Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/349948D29D5011EB89DEAC80C4F9AE02.roa
File: 349948D29D5011EB89DEAC80C4F9AE02.roa (raw, json)
Hash identifier: Zbl/qLJXE36IUz9AMfHmX6eEriba8Sq1+wKcHCh66Rs=
Subject key identifier: 6C:5F:94:7C:5D:FD:98:30:75:AE:0C:0A:DA:C5:28:B9:20:D9:8B:62
Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37
Certificate serial: 05CE
Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/349948D29D5011EB89DEAC80C4F9AE02.roa
Signing time: Fri 11 Mar 2022 10:48:21 +0000
ROA not before: Fri 11 Mar 2022 10:48:21 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 45250
IP address blocks: 14.192.65.0/24 maxlen: 24
103.23.44.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1486 (0x5ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37
Validity
Not Before: Mar 11 10:48:21 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=622b28f5-4012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2f:34:64:30:29:73:34:b1:19:ae:29:4a:62:
e3:89:98:f6:ca:ed:7e:42:ee:25:3a:ef:29:b0:0b:
ee:cd:51:a6:cb:76:61:4b:4d:3b:4b:4e:2e:af:d2:
d9:1e:79:13:26:65:a5:15:79:e4:85:c8:eb:7c:bc:
2c:34:96:8e:d8:49:6d:c9:d7:3c:86:c1:81:2a:9f:
1b:3b:98:f0:80:58:c9:27:4d:27:73:d9:0f:a0:9a:
32:f8:0d:c9:e5:50:9a:90:43:70:2f:37:ae:c0:cc:
c3:9c:8b:f0:9a:3f:21:0b:01:5f:2e:cd:81:c6:01:
34:52:c0:97:20:fb:4b:64:77:0f:f1:ea:ef:95:ff:
99:19:bf:55:0f:0f:cd:86:92:c3:0e:e0:9b:5a:46:
59:25:e2:a1:d6:f1:3c:be:d3:36:b9:3c:a8:ce:70:
e0:13:dc:e1:46:75:06:3a:8b:17:59:85:8f:c8:aa:
92:04:d8:08:14:13:13:d1:05:f5:e8:5c:d4:c9:6c:
16:f1:15:80:ee:68:ce:4c:61:6c:eb:ba:86:cf:92:
63:9d:e1:de:17:73:f5:27:d2:7c:70:b7:15:89:fc:
62:e6:24:50:4a:24:b8:0d:81:a7:bf:36:eb:ba:91:
90:01:3c:21:4a:bd:4d:44:b8:db:97:70:86:ee:5a:
80:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:5F:94:7C:5D:FD:98:30:75:AE:0C:0A:DA:C5:28:B9:20:D9:8B:62
X509v3 Authority Key Identifier:
keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/349948D29D5011EB89DEAC80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.65.0/24
103.23.44.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:67:c7:6c:de:d2:6a:db:f1:53:49:ec:f0:de:91:8e:cb:81:
39:db:ad:c3:fb:ef:51:42:02:31:65:97:1e:5e:2b:09:8c:f4:
3d:c9:03:98:54:4a:01:ab:91:62:3a:ea:c5:cf:7d:a8:18:73:
7f:89:03:58:94:e8:31:dc:4b:71:8f:8d:c4:93:28:a9:2a:24:
c6:e0:b9:70:eb:f6:8b:47:d4:4a:61:3e:40:33:10:e5:a2:e4:
e0:94:ee:28:f1:6b:84:63:c5:c4:6c:6e:d3:5f:5e:ae:b3:ad:
bf:51:57:4d:32:4d:80:9b:c7:ae:1e:32:eb:c4:7e:9d:42:93:
94:5d:88:65:85:9b:3d:54:aa:f4:18:78:13:3d:17:f1:e9:e4:
44:b7:cc:7d:56:ef:23:52:cb:16:ee:81:29:1f:e4:14:0e:dd:
76:db:7b:08:fe:a1:07:b8:11:4e:c9:95:2e:89:da:bd:4c:46:
59:62:0d:52:96:42:be:b0:3f:67:f9:53:12:eb:32:c3:ce:96:
3d:b6:2e:3c:39:ff:34:93:8e:d4:bc:2e:0e:56:a0:7f:89:b1:
60:fa:3e:5e:00:1d:ab:08:23:06:e7:d1:07:2e:c6:b5:dd:0d:
de:4a:f9:59:82:b3:e2:d1:51:aa:4b:8d:63:63:32:56:15:52:
72:bd:2c:c8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD
Q0I2RThFMzcwHhcNMjIwMzExMTA0ODIxWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjJiMjhmNS00MDEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnS80ZDApczSxGa4pSmLjiZj2yu1+Qu4lOu8psAvuzVGmy3ZhS007S04ur9LZ
HnkTJmWlFXnkhcjrfLwsNJaO2Eltydc8hsGBKp8bO5jwgFjJJ00nc9kPoJoy+A3J
5VCakENwLzeuwMzDnIvwmj8hCwFfLs2BxgE0UsCXIPtLZHcP8ervlf+ZGb9VDw/N
hpLDDuCbWkZZJeKh1vE8vtM2uTyoznDgE9zhRnUGOosXWYWPyKqSBNgIFBMT0QX1
6FzUyWwW8RWA7mjOTGFs67qGz5JjneHeF3P1J9J8cLcVifxi5iRQSiS4DYGnvzbr
upGQATwhSr1NRLjbl3CG7lqApwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGxflHxd
/Zgwda4MCtrFKLkg2YtiMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5
RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvMzQ5OTQ4RDI5
RDUwMTFFQjg5REVBQzgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAOwEEDBABnFywwDQYJKoZIhvcNAQELBQADggEBAJtnx2ze
0mrb8VNJ7PDekY7LgTnbrcP771FCAjFllx5eKwmM9D3JA5hUSgGrkWI66sXPfagY
c3+JA1iU6DHcS3GPjcSTKKkqJMbguXDr9otH1EphPkAzEOWi5OCU7ijxa4RjxcRs
btNfXq6zrb9RV00yTYCbx64eMuvEfp1Ck5RdiGWFmz1UqvQYeBM9F/Hp5ES3zH1W
7yNSyxbugSkf5BQO3Xbbewj+oQe4EU7JlS6J2r1MRlliDVKWQr6wP2f5UxLrMsPO
lj22Ljw5/zSTjtS8Lg5WoH+JsWD6Pl4AHasIIwbn0QcuxrXdDd5K+VmCs+LRUapL
jWNjMlYVUnK9LMg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org