Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/E0A49ED259F611EE8157A844C4F9AE02.roa
File: E0A49ED259F611EE8157A844C4F9AE02.roa (raw, json)
Hash identifier: dCNbANsd4MDuzLHQliuT0eJEmXKGsfIKSFQdj7Fzn6Y=
Subject key identifier: 32:CB:13:3E:6F:FD:4C:7D:9A:D7:EC:34:A1:06:AF:C6:D3:69:C0:2E
Certificate issuer: /CN=A918D808/serialNumber=0725F2491801505185C9069A4013635C38B56B72
Certificate serial: 05EC
Authority key identifier: 07:25:F2:49:18:01:50:51:85:C9:06:9A:40:13:63:5C:38:B5:6B:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/E0A49ED259F611EE8157A844C4F9AE02.roa
Signing time: Sat 23 Sep 2023 09:54:23 +0000
ROA not before: Sat 23 Sep 2023 09:54:23 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 61317
IP address blocks: 103.104.140.0/24 maxlen: 24
103.104.142.0/24 maxlen: 24
103.104.143.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1516 (0x5ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D808/serialNumber=0725F2491801505185C9069A4013635C38B56B72
Validity
Not Before: Sep 23 09:54:23 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=650eb5cf-7e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:db:82:32:cb:b7:cd:7f:f0:07:52:3a:2b:bd:
49:c3:db:b5:dc:83:0f:d3:44:96:fa:4a:e9:31:e8:
13:c6:47:9a:9f:f8:b3:19:f2:d5:79:c7:f5:14:0a:
ab:95:85:bf:9a:d1:c2:77:83:37:e2:a4:68:51:82:
5f:56:d4:39:0e:be:a6:d7:eb:ae:e1:0a:08:5b:ba:
0b:b3:13:b2:2c:b3:39:17:13:5e:77:78:9c:b3:d4:
46:9e:fb:b4:1e:9a:1b:88:24:29:7a:44:7d:44:49:
94:4f:5b:dd:b7:f0:68:b0:ef:1b:b7:c2:49:3b:2a:
ca:3a:e4:e6:a2:13:87:51:9c:f4:2d:48:15:d4:ea:
b1:38:1f:e8:1b:f9:a9:29:e0:d9:09:2d:51:e7:2e:
12:fa:e6:96:7d:da:a3:4f:69:f7:6a:3e:20:18:3d:
47:a8:d4:6e:22:52:a9:a8:a6:eb:d9:56:ba:81:6b:
c6:45:dc:62:76:eb:f5:45:0a:0c:b8:bb:de:39:65:
e9:c6:1d:51:41:b4:e3:25:78:0e:b2:4b:68:3e:e5:
00:3e:4e:20:67:0b:60:fa:87:e8:d0:8d:c3:20:e5:
49:9c:d8:8d:ad:46:ec:0d:2b:6f:5e:1e:32:a9:39:
f5:73:d3:e5:b2:88:6e:b2:0b:8a:69:03:3c:28:b1:
3d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CB:13:3E:6F:FD:4C:7D:9A:D7:EC:34:A1:06:AF:C6:D3:69:C0:2E
X509v3 Authority Key Identifier:
keyid:07:25:F2:49:18:01:50:51:85:C9:06:9A:40:13:63:5C:38:B5:6B:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/ByXySRgBUFGFyQaaQBNjXDi1a3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/E0A49ED259F611EE8157A844C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.140.0/24
103.104.142.0/23
Signature Algorithm: sha256WithRSAEncryption
