Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/F3334E64BBD111ECAA7E0347C4F9AE02.roa
File: F3334E64BBD111ECAA7E0347C4F9AE02.roa (raw, json)
Hash identifier: ubrZGemI2OF2xc8Ma8SIXBIIRnw7ZTmx6DC/Gz2peE4=
Subject key identifier: C8:7C:9A:36:EA:F2:E7:A6:B8:77:E4:58:FA:AA:A3:94:F8:2A:FD:2D
Certificate issuer: /CN=A91427AF/serialNumber=D80FA9FA841255D5BDA72E52EC04FDFED7FE2D5B
Certificate serial: 11F6
Authority key identifier: D8:0F:A9:FA:84:12:55:D5:BD:A7:2E:52:EC:04:FD:FE:D7:FE:2D:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2A-p-oQSVdW9py5S7AT9_tf-LVs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/F3334E64BBD111ECAA7E0347C4F9AE02.roa
Signing time: Fri 01 Jul 2022 18:04:13 +0000
ROA not before: Fri 01 Jul 2022 18:04:13 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 140096
IP address blocks: 103.116.72.0/23 maxlen: 24
103.116.74.0/24 maxlen: 24
182.255.32.0/22 maxlen: 23
182.255.32.0/24 maxlen: 24
182.255.33.0/24 maxlen: 24
182.255.34.0/24 maxlen: 24
182.255.35.0/24 maxlen: 24
2402:f740:2000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4598 (0x11f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91427AF/serialNumber=D80FA9FA841255D5BDA72E52EC04FDFED7FE2D5B
Validity
Not Before: Jul 1 18:04:13 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62bf371c-8197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:95:8e:bc:0c:9b:d7:b0:7e:6a:1b:a7:d5:20:
ed:15:a6:bc:99:d3:c1:80:19:9f:ef:15:c3:4b:98:
aa:3b:7d:aa:dd:c3:4d:91:7d:7f:56:41:c1:7b:68:
4d:b1:12:38:e9:79:8f:9f:39:4c:3b:7c:94:36:69:
0e:a6:dd:35:9e:70:39:1b:db:b3:4c:6b:32:7c:59:
a4:d3:7a:fe:d2:53:c7:af:2f:7a:d1:db:07:22:ff:
74:a6:7b:20:96:27:c7:29:da:a3:cf:04:a0:48:7c:
8e:ec:b6:71:f8:08:1b:17:f7:3d:44:99:ad:a2:b4:
72:42:90:ed:7c:3c:99:f5:f8:fb:5f:a6:3a:72:97:
f4:9a:3c:0b:e3:6a:3a:1a:99:72:09:37:3e:d4:87:
5d:b4:bc:d9:4d:e6:20:63:7b:2b:7f:ad:96:02:ff:
78:6f:52:5a:2c:b7:fd:8b:aa:4a:2f:74:d1:ea:33:
28:20:4d:0a:6d:2c:51:2e:f1:e9:4e:cb:1b:e7:98:
69:5c:9e:57:ca:35:d7:5c:e2:c6:67:6f:72:a6:2e:
18:86:16:9f:c9:28:5b:9c:c2:c9:82:31:a1:a7:6b:
2c:87:b7:4d:2a:f4:d7:21:2d:e7:c0:f4:12:54:d4:
69:21:6d:3e:4c:09:f7:94:18:1c:bd:71:e4:8e:64:
3f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7C:9A:36:EA:F2:E7:A6:B8:77:E4:58:FA:AA:A3:94:F8:2A:FD:2D
X509v3 Authority Key Identifier:
keyid:D8:0F:A9:FA:84:12:55:D5:BD:A7:2E:52:EC:04:FD:FE:D7:FE:2D:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/2A-p-oQSVdW9py5S7AT9_tf-LVs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2A-p-oQSVdW9py5S7AT9_tf-LVs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/F3334E64BBD111ECAA7E0347C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.72.0-103.116.74.255
