Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/FAEDFBA6CB7911ECAA78D16CC4F9AE02.roa
File: FAEDFBA6CB7911ECAA78D16CC4F9AE02.roa (raw, json)
Hash identifier: i7iiVaFO66r+aIk+3Vg3gHff1sIAxyioSkBl6EFxrjA=
Subject key identifier: 89:FD:F7:31:4C:CC:C0:1D:2F:78:8A:4B:89:DF:C7:56:55:D4:25:2D
Certificate issuer: /CN=A919456E/serialNumber=B04B7FB20E25D6D7587F26FD757274B9D3EE3E95
Certificate serial: 02
Authority key identifier: B0:4B:7F:B2:0E:25:D6:D7:58:7F:26:FD:75:72:74:B9:D3:EE:3E:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sEt_sg4l1tdYfyb9dXJ0udPuPpU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/FAEDFBA6CB7911ECAA78D16CC4F9AE02.roa
Signing time: Wed 04 May 2022 07:15:31 +0000
ROA not before: Wed 04 May 2022 07:15:31 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 137278
IP address blocks: 103.106.184.0/23 maxlen: 24
103.106.186.0/24 maxlen: 24
103.106.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919456E/serialNumber=B04B7FB20E25D6D7587F26FD757274B9D3EE3E95
Validity
Not Before: May 4 07:15:31 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=62722812-f0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:9c:4e:08:c1:41:3c:45:40:31:c5:47:74:72:
a6:ba:d5:29:1d:68:44:ba:94:93:ce:9b:7a:f7:0e:
d9:5c:f5:35:a9:3d:54:ac:3e:42:e7:38:89:0b:ca:
15:2a:0b:b1:0f:58:79:7c:01:c1:9b:c8:a3:69:42:
d9:14:2a:2e:51:a4:e8:80:59:47:a7:b5:d2:3a:61:
8b:13:11:55:2f:4d:d3:58:2f:6d:d1:0d:52:75:16:
c9:52:98:7d:55:34:c5:fa:c8:e8:42:48:8a:4c:e7:
2f:f3:05:7f:62:91:fc:e7:5d:46:d5:ec:e1:89:ea:
36:06:5b:58:cd:9d:15:33:ef:d0:69:19:b6:50:50:
69:ff:aa:68:ff:09:f0:a0:7c:b3:2b:cf:98:d9:f0:
47:7f:5c:70:96:30:b6:ca:a8:cd:33:72:f6:20:6f:
ea:b9:17:b4:36:46:c5:b0:5f:a5:90:fb:7f:42:ec:
94:db:f9:86:27:f5:1c:49:27:a0:3e:52:ce:06:36:
00:86:ee:70:f2:bc:5b:e8:d2:7c:81:eb:ea:66:d1:
36:e1:95:63:d5:29:2d:d0:c5:90:73:f5:af:4d:e1:
6e:eb:80:5b:30:fe:5b:e2:8f:47:68:47:be:07:1c:
df:c6:4e:bf:e3:cd:f4:8c:6b:92:fc:2d:54:e9:02:
ad:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FD:F7:31:4C:CC:C0:1D:2F:78:8A:4B:89:DF:C7:56:55:D4:25:2D
X509v3 Authority Key Identifier:
keyid:B0:4B:7F:B2:0E:25:D6:D7:58:7F:26:FD:75:72:74:B9:D3:EE:3E:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/sEt_sg4l1tdYfyb9dXJ0udPuPpU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sEt_sg4l1tdYfyb9dXJ0udPuPpU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/FAEDFBA6CB7911ECAA78D16CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.184.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:b5:9b:47:4a:63:9d:02:64:37:12:83:ad:55:a0:ba:11:a2:
86:7a:f5:1b:85:4e:b6:24:92:43:aa:42:fe:ca:56:47:c8:fb:
a0:40:aa:0c:5f:a5:8f:2c:d0:c9:7d:83:d5:ea:ee:64:f4:d1:
6a:1d:58:ea:ed:83:89:ca:b6:2a:d4:21:5d:79:8b:ca:28:f1:
5a:4a:28:9e:46:61:cb:80:ac:8e:e2:1f:55:b2:65:3b:70:2c:
ca:5f:b6:47:f8:ba:35:0a:93:6f:ea:bc:f0:30:76:1e:56:8c:
56:91:6a:d1:ae:92:b2:97:10:c0:38:55:d6:e2:40:5d:4e:f7:
46:e7:c5:a6:93:c4:d5:67:65:e0:8b:5c:cb:2f:0a:26:bb:1a:
b6:70:f1:b5:36:6a:c9:41:1f:36:d1:d3:10:32:49:38:b8:fa:
a6:88:8d:a7:9d:b3:3f:32:fe:80:ef:04:4a:72:68:e6:aa:41:
a7:33:73:3d:55:0c:48:b6:f3:3a:3c:78:74:e7:8c:0b:1e:c0:
fb:19:fb:a5:0e:2f:55:75:30:3a:8b:2d:b8:98:4c:ef:59:bd:
2e:4b:20:cb:ab:73:4d:7f:84:57:58:fa:62:82:fe:16:e9:29:
31:d0:d9:e8:83:1e:b4:4a:6e:d5:26:0d:60:15:29:3d:7c:e4:
f6:3b:da:5f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NDU2RTExMC8GA1UEBRMoQjA0QjdGQjIwRTI1RDZENzU4N0YyNkZENzU3Mjc0QjlE
M0VFM0U5NTAeFw0yMjA1MDQwNzE1MzFaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNzIyODEyLWYwZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlnE4IwUE8RUAxxUd0cqa61SkdaES6lJPOm3r3Dtlc9TWpPVSsPkLnOIkLyhUq
C7EPWHl8AcGbyKNpQtkUKi5RpOiAWUentdI6YYsTEVUvTdNYL23RDVJ1FslSmH1V
NMX6yOhCSIpM5y/zBX9ikfznXUbV7OGJ6jYGW1jNnRUz79BpGbZQUGn/qmj/CfCg
fLMrz5jZ8Ed/XHCWMLbKqM0zcvYgb+q5F7Q2RsWwX6WQ+39C7JTb+YYn9RxJJ6A+
Us4GNgCG7nDyvFvo0nyB6+pm0TbhlWPVKS3QxZBz9a9N4W7rgFsw/lvij0doR74H
HN/GTr/jzfSMa5L8LVTpAq1LAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUif33MUzM
wB0veIpLid/HVlXUJS0wHwYDVR0jBBgwFoAUsEt/sg4l1tdYfyb9dXJ0udPuPpUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk0NTZFLzZGQzMyOUNDQ0I2
ODExRUM4QTNGNDU4MkM0RjlBRTAyL3NFdF9zZzRsMXRkWWZ5YjlkWEowdWRQdVBw
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvc0V0X3NnNGwxdGRZZnliOWRYSjB1ZFB1UHBVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NDU2RS82RkMzMjlDQ0NCNjgxMUVDOEEzRjQ1ODJDNEY5QUUwMi9GQUVERkJBNkNC
NzkxMUVDQUE3OEQxNkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmdquDANBgkqhkiG9w0BAQsFAAOCAQEAx7WbR0pjnQJkNxKD
rVWguhGihnr1G4VOtiSSQ6pC/spWR8j7oECqDF+ljyzQyX2D1eruZPTRah1Y6u2D
icq2KtQhXXmLyijxWkoonkZhy4CsjuIfVbJlO3Asyl+2R/i6NQqTb+q88DB2HlaM
VpFq0a6SspcQwDhV1uJAXU73RufFppPE1Wdl4Itcyy8KJrsatnDxtTZqyUEfNtHT
EDJJOLj6poiNp52zPzL+gO8ESnJo5qpBpzNzPVUMSLbzOjx4dOeMCx7A+xn7pQ4v
VXUwOostuJhM71m9Lksgy6tzTX+EV1j6YoL+FukpMdDZ6IMetEpu1SYNYBUpPXzk
9jvaXw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-ams.rpki-client.org