Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91527FB/B0EB6CBABE7911E9BEBE3374C4F9AE02/7962A0CC2A9F11EBB16D6F6AC4F9AE02.roa
File: 7962A0CC2A9F11EBB16D6F6AC4F9AE02.roa (raw, json)
Hash identifier: bpvJ3eoefNWOHQk7vSqt21KMqaIHdj4FrEZkbn9fz8w=
Subject key identifier: DC:E8:F7:8F:99:A2:C0:5D:0D:82:BA:73:41:8F:97:F0:6E:04:90:6B
Certificate issuer: /CN=A91527FB/serialNumber=FD686899C9FE346E3AE97CA2ED178B3D81F555B5
Certificate serial: 060B
Authority key identifier: FD:68:68:99:C9:FE:34:6E:3A:E9:7C:A2:ED:17:8B:3D:81:F5:55:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Whomcn-NG466Xyi7ReLPYH1VbU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91527FB/B0EB6CBABE7911E9BEBE3374C4F9AE02/7962A0CC2A9F11EBB16D6F6AC4F9AE02.roa
Signing time: Thu 31 Aug 2023 18:46:08 +0000
ROA not before: Thu 31 Aug 2023 18:46:08 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 136763
IP address blocks: 103.117.92.0/22 maxlen: 24
2403:1740::/32 maxlen: 33
2403:1740:3::/48 maxlen: 48
2403:1740:200::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1547 (0x60b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91527FB/serialNumber=FD686899C9FE346E3AE97CA2ED178B3D81F555B5
Validity
Not Before: Aug 31 18:46:08 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64f0dff0-28d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ef:b8:50:43:74:ac:09:8a:c7:0b:17:0a:27:
b9:2d:89:dd:46:3a:54:b2:23:2f:1e:fb:70:a6:c4:
ec:d6:06:34:f6:33:d3:0e:35:38:48:65:a0:04:fd:
c9:2c:f8:cd:39:78:76:39:a6:ad:3c:d9:71:2e:cb:
9f:3d:67:45:51:10:ba:5c:93:01:4e:2a:18:dd:81:
c5:f1:3e:3f:aa:8d:e2:84:4a:f3:f0:57:28:4b:74:
c7:a0:6e:69:52:99:e3:fe:75:de:5c:00:4d:93:6b:
8b:59:9e:94:7d:84:74:21:c9:63:f9:d5:18:ab:7d:
bd:f2:f1:46:57:b9:9a:b8:06:76:08:54:3e:95:08:
9d:3b:10:8f:fe:13:fd:4e:5e:f1:e5:c4:3c:1d:7c:
47:a8:d1:86:71:4f:e0:32:62:ef:e5:4d:81:29:92:
b0:bf:fc:5d:70:1f:3c:b1:44:f0:10:4b:b0:ab:a5:
a7:75:f0:1b:86:b5:43:70:9c:6a:0e:90:a7:2d:36:
93:2a:69:82:e6:0b:2b:93:37:c0:c3:b4:a3:ba:a0:
36:df:37:ec:61:84:27:54:8b:b8:2d:5e:07:a6:a1:
8b:40:c1:9f:b4:ab:20:39:45:d8:21:f0:bc:e3:99:
a9:91:72:c9:3f:da:b4:24:b1:6e:77:a4:37:0e:5b:
7f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E8:F7:8F:99:A2:C0:5D:0D:82:BA:73:41:8F:97:F0:6E:04:90:6B
X509v3 Authority Key Identifier:
keyid:FD:68:68:99:C9:FE:34:6E:3A:E9:7C:A2:ED:17:8B:3D:81:F5:55:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91527FB/B0EB6CBABE7911E9BEBE3374C4F9AE02/_Whomcn-NG466Xyi7ReLPYH1VbU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Whomcn-NG466Xyi7ReLPYH1VbU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91527FB/B0EB6CBABE7911E9BEBE3374C4F9AE02/7962A0CC2A9F11EBB16D6F6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.92.0/22
