Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91917EF/2F8C6278421111ECB0C0A060C4F9AE02/49BA9E1CBE8311EE96C10B0FC4F9AE02.roa
File: 49BA9E1CBE8311EE96C10B0FC4F9AE02.roa (raw, json)
Hash identifier: iFaC/SWiyiQC35A3Ce6YvUMzyDFTuN2mAa50uShKceo=
Subject key identifier: 8D:81:26:61:17:0A:38:32:1A:9D:D9:D8:E7:FB:F4:34:D5:21:77:23
Certificate issuer: /CN=A91917EF/serialNumber=4B4ADE73CE505844785ECEEE0A75046D6C2FB54C
Certificate serial: 039C
Authority key identifier: 4B:4A:DE:73:CE:50:58:44:78:5E:CE:EE:0A:75:04:6D:6C:2F:B5:4C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0rec85QWER4Xs7uCnUEbWwvtUw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91917EF/2F8C6278421111ECB0C0A060C4F9AE02/49BA9E1CBE8311EE96C10B0FC4F9AE02.roa
Signing time: Mon 29 Jan 2024 08:49:18 +0000
ROA not before: Mon 29 Jan 2024 08:49:18 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 17557
IP address blocks: 103.12.41.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924 (0x39c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91917EF/serialNumber=4B4ADE73CE505844785ECEEE0A75046D6C2FB54C
Validity
Not Before: Jan 29 08:49:18 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65b7668e-8603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cc:09:03:86:39:5a:8f:66:09:cf:6e:b0:b1:
23:43:ef:f9:b5:af:07:7c:bb:82:34:f0:7a:7f:b4:
c8:92:76:be:06:e0:6e:03:f9:d3:15:17:35:47:4e:
f2:f4:72:bf:eb:ef:e6:c2:77:86:7e:f1:d2:59:cb:
c8:e2:96:6f:c5:d0:4e:ee:c8:53:c9:1e:22:f9:eb:
c5:33:cc:28:92:07:79:f1:94:97:d2:9b:af:87:34:
d2:12:d0:72:be:12:a4:39:77:ab:be:28:e4:b4:c4:
a6:2c:f6:93:d0:4b:10:e8:87:db:68:11:34:3a:c8:
b4:9d:2d:07:64:bc:78:6b:03:57:a0:0b:0c:55:2f:
7e:8a:9d:29:47:9b:2a:b1:1e:70:c5:21:47:7b:32:
c8:86:81:9e:6e:7d:7a:67:02:97:97:00:6d:f0:9c:
eb:a6:65:23:bd:e2:89:70:ff:2d:d5:3d:b9:08:5c:
25:37:77:b2:33:1b:42:71:93:19:50:49:2b:94:af:
f2:dd:c7:2c:ef:1f:45:84:4a:80:8b:d7:aa:43:3c:
a9:85:54:fd:f1:c7:3a:92:a3:11:72:7e:da:8f:f2:
12:0d:3e:78:aa:be:b2:cf:f1:7c:fe:35:01:cd:98:
47:f3:64:1f:97:f4:7e:a0:00:94:70:70:8d:0b:9a:
d9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:81:26:61:17:0A:38:32:1A:9D:D9:D8:E7:FB:F4:34:D5:21:77:23
X509v3 Authority Key Identifier:
keyid:4B:4A:DE:73:CE:50:58:44:78:5E:CE:EE:0A:75:04:6D:6C:2F:B5:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91917EF/2F8C6278421111ECB0C0A060C4F9AE02/S0rec85QWER4Xs7uCnUEbWwvtUw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0rec85QWER4Xs7uCnUEbWwvtUw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91917EF/2F8C6278421111ECB0C0A060C4F9AE02/49BA9E1CBE8311EE96C10B0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.12.41.0/24
