Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/E2AE3D74CF1711EDBA369B1DC4F9AE02.roa
File: E2AE3D74CF1711EDBA369B1DC4F9AE02.roa (raw, json)
Hash identifier: LYl4A2qV0vEDU0bGkCLNOCxzBuBGCRbb+wo8pPto6jo=
Subject key identifier: 92:D7:FB:7C:40:23:BA:4C:9A:EB:9E:32:AA:1A:B9:D3:BA:BB:DC:76
Certificate issuer: /CN=A918D808/serialNumber=0725F2491801505185C9069A4013635C38B56B72
Certificate serial: 0555
Authority key identifier: 07:25:F2:49:18:01:50:51:85:C9:06:9A:40:13:63:5C:38:B5:6B:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/E2AE3D74CF1711EDBA369B1DC4F9AE02.roa
Signing time: Thu 30 Mar 2023 16:28:21 +0000
ROA not before: Thu 30 Mar 2023 16:28:21 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 61317
IP address blocks: 103.104.140.0/24 maxlen: 24
103.104.142.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1365 (0x555)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D808/serialNumber=0725F2491801505185C9069A4013635C38B56B72
Validity
Not Before: Mar 30 16:28:21 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6425b8a5-409f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:48:94:1e:2e:c6:fc:e1:25:59:7d:8a:44:2d:
c3:1e:43:d9:eb:d8:ec:f4:2c:b9:16:c7:51:3c:c5:
a3:57:2b:56:a5:a9:3a:ba:f5:b5:88:41:09:27:e9:
3c:ca:b2:25:96:1d:53:e1:f6:93:76:53:e5:72:54:
05:ac:7f:e8:3c:93:35:80:8b:4d:94:b8:b6:4c:49:
01:a9:98:7a:a7:7f:c6:a6:c8:fa:85:6a:e6:3f:c8:
36:20:f6:64:dc:6c:b0:82:42:9b:a8:71:20:24:a4:
08:b8:dd:f8:5f:e8:a1:75:4b:22:af:1a:65:1e:fe:
89:26:f0:19:7d:23:d1:be:81:b2:3f:8c:d0:00:41:
df:ca:26:be:77:b9:0f:59:d3:3f:b7:6f:fc:a3:f8:
3b:94:cb:8c:c8:cf:80:b7:2f:0e:0f:ba:2d:55:53:
86:c4:9a:2b:2f:46:44:45:a7:53:80:27:d0:dd:e5:
27:18:27:cf:b0:41:4d:ad:5f:09:57:92:1c:4f:89:
c6:9d:1b:97:c1:47:62:a5:43:d7:99:e0:1b:4c:fd:
d4:7c:69:25:bc:47:30:95:70:97:08:81:2c:a1:f5:
f8:a6:d1:8c:1b:74:fa:98:2c:d0:9e:d3:3f:22:a9:
2c:8f:92:f3:09:10:17:84:f4:37:18:7f:97:a9:b7:
6f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D7:FB:7C:40:23:BA:4C:9A:EB:9E:32:AA:1A:B9:D3:BA:BB:DC:76
X509v3 Authority Key Identifier:
keyid:07:25:F2:49:18:01:50:51:85:C9:06:9A:40:13:63:5C:38:B5:6B:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/ByXySRgBUFGFyQaaQBNjXDi1a3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/E2AE3D74CF1711EDBA369B1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.140.0/24
103.104.142.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:46:4b:d9:c4:7d:c5:d3:66:8f:d6:d7:bb:8e:31:c0:77:93:
