Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914F22A/7EEC1E4C9CD011E8B1612B7DC4F9AE02/E9146B74343E11EA81D87B24C4F9AE02.roa
File: E9146B74343E11EA81D87B24C4F9AE02.roa (raw, json)
Hash identifier: ciHvW/OWVw0a/8NPMFkNIkkUcsk7pGWgKpgX8QK7Vn8=
Subject key identifier: B1:E2:6E:80:02:AD:7E:7B:F9:AF:07:2A:B5:B1:52:B1:05:2E:AA:BB
Certificate issuer: /CN=A914F22A/serialNumber=56AF1CD0B4E07D000C64AB016C33F786A0DD90FA
Certificate serial: 10E2
Authority key identifier: 56:AF:1C:D0:B4:E0:7D:00:0C:64:AB:01:6C:33:F7:86:A0:DD:90:FA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vq8c0LTgfQAMZKsBbDP3hqDdkPo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914F22A/7EEC1E4C9CD011E8B1612B7DC4F9AE02/E9146B74343E11EA81D87B24C4F9AE02.roa
Signing time: Tue 19 Jul 2022 18:04:45 +0000
ROA not before: Tue 19 Jul 2022 18:04:45 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 135604
IP address blocks: 103.25.144.0/22 maxlen: 24
103.68.4.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4322 (0x10e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914F22A/serialNumber=56AF1CD0B4E07D000C64AB016C33F786A0DD90FA
Validity
Not Before: Jul 19 18:04:45 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62d6f23c-627b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5a:ac:db:0e:e8:73:d1:74:1f:3c:44:9a:bd:
61:82:eb:89:51:dd:50:a3:f4:39:0e:32:ec:6f:a4:
61:99:51:c8:2b:d4:7e:6d:bd:06:46:f7:92:64:b7:
b7:e5:c6:5c:df:d9:84:f3:56:b9:b8:7f:14:50:41:
7c:3c:02:87:e8:1a:9a:83:87:0f:e1:86:62:b8:de:
89:f7:a2:af:7f:d2:09:7c:e6:c6:70:8d:94:59:5e:
f9:d3:d1:9c:25:bb:09:3e:a9:e9:f9:b8:7e:75:46:
a0:78:be:bf:20:fc:5e:41:53:7b:e9:3c:1f:30:0e:
d5:13:30:7a:10:c4:fe:b8:88:1e:5b:39:58:3b:84:
d6:91:3f:3e:02:4f:4f:11:bd:ff:64:06:b3:22:61:
84:2a:de:ba:62:f7:2f:40:34:6e:54:12:d2:29:63:
cb:f2:40:61:da:8a:3b:f7:a5:5a:9b:ec:1f:09:b5:
c2:5b:a8:0b:4c:78:fe:a8:49:9e:ec:05:eb:17:e3:
2e:66:52:e3:a7:96:a0:6e:7d:f6:ee:62:21:f8:81:
57:0e:b8:e5:a4:84:79:5d:6a:ec:ec:e9:db:46:b8:
79:9a:bb:69:93:86:d6:11:cd:e0:cb:a8:81:dc:82:
bd:d0:27:68:a0:4f:ea:ca:9f:fb:28:e7:93:c6:25:
95:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E2:6E:80:02:AD:7E:7B:F9:AF:07:2A:B5:B1:52:B1:05:2E:AA:BB
X509v3 Authority Key Identifier:
keyid:56:AF:1C:D0:B4:E0:7D:00:0C:64:AB:01:6C:33:F7:86:A0:DD:90:FA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914F22A/7EEC1E4C9CD011E8B1612B7DC4F9AE02/Vq8c0LTgfQAMZKsBbDP3hqDdkPo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vq8c0LTgfQAMZKsBbDP3hqDdkPo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F22A/7EEC1E4C9CD011E8B1612B7DC4F9AE02/E9146B74343E11EA81D87B24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.144.0/22
