Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918B217/8F8CA80AD98311EBB2BE9123C4F9AE02/DFF18582D98711EB80C7DB2BC4F9AE02.roa
File: DFF18582D98711EB80C7DB2BC4F9AE02.roa (raw, json)
Hash identifier: sNen91SA6xyY3bHvtsGnK7t7Qu0lCY/yrDqrQ97Pa+8=
Subject key identifier: B2:05:52:D8:77:45:CB:07:33:17:EF:59:54:B7:24:99:20:FB:57:D3
Certificate issuer: /CN=A918B217/serialNumber=A9865EB28292C588FD20B4640232C97FBC2B037F
Certificate serial: 0108
Authority key identifier: A9:86:5E:B2:82:92:C5:88:FD:20:B4:64:02:32:C9:7F:BC:2B:03:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qYZesoKSxYj9ILRkAjLJf7wrA38.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918B217/8F8CA80AD98311EBB2BE9123C4F9AE02/DFF18582D98711EB80C7DB2BC4F9AE02.roa
Signing time: Wed 10 Nov 2021 03:11:31 +0000
ROA not before: Wed 10 Nov 2021 03:11:31 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 131111
IP address blocks: 103.76.16.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 264 (0x108)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918B217/serialNumber=A9865EB28292C588FD20B4640232C97FBC2B037F
Validity
Not Before: Nov 10 03:11:31 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=618b3862-c3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fb:2d:be:39:5f:4d:56:de:bc:19:cf:7b:ed:
3a:97:03:e0:01:9f:c4:43:5c:28:07:7f:ee:3f:a8:
5b:24:88:40:8c:86:d5:91:36:ae:83:2e:69:af:f7:
1e:45:d0:7a:70:9b:28:14:f3:7a:03:55:4c:f1:d8:
38:89:a9:c9:d4:13:59:d2:d9:a1:a9:d5:39:7a:cc:
d5:0b:a5:5e:8e:f2:fa:60:33:c6:b7:8d:4e:49:33:
05:35:85:02:8a:1b:54:93:b8:3a:37:eb:0b:b8:e9:
0b:3f:d9:30:81:16:12:98:83:f1:6d:0e:3e:bc:eb:
cf:d6:81:b2:0b:ed:9c:90:58:24:5e:fd:4d:93:8e:
a3:dd:e2:ef:0a:40:1f:b8:66:a3:be:b8:4d:88:5f:
b6:c0:8c:e7:71:65:cc:3d:91:a2:b3:7a:b3:33:4d:
00:af:9d:30:f8:4c:7b:21:d6:c2:ec:1e:35:ce:6f:
cb:b8:c0:cf:35:4a:51:d3:4c:20:0f:5a:c8:59:40:
a3:fe:7c:91:b0:1d:bd:97:61:26:78:9c:8d:77:2c:
da:54:0e:ce:61:11:6f:77:ef:67:84:29:f5:90:08:
35:bd:4f:10:d4:ee:3c:30:45:59:77:37:5e:2e:20:
26:40:8c:2b:9d:c9:b1:6b:0a:3c:37:cd:ac:12:10:
23:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:05:52:D8:77:45:CB:07:33:17:EF:59:54:B7:24:99:20:FB:57:D3
X509v3 Authority Key Identifier:
keyid:A9:86:5E:B2:82:92:C5:88:FD:20:B4:64:02:32:C9:7F:BC:2B:03:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918B217/8F8CA80AD98311EBB2BE9123C4F9AE02/qYZesoKSxYj9ILRkAjLJf7wrA38.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qYZesoKSxYj9ILRkAjLJf7wrA38.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918B217/8F8CA80AD98311EBB2BE9123C4F9AE02/DFF18582D98711EB80C7DB2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.76.16.0/22