45:3e:2a:4e:11:fd:0a:e9:e3:92:e4:44:52:9c:a6:c6:c9:85:
51:97:20:48:e0:be:bd:e7:18:6f:6a:03:06:73:a7:7a:d3:d3:
d0:9f:88:e0:f1:2f:b0:70:39:99:80:df:31:ec:0f:3a:3c:09:
34:c2:61:0c:6e:3a:16:28:0b:ed:4e:df:4d:29:50:22:db:15:
27:bd:bd:79:c9:97:77:7b:e5:5a:d1:ed:2f:ae:c1:ff:4c:38:
75:de:92:de:81:85:76:6f:de:09:66:bc:d3:8a:f3:65:4e:4f:
e6:f3:12:94:95:9d:0c:5e:92:d7:cb:f0:60:0e:87:05:11:cf:
37:56:f1:be:bc:b6:50:39:78:bb:a0:52:dd:98:49:0e:bd:bb:
4a:13:03:d5:e8:ba:ab:d2:fb:01:d7:1e:56:8f:ca:19:5c:7e:
83:b8:13:6d:ed:02:f7:38:4d:d3:d4:58:aa:7c:52:cc:44:36:
b9:d4:62:33:6a:eb:95:65:d2:94:45:b2:bd:f7:02:66:1e:1d:
77:d8:8a:60:86:21:5e:ed:c3:8d:64:5d:7f:d0:33:93:a0:df:
39:83:d0:09:93:5f:99:df:20:d2:e9:69:54:69:20:9d:60:5a:
32:c9:91:c0:7e:d2:06:12:70:38:63:0e:51:e4:96:46:d8:5b:
70:4d:4d:ef
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ4MDgxMTAvBgNVBAUTKDA3MjVGMjQ5MTgwMTUwNTE4NUM5MDY5QTQwMTM2MzVD
MzhCNTZCNzIwHhcNMjMwOTIzMDk1NDIzWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBlYjVjZi03ZTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3tuCMsu3zX/wB1I6K71Jw9u13IMP00SW+krpMegTxkean/izGfLVecf1FAqr
lYW/mtHCd4M34qRoUYJfVtQ5Dr6m1+uu4QoIW7oLsxOyLLM5FxNed3ics9RGnvu0
HpobiCQpekR9REmUT1vdt/BosO8bt8JJOyrKOuTmohOHUZz0LUgV1OqxOB/oG/mp
KeDZCS1R5y4S+uaWfdqjT2n3aj4gGD1HqNRuIlKpqKbr2Va6gWvGRdxiduv1RQoM
uLveOWXpxh1RQbTjJXgOsktoPuUAPk4gZwtg+ofo0I3DIOVJnNiNrUbsDStvXh4y
qTn1c9PlsohusguKaQM8KLE9TwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDLLEz5v
/Ux9mtfsNKEGr8bTacAuMB8GA1UdIwQYMBaAFAcl8kkYAVBRhckGmkATY1w4tWty
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDgwOC9FMjZCNDY0MkY0
QjIxMUU5QkYzQ0U1NjNDNEY5QUUwMi9CeVh5U1JnQlVGR0Z5UWFhUUJOalhEaTFh
M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0J5WHlTUmdCVUZHRnlRYWFRQk5qWERpMWEzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ4MDgvRTI2QjQ2NDJGNEIyMTFFOUJGM0NFNTYzQzRGOUFFMDIvRTBBNDlFRDI1
OUY2MTFFRTgxNTdBODQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnaIwDBAFnaI4wDQYJKoZIhvcNAQELBQADggEBAEU+Kk4R
/Qrp45LkRFKcpsbJhVGXIEjgvr3nGG9qAwZzp3rT09CfiODxL7BwOZmA3zHsDzo8
CTTCYQxuOhYoC+1O300pUCLbFSe9vXnJl3d75VrR7S+uwf9MOHXekt6BhXZv3glm
vNOK82VOT+bzEpSVnQxektfL8GAOhwURzzdW8b68tlA5eLugUt2YSQ69u0oTA9Xo
uqvS+wHXHlaPyhlcfoO4E23tAvc4TdPUWKp8UsxENrnUYjNq65Vl0pRFsr33AmYe
HXfYimCGIV7tw41kXX/QM5Og3zmD0AmTX5nfINLpaVRpIJ1gWjLJkcB+0gYScDhj
DlHklkbYW3BNTe8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:26 2024 by rpki-client on console-ams.rpki-client.org