Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/7A01A92478CD11ECB848BB56C4F9AE02.roa
File: 7A01A92478CD11ECB848BB56C4F9AE02.roa (raw, json)
Hash identifier: MqoFh4PBfVnTZV51tbfPOF4kVdAzOVTMll09J5X58M4=
Subject key identifier: 4C:01:9A:53:26:64:1A:33:CC:D4:94:59:5E:D7:15:15:5B:C6:9A:79
Certificate issuer: /CN=A91427AF/serialNumber=D80FA9FA841255D5BDA72E52EC04FDFED7FE2D5B
Certificate serial: 10A2
Authority key identifier: D8:0F:A9:FA:84:12:55:D5:BD:A7:2E:52:EC:04:FD:FE:D7:FE:2D:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2A-p-oQSVdW9py5S7AT9_tf-LVs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/7A01A92478CD11ECB848BB56C4F9AE02.roa
Signing time: Wed 19 Jan 2022 02:14:05 +0000
ROA not before: Wed 19 Jan 2022 02:14:05 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 140096
IP address blocks: 103.116.72.0/23 maxlen: 23
103.116.73.0/24 maxlen: 24
182.255.32.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4258 (0x10a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91427AF/serialNumber=D80FA9FA841255D5BDA72E52EC04FDFED7FE2D5B
Validity
Not Before: Jan 19 02:14:05 2022 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=61e773ed-00b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4d:5d:66:10:8e:2d:ed:34:d6:61:61:a9:98:
00:62:42:4e:4a:b0:6c:ed:ad:ea:25:17:19:6c:0a:
1a:ae:23:f2:29:73:cc:4a:d0:f0:a4:be:f3:81:f0:
d0:be:2a:6d:af:3f:2f:df:3c:ae:ab:ed:ba:bd:a9:
a7:83:b9:01:41:c9:f8:cd:b9:81:ba:5c:83:e9:fc:
b6:29:e0:48:21:35:58:0b:fc:53:b8:81:fc:00:fe:
ae:3f:c4:94:5e:f6:5e:40:a2:e2:0f:f4:1b:0d:fd:
8a:4a:81:ee:8c:d7:86:f1:88:ed:f2:e8:31:21:3e:
4f:f0:49:d8:07:ff:3d:9d:ab:b8:21:30:ef:90:32:
1a:e4:15:e0:fe:cd:a4:29:af:c1:5f:d6:d4:14:ff:
5f:68:f6:7a:7c:e5:e3:8c:67:1f:eb:58:53:44:46:
89:c0:1a:b0:e2:9a:9f:01:ad:f6:04:ba:3f:30:f8:
e4:d4:2c:6f:64:9b:29:90:fa:f8:6d:b4:3d:d1:11:
ff:e5:65:7e:71:67:8a:fd:0e:f0:f7:49:f0:28:b6:
32:83:7d:32:61:b4:fd:e8:b8:ec:30:06:a9:12:bd:
89:e1:34:c7:79:43:c4:d2:8e:ca:55:b5:d3:ba:bd:
c0:d7:f9:1e:f1:ab:95:47:29:c9:89:21:91:9b:38:
ab:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:01:9A:53:26:64:1A:33:CC:D4:94:59:5E:D7:15:15:5B:C6:9A:79
X509v3 Authority Key Identifier:
keyid:D8:0F:A9:FA:84:12:55:D5:BD:A7:2E:52:EC:04:FD:FE:D7:FE:2D:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/2A-p-oQSVdW9py5S7AT9_tf-LVs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2A-p-oQSVdW9py5S7AT9_tf-LVs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/7A01A92478CD11ECB848BB56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.72.0/23