Signature Algorithm: sha256WithRSAEncryption
30:6a:60:73:b8:77:01:eb:22:98:92:36:74:bc:cd:ac:2d:a9:
68:02:e4:b3:d7:ce:5b:f9:da:ba:6a:1e:d0:08:62:e6:04:5b:
fb:7c:55:c3:a3:9b:cc:4a:71:57:9e:4c:b2:95:f4:1f:ec:d0:
ac:6c:23:e9:8b:d5:9b:a6:3a:38:3c:f0:18:d3:7a:2e:c3:4e:
f5:02:a7:00:67:c6:6d:dc:dd:bb:b5:0b:1d:31:48:e7:7d:b3:
fb:fe:f9:a0:16:94:9c:1f:44:f1:6e:46:e8:31:68:44:19:55:
d2:e3:bb:1a:ba:fe:b8:e4:08:70:ff:a7:4e:d4:53:47:ff:69:
29:fd:85:4d:31:03:4e:3d:b9:6b:fc:86:78:6e:4a:a2:8c:cc:
39:40:85:6e:6e:8b:b2:ea:91:f3:fd:80:92:41:e2:fa:e0:26:
22:bd:97:a4:b6:a5:dc:a1:93:a0:7e:9a:fa:06:2f:67:e1:21:
aa:f1:be:af:24:a4:c2:d1:74:90:47:e4:e9:99:62:83:dc:69:
f9:8e:2d:5c:68:3e:e5:73:71:7f:11:0f:39:7a:58:59:85:d8:
2c:33:35:9b:6a:7d:77:19:01:dc:68:f6:1d:f9:79:99:95:e0:
02:36:d3:6e:b8:41:9e:73:94:84:a3:8a:00:81:50:b0:3f:40:
f5:d5:b6:ce
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEIyMTcxMTAvBgNVBAUTKEE5ODY1RUIyODI5MkM1ODhGRDIwQjQ2NDAyMzJDOTdG
QkMyQjAzN0YwHhcNMjExMTEwMDMxMTMxWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MThiMzg2Mi1jM2ZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvvstvjlfTVbevBnPe+06lwPgAZ/EQ1woB3/uP6hbJIhAjIbVkTaugy5pr/ce
RdB6cJsoFPN6A1VM8dg4ianJ1BNZ0tmhqdU5eszVC6VejvL6YDPGt41OSTMFNYUC
ihtUk7g6N+sLuOkLP9kwgRYSmIPxbQ4+vOvP1oGyC+2ckFgkXv1Nk46j3eLvCkAf
uGajvrhNiF+2wIzncWXMPZGis3qzM00Ar50w+Ex7IdbC7B41zm/LuMDPNUpR00wg
D1rIWUCj/nyRsB29l2EmeJyNdyzaVA7OYRFvd+9nhCn1kAg1vU8Q1O48MEVZdzde
LiAmQIwrncmxawo8N82sEhAjzQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLIFUth3
RcsHMxfvWVS3JJkg+1fTMB8GA1UdIwQYMBaAFKmGXrKCksWI/SC0ZAIyyX+8KwN/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QjIxNy84RjhDQTgwQUQ5
ODMxMUVCQjJCRTkxMjNDNEY5QUUwMi9xWVplc29LU3hZajlJTFJrQWpMSmY3d3JB
MzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FZWmVzb0tTeFlqOUlMUmtBakxKZjd3ckEzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEIyMTcvOEY4Q0E4MEFEOTgzMTFFQkIyQkU5MTIzQzRGOUFFMDIvREZGMTg1ODJE
OTg3MTFFQjgwQzdEQjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnTBAwDQYJKoZIhvcNAQELBQADggEBADBqYHO4dwHrIpiS
NnS8zawtqWgC5LPXzlv52rpqHtAIYuYEW/t8VcOjm8xKcVeeTLKV9B/s0KxsI+mL
1ZumOjg88BjTei7DTvUCpwBnxm3c3bu1Cx0xSOd9s/v++aAWlJwfRPFuRugxaEQZ
VdLjuxq6/rjkCHD/p07UU0f/aSn9hU0xA049uWv8hnhuSqKMzDlAhW5ui7LqkfP9
gJJB4vrgJiK9l6S2pdyhk6B+mvoGL2fhIarxvq8kpMLRdJBH5OmZYoPcafmOLVxo
PuVzcX8RDzl6WFmF2CwzNZtqfXcZAdxo9h35eZmV4AI20264QZ5zlISjigCBULA/
QPXVts4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:49 2023 by rpki-client on console-fra.rpki-client.org