Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9154020/AD1B8DE4B40411E789CFA541C4F9AE02/81514B5694C111EDAB884440C4F9AE02.roa
File: 81514B5694C111EDAB884440C4F9AE02.roa (raw, json)
Hash identifier: YusjvwFcZMScJ6lzPuUuMPVY45nB43ZcHcqmgfQKjm0=
Subject key identifier: 9D:32:93:DB:B1:A0:10:67:D9:44:4B:FC:3A:D3:C6:2F:22:9F:53:53
Certificate issuer: /CN=A9154020/serialNumber=F6699264417C228B51FE15B3B1ECB7867F2A2743
Certificate serial: 169C
Authority key identifier: F6:69:92:64:41:7C:22:8B:51:FE:15:B3:B1:EC:B7:86:7F:2A:27:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9mmSZEF8IotR_hWzsey3hn8qJ0M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9154020/AD1B8DE4B40411E789CFA541C4F9AE02/81514B5694C111EDAB884440C4F9AE02.roa
Signing time: Fri 19 May 2023 17:36:29 +0000
ROA not before: Fri 19 May 2023 17:36:29 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 137020
IP address blocks: 103.102.42.0/23 maxlen: 24
103.126.60.0/23 maxlen: 23
103.126.60.0/24 maxlen: 24
103.126.61.0/24 maxlen: 24
2404:af40::/32 maxlen: 32
2404:af40::/48 maxlen: 48
2404:af40:1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5788 (0x169c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9154020/serialNumber=F6699264417C228B51FE15B3B1ECB7867F2A2743
Validity
Not Before: May 19 17:36:29 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6467b39d-100c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:69:bd:f8:8c:82:52:db:3e:bb:e3:a4:1a:6c:
7a:40:a2:43:c0:77:21:0d:df:d6:1d:c6:b3:75:50:
03:b5:e8:11:af:b3:6f:05:ec:91:31:25:92:2d:da:
6a:3a:6d:ed:97:26:c8:4e:6e:3f:b4:d0:10:0b:7a:
cc:3c:04:6c:01:1b:4d:b0:d7:df:46:81:0e:e1:24:
74:cf:18:b3:f9:43:39:ad:13:06:c3:70:6b:35:a8:
91:65:94:12:24:85:4b:09:44:c6:35:a8:a1:f2:75:
6f:eb:ae:33:c9:8b:06:b3:1a:b4:98:e1:08:62:48:
fe:69:71:06:10:62:3d:73:72:5e:e9:c4:02:f5:4d:
a8:77:68:cf:00:89:5e:4f:c3:f2:1f:3a:dc:66:ac:
e9:84:95:9f:1a:ce:ac:1b:e6:a7:38:cb:d2:ad:65:
1f:03:ab:94:00:14:9e:a0:5d:6c:c5:c4:36:70:4c:
b3:d1:f9:47:46:77:9f:6f:51:07:86:25:a3:ec:38:
92:b1:61:7c:91:89:59:6d:00:c2:da:d9:d5:a4:72:
a2:5e:78:cc:05:34:59:0c:8e:40:ed:df:91:c6:56:
de:34:fd:a5:e6:25:eb:ae:cd:89:44:ff:0c:90:10:
de:72:2c:22:28:44:69:0a:58:e6:f0:dd:c0:d4:5b:
aa:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:32:93:DB:B1:A0:10:67:D9:44:4B:FC:3A:D3:C6:2F:22:9F:53:53
X509v3 Authority Key Identifier:
keyid:F6:69:92:64:41:7C:22:8B:51:FE:15:B3:B1:EC:B7:86:7F:2A:27:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9154020/AD1B8DE4B40411E789CFA541C4F9AE02/9mmSZEF8IotR_hWzsey3hn8qJ0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9mmSZEF8IotR_hWzsey3hn8qJ0M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154020/AD1B8DE4B40411E789CFA541C4F9AE02/81514B5694C111EDAB884440C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.42.0/23
