Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/9275B55C348111ED9D10165FC4F9AE02.roa
File: 9275B55C348111ED9D10165FC4F9AE02.roa (raw, json)
Hash identifier: zYuIrnFiGPxGnG9y34bK+37OTnHJcsDO34Ue7RZGNJQ=
Subject key identifier: 4C:29:A5:83:1C:44:45:13:A1:AF:7D:4A:06:66:05:50:EF:3A:53:F8
Certificate issuer: /CN=A919456E/serialNumber=B04B7FB20E25D6D7587F26FD757274B9D3EE3E95
Certificate serial: 010E
Authority key identifier: B0:4B:7F:B2:0E:25:D6:D7:58:7F:26:FD:75:72:74:B9:D3:EE:3E:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sEt_sg4l1tdYfyb9dXJ0udPuPpU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/9275B55C348111ED9D10165FC4F9AE02.roa
Signing time: Wed 14 Sep 2022 23:04:23 +0000
ROA not before: Wed 14 Sep 2022 23:04:23 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 137278
IP address blocks: 103.106.184.0/24 maxlen: 24
103.106.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270 (0x10e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919456E/serialNumber=B04B7FB20E25D6D7587F26FD757274B9D3EE3E95
Validity
Not Before: Sep 14 23:04:23 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=63225df7-4889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fe:87:84:05:43:77:85:b3:19:54:2a:8f:1e:
8b:9c:b8:30:0b:81:27:a5:a7:9f:0b:ba:7f:d9:cf:
c4:4a:a0:e1:51:93:8e:7c:33:9e:fe:de:6a:78:70:
d4:c1:1e:3d:6b:39:16:ac:fa:70:81:d4:01:de:b0:
4d:55:41:a4:f9:34:23:a2:63:ad:57:2b:80:41:6e:
15:0f:95:fd:b6:ba:51:01:4e:0c:19:1c:a8:0f:e9:
39:b5:fe:e2:f7:a6:d7:6f:13:ec:ad:dd:ad:43:27:
f5:4f:e8:56:0c:40:4c:01:03:7c:6c:f6:da:9d:c4:
46:32:39:c2:6d:22:96:fc:a2:72:7d:ae:df:14:a5:
78:60:7d:6d:8a:be:2f:dd:a0:9f:45:70:3e:13:3e:
ab:7c:80:4a:71:16:3a:f7:93:bd:fc:72:d7:51:99:
44:bc:e7:3a:82:fe:5d:64:7c:b7:ad:8c:ed:a7:6f:
7a:4e:7e:26:28:a7:40:59:e8:02:83:78:57:79:ba:
fe:5d:79:f1:cd:28:4d:25:0b:9d:d1:14:25:64:47:
d5:7a:46:87:1b:49:57:28:02:d1:41:34:ce:7d:55:
1d:82:be:c6:a5:0b:e4:2b:6a:90:7b:44:e6:0e:f6:
c0:69:0a:a2:e6:0a:23:c9:62:c3:1b:b8:7b:87:38:
59:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:29:A5:83:1C:44:45:13:A1:AF:7D:4A:06:66:05:50:EF:3A:53:F8
X509v3 Authority Key Identifier:
keyid:B0:4B:7F:B2:0E:25:D6:D7:58:7F:26:FD:75:72:74:B9:D3:EE:3E:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/sEt_sg4l1tdYfyb9dXJ0udPuPpU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sEt_sg4l1tdYfyb9dXJ0udPuPpU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/9275B55C348111ED9D10165FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.184.0/24
