Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/F251C318BBD111ECAA7E0347C4F9AE02.roa
File: F251C318BBD111ECAA7E0347C4F9AE02.roa (raw, json)
Hash identifier: XGVA59+xv+++jpr2dwiua6f7LXF2e8+1sUaRS8WmmMg=
Subject key identifier: EF:31:51:5E:34:35:C4:D0:44:9D:84:2D:51:71:0C:B6:B1:64:F0:67
Certificate issuer: /CN=A91427AF/serialNumber=D80FA9FA841255D5BDA72E52EC04FDFED7FE2D5B
Certificate serial: 11F5
Authority key identifier: D8:0F:A9:FA:84:12:55:D5:BD:A7:2E:52:EC:04:FD:FE:D7:FE:2D:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2A-p-oQSVdW9py5S7AT9_tf-LVs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/F251C318BBD111ECAA7E0347C4F9AE02.roa
Signing time: Fri 01 Jul 2022 18:04:11 +0000
ROA not before: Fri 01 Jul 2022 18:04:11 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 131477
IP address blocks: 103.116.74.0/23 maxlen: 23
103.116.75.0/24 maxlen: 24
182.255.33.0/24 maxlen: 24
2402:f740:1000::/36 maxlen: 36
2402:f740:1000::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4597 (0x11f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91427AF/serialNumber=D80FA9FA841255D5BDA72E52EC04FDFED7FE2D5B
Validity
Not Before: Jul 1 18:04:11 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62bf371b-cf1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:86:d9:0e:c7:27:3d:31:45:40:eb:c3:f6:ee:
9f:ff:1e:6e:dc:73:ff:c3:ac:b9:b1:5b:68:38:eb:
29:7a:04:06:0e:05:7d:10:40:8d:84:53:44:11:d1:
01:50:d8:08:ea:51:d6:9e:4c:6d:a2:df:e5:66:b0:
d5:91:af:92:61:9c:b2:58:6c:a5:e7:37:af:d6:14:
c1:fb:9d:8d:6b:e3:50:16:14:b3:51:8d:0e:2f:5c:
51:df:fd:88:33:65:6b:ad:bb:d2:18:23:75:f2:7d:
29:e4:2e:80:87:c1:da:4a:76:bb:e3:6a:bf:5f:ee:
d9:0e:1f:23:f7:e9:41:3a:43:5e:9a:68:48:b5:3e:
64:7f:af:07:8f:a3:cd:c6:fd:be:63:63:3e:b8:4c:
89:81:bc:78:3b:93:b4:7f:2d:82:a9:0d:d9:a4:7e:
db:d4:ac:cd:35:f9:05:a4:84:12:f3:ba:a9:15:2f:
f0:9f:0b:44:13:19:74:ac:c6:23:10:9c:3e:29:81:
25:b6:bb:72:e4:06:49:fc:91:38:2b:78:de:48:e6:
72:4a:8c:c8:38:7f:a8:0e:1c:3b:a4:16:c7:0c:5a:
77:34:22:0e:63:ae:6d:31:29:39:c4:3a:31:0e:1f:
f3:4d:3d:94:ff:f2:e7:c0:94:21:4c:52:cb:5a:06:
4b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:31:51:5E:34:35:C4:D0:44:9D:84:2D:51:71:0C:B6:B1:64:F0:67
X509v3 Authority Key Identifier:
keyid:D8:0F:A9:FA:84:12:55:D5:BD:A7:2E:52:EC:04:FD:FE:D7:FE:2D:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/2A-p-oQSVdW9py5S7AT9_tf-LVs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2A-p-oQSVdW9py5S7AT9_tf-LVs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/F251C318BBD111ECAA7E0347C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.74.0/23