103.68.4.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:e0:68:f3:1d:d2:ce:de:8a:3b:0b:f0:e1:fa:fc:b0:a4:79:
bd:df:79:84:dc:b2:ad:81:b2:70:e5:2e:a6:77:a8:25:df:86:
2b:c2:46:aa:63:a9:bf:72:82:9c:3b:19:29:ff:a1:ce:63:9c:
62:99:20:b6:1f:e0:91:cf:1d:ce:da:4c:4a:96:a9:06:0e:32:
cc:e2:6e:36:50:67:62:b5:e5:5e:27:d3:04:cb:d7:37:bc:38:
0a:e4:30:8a:4b:e8:d2:6b:9f:9e:23:4e:7d:52:a8:d5:9d:00:
77:61:23:a6:c4:ed:87:fa:40:02:dc:fd:20:a5:21:27:84:82:
ce:93:20:b0:a4:15:a4:82:b5:f8:e0:46:a1:9a:60:1c:ef:fc:
d1:be:2e:c8:88:95:34:21:b4:f4:56:c4:f4:f2:7d:54:be:5b:
b6:a2:b5:f1:d7:d5:17:5e:54:86:cf:8c:4f:1b:0d:21:1f:64:
67:63:e7:cb:26:2b:ad:14:1e:6c:89:e5:e0:d8:88:3f:4b:1a:
64:11:7e:36:fb:8d:ce:9e:4f:8a:2b:2e:90:3e:18:98:b0:f2:
26:ff:a2:93:ca:13:14:69:ea:a9:5d:61:75:b4:68:d9:d7:64:
5c:a1:bd:71:f8:1e:98:aa:7c:db:c5:57:49:66:92:e5:57:2a:
89:f6:44:dc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEYyMkExMTAvBgNVBAUTKDU2QUYxQ0QwQjRFMDdEMDAwQzY0QUIwMTZDMzNGNzg2
QTBERDkwRkEwHhcNMjIwNzE5MTgwNDQ1WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ2ZjIzYy02MjdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Vqs2w7oc9F0HzxEmr1hguuJUd1Qo/Q5DjLsb6RhmVHIK9R+bb0GRveSZLe3
5cZc39mE81a5uH8UUEF8PAKH6Bqag4cP4YZiuN6J96Kvf9IJfObGcI2UWV7509Gc
JbsJPqnp+bh+dUageL6/IPxeQVN76TwfMA7VEzB6EMT+uIgeWzlYO4TWkT8+Ak9P
Eb3/ZAazImGEKt66YvcvQDRuVBLSKWPL8kBh2oo796Vam+wfCbXCW6gLTHj+qEme
7AXrF+MuZlLjp5agbn327mIh+IFXDrjlpIR5XWrs7OnbRrh5mrtpk4bWEc3gy6iB
3IK90CdooE/qyp/7KOeTxiWVjQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLHiboAC
rX57+a8HKrWxUrEFLqq7MB8GA1UdIwQYMBaAFFavHNC04H0ADGSrAWwz94ag3ZD6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjIyQS83RUVDMUU0QzlD
RDAxMUU4QjE2MTJCN0RDNEY5QUUwMi9WcThjMExUZ2ZRQU1aS3NCYkRQM2hxRGRr
UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZxOGMwTFRnZlFBTVpLc0JiRFAzaHFEZGtQby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEYyMkEvN0VFQzFFNEM5Q0QwMTFFOEIxNjEyQjdEQzRGOUFFMDIvRTkxNDZCNzQz
NDNFMTFFQTgxRDg3QjI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnGZADBAJnRAQwDQYJKoZIhvcNAQELBQADggEBADzgaPMd
0s7eijsL8OH6/LCkeb3feYTcsq2BsnDlLqZ3qCXfhivCRqpjqb9ygpw7GSn/oc5j
nGKZILYf4JHPHc7aTEqWqQYOMszibjZQZ2K15V4n0wTL1ze8OArkMIpL6NJrn54j
Tn1SqNWdAHdhI6bE7Yf6QALc/SClISeEgs6TILCkFaSCtfjgRqGaYBzv/NG+LsiI
lTQhtPRWxPTyfVS+W7aitfHX1RdeVIbPjE8bDSEfZGdj58smK60UHmyJ5eDYiD9L
GmQRfjb7jc6eT4orLpA+GJiw8ib/opPKExRp6qldYXW0aNnXZFyhvXH4HpiqfNvF
V0lmkuVXKon2RNw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:41 2023 by rpki-client on console-fra.rpki-client.org