Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9188844/BB160356FCB411EAA028A40AC4F9AE02/7AE29424FCB511EAA35BDA0AC4F9AE02.roa
File: 7AE29424FCB511EAA35BDA0AC4F9AE02.roa (raw, json)
Hash identifier: p/UPKrSNGxXfrpxZaT8hgpGQJUGE5ahW+0tN/mK2FFw=
Subject key identifier: E7:6C:2F:AE:6A:19:D0:F0:51:12:A7:74:E9:A7:C2:09:DA:0A:A0:46
Certificate issuer: /CN=A9188844/serialNumber=83CA8E9FD601B5DD5D5D05E4565B471E103230CA
Certificate serial: 067F
Authority key identifier: 83:CA:8E:9F:D6:01:B5:DD:5D:5D:05:E4:56:5B:47:1E:10:32:30:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g8qOn9YBtd1dXQXkVltHHhAyMMo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9188844/BB160356FCB411EAA028A40AC4F9AE02/7AE29424FCB511EAA35BDA0AC4F9AE02.roa
Signing time: Tue 26 Sep 2023 22:20:12 +0000
ROA not before: Tue 26 Sep 2023 22:20:12 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 55699
IP address blocks: 103.73.60.0/22 maxlen: 22
192.144.92.0/22 maxlen: 22
2406:ee80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1663 (0x67f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9188844/serialNumber=83CA8E9FD601B5DD5D5D05E4565B471E103230CA
Validity
Not Before: Sep 26 22:20:12 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6513591c-0d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:52:e5:04:28:84:74:45:41:0b:63:1a:ea:f5:
ff:09:77:17:eb:40:d7:e9:c9:69:d8:73:9c:71:c6:
66:4a:29:86:80:83:29:22:06:fd:45:9a:ab:85:2c:
96:7d:4c:ac:b0:22:6b:08:66:2a:99:4c:56:7c:73:
2d:8d:08:b7:d5:77:bb:be:3a:0a:3d:2b:04:a5:10:
2e:84:4f:5a:de:33:fa:97:9e:bf:30:a8:4c:46:3c:
15:32:4f:66:54:d0:42:b4:af:07:32:d4:98:a8:3f:
3e:b2:c5:ef:a0:df:df:ee:25:f2:71:be:ec:76:9b:
10:51:35:17:ef:4b:d8:fb:97:d0:09:63:90:21:c2:
e1:32:80:96:4a:86:e0:04:43:b7:e0:9a:ea:2f:85:
8d:09:90:69:e3:0c:4e:c2:3f:25:29:90:80:c1:e1:
56:d5:55:b1:03:22:80:74:05:06:4e:45:6b:7a:c8:
77:97:0c:99:0c:25:83:5d:fe:2e:f6:80:00:bb:6d:
91:01:77:87:cb:24:e1:40:2a:16:50:bb:84:68:14:
67:43:4d:9d:52:91:9a:b4:75:7f:2a:47:41:23:f4:
d3:08:b9:dd:67:98:2c:d5:36:99:7a:8a:b7:9e:d9:
17:77:da:51:aa:06:10:26:f6:33:1f:35:4d:70:52:
fd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:6C:2F:AE:6A:19:D0:F0:51:12:A7:74:E9:A7:C2:09:DA:0A:A0:46
X509v3 Authority Key Identifier:
keyid:83:CA:8E:9F:D6:01:B5:DD:5D:5D:05:E4:56:5B:47:1E:10:32:30:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9188844/BB160356FCB411EAA028A40AC4F9AE02/g8qOn9YBtd1dXQXkVltHHhAyMMo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g8qOn9YBtd1dXQXkVltHHhAyMMo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188844/BB160356FCB411EAA028A40AC4F9AE02/7AE29424FCB511EAA35BDA0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.60.0/22