182.255.33.0/24
IPv6:
2402:f740:1000::/36
Signature Algorithm: sha256WithRSAEncryption
32:c4:32:f8:55:5e:6f:a9:b9:11:19:75:ea:74:13:13:5c:00:
78:dd:96:2a:bd:8c:75:3d:01:ef:04:f6:79:d5:36:1e:e1:e5:
52:c8:85:c4:92:cc:3e:c4:85:b5:2c:54:90:de:d6:e2:0d:03:
65:4d:72:1c:f2:40:a8:48:c8:ba:f2:fd:60:55:75:e1:c7:f2:
2d:9e:0d:65:77:91:e6:1d:ea:f4:f6:7d:6e:95:8f:6d:3a:4e:
29:4e:e7:5e:0b:79:d7:a8:a6:54:96:bc:0c:65:71:8d:2b:a8:
28:41:83:d0:4e:40:88:9e:6b:3d:e7:bf:ce:48:4a:1b:35:97:
1c:25:52:8f:38:ae:35:30:97:54:cf:fa:8b:3f:93:f4:12:9e:
e3:e3:75:b9:b9:96:2a:c9:43:24:a1:a5:3c:4e:66:6f:bf:45:
7f:21:2f:90:32:1f:5e:10:7d:37:24:d4:9c:a1:be:7e:ea:b1:
78:94:a6:d1:a6:5d:0c:76:19:e2:e9:aa:c6:35:7f:cd:50:21:
f3:7f:1f:07:4a:04:f6:d0:4c:5e:61:52:3d:29:fc:96:52:c5:
be:13:05:e3:62:79:c4:1a:23:aa:7f:66:4a:3d:fd:43:a4:43:
d7:6b:55:16:ba:65:2d:dc:6a:87:b7:06:9f:b7:fa:ba:27:09:
46:4a:32:86
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICEfUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI3QUYxMTAvBgNVBAUTKEQ4MEZBOUZBODQxMjU1RDVCREE3MkU1MkVDMDRGREZF
RDdGRTJENUIwHhcNMjIwNzAxMTgwNDExWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJmMzcxYi1jZjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsobZDscnPTFFQOvD9u6f/x5u3HP/w6y5sVtoOOspegQGDgV9EECNhFNEEdEB
UNgI6lHWnkxtot/lZrDVka+SYZyyWGyl5zev1hTB+52Na+NQFhSzUY0OL1xR3/2I
M2VrrbvSGCN18n0p5C6Ah8HaSna742q/X+7ZDh8j9+lBOkNemmhItT5kf68Hj6PN
xv2+Y2M+uEyJgbx4O5O0fy2CqQ3ZpH7b1KzNNfkFpIQS87qpFS/wnwtEExl0rMYj
EJw+KYEltrty5AZJ/JE4K3jeSOZySozIOH+oDhw7pBbHDFp3NCIOY65tMSk5xDox
Dh/zTT2U//LnwJQhTFLLWgZLSQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFO8xUV40
NcTQRJ2ELVFxDLaxZPBnMB8GA1UdIwQYMBaAFNgPqfqEElXVvacuUuwE/f7X/i1b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjdBRi81NzlBOEJDMDY4
NjAxMUU4QUFCMTI1MUZDNEY5QUUwMi8yQS1wLW9RU1ZkVzlweTVTN0FUOV90Zi1M
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJBLXAtb1FTVmRXOXB5NVM3QVQ5X3RmLUxWcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI3QUYvNTc5QThCQzA2ODYwMTFFOEFBQjEyNTFGQzRGOUFFMDIvRjI1MUMzMThC
QkQxMTFFQ0FBN0UwMzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMBIEAgABMAwDBAFndEoDBAC2/yEwDgQCAAIwCAMGBCQC90AQMA0GCSqGSIb3
DQEBCwUAA4IBAQAyxDL4VV5vqbkRGXXqdBMTXAB43ZYqvYx1PQHvBPZ51TYe4eVS
yIXEksw+xIW1LFSQ3tbiDQNlTXIc8kCoSMi68v1gVXXhx/Itng1ld5HmHer09n1u
lY9tOk4pTudeC3nXqKZUlrwMZXGNK6goQYPQTkCInms957/OSEobNZccJVKPOK41
MJdUz/qLP5P0Ep7j43W5uZYqyUMkoaU8TmZvv0V/IS+QMh9eEH03JNScob5+6rF4
lKbRpl0Mdhni6arGNX/NUCHzfx8HSgT20ExeYVI9KfyWUsW+EwXjYnnEGiOqf2ZK
Pf1DpEPXa1UWumUt3GqHtwaft/q6JwlGSjKG
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org