IPv6:
2403:1740::/32
Signature Algorithm: sha256WithRSAEncryption
21:9d:bf:eb:83:a2:7d:7d:4d:57:02:01:09:06:04:4b:37:7d:
3e:0d:8f:86:45:f8:09:3d:b7:33:12:ed:70:c6:f1:52:90:a5:
9c:6d:d8:a6:b3:cc:d2:47:18:90:08:17:82:ff:cf:f1:94:ec:
13:59:a6:1e:5a:d2:17:0e:8a:44:85:e2:c5:41:d0:71:81:62:
88:a5:a2:c0:3e:e8:08:92:2e:cc:47:de:8c:b2:6e:54:4f:71:
43:6c:22:59:8c:0a:78:d2:f0:5b:ec:97:2b:ff:63:2f:0b:b9:
52:c7:05:a3:77:89:1d:b8:ee:2a:81:f0:04:7d:c7:02:98:48:
6d:05:43:b2:8d:18:79:e2:4b:9d:bd:94:74:d6:be:c1:4f:b6:
67:e3:54:67:48:08:59:18:7d:9c:0c:24:c5:f1:3a:45:47:a1:
aa:b7:c4:3a:cc:11:82:cc:90:cf:59:2b:a5:8c:55:80:90:30:
ea:6f:5f:30:83:d8:b1:5e:2a:b8:ea:d8:d6:bd:4a:73:03:71:
87:66:e9:b6:e5:42:fc:1c:f2:a9:ee:38:e3:34:32:61:a3:3f:
6c:00:87:c5:fd:c8:d1:7a:6f:0d:01:c0:de:45:38:c6:a7:57:
43:43:cb:08:29:0a:50:73:72:ad:66:46:0e:0c:28:16:84:b1:
55:e8:b1:e0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBgswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTI3RkIxMTAvBgNVBAUTKEZENjg2ODk5QzlGRTM0NkUzQUU5N0NBMkVEMTc4QjNE
ODFGNTU1QjUwHhcNMjMwODMxMTg0NjA4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYwZGZmMC0yOGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt++4UEN0rAmKxwsXCie5LYndRjpUsiMvHvtwpsTs1gY09jPTDjU4SGWgBP3J
LPjNOXh2OaatPNlxLsufPWdFURC6XJMBTioY3YHF8T4/qo3ihErz8FcoS3THoG5p
Upnj/nXeXABNk2uLWZ6UfYR0Iclj+dUYq3298vFGV7mauAZ2CFQ+lQidOxCP/hP9
Tl7x5cQ8HXxHqNGGcU/gMmLv5U2BKZKwv/xdcB88sUTwEEuwq6WndfAbhrVDcJxq
DpCnLTaTKmmC5gsrkzfAw7SjuqA23zfsYYQnVIu4LV4HpqGLQMGftKsgOUXYIfC8
45mpkXLJP9q0JLFud6Q3Dlt/twIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNzo94+Z
osBdDYK6c0GPl/BuBJBrMB8GA1UdIwQYMBaAFP1oaJnJ/jRuOul8ou0Xiz2B9VW1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjdGQi9CMEVCNkNCQUJF
NzkxMUU5QkVCRTMzNzRDNEY5QUUwMi9fV2hvbWNuLU5HNDY2WHlpN1JlTFBZSDFW
YlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19XaG9tY24tTkc0NjZYeWk3UmVMUFlIMVZiVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTI3RkIvQjBFQjZDQkFCRTc5MTFFOUJFQkUzMzc0QzRGOUFFMDIvNzk2MkEwQ0My
QTlGMTFFQkIxNkQ2RjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJndVwwDQQCAAIwBwMFACQDF0AwDQYJKoZIhvcNAQELBQAD
ggEBACGdv+uDon19TVcCAQkGBEs3fT4Nj4ZF+Ak9tzMS7XDG8VKQpZxt2KazzNJH
GJAIF4L/z/GU7BNZph5a0hcOikSF4sVB0HGBYoilosA+6AiSLsxH3oyyblRPcUNs
IlmMCnjS8Fvslyv/Yy8LuVLHBaN3iR247iqB8AR9xwKYSG0FQ7KNGHniS529lHTW
vsFPtmfjVGdICFkYfZwMJMXxOkVHoaq3xDrMEYLMkM9ZK6WMVYCQMOpvXzCD2LFe
Krjq2Na9SnMDcYdm6bblQvwc8qnuOOM0MmGjP2wAh8X9yNF6bw0BwN5FOManV0ND
ywgpClBzcq1mRg4MKBaEsVXoseA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org