192.144.92.0/22
IPv6:
2406:ee80::/32
Signature Algorithm: sha256WithRSAEncryption
6c:fc:d4:22:e2:11:77:38:27:dc:92:e7:90:1d:b3:3a:dc:d8:
35:23:18:95:25:4e:85:b8:07:02:ef:b2:82:2a:2f:57:51:12:
9a:18:cf:8b:d1:93:5a:44:83:1d:8d:cb:f7:6c:f2:4c:36:7a:
4f:4e:24:5a:b0:c6:9a:00:96:ad:16:8b:0a:c2:ab:3d:74:5b:
6e:0c:16:37:d7:6f:25:5c:55:80:43:35:88:7d:88:41:d6:16:
6f:f2:37:c1:37:18:48:03:23:7b:40:fc:a8:96:42:02:c0:b0:
47:06:61:9d:07:ac:a2:a1:a9:4c:4c:ba:1f:f7:2b:f0:70:bc:
9f:87:9a:cf:21:19:54:2c:92:fa:32:a5:65:d7:6a:98:5a:4e:
df:f5:08:bc:03:d1:8e:33:41:a3:43:05:58:93:f8:7c:d3:be:
7e:a1:95:41:3e:5b:d8:79:b8:3a:12:b0:a9:07:4d:93:9c:b0:
09:6b:fe:bd:35:59:49:61:18:82:dd:bc:0f:78:31:19:3a:8f:
e2:30:1d:66:79:e2:7b:ac:f1:84:c0:10:d4:8d:f4:32:00:9a:
24:db:68:b6:1d:9f:35:37:07:7f:c4:38:fa:3a:c5:74:d6:8f:
73:31:0b:d8:5e:69:ad:ab:75:0c:fa:f4:d6:a0:aa:49:87:5e:
fc:9b:3d:89
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBn8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODg4NDQxMTAvBgNVBAUTKDgzQ0E4RTlGRDYwMUI1REQ1RDVEMDVFNDU2NUI0NzFF
MTAzMjMwQ0EwHhcNMjMwOTI2MjIyMDEyWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEzNTkxYy0wZDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArlLlBCiEdEVBC2Ma6vX/CXcX60DX6clp2HOcccZmSimGgIMpIgb9RZqrhSyW
fUyssCJrCGYqmUxWfHMtjQi31Xe7vjoKPSsEpRAuhE9a3jP6l56/MKhMRjwVMk9m
VNBCtK8HMtSYqD8+ssXvoN/f7iXycb7sdpsQUTUX70vY+5fQCWOQIcLhMoCWSobg
BEO34JrqL4WNCZBp4wxOwj8lKZCAweFW1VWxAyKAdAUGTkVresh3lwyZDCWDXf4u
9oAAu22RAXeHyyThQCoWULuEaBRnQ02dUpGatHV/KkdBI/TTCLndZ5gs1TaZeoq3
ntkXd9pRqgYQJvYzHzVNcFL9BQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOdsL65q
GdDwURKndOmnwgnaCqBGMB8GA1UdIwQYMBaAFIPKjp/WAbXdXV0F5FZbRx4QMjDK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4ODg0NC9CQjE2MDM1NkZD
QjQxMUVBQTAyOEE0MEFDNEY5QUUwMi9nOHFPbjlZQnRkMWRYUVhrVmx0SEhoQXlN
TW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c4cU9uOVlCdGQxZFhRWGtWbHRISGhBeU1Nby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODg4NDQvQkIxNjAzNTZGQ0I0MTFFQUEwMjhBNDBBQzRGOUFFMDIvN0FFMjk0MjRG
Q0I1MTFFQUEzNUJEQTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnSTwDBALAkFwwDQQCAAIwBwMFACQG7oAwDQYJKoZIhvcN
AQELBQADggEBAGz81CLiEXc4J9yS55Adszrc2DUjGJUlToW4BwLvsoIqL1dREpoY
z4vRk1pEgx2Ny/ds8kw2ek9OJFqwxpoAlq0WiwrCqz10W24MFjfXbyVcVYBDNYh9
iEHWFm/yN8E3GEgDI3tA/KiWQgLAsEcGYZ0HrKKhqUxMuh/3K/BwvJ+Hms8hGVQs
kvoypWXXaphaTt/1CLwD0Y4zQaNDBViT+HzTvn6hlUE+W9h5uDoSsKkHTZOcsAlr
/r01WUlhGILdvA94MRk6j+IwHWZ54nus8YTAENSN9DIAmiTbaLYdnzU3B3/EOPo6
xXTWj3MxC9heaa2rdQz69NagqkmHXvybPYk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org