Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/77B34770432011EF8E03B75AC4F9AE02.roa
File: 77B34770432011EF8E03B75AC4F9AE02.roa (raw, json)
Hash identifier: Il9uo+TbtL4/pZg8hijB0ak88r/p9PGKH1P06BUoOl0=
Subject key identifier: 07:3F:2F:B2:94:E1:F2:E2:D5:6D:2F:29:2C:EF:3F:34:94:33:CB:F3
Certificate issuer: /CN=A914FA25/serialNumber=B0014A8306C52E404F67CA2F8E586F9B868E8CAB
Certificate serial: 03
Authority key identifier: B0:01:4A:83:06:C5:2E:40:4F:67:CA:2F:8E:58:6F:9B:86:8E:8C:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/77B34770432011EF8E03B75AC4F9AE02.roa
Signing time: Tue 16 Jul 2024 03:07:00 +0000
ROA not before: Tue 16 Jul 2024 03:07:00 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 147303
IP address blocks: 103.110.162.0/24 maxlen: 24
103.110.163.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914FA25/serialNumber=B0014A8306C52E404F67CA2F8E586F9B868E8CAB
Validity
Not Before: Jul 16 03:07:00 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6695e3d4-6c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7c:b9:8d:09:d3:51:48:d1:2b:5a:ea:7a:17:
be:c4:64:64:e2:3f:19:61:d1:a2:25:19:2d:b8:06:
22:b7:48:20:d3:06:c6:d5:37:58:c5:25:28:d9:91:
4d:ec:16:9d:73:a2:89:ef:09:68:2b:e1:97:a2:80:
cc:4a:6c:41:f0:7a:3c:18:9e:eb:97:57:02:73:94:
c0:59:2a:22:17:82:00:39:7b:64:5f:39:16:66:26:
ad:99:44:41:22:b8:f9:a8:9e:12:57:f4:15:af:6a:
a9:bf:d6:af:0a:ae:bf:2b:56:85:7d:52:0f:5d:c7:
c9:28:5d:20:bd:01:47:54:a6:32:65:bb:d7:7e:b7:
a5:99:06:85:70:cb:4b:9a:e3:16:61:28:65:f6:9e:
af:d6:0f:e1:b9:3e:21:da:2d:0d:9e:ee:af:ad:4e:
28:d7:c0:02:bd:07:3e:94:75:f0:a8:4e:8e:86:99:
1e:a4:f9:c7:23:19:e2:9e:8a:91:61:05:c1:d0:89:
8b:68:ac:e1:f3:2f:0a:80:04:75:47:e0:ec:38:52:
dd:43:18:db:c9:45:32:24:29:74:df:2e:c7:01:34:
ae:72:cb:dd:c2:26:61:cf:59:29:92:83:db:93:ca:
db:98:f6:32:1e:a8:14:16:97:79:72:ac:52:2b:6c:
1e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:3F:2F:B2:94:E1:F2:E2:D5:6D:2F:29:2C:EF:3F:34:94:33:CB:F3
X509v3 Authority Key Identifier:
keyid:B0:01:4A:83:06:C5:2E:40:4F:67:CA:2F:8E:58:6F:9B:86:8E:8C:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/77B34770432011EF8E03B75AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.162.0/23
Signature Algorithm: sha256WithRSAEncryption
70:ed:a3:93:d1:64:ba:09:0d:d2:3b:fb:06:73:55:29:01:31:
58:fb:f3:92:f3:ee:79:34:36:3b:27:94:67:a4:a2:f4:a4:50:
71:84:b8:d7:e5:2e:10:d7:4a:fa:a7:03:57:72:f7:24:f7:6f:
14:49:da:a1:e8:cb:86:b0:45:3c:c2:fc:f1:0d:6e:a1:60:5f:
36:8a:a1:aa:07:d2:ba:ac:66:87:13:10:96:ec:7c:7f:03:b6:
78:19:03:fa:ea:db:fb:0e:24:5e:d3:7d:f8:65:3a:b4:c6:60:
ad:4e:40:24:43:2d:e0:91:57:c7:2d:d5:71:5e:8f:19:0b:90:
46:85:a2:84:63:d8:1a:ee:51:c4:4c:ff:36:8a:18:72:eb:ce:
47:5e:3a:d1:f0:78:fa:ce:23:21:0f:8b:c6:c1:c8:2e:0b:ed:
22:e8:83:1f:62:82:48:cb:89:2e:6f:23:0c:e5:2f:24:ca:8c:
b5:aa:f0:45:27:1b:fa:15:8b:25:aa:f2:42:d8:87:57:23:85:
d9:d0:b2:76:2e:84:15:85:6b:f0:17:fd:a0:6a:4d:7a:42:18:
d2:a6:6f:ed:1a:60:1d:8a:5c:d2:82:20:7d:90:5a:27:f3:53:
a3:83:5f:68:f8:55:7f:46:4a:d4:8b:73:96:89:16:21:bf:17:
f0:5b:94:27
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
RkEyNTExMC8GA1UEBRMoQjAwMTRBODMwNkM1MkU0MDRGNjdDQTJGOEU1ODZGOUI4
NjhFOENBQjAeFw0yNDA3MTYwMzA3MDBaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OTVlM2Q0LTZjNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFfLmNCdNRSNErWup6F77EZGTiPxlh0aIlGS24BiK3SCDTBsbVN1jFJSjZkU3s
Fp1zoonvCWgr4ZeigMxKbEHwejwYnuuXVwJzlMBZKiIXggA5e2RfORZmJq2ZREEi
uPmonhJX9BWvaqm/1q8Krr8rVoV9Ug9dx8koXSC9AUdUpjJlu9d+t6WZBoVwy0ua
4xZhKGX2nq/WD+G5PiHaLQ2e7q+tTijXwAK9Bz6UdfCoTo6GmR6k+ccjGeKeipFh
BcHQiYtorOHzLwqABHVH4Ow4Ut1DGNvJRTIkKXTfLscBNK5yy93CJmHPWSmSg9uT
ytuY9jIeqBQWl3lyrFIrbB4DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUBz8vspTh
8uLVbS8pLO8/NJQzy/MwHwYDVR0jBBgwFoAUsAFKgwbFLkBPZ8ovjlhvm4aOjKsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRGQTI1LzJCQkNCQ0FBMURB
QzExRUFBRjRBMzc2M0M0RjlBRTAyL3NBRktnd2JGTGtCUFo4b3ZqbGh2bTRhT2pL
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvc0FGS2d3YkZMa0JQWjhvdmpsaHZtNGFPaktzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RkEyNS8yQkJDQkNBQTFEQUMxMUVBQUY0QTM3NjNDNEY5QUUwMi83N0IzNDc3MDQz
MjAxMUVGOEUwM0I3NUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWduojANBgkqhkiG9w0BAQsFAAOCAQEAcO2jk9FkugkN0jv7
BnNVKQExWPvzkvPueTQ2OyeUZ6Si9KRQcYS41+UuENdK+qcDV3L3JPdvFEnaoejL
hrBFPML88Q1uoWBfNoqhqgfSuqxmhxMQlux8fwO2eBkD+urb+w4kXtN9+GU6tMZg
rU5AJEMt4JFXxy3VcV6PGQuQRoWihGPYGu5RxEz/NooYcuvOR1460fB4+s4jIQ+L
xsHILgvtIuiDH2KCSMuJLm8jDOUvJMqMtarwRScb+hWLJaryQtiHVyOF2dCydi6E
FYVr8Bf9oGpNekIY0qZv7RpgHYpc0oIgfZBaJ/NTo4NfaPhVf0ZK1ItzlokWIb8X
8FuUJw==
-----END CERTIFICATE-----
Generated at Thu Aug 22 01:51:12 2024 by rpki-client on console-fra.rpki-client.org