Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185483/9C16E068BCA011EBB5EB800CC4F9AE02/0A05313C25E311EC85B94012C4F9AE02.roa
File: 0A05313C25E311EC85B94012C4F9AE02.roa (raw, json)
Hash identifier: vtlO8qvlR/5WuBWs05hIG36xefCVJXVnGFTetp5QF6Q=
Subject key identifier: 58:7F:0B:31:8C:92:21:67:14:61:5C:34:31:D0:E6:5C:95:3C:CD:E9
Certificate issuer: /CN=A9185483/serialNumber=DA53A5DC5905A14B7D8DBB5441A0945ECEB3C293
Certificate serial: 0494
Authority key identifier: DA:53:A5:DC:59:05:A1:4B:7D:8D:BB:54:41:A0:94:5E:CE:B3:C2:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lOl3FkFoUt9jbtUQaCUXs6zwpM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9185483/9C16E068BCA011EBB5EB800CC4F9AE02/0A05313C25E311EC85B94012C4F9AE02.roa
Signing time: Sun 03 Sep 2023 00:11:23 +0000
ROA not before: Sun 03 Sep 2023 00:11:23 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 146993
IP address blocks: 103.241.48.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1172 (0x494)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9185483/serialNumber=DA53A5DC5905A14B7D8DBB5441A0945ECEB3C293
Validity
Not Before: Sep 3 00:11:23 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64f3cf2b-d663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0f:88:c0:ad:36:8c:e6:98:f1:6f:53:17:2d:
26:d0:ed:23:b1:40:57:02:b6:34:0b:81:4c:24:9a:
9c:7c:64:96:10:19:d7:b1:9b:ea:b8:ed:f3:58:9a:
29:61:fb:42:3f:d2:36:af:80:03:24:30:6a:88:96:
70:e4:be:cd:cd:56:29:70:e6:d1:90:ae:b9:1a:39:
d5:64:35:61:11:6e:59:b9:4b:df:93:82:87:fc:42:
0e:ba:87:73:00:ab:9a:3e:ba:df:2d:95:9e:7a:46:
9c:d7:8f:a4:60:19:b5:de:2a:c3:68:f7:9f:e2:6f:
e3:28:62:19:a5:fc:99:dd:6c:3b:21:31:7a:ca:33:
66:89:c7:38:22:fe:b0:d0:79:2d:d3:29:37:08:74:
b6:3a:17:3f:5b:25:6c:cc:7e:1f:61:41:8e:97:85:
a4:2c:c3:9a:7e:b3:d5:c5:6a:cf:ef:82:fa:45:c1:
e1:3f:23:68:d3:6d:7a:dd:85:57:42:17:2d:0f:4b:
1b:d9:8b:59:0f:8d:4f:bb:2e:b4:33:12:f0:07:e1:
e0:9e:6c:1a:04:ed:3a:cb:12:3d:db:8c:d2:b2:7d:
a5:01:9d:b1:aa:e5:ae:1e:7d:ad:db:92:8b:d6:04:
0c:9f:3a:67:64:1b:28:81:c8:a8:35:3b:14:b4:c6:
e9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:7F:0B:31:8C:92:21:67:14:61:5C:34:31:D0:E6:5C:95:3C:CD:E9
X509v3 Authority Key Identifier:
keyid:DA:53:A5:DC:59:05:A1:4B:7D:8D:BB:54:41:A0:94:5E:CE:B3:C2:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9185483/9C16E068BCA011EBB5EB800CC4F9AE02/2lOl3FkFoUt9jbtUQaCUXs6zwpM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lOl3FkFoUt9jbtUQaCUXs6zwpM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185483/9C16E068BCA011EBB5EB800CC4F9AE02/0A05313C25E311EC85B94012C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.241.48.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:8b:6d:59:84:c4:55:26:f6:07:d7:07:29:3e:72:82:ff:46:
a6:5b:44:66:09:bb:7e:2d:1c:43:af:e4:ce:8c:14:56:12:bd:
36:74:cb:7d:0a:00:8f:97:8e:01:28:33:eb:ea:de:8f:de:a0:
33:f0:31:b2:29:c7:21:29:9b:73:7e:83:6f:c9:b2:e5:91:ae:
90:8f:7f:53:03:7b:dc:96:5c:17:b0:99:a9:4c:dc:a2:9a:d0:
63:0e:23:35:0c:1f:e1:98:17:4a:ea:4a:d6:77:fc:7b:c2:cb:
c8:10:28:1e:04:c5:a7:50:e2:e8:cc:77:9a:cc:8c:aa:7b:d7:
f6:3f:90:be:85:6d:49:40:b0:95:33:e4:f5:98:30:0b:c2:d0:
9b:bd:ac:e4:02:9f:9e:37:8d:13:57:15:39:c8:f9:5c:28:f5:
bc:8d:3e:c3:61:d5:8b:7d:51:4f:ed:fa:7f:8c:18:f6:0c:3b:
6d:a9:d1:8c:c7:52:72:97:2e:0c:8d:14:35:ec:6d:6f:b1:03:
96:93:f0:ae:5b:0a:09:2a:14:6e:33:89:86:d2:9b:d8:1a:44:
2e:7a:aa:92:fe:47:94:a7:9b:54:8b:c9:34:0e:8b:e9:71:df:
3b:2c:ea:b4:31:00:14:26:75:d7:2e:36:29:ea:08:17:b0:9f:
0e:23:6c:e1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODU0ODMxMTAvBgNVBAUTKERBNTNBNURDNTkwNUExNEI3RDhEQkI1NDQxQTA5NDVF
Q0VCM0MyOTMwHhcNMjMwOTAzMDAxMTIzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYzY2YyYi1kNjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArg+IwK02jOaY8W9TFy0m0O0jsUBXArY0C4FMJJqcfGSWEBnXsZvquO3zWJop
YftCP9I2r4ADJDBqiJZw5L7NzVYpcObRkK65GjnVZDVhEW5ZuUvfk4KH/EIOuodz
AKuaPrrfLZWeekac14+kYBm13irDaPef4m/jKGIZpfyZ3Ww7ITF6yjNmicc4Iv6w
0Hkt0yk3CHS2Ohc/WyVszH4fYUGOl4WkLMOafrPVxWrP74L6RcHhPyNo02163YVX
QhctD0sb2YtZD41Puy60MxLwB+HgnmwaBO06yxI924zSsn2lAZ2xquWuHn2t25KL
1gQMnzpnZBsogcioNTsUtMbpsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFh/CzGM
kiFnFGFcNDHQ5lyVPM3pMB8GA1UdIwQYMBaAFNpTpdxZBaFLfY27VEGglF7Os8KT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTQ4My85QzE2RTA2OEJD
QTAxMUVCQjVFQjgwMENDNEY5QUUwMi8ybE9sM0ZrRm9VdDlqYnRVUWFDVVhzNnp3
cE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJsT2wzRmtGb1V0OWpidFVRYUNVWHM2endwTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODU0ODMvOUMxNkUwNjhCQ0EwMTFFQkI1RUI4MDBDQzRGOUFFMDIvMEEwNTMxM0My
NUUzMTFFQzg1Qjk0MDEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn8TAwDQYJKoZIhvcNAQELBQADggEBAF6LbVmExFUm9gfX
Byk+coL/RqZbRGYJu34tHEOv5M6MFFYSvTZ0y30KAI+XjgEoM+vq3o/eoDPwMbIp
xyEpm3N+g2/JsuWRrpCPf1MDe9yWXBewmalM3KKa0GMOIzUMH+GYF0rqStZ3/HvC
y8gQKB4ExadQ4ujMd5rMjKp71/Y/kL6FbUlAsJUz5PWYMAvC0Ju9rOQCn543jRNX
FTnI+Vwo9byNPsNh1Yt9UU/t+n+MGPYMO22p0YzHUnKXLgyNFDXsbW+xA5aT8K5b
CgkqFG4ziYbSm9gaRC56qpL+R5Snm1SLyTQOi+lx3zss6rQxABQmddcuNinqCBew
nw4jbOE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org