182.255.32.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:5c:c0:cd:ef:5a:ab:20:94:72:4c:74:fd:cc:b2:b8:b8:6f:
60:b8:93:21:bd:da:75:cc:c3:d4:9f:71:35:85:81:29:39:27:
69:db:51:84:6d:47:54:05:75:c5:c5:37:13:d1:5f:78:75:a0:
b1:87:d7:5a:fe:03:78:ff:15:3e:72:06:2d:b9:e8:9a:9d:66:
db:1f:8c:2e:26:df:06:34:d8:94:b2:b4:3b:6e:01:f1:f4:7d:
1a:8c:d9:d4:9a:2b:85:4a:13:e8:ba:c6:74:bf:1e:7f:02:77:
86:e7:4d:b5:9c:93:63:ee:bc:66:f3:53:b4:37:68:84:fa:58:
1c:c0:1a:ec:08:22:18:84:25:ce:96:28:a2:a7:4e:40:de:06:
af:25:1a:60:ec:85:8b:f2:4c:05:29:d7:b0:cd:46:33:56:e2:
05:f0:0e:ba:a6:bc:2f:09:43:01:59:b5:41:50:de:21:f1:bc:
43:47:71:c3:65:91:e7:be:b5:b8:2c:54:98:bf:99:c2:c9:f5:
de:30:5f:8d:e6:24:51:3e:8f:d9:85:0f:80:a9:d7:68:81:1b:
5f:a8:61:b1:6d:45:4b:37:77:78:72:86:f6:d5:83:4a:c4:7a:
4c:03:69:87:28:04:d3:93:36:5d:1d:a7:d5:2e:21:00:31:3d:
9c:db:ee:8a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI3QUYxMTAvBgNVBAUTKEQ4MEZBOUZBODQxMjU1RDVCREE3MkU1MkVDMDRGREZF
RDdGRTJENUIwHhcNMjIwMTE5MDIxNDA1WhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWU3NzNlZC0wMGIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4U1dZhCOLe001mFhqZgAYkJOSrBs7a3qJRcZbAoariPyKXPMStDwpL7zgfDQ
viptrz8v3zyuq+26vamng7kBQcn4zbmBulyD6fy2KeBIITVYC/xTuIH8AP6uP8SU
XvZeQKLiD/QbDf2KSoHujNeG8Yjt8ugxIT5P8EnYB/89nau4ITDvkDIa5BXg/s2k
Ka/BX9bUFP9faPZ6fOXjjGcf61hTREaJwBqw4pqfAa32BLo/MPjk1CxvZJspkPr4
bbQ90RH/5WV+cWeK/Q7w90nwKLYyg30yYbT96LjsMAapEr2J4TTHeUPE0o7KVbXT
ur3A1/ke8auVRynJiSGRmzir3wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEwBmlMm
ZBozzNSUWV7XFRVbxpp5MB8GA1UdIwQYMBaAFNgPqfqEElXVvacuUuwE/f7X/i1b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjdBRi81NzlBOEJDMDY4
NjAxMUU4QUFCMTI1MUZDNEY5QUUwMi8yQS1wLW9RU1ZkVzlweTVTN0FUOV90Zi1M
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJBLXAtb1FTVmRXOXB5NVM3QVQ5X3RmLUxWcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI3QUYvNTc5QThCQzA2ODYwMTFFOEFBQjEyNTFGQzRGOUFFMDIvN0EwMUE5MjQ3
OENEMTFFQ0I4NDhCQjU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFndEgDBAC2/yAwDQYJKoZIhvcNAQELBQADggEBAGpcwM3v
WqsglHJMdP3Msri4b2C4kyG92nXMw9SfcTWFgSk5J2nbUYRtR1QFdcXFNxPRX3h1
oLGH11r+A3j/FT5yBi256JqdZtsfjC4m3wY02JSytDtuAfH0fRqM2dSaK4VKE+i6
xnS/Hn8Cd4bnTbWck2PuvGbzU7Q3aIT6WBzAGuwIIhiEJc6WKKKnTkDeBq8lGmDs
hYvyTAUp17DNRjNW4gXwDrqmvC8JQwFZtUFQ3iHxvENHccNlkee+tbgsVJi/mcLJ
9d4wX43mJFE+j9mFD4Cp12iBG1+oYbFtRUs3d3hyhvbVg0rEekwDaYcoBNOTNl0d
p9UuIQAxPZzb7oo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org