Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/04FB213A1DB611ED825EA14FC4F9AE02.roa
File: 04FB213A1DB611ED825EA14FC4F9AE02.roa (raw, json)
Hash identifier: UgK7X9pr9DhJaqwPbpj/aw2lbjCsEzVoQthv+9Q18yc=
Subject key identifier: C3:84:44:94:6C:30:75:EB:DF:AA:44:6A:42:0D:1C:F5:25:8B:C3:76
Certificate issuer: /CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Certificate serial: 2A5C
Authority key identifier: B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/04FB213A1DB611ED825EA14FC4F9AE02.roa
Signing time: Wed 08 Feb 2023 19:41:57 +0000
ROA not before: Wed 08 Feb 2023 19:41:57 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 45177
IP address blocks: 14.1.32.0/19 maxlen: 24
45.65.12.0/22 maxlen: 24
103.9.238.0/23 maxlen: 24
103.11.52.0/24 maxlen: 24
103.11.54.0/24 maxlen: 24
103.12.9.0/24 maxlen: 24
103.13.116.0/22 maxlen: 24
103.15.178.0/24 maxlen: 24
103.230.76.0/22 maxlen: 22
103.241.120.0/22 maxlen: 22
103.248.191.0/24 maxlen: 24
103.255.248.0/24 maxlen: 24
113.197.96.0/22 maxlen: 23
116.93.128.0/20 maxlen: 24
119.30.0.0/22 maxlen: 24
119.30.4.0/22 maxlen: 24
120.136.0.0/21 maxlen: 24
150.107.32.0/22 maxlen: 23
163.47.204.0/22 maxlen: 24
163.53.232.0/22 maxlen: 24
202.74.192.0/19 maxlen: 24
203.84.224.0/20 maxlen: 24
203.211.64.0/18 maxlen: 24
2400:7180:2::/48 maxlen: 48
2400:7180:3::/48 maxlen: 48
2400:7180:9::/48 maxlen: 48
2400:ee80::/32 maxlen: 48
2401:7000::/32 maxlen: 32
2401:7000::/32 maxlen: 64
2402:3500::/32 maxlen: 48
2402:3500::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10844 (0x2a5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Validity
Not Before: Feb 8 19:41:57 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63e3fb05-2649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:42:6f:19:1c:be:07:18:64:99:b7:ef:44:0f:
2e:e4:4b:d9:7a:01:c0:56:54:ae:89:bc:07:ce:70:
68:4e:2c:72:1e:8e:49:56:17:fd:15:85:c4:42:bb:
05:45:4c:d2:23:33:b4:54:9a:1f:52:3a:86:c0:f3:
b2:69:97:8b:8c:41:4e:8c:43:4b:8b:9a:bc:ab:5d:
81:25:1d:23:dd:9a:c7:88:25:db:ad:f0:3c:59:8c:
a5:44:d2:c8:29:8f:4c:d4:ba:ec:35:e8:30:31:67:
c6:a9:48:24:7e:f9:40:7d:88:0a:4b:4f:c9:5d:64:
c3:66:4b:f0:8b:b6:6d:0e:ff:3f:b0:80:9c:66:9c:
7f:e8:a4:6d:e0:99:2c:63:27:28:c0:68:23:c0:00:
60:8b:62:dc:41:e3:a6:07:7e:6b:a5:7d:92:b5:04:
7d:5b:30:04:08:47:f0:b9:d2:79:ed:19:6c:6e:67:
75:a8:a5:96:a1:8a:11:d9:5d:61:7d:d1:fa:cf:c9:
bb:3e:2a:15:6d:d3:a7:36:dc:a5:11:6e:d7:f6:ea:
d3:c5:ca:11:3c:1a:a0:7c:12:db:a6:db:6c:b8:1a:
00:2f:6a:91:42:1e:cc:0d:a0:b7:5a:f2:22:b1:80:
74:5d:82:e1:f9:ff:97:14:13:39:c9:43:02:fb:7d:
db:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:84:44:94:6C:30:75:EB:DF:AA:44:6A:42:0D:1C:F5:25:8B:C3:76
X509v3 Authority Key Identifier:
keyid:B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/04FB213A1DB611ED825EA14FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.32.0/19
45.65.12.0/22
103.9.238.0/23
103.11.52.0/24
103.11.54.0/24
103.12.9.0/24
103.13.116.0/22
103.15.178.0/24
103.230.76.0/22
103.241.120.0/22
103.248.191.0/24
