Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7680E9E08EF311ECAC99260EC4F9AE02.roa
File: 7680E9E08EF311ECAC99260EC4F9AE02.roa (raw, json)
Hash identifier: yaRhB0t96nuCRwgGJoFYMyGf9b7F6iPleoaYn6Nh5Rg=
Subject key identifier: ED:5B:DC:B2:73:CE:C1:75:0F:F1:FC:00:51:CA:26:96:44:FE:80:22
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5489
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7680E9E08EF311ECAC99260EC4F9AE02.roa
Signing time: Mon 16 May 2022 04:30:24 +0000
ROA not before: Mon 16 May 2022 04:30:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149271
IP address blocks: 103.180.98.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21641 (0x5489)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:30:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281d35f-2f41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:62:d0:6c:c2:2d:95:64:0f:95:69:4b:a5:58:
85:34:7f:17:1d:e4:9c:cc:30:12:2f:8c:5a:f0:34:
11:cb:8d:de:0d:1d:e3:36:17:c8:e5:2f:46:34:9a:
a0:56:96:69:50:4a:6e:11:e0:fd:b6:36:11:38:07:
ed:97:76:fa:7a:1a:00:12:00:aa:7b:23:bb:2a:f7:
d7:b9:0e:6d:3b:45:1c:bf:b0:2a:c8:49:8c:52:46:
84:2c:4c:65:71:a1:16:77:05:46:5c:12:cf:94:a2:
2f:bf:6b:41:53:fb:09:8c:62:75:fd:4c:94:c4:b4:
af:9a:17:49:6e:c0:20:de:38:16:01:e6:81:0b:05:
2d:68:ce:d0:b8:4e:f1:03:98:14:2f:04:c0:19:cf:
2f:94:9e:e1:25:68:b7:3d:9c:0a:91:ce:3b:42:a9:
f2:be:85:88:7b:61:c6:ad:0d:43:a3:9e:24:cc:e8:
36:4c:b9:0e:49:58:81:df:88:be:0b:7f:4c:e9:9f:
aa:1b:43:ce:54:08:d6:5c:42:07:9f:bb:f4:ce:f2:
60:92:8e:6c:21:a2:4f:2c:32:af:31:3b:d1:05:3b:
93:91:7e:9b:60:36:f0:7a:22:3d:49:76:6c:ff:2f:
10:fc:b2:07:f2:31:bb:ac:25:1e:c2:6e:e1:46:cd:
af:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:5B:DC:B2:73:CE:C1:75:0F:F1:FC:00:51:CA:26:96:44:FE:80:22
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7680E9E08EF311ECAC99260EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.98.0/23
Signature Algorithm: sha256WithRSAEncryption
48:d4:ba:e6:cb:1f:57:af:9e:d3:e8:35:3f:ad:e7:69:0e:0e:
76:a4:86:06:07:de:41:c3:54:2b:04:cd:66:3b:da:80:a0:99:
ef:ad:9e:ab:e0:e7:04:f4:a5:d9:85:75:a8:f4:c3:cd:a8:db:
9a:02:10:c9:9c:18:9d:ce:db:5f:4d:b1:37:be:92:f6:cd:9a:
42:25:ce:07:e0:7e:60:18:bb:e6:ac:84:59:ef:dd:47:d3:a0:
21:93:8d:ba:3f:8d:c7:16:21:fe:ed:50:dc:2e:77:f8:6c:ae:
1a:60:ef:72:da:0a:31:42:fe:05:a1:08:7a:57:05:ba:76:fb:
ce:e9:1b:2a:f2:3f:36:45:32:6e:76:69:c5:52:5a:ef:d5:98:
ea:26:50:20:81:46:38:90:5f:7e:a3:9b:fe:47:cb:19:cd:ad:
4e:b0:79:78:06:12:e8:94:3f:41:73:9a:8b:2d:71:ef:2c:90:
97:31:79:91:ca:12:59:ef:e2:3b:ba:31:a6:19:fd:3b:be:d1:
d0:09:84:22:c5:17:45:a8:8f:28:12:be:33:7a:52:9e:28:21:
14:27:f2:d4:e9:06:59:3f:96:a0:1d:ff:71:2c:77:2c:8a:41:
e4:27:09:c1:5b:dc:d7:2c:d0:16:d7:82:09:59:f7:aa:2f:c3:
ad:27:98:2f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICVIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQzMDI0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxZDM1Zi0yZjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmmLQbMItlWQPlWlLpViFNH8XHeSczDASL4xa8DQRy43eDR3jNhfI5S9GNJqg
VpZpUEpuEeD9tjYROAftl3b6ehoAEgCqeyO7KvfXuQ5tO0Ucv7AqyEmMUkaELExl
caEWdwVGXBLPlKIvv2tBU/sJjGJ1/UyUxLSvmhdJbsAg3jgWAeaBCwUtaM7QuE7x
A5gULwTAGc8vlJ7hJWi3PZwKkc47QqnyvoWIe2HGrQ1Do54kzOg2TLkOSViB34i+
C39M6Z+qG0POVAjWXEIHn7v0zvJgko5sIaJPLDKvMTvRBTuTkX6bYDbweiI9SXZs
/y8Q/LIH8jG7rCUewm7hRs2vKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFO1b3LJz
zsF1D/H8AFHKJpZE/oAiMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNzY4MEU5RTA4
RUYzMTFFQ0FDOTkyNjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFntGIwDQYJKoZIhvcNAQELBQADggEBAEjUuubLH1evntPo
NT+t52kODnakhgYH3kHDVCsEzWY72oCgme+tnqvg5wT0pdmFdaj0w82o25oCEMmc
GJ3O219NsTe+kvbNmkIlzgfgfmAYu+ashFnv3UfToCGTjbo/jccWIf7tUNwud/hs
rhpg73LaCjFC/gWhCHpXBbp2+87pGyryPzZFMm52acVSWu/VmOomUCCBRjiQX36j
m/5HyxnNrU6weXgGEuiUP0Fzmostce8skJcxeZHKElnv4ju6MaYZ/Tu+0dAJhCLF
F0WojygSvjN6Up4oIRQn8tTpBlk/lqAd/3EsdyyKQeQnCcFb3Ncs0BbXgglZ96ov
w60nmC8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-fra.rpki-client.org