Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918BAD8/D0145286DA3411EB9D6CCC42C4F9AE02/5E201842DA3711EBACB20A48C4F9AE02.roa
File: 5E201842DA3711EBACB20A48C4F9AE02.roa (raw, json)
Hash identifier: 6htwpbXqytEcVjoH5T0GvRxZU7ACdSndt8dpwG6hvsA=
Subject key identifier: 6A:CA:70:C8:DB:A3:9C:54:BD:F2:EC:BC:49:2C:4C:A8:1F:21:4A:96
Certificate issuer: /CN=A918BAD8/serialNumber=5D8C1CC533E27DF768EE638F04FC255079BE1124
Certificate serial: 03BB
Authority key identifier: 5D:8C:1C:C5:33:E2:7D:F7:68:EE:63:8F:04:FC:25:50:79:BE:11:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYwcxTPiffdo7mOPBPwlUHm-ESQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918BAD8/D0145286DA3411EB9D6CCC42C4F9AE02/5E201842DA3711EBACB20A48C4F9AE02.roa
Signing time: Wed 21 Dec 2022 02:42:30 +0000
ROA not before: Wed 21 Dec 2022 02:42:30 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 131111
IP address blocks: 103.78.112.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 955 (0x3bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918BAD8/serialNumber=5D8C1CC533E27DF768EE638F04FC255079BE1124
Validity
Not Before: Dec 21 02:42:30 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63a27295-c037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b0:80:34:e8:b4:5f:1d:9c:d0:af:7e:ac:37:
96:4a:e9:15:f7:8d:3b:d3:ce:d5:71:02:23:4d:62:
6e:6e:2c:33:cb:d2:65:8a:64:f1:e1:2f:96:45:5d:
e8:9a:c3:94:7c:8e:2a:2b:ab:ab:11:3b:ac:2d:e9:
7b:d5:40:5e:40:85:88:8d:15:56:71:d8:e7:d8:d5:
3b:b1:3c:6e:eb:52:2a:6e:3f:76:c6:db:fe:5a:4d:
51:c0:9c:0d:f2:b7:6e:b2:e5:e3:f8:3b:e0:fc:d8:
40:52:4d:ab:71:86:41:90:6b:81:11:6c:69:34:d0:
9d:1c:5d:8a:17:80:bf:c4:cf:f5:83:74:5f:9e:2d:
d9:d1:08:3d:84:75:a8:6a:b1:88:c8:0f:8b:0c:19:
b3:92:18:6e:0a:e7:04:50:a4:36:6f:e0:35:06:77:
9f:5e:81:4b:2c:a7:f4:88:b1:c7:6b:35:f3:ae:53:
ad:10:0e:05:99:d7:8a:75:69:27:c9:38:95:40:96:
b2:b8:91:f3:74:bd:d4:66:20:48:99:ce:6a:e4:b6:
4c:e8:6c:9a:14:56:b1:35:14:29:eb:c5:57:46:8f:
f3:98:6a:e8:dd:f3:76:83:6e:95:75:35:ca:76:00:
04:3b:f6:43:d9:42:77:b4:be:67:23:7d:1a:f6:d9:
6c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:CA:70:C8:DB:A3:9C:54:BD:F2:EC:BC:49:2C:4C:A8:1F:21:4A:96
X509v3 Authority Key Identifier:
keyid:5D:8C:1C:C5:33:E2:7D:F7:68:EE:63:8F:04:FC:25:50:79:BE:11:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918BAD8/D0145286DA3411EB9D6CCC42C4F9AE02/XYwcxTPiffdo7mOPBPwlUHm-ESQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYwcxTPiffdo7mOPBPwlUHm-ESQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BAD8/D0145286DA3411EB9D6CCC42C4F9AE02/5E201842DA3711EBACB20A48C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.78.112.0/22