103.255.248.0/24
113.197.96.0/22
116.93.128.0/20
119.30.0.0/21
120.136.0.0/21
150.107.32.0/22
163.47.204.0/22
163.53.232.0/22
202.74.192.0/19
203.84.224.0/20
203.211.64.0/18
IPv6:
2400:7180:2::/47
2400:7180:9::/48
2400:ee80::/32
2401:7000::/32
2402:3500::/32
Signature Algorithm: sha256WithRSAEncryption
4e:24:03:35:96:a1:d5:e7:60:38:c2:3c:8f:9a:d7:d6:0f:2a:
2c:23:27:86:6d:2c:20:48:d4:b8:60:9b:ad:3a:ef:c9:17:da:
73:af:17:ab:2e:7d:7e:69:a7:c5:63:d6:bf:88:6b:cb:c1:a5:
34:56:de:d0:75:ce:45:1d:cb:91:db:da:cf:91:af:bb:2e:ba:
4c:dc:8a:91:c1:76:87:b7:a9:a6:e6:7d:02:ca:1d:23:14:3b:
17:32:2c:1a:91:67:16:da:c1:1a:65:e9:ad:f0:64:00:ab:f3:
f4:a7:4d:f1:66:c9:f1:d6:c0:a7:b3:98:5e:a8:b2:54:c7:4c:
61:38:60:f1:f0:52:2e:4b:06:43:99:32:0c:45:73:54:ec:36:
d0:87:f6:31:02:07:6a:9b:c5:b2:1b:41:06:4a:6b:4d:82:02:
5b:2d:fb:31:f6:3a:5e:a1:3e:cf:4e:e8:c7:6c:0f:81:83:ca:
83:75:b6:1c:f3:38:a8:a9:0c:5c:43:7d:56:4c:87:04:41:a0:
17:80:eb:aa:1e:d1:22:0c:42:bd:05:c1:03:c3:9b:d7:13:26:
e2:3f:29:19:cf:17:c6:4e:34:c0:dd:dd:ef:a9:ba:70:07:06:
71:90:54:b0:81:34:2f:35:99:18:f1:5f:6a:f0:da:2a:e6:9c:
af:10:51:e2
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgICKlwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkMxMjgxMTAvBgNVBAUTKEI1NjQyNzMyMjY1RDQwQkY3NUNBOTRBOUVDODExOTIx
MUMxQjlCMzIwHhcNMjMwMjA4MTk0MTU3WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UzZmIwNS0yNjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3kJvGRy+BxhkmbfvRA8u5EvZegHAVlSuibwHznBoTixyHo5JVhf9FYXEQrsF
RUzSIzO0VJofUjqGwPOyaZeLjEFOjENLi5q8q12BJR0j3ZrHiCXbrfA8WYylRNLI
KY9M1LrsNegwMWfGqUgkfvlAfYgKS0/JXWTDZkvwi7ZtDv8/sICcZpx/6KRt4Jks
YycowGgjwABgi2LcQeOmB35rpX2StQR9WzAECEfwudJ57Rlsbmd1qKWWoYoR2V1h
fdH6z8m7PioVbdOnNtylEW7X9urTxcoRPBqgfBLbpttsuBoAL2qRQh7MDaC3WvIi
sYB0XYLh+f+XFBM5yUMC+33bBQIDAQABo4IDRzCCA0MwHQYDVR0OBBYEFMOERJRs
MHXr36pEakINHPUli8N2MB8GA1UdIwQYMBaAFLVkJzImXUC/dcqUqeyBGSEcG5sy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzEyOC82NjRBOUJDQUZB
NkQxMUUzQjZBQzIzNTA1OTExRUEzMi90V1FuTWlaZFFMOTF5cFNwN0lFWklSd2Jt
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RXUW5NaVpkUUw5MXlwU3A3SUVaSVJ3Ym16SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkMxMjgvNjY0QTlCQ0FGQTZEMTFFM0I2QUMyMzUwNTkxMUVBMzIvMDRGQjIxM0Ex
REI2MTFFRDgyNUVBMTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdAGCCsGAQUFBwEHAQH/
BIHAMIG9MIGLBAIAATCBhAMEBQ4BIAMEAi1BDAMEAWcJ7gMEAGcLNAMEAGcLNgME
AGcMCQMEAmcNdAMEAGcPsgMEAmfmTAMEAmfxeAMEAGf4vwMEAGf/+AMEAnHFYAME
BHRdgAMEA3ceAAMEA3iIAAMEApZrIAMEAqMvzAMEAqM16AMEBcpKwAMEBMtU4AME
BsvTQDAtBAIAAjAnAwcBJABxgAACAwcAJABxgAAJAwUAJADugAMFACQBcAADBQAk
AjUAMA0GCSqGSIb3DQEBCwUAA4IBAQBOJAM1lqHV52A4wjyPmtfWDyosIyeGbSwg
SNS4YJutOu/JF9pzrxerLn1+aafFY9a/iGvLwaU0Vt7Qdc5FHcuR29rPka+7LrpM
3IqRwXaHt6mm5n0Cyh0jFDsXMiwakWcW2sEaZemt8GQAq/P0p03xZsnx1sCns5he
qLJUx0xhOGDx8FIuSwZDmTIMRXNU7DbQh/YxAgdqm8WyG0EGSmtNggJbLfsx9jpe
oT7PTujHbA+Bg8qDdbYc8zioqQxcQ31WTIcEQaAXgOuqHtEiDEK9BcEDw5vXEybi
PykZzxfGTjTA3d3vqbpwBwZxkFSwgTQvNZkY8V9q8Noq5pyvEFHi
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org