NDZERDBENUExOUMxQTE3RTND
ODg2MUVGOTcwHhcNMjMwNjIxMDgyOTU4WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDkyYjUwNS04ZDBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuKDdcXKA9TJgYKvCQQ8KkN5Aanh3++OI/obXEYufNX/9p7PvxopxQTmTJyMA
/BwhxXF+2RxJVgNGke1YtINOtDNt4Ntfftz5CFJGic2C5ANBxVh4Z63/Aica5dOO
tXty6HMBd+ExG+gg8BPz+oqHz2c+J2H7ud2aNXpeyXGHtkG0ywm4KZSDVmtfOokZ
F+xW70xcylR0+ZwsAlN9MFz4n5ZXLlI0/n8QFIZsRMzMYVXk/vRqHSvtdZDobEIx
CsXjAfIYqFxMUYbfNIAaEh8JNEwgutbnuxUKlgUMcirtC64k7SVSfpKgdouVERf6
vFndVFvnqDVJ1rC21NdejrLxkwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNOBJ74F
wZsPde/Xty0rztPT647JMB8GA1UdIwQYMBaAFO0j8H/gMlRG3Q1aGcGhfjyIYe+X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkEzRS8xOTM3NjE1MjA1
RjYxMUVBODkxMkMxMjlDNEY5QUUwMi83U1B3Zi1BeVZFYmREVm9ad2FGLVBJaGg3
NWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdTUHdmLUF5VkViZERWb1p3YUYtUEloaDc1Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzZBM0UvMTkzNzYxNTIwNUY2MTFFQTg5MTJDMTI5QzRGOUFFMDIvODZGNTE0NjBG
RDgxMTFFREEwOUVCRDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnU6QDBALLWWwwDQYJKoZIhvcNAQELBQADggEBAC9KV0m3
H9PdayBPxzndpmhqe2HBAX0/mwi/A5iwppcYDrcpdU6RJdluvs02ao2/gh+W6z37
E8W1bsUhPDmlghM0v/Pwt7LLH1trWFIXymVUPgPVXQqdScAckZT2Y5mRHPB8SUKW
T3ga4/QxUiIaVzUXLM40GhtQu4QcX15CW96gU/qqEZeKYDbwQXDKF0ufFWwuqo/f
KbcTy0aGyQxXpdeceo8f/uB6OtbN7HEwVHbJqZ4VpOLCgcOPqnQ5pOSJtX5g/pkx
ZfbhmzkwHvTEW86EEX0GjS9te6PzefzMBHTjUaG08f/FQfKRa6TSB5wMkkXMeU+V
hyYO9l5gVcZfltk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:36 2023 by rpki-client on console-ams.rpki-client.org