Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/52583D96827011ECB06A7E29C4F9AE02.roa
File: 52583D96827011ECB06A7E29C4F9AE02.roa (raw, json)
Hash identifier: gGgNySeEJvy4wM19TmMWorJD2c2UDBAabK65GA5lmfQ=
Subject key identifier: B9:B0:9E:54:FE:5E:DE:F5:F9:8D:DD:4A:62:59:0A:6F:BC:06:98:46
Certificate issuer: /CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Certificate serial: 09
Authority key identifier: F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/52583D96827011ECB06A7E29C4F9AE02.roa
Signing time: Wed 02 Feb 2022 10:53:17 +0000
ROA not before: Wed 02 Feb 2022 10:53:17 +0000
ROA not after: Sun 01 May 2022 00:00:00 +0000
asID: 136272
IP address blocks: 103.85.232.0/22 maxlen: 22
103.85.232.0/23 maxlen: 23
103.85.232.0/24 maxlen: 24
103.85.233.0/24 maxlen: 24
103.85.234.0/23 maxlen: 23
103.85.234.0/24 maxlen: 24
103.85.235.0/24 maxlen: 24
116.204.140.0/22 maxlen: 22
116.204.140.0/23 maxlen: 23
116.204.140.0/24 maxlen: 24
116.204.141.0/24 maxlen: 24
116.204.142.0/23 maxlen: 23
116.204.142.0/24 maxlen: 24
116.204.143.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Validity
Not Before: Feb 2 10:53:17 2022 GMT
Not After : May 1 00:00:00 2022 GMT
Subject: CN=61fa629c-6b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7a:56:dd:5b:2b:35:32:cf:67:8a:68:dc:88:
38:b4:92:16:a2:90:0f:ec:80:a6:c6:69:84:99:c1:
3b:a6:c5:c4:31:23:4a:c6:ce:04:41:e8:b5:ae:d2:
cb:45:d0:c9:6c:37:de:71:65:79:39:08:b3:64:16:
16:16:38:28:8c:0b:4c:7a:70:6f:4b:42:36:db:fd:
7b:79:8e:8d:fe:a7:d0:60:b8:6b:1c:85:e5:86:bd:
b8:e2:70:fb:95:d8:a6:36:18:30:39:90:e5:6b:69:
8a:af:f2:97:6e:39:45:4c:a0:cd:74:71:65:34:82:
f9:1d:37:3f:a5:f6:9a:a8:b3:77:1f:4d:c9:29:b7:
cc:a0:8b:71:7e:17:0d:11:03:34:c6:e5:65:38:9a:
ff:99:61:fc:26:58:c5:b9:53:9f:59:93:4d:47:e0:
07:d0:c5:a2:9e:08:10:81:39:b5:de:c8:87:c7:7a:
81:9e:e5:ee:fc:2c:29:ec:e6:8c:d1:55:59:15:e6:
42:31:49:51:20:1d:28:5f:65:f4:b6:97:7f:81:01:
e1:7f:a8:51:88:e2:52:f9:e6:40:19:2f:87:e7:e1:
d9:93:06:b1:5d:7d:c4:67:8e:15:96:68:a4:08:a9:
66:ff:3c:e0:cf:43:15:4f:15:a6:9a:ee:e4:76:6a:
a5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B0:9E:54:FE:5E:DE:F5:F9:8D:DD:4A:62:59:0A:6F:BC:06:98:46
X509v3 Authority Key Identifier:
keyid:F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/52583D96827011ECB06A7E29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.232.0/22
116.204.140.0/22
Signature Algorithm: sha256WithRSAEncryption
08:c9:ce:fb:47:0d:4d:2b:b3:a6:29:dd:1a:17:85:43:9c:a8:
6e:5c:2e:32:62:2c:41:0d:91:e3:52:c5:63:4c:06:dc:4b:a0:
84:a5:fe:1d:42:a7:20:5b:c4:a1:4a:1e:3c:e2:2e:e2:0a:92:
0c:c7:b7:f8:4a:e1:89:82:59:c8:db:c6:9f:44:14:df:c4:6c:
5e:c2:d6:4c:9b:0c:6d:2c:be:64:35:25:28:ce:ad:4e:fe:b0:
03:87:d8:f2:c9:ad:28:3d:33:c4:3a:cb:0f:ae:5f:e2:57:e2:
fe:a7:ff:39:8c:e6:d2:4e:2b:92:ea:ee:3f:25:4f:10:de:a3:
a1:78:a8:e6:58:56:41:20:d1:4c:d3:d4:79:41:eb:a8:e1:bb:
e4:64:c4:67:89:0a:f3:53:d3:f2:fc:dc:99:2c:e1:7b:0e:cb:
25:5a:94:74:29:e9:52:5c:cb:b4:b5:b8:c7:c5:0e:e7:13:83:
b9:f9:84:35:d0:d1:9a:57:6b:3f:c9:8d:87:56:ab:4a:58:59:
3f:67:2d:7d:04:f3:c4:fb:41:3b:c0:fa:d7:34:ba:e7:53:dd:
d5:5d:6d:d8:e7:7c:56:43:5b:27:b7:26:83:c2:07:ab:34:61:
83:f8:60:90:8f:07:54:3d:94:c6:69:57:ef:83:e3:1a:a0:29:
1e:21:67:75
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
QzYxQjExMC8GA1UEBRMoRjUzOTI5MTkxOUNERTE0NEIwMzRFRjI4OEIwQTYzNDc4
M0U4MkM3RjAeFw0yMjAyMDIxMDUzMTdaFw0yMjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxZmE2MjljLTZiMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGelbdWys1Ms9nimjciDi0khaikA/sgKbGaYSZwTumxcQxI0rGzgRB6LWu0stF
0MlsN95xZXk5CLNkFhYWOCiMC0x6cG9LQjbb/Xt5jo3+p9BguGscheWGvbjicPuV
2KY2GDA5kOVraYqv8pduOUVMoM10cWU0gvkdNz+l9pqos3cfTckpt8ygi3F+Fw0R
AzTG5WU4mv+ZYfwmWMW5U59Zk01H4AfQxaKeCBCBObXeyIfHeoGe5e78LCns5ozR
VVkV5kIxSVEgHShfZfS2l3+BAeF/qFGI4lL55kAZL4fn4dmTBrFdfcRnjhWWaKQI
qWb/PODPQxVPFaaa7uR2aqUtAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUubCeVP5e
3vX5jd1KYlkKb7wGmEYwHwYDVR0jBBgwFoAU9TkpGRnN4USwNO8oiwpjR4PoLH8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZDNjFCLzUxRUZGQTMwODI2
OTExRUNBRDJFOTUyNEM0RjlBRTAyLzlUa3BHUm5ONFVTd05POG9pd3BqUjRQb0xI
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOVRrcEdSbk40VVN3Tk84b2l3cGpSNFBvTEg4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
QzYxQi81MUVGRkEzMDgyNjkxMUVDQUQyRTk1MjRDNEY5QUUwMi81MjU4M0Q5Njgy
NzAxMUVDQjA2QTdFMjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmdV6AMEAnTMjDANBgkqhkiG9w0BAQsFAAOCAQEACMnO+0cN
TSuzpindGheFQ5yoblwuMmIsQQ2R41LFY0wG3EughKX+HUKnIFvEoUoePOIu4gqS
DMe3+ErhiYJZyNvGn0QU38RsXsLWTJsMbSy+ZDUlKM6tTv6wA4fY8smtKD0zxDrL
D65f4lfi/qf/OYzm0k4rkuruPyVPEN6joXio5lhWQSDRTNPUeUHrqOG75GTEZ4kK
81PT8vzcmSzhew7LJVqUdCnpUlzLtLW4x8UO5xODufmENdDRmldrP8mNh1arSlhZ
P2ctfQTzxPtBO8D61zS651Pd1V1t2Od8VkNbJ7cmg8IHqzRhg/hgkI8HVD2UxmlX
74PjGqApHiFndQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:43 2023 by rpki-client on console-ams.rpki-client.org