Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CC7D2DC4960811EC8BB4F586C4F9AE02.roa
File: CC7D2DC4960811EC8BB4F586C4F9AE02.roa (raw, json)
Hash identifier: Lbnjv/UvyP4UfixKLyey1+WJXgqVOTl3U7E9qH4vmKc=
Subject key identifier: E8:E0:E3:24:6F:A0:04:33:7F:46:AD:B9:E9:3F:67:F9:13:30:CF:9E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 546E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CC7D2DC4960811EC8BB4F586C4F9AE02.roa
Signing time: Mon 16 May 2022 04:29:56 +0000
ROA not before: Mon 16 May 2022 04:29:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149227
IP address blocks: 103.180.8.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21614 (0x546e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:29:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281d343-d072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9e:82:e4:fb:7f:fb:87:a1:1d:eb:a7:49:af:
a4:73:29:d9:15:80:9d:76:9f:b2:32:a5:b3:b1:c4:
47:04:2d:db:45:6c:3d:7c:50:75:74:32:52:91:38:
a5:67:2b:a5:7b:0c:8c:7a:a8:4f:6e:56:db:9c:dc:
4d:b5:01:10:18:08:ba:e7:60:7a:cb:55:05:a1:fd:
78:59:d2:83:64:00:66:88:c7:70:df:80:05:e8:fe:
37:93:8c:06:89:dd:d3:3f:4f:48:f3:75:e0:2c:5d:
2b:8d:a0:ed:50:46:93:3d:9c:88:18:8d:0b:c0:58:
b5:50:de:9d:77:b4:21:6e:46:ba:a0:ab:6b:49:e2:
84:b5:28:b8:b5:10:e9:d6:4f:2c:73:98:f0:4f:ff:
3b:9c:cf:7d:ff:a9:b4:0c:6e:42:b3:96:5f:26:7c:
8b:8e:53:db:c9:9d:8f:cf:b2:0f:58:80:ad:25:8c:
49:aa:93:67:1b:92:2d:f8:91:16:94:2a:8d:f7:47:
6b:5b:52:43:4a:aa:9e:e7:87:98:05:9a:b1:bf:28:
39:5a:3f:ef:a7:ac:a9:a4:45:97:49:96:ef:2c:87:
8a:5f:b9:ed:ef:28:b2:eb:a3:37:31:43:a2:da:99:
dc:04:c3:f9:44:d3:75:67:50:78:a8:6d:54:3c:3a:
1c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E0:E3:24:6F:A0:04:33:7F:46:AD:B9:E9:3F:67:F9:13:30:CF:9E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CC7D2DC4960811EC8BB4F586C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.8.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:e2:88:a2:b6:6b:b1:37:d5:3e:9f:03:ef:16:d5:af:90:7f:
c5:6c:91:c6:77:10:6b:f3:ab:f3:97:81:5b:0e:65:b2:81:e5:
43:92:32:e2:3a:8f:11:70:de:e4:a8:ff:a4:1f:29:3c:82:1f:
d0:e3:20:a1:38:30:59:28:99:88:db:40:99:30:58:33:33:8e:
94:65:6b:e1:35:5b:8d:d1:97:74:7e:8b:88:f0:4e:39:5f:1c:
6d:e5:ef:d1:8b:7f:fe:8f:0b:7f:46:e3:b1:44:f1:89:0d:f0:
8b:73:6b:36:4e:83:9d:b2:5e:10:29:06:f2:6b:6c:4e:89:ad:
c7:8f:d2:f1:df:25:06:09:a7:84:f2:ec:cb:aa:61:f6:04:92:
7b:70:15:82:04:69:b5:ee:00:3d:db:3e:6c:d2:a7:76:81:07:
55:32:e3:4c:ce:c0:09:f3:ab:80:fa:03:98:01:03:36:4d:0a:
75:d3:f2:4d:6e:3e:64:cc:e0:fe:bb:d4:ab:ff:ce:92:bd:d5:
f1:06:bb:15:49:dc:a2:2b:c1:23:60:82:b3:23:8c:3b:5d:09:
51:be:20:ff:88:c5:76:d3:83:ed:39:63:7a:94:c7:34:b8:49:
ef:75:bd:55:c5:7c:75:eb:cb:b3:cc:e7:9b:f1:cc:74:a6:7e:
9d:86:53:a3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICVG4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQyOTU2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxZDM0My1kMDcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJ6C5Pt/+4ehHeunSa+kcynZFYCddp+yMqWzscRHBC3bRWw9fFB1dDJSkTil
ZyulewyMeqhPblbbnNxNtQEQGAi652B6y1UFof14WdKDZABmiMdw34AF6P43k4wG
id3TP09I83XgLF0rjaDtUEaTPZyIGI0LwFi1UN6dd7Qhbka6oKtrSeKEtSi4tRDp
1k8sc5jwT/87nM99/6m0DG5Cs5ZfJnyLjlPbyZ2Pz7IPWICtJYxJqpNnG5It+JEW
lCqN90drW1JDSqqe54eYBZqxvyg5Wj/vp6yppEWXSZbvLIeKX7nt7yiy66M3MUOi
2pncBMP5RNN1Z1B4qG1UPDocaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOjg4yRv
oAQzf0atuek/Z/kTMM+eMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQ0M3RDJEQzQ5
NjA4MTFFQzhCQjRGNTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFntAgwDQYJKoZIhvcNAQELBQADggEBAE7iiKK2a7E31T6f
A+8W1a+Qf8VskcZ3EGvzq/OXgVsOZbKB5UOSMuI6jxFw3uSo/6QfKTyCH9DjIKE4
MFkomYjbQJkwWDMzjpRla+E1W43Rl3R+i4jwTjlfHG3l79GLf/6PC39G47FE8YkN
8ItzazZOg52yXhApBvJrbE6JrceP0vHfJQYJp4Ty7MuqYfYEkntwFYIEabXuAD3b
PmzSp3aBB1Uy40zOwAnzq4D6A5gBAzZNCnXT8k1uPmTM4P671Kv/zpK91fEGuxVJ
3KIrwSNggrMjjDtdCVG+IP+IxXbTg+05Y3qUxzS4Se91vVXFfHXry7PM55vxzHSm
fp2GU6M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org