182.255.32.0/22
IPv6:
2402:f740:2000::/36
Signature Algorithm: sha256WithRSAEncryption
24:cb:9b:41:3f:0e:1b:fc:9c:1d:09:7b:6a:3d:bd:bd:58:19:
b2:e6:15:6a:76:37:aa:e1:44:fd:45:c1:e4:a9:06:f8:36:93:
fa:f2:2b:b4:77:8b:43:bb:10:26:6c:b4:f8:c1:57:ab:9d:54:
04:fa:79:bb:7d:a5:34:fb:9e:87:5f:4b:ea:56:23:33:4e:a0:
b5:f5:b0:02:80:b0:41:41:48:d8:d1:78:fb:3c:54:fe:d9:f8:
0a:b7:61:1f:b0:e9:f5:d2:d5:f4:1f:a1:4c:11:54:61:5a:07:
e9:e4:ef:f3:ec:b3:25:19:b4:fd:8d:35:db:0d:ce:82:ca:a7:
1e:00:f1:6e:05:c4:95:39:ae:9f:17:d1:e3:0d:4e:c3:3a:1c:
3a:60:33:5d:97:51:a4:2e:93:0b:e0:dc:48:e8:f6:13:7f:81:
fa:20:4f:07:83:57:f4:a4:6f:4d:e6:8b:5e:17:3b:c4:50:8c:
27:66:1d:26:f4:86:73:4a:82:7e:5c:0b:e1:5e:99:e8:69:6b:
3b:65:58:b8:9d:77:b1:a6:9d:aa:8d:c2:f6:04:05:9d:31:86:
0d:c8:b7:2b:8c:1f:2a:ce:04:59:f4:b3:56:89:d7:e5:e7:23:
dc:43:32:01:3b:a1:27:18:ba:5d:c4:c6:c6:30:d6:d9:bd:8e:
10:1a:1b:24
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICEfYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI3QUYxMTAvBgNVBAUTKEQ4MEZBOUZBODQxMjU1RDVCREE3MkU1MkVDMDRGREZF
RDdGRTJENUIwHhcNMjIwNzAxMTgwNDEzWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJmMzcxYy04MTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtJWOvAyb17B+ahun1SDtFaa8mdPBgBmf7xXDS5iqO32q3cNNkX1/VkHBe2hN
sRI46XmPnzlMO3yUNmkOpt01nnA5G9uzTGsyfFmk03r+0lPHry960dsHIv90pnsg
lifHKdqjzwSgSHyO7LZx+AgbF/c9RJmtorRyQpDtfDyZ9fj7X6Y6cpf0mjwL42o6
GplyCTc+1IddtLzZTeYgY3srf62WAv94b1JaLLf9i6pKL3TR6jMoIE0KbSxRLvHp
Tssb55hpXJ5XyjXXXOLGZ29ypi4YhhafyShbnMLJgjGhp2ssh7dNKvTXIS3nwPQS
VNRpIW0+TAn3lBgcvXHkjmQ/zwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFMh8mjbq
8uemuHfkWPqqo5T4Kv0tMB8GA1UdIwQYMBaAFNgPqfqEElXVvacuUuwE/f7X/i1b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjdBRi81NzlBOEJDMDY4
NjAxMUU4QUFCMTI1MUZDNEY5QUUwMi8yQS1wLW9RU1ZkVzlweTVTN0FUOV90Zi1M
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJBLXAtb1FTVmRXOXB5NVM3QVQ5X3RmLUxWcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI3QUYvNTc5QThCQzA2ODYwMTFFOEFBQjEyNTFGQzRGOUFFMDIvRjMzMzRFNjRC
QkQxMTFFQ0FBN0UwMzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMBoEAgABMBQwDAMEA2d0SAMEAGd0SgMEArb/IDAOBAIAAjAIAwYEJAL3QCAw
DQYJKoZIhvcNAQELBQADggEBACTLm0E/Dhv8nB0Je2o9vb1YGbLmFWp2N6rhRP1F
weSpBvg2k/ryK7R3i0O7ECZstPjBV6udVAT6ebt9pTT7nodfS+pWIzNOoLX1sAKA
sEFBSNjRePs8VP7Z+Aq3YR+w6fXS1fQfoUwRVGFaB+nk7/PssyUZtP2NNdsNzoLK
px4A8W4FxJU5rp8X0eMNTsM6HDpgM12XUaQukwvg3Ejo9hN/gfogTweDV/Skb03m
i14XO8RQjCdmHSb0hnNKgn5cC+FemehpaztlWLidd7GmnaqNwvYEBZ0xhg3ItyuM
HyrOBFn0s1aJ1+XnI9xDMgE7oScYul3ExsYw1tm9jhAaGyQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org