Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9154020/AD1B8DE4B40411E789CFA541C4F9AE02/F32B9B66B40511E7938C0343C4F9AE02.roa
File: F32B9B66B40511E7938C0343C4F9AE02.roa (raw, json)
Hash identifier: oLYE2/D0fGeszWCVXexEX5UmOUwuJXdOR6a+rV5ltFY=
Subject key identifier: 16:2A:13:29:17:38:C7:96:36:29:B7:CB:E2:05:1A:EC:EA:2B:98:C5
Certificate issuer: /CN=A9154020/serialNumber=F6699264417C228B51FE15B3B1ECB7867F2A2743
Certificate serial: 163D
Authority key identifier: F6:69:92:64:41:7C:22:8B:51:FE:15:B3:B1:EC:B7:86:7F:2A:27:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9mmSZEF8IotR_hWzsey3hn8qJ0M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9154020/AD1B8DE4B40411E789CFA541C4F9AE02/F32B9B66B40511E7938C0343C4F9AE02.roa
Signing time: Thu 24 Nov 2022 17:23:51 +0000
ROA not before: Thu 24 Nov 2022 17:23:51 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 137020
IP address blocks: 103.102.42.0/23 maxlen: 24
103.126.60.0/23 maxlen: 23
103.126.60.0/24 maxlen: 24
103.126.61.0/24 maxlen: 24
2404:af40::/32 maxlen: 32
2404:af40::/48 maxlen: 48
2404:af40:1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5693 (0x163d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9154020/serialNumber=F6699264417C228B51FE15B3B1ECB7867F2A2743
Validity
Not Before: Nov 24 17:23:51 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=637fa8a7-3ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:37:0b:35:a6:53:67:49:7c:7a:84:31:cc:ff:
e4:31:92:53:b3:9e:1b:8e:61:6a:22:97:35:a9:5f:
7e:e4:17:20:23:4e:b4:6a:e2:1f:81:1a:8d:df:a6:
95:79:d6:44:0e:e5:94:70:c4:fa:12:81:86:75:dd:
a1:ed:9c:60:ef:74:1f:36:d5:2e:66:01:77:59:be:
b4:0f:82:87:88:da:d3:0f:52:bf:6c:68:3c:d1:f3:
d8:5c:42:82:a4:ce:ba:50:a6:df:b6:a9:9f:f9:ea:
ca:57:10:0b:70:5a:4f:ab:f9:54:48:eb:1e:19:00:
a4:82:52:4d:e5:a9:e8:b8:c1:27:fa:50:4e:b4:d7:
90:14:8e:6f:98:a8:f1:5a:e3:cc:ca:84:c9:94:79:
97:34:6b:51:55:1e:7b:88:6a:9e:0d:c3:9c:85:5d:
02:3a:e5:c1:50:e1:ba:93:40:d1:e1:87:1d:af:53:
0b:b3:35:45:29:04:24:aa:53:4f:5a:a9:de:e5:ab:
fe:ed:b6:b9:56:0c:46:25:3e:3a:77:84:ec:e9:42:
43:1d:a5:50:8e:85:cb:e5:ba:61:71:fc:ea:df:29:
24:db:ac:bd:11:ed:fc:14:fa:80:00:85:83:43:73:
4e:21:b7:68:fc:b6:81:6d:9e:96:c1:88:15:e6:bc:
a2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2A:13:29:17:38:C7:96:36:29:B7:CB:E2:05:1A:EC:EA:2B:98:C5
X509v3 Authority Key Identifier:
keyid:F6:69:92:64:41:7C:22:8B:51:FE:15:B3:B1:EC:B7:86:7F:2A:27:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9154020/AD1B8DE4B40411E789CFA541C4F9AE02/9mmSZEF8IotR_hWzsey3hn8qJ0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9mmSZEF8IotR_hWzsey3hn8qJ0M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154020/AD1B8DE4B40411E789CFA541C4F9AE02/F32B9B66B40511E7938C0343C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.42.0/23