103.126.60.0/23
IPv6:
2404:af40::/32
Signature Algorithm: sha256WithRSAEncryption
92:02:a6:5d:5d:c1:52:30:3f:c3:78:b5:b5:69:0e:23:31:d6:
22:48:b4:34:d9:af:b6:3f:ff:79:10:90:bf:4a:62:8c:de:36:
c5:14:b1:27:23:57:1e:32:e1:d9:d0:2b:fc:f1:6b:44:62:f6:
ea:36:33:7c:e2:54:92:c6:db:83:ef:45:77:c5:47:6d:d6:7b:
70:78:69:82:43:55:02:b7:bb:a1:67:1d:16:75:44:fc:9b:98:
59:56:fd:04:f2:9a:e7:76:a4:70:7c:76:63:87:ee:c5:60:78:
cc:96:e8:8c:a8:b7:85:d1:11:c4:48:31:dd:09:6e:b7:24:de:
0f:8c:fb:dd:8c:69:97:f8:13:42:2e:df:ac:0f:e7:32:a0:8d:
60:f0:85:78:55:23:a6:6d:5b:74:c6:bc:88:ed:88:8e:8e:72:
4b:8e:a1:42:10:93:04:d1:80:c1:7a:8c:4d:81:20:82:c8:f3:
2b:b1:09:e9:5b:e8:fa:9a:55:c2:c0:ee:28:e1:1b:30:3c:d8:
22:98:8e:bd:6d:00:c5:03:79:50:08:aa:5b:76:d6:ed:d6:b6:
30:3b:f4:55:f5:41:bd:10:dd:87:b0:63:1f:dd:25:cd:fd:6d:
53:10:d4:ba:b1:0a:82:39:77:cf:9d:97:9a:c8:7f:fa:ad:52:
cb:7f:61:09
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICFpwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQwMjAxMTAvBgNVBAUTKEY2Njk5MjY0NDE3QzIyOEI1MUZFMTVCM0IxRUNCNzg2
N0YyQTI3NDMwHhcNMjMwNTE5MTczNjI5WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY3YjM5ZC0xMDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsmm9+IyCUts+u+OkGmx6QKJDwHchDd/WHcazdVADtegRr7NvBeyRMSWSLdpq
Om3tlybITm4/tNAQC3rMPARsARtNsNffRoEO4SR0zxiz+UM5rRMGw3BrNaiRZZQS
JIVLCUTGNaih8nVv664zyYsGsxq0mOEIYkj+aXEGEGI9c3Je6cQC9U2od2jPAIle
T8PyHzrcZqzphJWfGs6sG+anOMvSrWUfA6uUABSeoF1sxcQ2cEyz0flHRnefb1EH
hiWj7DiSsWF8kYlZbQDC2tnVpHKiXnjMBTRZDI5A7d+RxlbeNP2l5iXrrs2JRP8M
kBDeciwiKERpCljm8N3A1FuqWQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJ0yk9ux
oBBn2URL/DrTxi8in1NTMB8GA1UdIwQYMBaAFPZpkmRBfCKLUf4Vs7Hst4Z/KidD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDAyMC9BRDFCOERFNEI0
MDQxMUU3ODlDRkE1NDFDNEY5QUUwMi85bW1TWkVGOElvdFJfaFd6c2V5M2huOHFK
ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzltbVNaRUY4SW90Ul9oV3pzZXkzaG44cUowTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQwMjAvQUQxQjhERTRCNDA0MTFFNzg5Q0ZBNTQxQzRGOUFFMDIvODE1MTRCNTY5
NEMxMTFFREFCODg0NDQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAFnZioDBAFnfjwwDQQCAAIwBwMFACQEr0AwDQYJKoZIhvcN
AQELBQADggEBAJICpl1dwVIwP8N4tbVpDiMx1iJItDTZr7Y//3kQkL9KYozeNsUU
sScjVx4y4dnQK/zxa0Ri9uo2M3ziVJLG24PvRXfFR23We3B4aYJDVQK3u6FnHRZ1
RPybmFlW/QTymud2pHB8dmOH7sVgeMyW6Iyot4XREcRIMd0Jbrck3g+M+92MaZf4
E0Iu36wP5zKgjWDwhXhVI6ZtW3TGvIjtiI6OckuOoUIQkwTRgMF6jE2BIILI8yux
Celb6PqaVcLA7ijhGzA82CKYjr1tAMUDeVAIqlt21u3WtjA79FX1Qb0Q3YewYx/d
Jc39bVMQ1LqxCoI5d8+dl5rIf/qtUst/YQk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:40 2023 by rpki-client on console-ams.rpki-client.org