Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/7FE0108249BF11E9879E7C55C4F9AE02.roa
File: 7FE0108249BF11E9879E7C55C4F9AE02.roa (raw, json)
Hash identifier: WWLtMgRhhzcxDvYw4cXUQhZQq71H5NIR0NPHyaOWOzw=
Subject key identifier: 3D:AD:37:19:62:E6:25:CE:7C:46:05:57:DA:EF:65:BE:38:3C:01:13
Certificate issuer: /CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Certificate serial: 25D2
Authority key identifier: B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/7FE0108249BF11E9879E7C55C4F9AE02.roa
Signing time: Sat 01 May 2021 04:11:40 +0000
ROA not before: Sat 01 May 2021 04:11:40 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 45671
IP address blocks: 103.11.52.0/22 maxlen: 22
103.12.8.0/23 maxlen: 24
103.12.10.0/24 maxlen: 24
103.13.186.0/23 maxlen: 24
103.24.14.0/24 maxlen: 24
103.227.28.0/22 maxlen: 24
103.248.189.0/24 maxlen: 24
103.248.190.0/24 maxlen: 24
2400:7180::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9682 (0x25d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Validity
Not Before: May 1 04:11:40 2021 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=608cd4fc-5871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:58:1a:e4:87:dc:78:3a:cd:d5:c8:78:1f:3b:
82:02:93:99:97:10:76:db:ed:3d:8b:c2:d7:a4:b5:
a4:ad:c7:26:aa:2a:6d:da:d7:c2:e9:f5:a6:05:60:
b1:82:30:58:0a:4b:13:79:d4:1c:1d:b6:32:72:e0:
9b:e7:a1:23:48:ae:36:02:01:20:d4:e7:33:41:23:
d2:a0:b3:05:f2:ca:d7:06:0d:b4:4d:96:ca:1a:74:
bf:3b:0b:4d:0e:f5:bc:09:c1:18:33:7a:3c:34:60:
f6:8c:e3:7d:06:12:15:6d:a3:9a:5e:eb:22:9d:88:
ec:49:90:4e:22:b5:94:09:55:fa:f7:f5:67:63:c0:
77:08:17:a6:03:55:bd:a0:a0:8c:42:99:5b:f8:cc:
71:d1:c4:71:bd:72:9c:16:b4:eb:ca:62:ad:81:bd:
54:e6:15:4d:a2:fc:6f:19:0c:b3:6a:3c:05:4a:2a:
b6:22:95:a0:fa:89:74:ca:24:bd:3d:da:2d:0b:c9:
96:a5:cd:16:7b:aa:e5:b0:43:bd:65:f5:40:e1:79:
03:1e:b6:a1:4a:83:5d:71:92:1e:73:99:b9:6e:83:
50:3c:5b:cd:a0:d1:bf:35:a6:0a:1e:da:c2:fd:9f:
00:21:27:8c:ec:74:da:a8:4b:ab:d9:e9:eb:11:62:
2c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:AD:37:19:62:E6:25:CE:7C:46:05:57:DA:EF:65:BE:38:3C:01:13
X509v3 Authority Key Identifier:
keyid:B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/7FE0108249BF11E9879E7C55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.52.0/22
103.12.8.0-103.12.10.255
103.13.186.0/23
103.24.14.0/24
103.227.28.0/22
103.248.189.0-103.248.190.255
IPv6:
2400:7180::/32
Signature Algorithm: sha256WithRSAEncryption
aa:cf:03:9d:4f:4b:70:e6:26:1b:b5:f4:aa:c1:83:70:17:41:
32:bc:ae:17:1a:af:76:85:4e:cf:15:ce:8d:3a:70:6a:9a:74:
56:81:db:e2:0d:27:3d:10:2f:70:b0:a2:e6:00:2b:82:f2:bb:
be:12:8f:00:5a:fa:f2:54:2f:f4:00:ee:29:a1:a0:09:3e:31:
43:32:f8:17:3b:28:0b:b7:db:e6:60:f0:80:49:00:96:d9:43:
99:2d:e7:f8:b5:a5:fa:32:08:fa:e2:19:78:81:d4:03:5d:d2:
50:ea:12:b8:64:af:e4:9c:bf:bf:5e:d4:fe:85:ac:83:52:18:
61:a8:6d:89:f6:10:ee:f5:eb:f3:5f:97:50:84:34:42:0a:1b:
e9:c2:5c:2e:88:a8:02:09:fb:28:f3:c1:dd:ce:20:c7:0b:14:
ff:73:99:ba:a7:42:c4:f1:98:08:ef:d7:f3:14:56:ad:c2:3e:
5f:b9:76:36:a5:d9:cd:72:93:30:5a:d5:98:89:1d:bb:49:dc:
ea:8a:46:d8:6d:de:f3:a3:a7:58:24:3c:4c:42:46:d8:87:b9:
13:2b:05:51:5a:fd:d9:d5:e3:97:9a:a0:74:3c:d4:13:04:e8:
76:79:a6:1b:54:13:22:3c:b8:9d:d7:d2:e3:51:20:51:52:f7:
7e:35:37:de
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgICJdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkMxMjgxMTAvBgNVBAUTKEI1NjQyNzMyMjY1RDQwQkY3NUNBOTRBOUVDODExOTIx
MUMxQjlCMzIwHhcNMjEwNTAxMDQxMTQwWhcNMjIwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDhjZDRmYy01ODcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1lga5IfceDrN1ch4HzuCApOZlxB22+09i8LXpLWkrccmqipt2tfC6fWmBWCx
gjBYCksTedQcHbYycuCb56EjSK42AgEg1OczQSPSoLMF8srXBg20TZbKGnS/OwtN
DvW8CcEYM3o8NGD2jON9BhIVbaOaXusinYjsSZBOIrWUCVX69/VnY8B3CBemA1W9
oKCMQplb+Mxx0cRxvXKcFrTrymKtgb1U5hVNovxvGQyzajwFSiq2IpWg+ol0yiS9
PdotC8mWpc0We6rlsEO9ZfVA4XkDHrahSoNdcZIec5m5boNQPFvNoNG/NaYKHtrC
/Z8AISeM7HTaqEur2enrEWIscQIDAQABo4IC0jCCAs4wHQYDVR0OBBYEFD2tNxli
5iXOfEYFV9rvZb44PAETMB8GA1UdIwQYMBaAFLVkJzImXUC/dcqUqeyBGSEcG5sy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzEyOC82NjRBOUJDQUZB
NkQxMUUzQjZBQzIzNTA1OTExRUEzMi90V1FuTWlaZFFMOTF5cFNwN0lFWklSd2Jt
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RXUW5NaVpkUUw5MXlwU3A3SUVaSVJ3Ym16SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkMxMjgvNjY0QTlCQ0FGQTZEMTFFM0I2QUMyMzUwNTkxMUVBMzIvN0ZFMDEwODI0
OUJGMTFFOTg3OUU3QzU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXAYIKwYBBQUHAQcBAf8E
TTBLMDoEAgABMDQDBAJnCzQwDAMEA2cMCAMEAGcMCgMEAWcNugMEAGcYDgMEAmfj
HDAMAwQAZ/i9AwQAZ/i+MA0EAgACMAcDBQAkAHGAMA0GCSqGSIb3DQEBCwUAA4IB
AQCqzwOdT0tw5iYbtfSqwYNwF0EyvK4XGq92hU7PFc6NOnBqmnRWgdviDSc9EC9w
sKLmACuC8ru+Eo8AWvryVC/0AO4poaAJPjFDMvgXOygLt9vmYPCASQCW2UOZLef4
taX6Mgj64hl4gdQDXdJQ6hK4ZK/knL+/XtT+hayDUhhhqG2J9hDu9evzX5dQhDRC
ChvpwlwuiKgCCfso88HdziDHCxT/c5m6p0LE8ZgI79fzFFatwj5fuXY2pdnNcpMw
WtWYiR27SdzqikbYbd7zo6dYJDxMQkbYh7kTKwVRWv3Z1eOXmqB0PNQTBOh2eaYb
VBMiPLid19LjUSBRUvd+NTfe
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org