103.126.60.0/23
IPv6:
2404:af40::/32
Signature Algorithm: sha256WithRSAEncryption
5f:b4:37:d7:56:c2:f2:84:e8:94:7f:1f:47:2b:37:8e:4f:ad:
53:66:f4:c0:94:cc:15:60:e0:98:f4:1e:5e:8c:4f:62:7d:4d:
54:98:63:11:c4:81:50:c8:b9:45:99:b7:28:9d:50:4a:ca:6c:
36:42:2a:52:2a:47:63:50:cb:38:e5:14:d9:84:cd:23:9b:37:
f5:b0:2f:8e:3e:bd:61:6e:ec:3a:71:4f:b4:7e:91:0a:f3:9c:
34:f0:0e:b7:00:3d:80:28:d1:bb:71:bb:a2:83:13:a8:32:08:
1b:31:6b:56:28:57:c3:9b:c2:2a:e3:5f:cc:2d:1e:00:7c:29:
7a:29:e9:a6:5a:f9:ae:b1:9c:42:ae:39:96:1b:ce:1d:54:66:
b9:04:63:f6:97:e0:e6:53:94:2a:eb:e5:74:9c:dd:d7:2a:00:
fd:11:92:fb:1f:aa:fd:ca:c1:5e:56:42:48:9d:85:4d:09:1c:
03:cc:9a:b1:3d:ed:3e:3e:15:b2:10:c8:1a:e4:62:af:75:bf:
f5:50:01:3b:30:e4:3d:8b:07:8f:66:26:cc:e8:18:b9:94:33:
af:58:71:91:f5:8e:c6:55:b0:55:a3:69:a7:45:56:3d:a3:b3:
32:19:ad:e4:40:a6:5d:40:0c:15:f2:53:fa:10:f2:d3:f4:7b:
20:ce:96:6e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICFj0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQwMjAxMTAvBgNVBAUTKEY2Njk5MjY0NDE3QzIyOEI1MUZFMTVCM0IxRUNCNzg2
N0YyQTI3NDMwHhcNMjIxMTI0MTcyMzUxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzdmYThhNy0zZWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyjcLNaZTZ0l8eoQxzP/kMZJTs54bjmFqIpc1qV9+5BcgI060auIfgRqN36aV
edZEDuWUcMT6EoGGdd2h7Zxg73QfNtUuZgF3Wb60D4KHiNrTD1K/bGg80fPYXEKC
pM66UKbftqmf+erKVxALcFpPq/lUSOseGQCkglJN5anouMEn+lBOtNeQFI5vmKjx
WuPMyoTJlHmXNGtRVR57iGqeDcOchV0COuXBUOG6k0DR4Ycdr1MLszVFKQQkqlNP
Wqne5av+7ba5VgxGJT46d4Ts6UJDHaVQjoXL5bphcfzq3ykk26y9Ee38FPqAAIWD
Q3NOIbdo/LaBbZ6WwYgV5ryiBQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBYqEykX
OMeWNim3y+IFGuzqK5jFMB8GA1UdIwQYMBaAFPZpkmRBfCKLUf4Vs7Hst4Z/KidD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDAyMC9BRDFCOERFNEI0
MDQxMUU3ODlDRkE1NDFDNEY5QUUwMi85bW1TWkVGOElvdFJfaFd6c2V5M2huOHFK
ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzltbVNaRUY4SW90Ul9oV3pzZXkzaG44cUowTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQwMjAvQUQxQjhERTRCNDA0MTFFNzg5Q0ZBNTQxQzRGOUFFMDIvRjMyQjlCNjZC
NDA1MTFFNzkzOEMwMzQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAFnZioDBAFnfjwwDQQCAAIwBwMFACQEr0AwDQYJKoZIhvcN
AQELBQADggEBAF+0N9dWwvKE6JR/H0crN45PrVNm9MCUzBVg4Jj0Hl6MT2J9TVSY
YxHEgVDIuUWZtyidUErKbDZCKlIqR2NQyzjlFNmEzSObN/WwL44+vWFu7DpxT7R+
kQrznDTwDrcAPYAo0btxu6KDE6gyCBsxa1YoV8ObwirjX8wtHgB8KXop6aZa+a6x
nEKuOZYbzh1UZrkEY/aX4OZTlCrr5XSc3dcqAP0Rkvsfqv3KwV5WQkidhU0JHAPM
mrE97T4+FbIQyBrkYq91v/VQATsw5D2LB49mJszoGLmUM69YcZH1jsZVsFWjaadF
Vj2jszIZreRApl1ADBXyU/oQ8tP0eyDOlm4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org