Signature Algorithm: sha256WithRSAEncryption
94:1b:eb:eb:09:4d:23:86:fb:10:78:0f:06:d7:71:e0:76:37:
85:db:a3:78:1a:21:25:f5:8d:0f:71:3b:6f:30:94:f3:fc:27:
bf:cf:f1:4c:83:06:10:09:66:db:23:70:aa:5f:e9:03:84:ff:
9f:fa:d1:56:e0:d1:95:be:33:3a:04:20:b0:11:06:bb:27:03:
3a:a2:1e:db:30:9b:6e:0f:18:1b:9d:97:bf:43:e4:4f:f6:75:
a5:70:5a:0a:ce:80:c0:32:e2:d7:de:bd:d1:85:4b:c5:74:1c:
16:6a:ae:49:d6:d3:f3:b1:9a:f2:d5:ea:f9:9d:ea:c5:ac:83:
1f:b0:4e:bd:48:38:09:53:fc:23:6a:9e:33:87:49:66:bb:14:
8a:1a:50:76:48:87:09:b1:43:d9:8b:da:09:a7:27:3d:fd:a5:
1c:8d:d7:29:2e:22:9c:c4:94:f2:7a:8a:27:55:c7:60:00:40:
e7:ff:b0:d9:ec:79:a9:dc:f1:02:79:94:29:77:89:71:f8:df:
c1:05:b6:db:a1:35:b1:f7:c9:1f:31:99:4d:f3:46:1f:b7:bf:
54:d0:d2:82:5d:e7:c2:26:3e:9e:aa:e4:9a:23:d2:d6:bb:b9:
34:8f:70:ba:e2:77:f7:c9:e3:38:b3:53:74:70:b1:fd:ea:a6:
ba:ee:c1:80
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEJBRDgxMTAvBgNVBAUTKDVEOEMxQ0M1MzNFMjdERjc2OEVFNjM4RjA0RkMyNTUw
NzlCRTExMjQwHhcNMjIxMjIxMDI0MjMwWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2EyNzI5NS1jMDM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArrCANOi0Xx2c0K9+rDeWSukV9407087VcQIjTWJubiwzy9JlimTx4S+WRV3o
msOUfI4qK6urETusLel71UBeQIWIjRVWcdjn2NU7sTxu61Iqbj92xtv+Wk1RwJwN
8rdusuXj+Dvg/NhAUk2rcYZBkGuBEWxpNNCdHF2KF4C/xM/1g3Rfni3Z0Qg9hHWo
arGIyA+LDBmzkhhuCucEUKQ2b+A1BnefXoFLLKf0iLHHazXzrlOtEA4FmdeKdWkn
yTiVQJayuJHzdL3UZiBImc5q5LZM6GyaFFaxNRQp68VXRo/zmGro3fN2g26VdTXK
dgAEO/ZD2UJ3tL5nI30a9tlsBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGrKcMjb
o5xUvfLsvEksTKgfIUqWMB8GA1UdIwQYMBaAFF2MHMUz4n33aO5jjwT8JVB5vhEk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkFEOC9EMDE0NTI4NkRB
MzQxMUVCOUQ2Q0NDNDJDNEY5QUUwMi9YWXdjeFRQaWZmZG83bU9QQlB3bFVIbS1F
U1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hZd2N4VFBpZmZkbzdtT1BCUHdsVUhtLUVTUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEJBRDgvRDAxNDUyODZEQTM0MTFFQjlENkNDQzQyQzRGOUFFMDIvNUUyMDE4NDJE
QTM3MTFFQkFDQjIwQTQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnTnAwDQYJKoZIhvcNAQELBQADggEBAJQb6+sJTSOG+xB4
DwbXceB2N4Xbo3gaISX1jQ9xO28wlPP8J7/P8UyDBhAJZtsjcKpf6QOE/5/60Vbg
0ZW+MzoEILARBrsnAzqiHtswm24PGBudl79D5E/2daVwWgrOgMAy4tfevdGFS8V0
HBZqrknW0/OxmvLV6vmd6sWsgx+wTr1IOAlT/CNqnjOHSWa7FIoaUHZIhwmxQ9mL
2gmnJz39pRyN1ykuIpzElPJ6iidVx2AAQOf/sNnseanc8QJ5lCl3iXH438EFttuh
NbH3yR8xmU3zRh+3v1TQ0oJd58ImPp6q5Joj0ta7uTSPcLrid/fJ4zizU3Rwsf3q
prruwYA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:46 2023 by rpki-client on console-ams.rpki-client.org