Signature Algorithm: sha256WithRSAEncryption
e7:5d:04:e9:a8:2d:f0:2e:45:71:a0:c7:7b:55:c7:5c:c4:52:
99:3e:7d:bb:85:7e:a2:9f:df:83:9d:83:67:96:f3:21:22:55:
3f:f5:08:8b:b3:58:a8:c7:73:f3:3d:03:ec:7c:8e:c4:83:f7:
7f:4f:3e:e9:ae:ed:cf:c4:8f:69:37:a1:cc:b9:20:80:6b:48:
9e:5a:3c:e8:01:e4:ed:34:d4:f0:0e:e7:fb:4a:ca:84:1c:c4:
45:bf:cc:09:18:be:1a:24:db:aa:f7:16:84:e9:43:c4:9f:b5:
6e:ea:24:ec:fa:02:78:d3:25:0a:35:78:89:c4:b7:3f:09:3a:
61:11:d7:20:68:7f:de:d2:47:a4:73:a8:fe:2d:41:c9:b0:19:
00:da:18:fe:b5:b8:da:82:62:17:c4:df:30:6f:49:d5:69:51:
7b:3a:31:bd:ca:3b:d5:f8:a4:7a:4d:0a:33:75:ad:57:4d:0d:
c5:48:48:2b:37:7f:3f:3d:d7:6e:54:a5:df:b0:6a:96:b6:80:
65:bd:80:b9:69:05:05:4b:a3:90:90:e9:7a:e5:32:5e:70:41:
f5:13:98:32:ca:bb:0d:5d:b8:b0:db:5d:59:0f:3f:2d:68:e6:
1a:17:09:5b:52:5a:b2:fc:1c:56:eb:53:d7:ee:ac:fd:24:7a:
a3:1c:47:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA5wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE3RUYxMTAvBgNVBAUTKDRCNEFERTczQ0U1MDU4NDQ3ODVFQ0VFRTBBNzUwNDZE
NkMyRkI1NEMwHhcNMjQwMTI5MDg0OTE4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI3NjY4ZS04NjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwMwJA4Y5Wo9mCc9usLEjQ+/5ta8HfLuCNPB6f7TIkna+BuBuA/nTFRc1R07y
9HK/6+/mwneGfvHSWcvI4pZvxdBO7shTyR4i+evFM8wokgd58ZSX0puvhzTSEtBy
vhKkOXervijktMSmLPaT0EsQ6IfbaBE0Osi0nS0HZLx4awNXoAsMVS9+ip0pR5sq
sR5wxSFHezLIhoGebn16ZwKXlwBt8JzrpmUjveKJcP8t1T25CFwlN3eyMxtCcZMZ
UEkrlK/y3ccs7x9FhEqAi9eqQzyphVT98cc6kqMRcn7aj/ISDT54qr6yz/F8/jUB
zZhH82Qfl/R+oACUcHCNC5rZkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFI2BJmEX
CjgyGp3Z2Of79DTVIXcjMB8GA1UdIwQYMBaAFEtK3nPOUFhEeF7O7gp1BG1sL7VM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTdFRi8yRjhDNjI3ODQy
MTExMUVDQjBDMEEwNjBDNEY5QUUwMi9TMHJlYzg1UVdFUjRYczd1Q25VRWJXd3Z0
VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1MwcmVjODVRV0VSNFhzN3VDblVFYld3dnRVdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE3RUYvMkY4QzYyNzg0MjExMTFFQ0IwQzBBMDYwQzRGOUFFMDIvNDlCQTlFMUNC
RTgzMTFFRTk2QzEwQjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnDCkwDQYJKoZIhvcNAQELBQADggEBAOddBOmoLfAuRXGg
x3tVx1zEUpk+fbuFfqKf34Odg2eW8yEiVT/1CIuzWKjHc/M9A+x8jsSD939PPumu
7c/Ej2k3ocy5IIBrSJ5aPOgB5O001PAO5/tKyoQcxEW/zAkYvhok26r3FoTpQ8Sf
tW7qJOz6AnjTJQo1eInEtz8JOmER1yBof97SR6RzqP4tQcmwGQDaGP61uNqCYhfE
3zBvSdVpUXs6Mb3KO9X4pHpNCjN1rVdNDcVISCs3fz89125Upd+wapa2gGW9gLlp
BQVLo5CQ6XrlMl5wQfUTmDLKuw1duLDbXVkPPy1o5hoXCVtSWrL8HFbrU9furP0k
eqMcR1s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org