0b:d5:41:75:5b:73:2b:f2:68:e9:d9:6b:6b:cc:ec:c0:b7:7f:
a9:b2:20:54:d5:37:86:64:ba:6c:80:2f:11:62:05:35:d8:d7:
06:c0:47:f2:3d:96:fb:01:81:65:22:16:84:04:ef:2a:92:22:
15:03:ac:89:0d:45:0d:3f:8e:a1:06:1d:56:b8:68:01:d8:93:
dc:b0:ec:8c:ce:70:bd:c8:a4:d1:a8:0d:e8:f4:62:9d:c8:54:
f4:81:9e:e3:8d:fe:f7:6d:64:6e:ea:e1:96:e0:5b:0f:6c:27:
da:4e:e4:39:f1:df:66:e7:d8:c1:81:a1:fe:22:13:30:e0:b7:
87:bb:ac:9c:df:fb:d9:4b:f5:58:57:5c:e6:27:30:16:49:47:
db:c2:43:be:59:e9:6c:ff:3e:15:b8:91:f3:56:e8:8d:f8:fc:
5d:b3:77:63:d9:d4:97:ed:f0:12:ef:92:66:aa:47:3f:1b:a3:
66:9b:a4:5c:2a:c7:84:f4:84:ee:01:75:bf:a9:18:b1:3a:fe:
43:fe:24:01:f0:64:30:16:3b:6a:80:21:01:dd:91:1a:d0:56:
a9:22:4a:a4:85:0b:8c:c3:ba:ba:f1:2d:8f:c7:9c:24:3d:64:
46:00:3e:74
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBVUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ4MDgxMTAvBgNVBAUTKDA3MjVGMjQ5MTgwMTUwNTE4NUM5MDY5QTQwMTM2MzVD
MzhCNTZCNzIwHhcNMjMwMzMwMTYyODIxWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI1YjhhNS00MDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2kiUHi7G/OElWX2KRC3DHkPZ69js9Cy5FsdRPMWjVytWpak6uvW1iEEJJ+k8
yrIllh1T4faTdlPlclQFrH/oPJM1gItNlLi2TEkBqZh6p3/Gpsj6hWrmP8g2IPZk
3GywgkKbqHEgJKQIuN34X+ihdUsirxplHv6JJvAZfSPRvoGyP4zQAEHfyia+d7kP
WdM/t2/8o/g7lMuMyM+Aty8OD7otVVOGxJorL0ZERadTgCfQ3eUnGCfPsEFNrV8J
V5IcT4nGnRuXwUdipUPXmeAbTP3UfGklvEcwlXCXCIEsofX4ptGMG3T6mCzQntM/
Iqksj5LzCRAXhPQ3GH+Xqbdv7QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJLX+3xA
I7pMmuueMqoaudO6u9x2MB8GA1UdIwQYMBaAFAcl8kkYAVBRhckGmkATY1w4tWty
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDgwOC9FMjZCNDY0MkY0
QjIxMUU5QkYzQ0U1NjNDNEY5QUUwMi9CeVh5U1JnQlVGR0Z5UWFhUUJOalhEaTFh
M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0J5WHlTUmdCVUZHRnlRYWFRQk5qWERpMWEzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ4MDgvRTI2QjQ2NDJGNEIyMTFFOUJGM0NFNTYzQzRGOUFFMDIvRTJBRTNENzRD
RjE3MTFFREJBMzY5QjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnaIwDBAFnaI4wDQYJKoZIhvcNAQELBQADggEBAAtGS9nE
fcXTZo/W17uOMcB3kwvVQXVbcyvyaOnZa2vM7MC3f6myIFTVN4ZkumyALxFiBTXY
1wbAR/I9lvsBgWUiFoQE7yqSIhUDrIkNRQ0/jqEGHVa4aAHYk9yw7IzOcL3IpNGo
Dej0Yp3IVPSBnuON/vdtZG7q4ZbgWw9sJ9pO5Dnx32bn2MGBof4iEzDgt4e7rJzf
+9lL9VhXXOYnMBZJR9vCQ75Z6Wz/PhW4kfNW6I34/F2zd2PZ1Jft8BLvkmaqRz8b
o2abpFwqx4T0hO4Bdb+pGLE6/kP+JAHwZDAWO2qAIQHdkRrQVqkiSqSFC4zDurrx
LY/HnCQ9ZEYAPnQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org