103.106.187.0/24
Signature Algorithm: sha256WithRSAEncryption
eb:17:83:6c:bd:85:ed:46:cb:10:bc:76:5a:b5:2e:a5:a6:cf:
d2:bc:9f:36:97:d1:04:90:0a:c2:e7:37:7b:b2:a5:ff:c9:87:
b8:e4:28:85:20:94:ba:61:d7:c5:d0:1d:85:31:1f:c9:36:af:
dc:68:59:f2:89:0f:7f:0e:35:ae:c6:7a:6d:62:c3:16:33:32:
9c:31:31:0d:56:da:75:62:b4:2c:0d:20:c7:c7:8d:04:26:99:
33:b1:b2:ec:9e:d8:fd:d9:96:27:6e:15:3f:64:b2:ab:ef:7a:
7d:d9:de:0e:a5:87:df:62:72:1c:d8:f6:73:fe:20:15:28:23:
71:06:ef:f6:1c:86:f6:67:f4:7f:20:e3:d2:d2:ee:81:5b:8f:
16:ee:b2:d5:e8:83:2d:1a:63:0d:60:d6:10:c7:9d:7c:4b:dc:
27:60:a3:b7:0a:f5:f7:b5:4c:01:b5:d5:15:85:9d:95:6c:14:
a1:2f:d6:6a:91:5f:2a:f9:4e:ab:e1:2c:05:9f:72:3b:68:24:
5e:68:23:71:1c:44:87:8c:a9:13:ac:b7:6c:14:6a:1c:01:d3:
75:b2:80:ef:da:9a:ba:66:21:62:ab:d8:ba:f2:c5:18:a4:57:
03:d6:54:c4:00:a0:9e:45:01:66:6a:a9:73:25:9c:e0:b3:dc:
7c:f7:7d:a7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTQ1NkUxMTAvBgNVBAUTKEIwNEI3RkIyMEUyNUQ2RDc1ODdGMjZGRDc1NzI3NEI5
RDNFRTNFOTUwHhcNMjIwOTE0MjMwNDIzWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzIyNWRmNy00ODg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxv6HhAVDd4WzGVQqjx6LnLgwC4EnpaefC7p/2c/ESqDhUZOOfDOe/t5qeHDU
wR49azkWrPpwgdQB3rBNVUGk+TQjomOtVyuAQW4VD5X9trpRAU4MGRyoD+k5tf7i
96bXbxPsrd2tQyf1T+hWDEBMAQN8bPbancRGMjnCbSKW/KJyfa7fFKV4YH1tir4v
3aCfRXA+Ez6rfIBKcRY695O9/HLXUZlEvOc6gv5dZHy3rYztp296Tn4mKKdAWegC
g3hXebr+XXnxzShNJQud0RQlZEfVekaHG0lXKALRQTTOfVUdgr7GpQvkK2qQe0Tm
DvbAaQqi5gojyWLDG7h7hzhZ9wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEwppYMc
REUToa99SgZmBVDvOlP4MB8GA1UdIwQYMBaAFLBLf7IOJdbXWH8m/XVydLnT7j6V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDU2RS82RkMzMjlDQ0NC
NjgxMUVDOEEzRjQ1ODJDNEY5QUUwMi9zRXRfc2c0bDF0ZFlmeWI5ZFhKMHVkUHVQ
cFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NFdF9zZzRsMXRkWWZ5YjlkWEowdWRQdVBwVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTQ1NkUvNkZDMzI5Q0NDQjY4MTFFQzhBM0Y0NTgyQzRGOUFFMDIvOTI3NUI1NUMz
NDgxMTFFRDlEMTAxNjVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnargDBABnarswDQYJKoZIhvcNAQELBQADggEBAOsXg2y9
he1GyxC8dlq1LqWmz9K8nzaX0QSQCsLnN3uypf/Jh7jkKIUglLph18XQHYUxH8k2
r9xoWfKJD38ONa7Gem1iwxYzMpwxMQ1W2nVitCwNIMfHjQQmmTOxsuye2P3Zlidu
FT9ksqvven3Z3g6lh99ichzY9nP+IBUoI3EG7/YchvZn9H8g49LS7oFbjxbustXo
gy0aYw1g1hDHnXxL3Cdgo7cK9fe1TAG11RWFnZVsFKEv1mqRXyr5TqvhLAWfcjto
JF5oI3EcRIeMqROst2wUahwB03WygO/amrpmIWKr2LryxRikVwPWVMQAoJ5FAWZq
qXMlnOCz3Hz3fac=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:59 2023 by rpki-client on console-fra.rpki-client.org