Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/1C55C4A860AD11EE8E255631C4F9AE02.roa
File: 1C55C4A860AD11EE8E255631C4F9AE02.roa (raw, json)
Hash identifier: VLrl7aJtEzAuHDZDUAQ9DOZ5vR31mkRrkSBYbMxAEKQ=
Subject key identifier: 01:BE:87:56:2B:F2:71:57:75:B9:6F:6A:AC:09:6C:30:41:1B:64:B0
Certificate issuer: /CN=A9194C0D/serialNumber=634E28B1002E556E8EB14F953EAD63B6D6775809
Certificate serial: 11
Authority key identifier: 63:4E:28:B1:00:2E:55:6E:8E:B1:4F:95:3E:AD:63:B6:D6:77:58:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y04osQAuVW6OsU-VPq1jttZ3WAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/1C55C4A860AD11EE8E255631C4F9AE02.roa
Signing time: Sun 01 Oct 2023 22:51:52 +0000
ROA not before: Sun 01 Oct 2023 22:51:52 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 134090
IP address blocks: 45.249.116.0/22 maxlen: 24
103.51.112.0/22 maxlen: 24
103.85.36.0/22 maxlen: 24
103.95.112.0/22 maxlen: 24
103.106.88.0/22 maxlen: 24
123.253.188.0/22 maxlen: 24
202.128.112.0/20 maxlen: 20
202.128.112.0/21 maxlen: 24
202.128.120.0/21 maxlen: 24
202.179.128.0/22 maxlen: 24
2400:a840::/32 maxlen: 34
2400:a842::/31 maxlen: 32
2400:a844::/31 maxlen: 32
2402:2c80::/32 maxlen: 33
2402:3fc0::/32 maxlen: 33
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9194C0D/serialNumber=634E28B1002E556E8EB14F953EAD63B6D6775809
Validity
Not Before: Oct 1 22:51:52 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6519f807-fe3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6d:04:9f:d2:79:86:13:14:ef:c6:17:f2:6d:
cd:3a:16:ac:f6:f1:f7:d6:6a:fd:de:fb:fd:a1:c8:
1c:d3:83:8c:14:22:37:a6:1d:b9:36:45:ae:ab:c4:
9d:8d:a9:58:82:74:2f:64:4d:cc:43:db:c1:d0:b8:
2a:96:93:ac:d0:17:26:aa:d4:e1:39:b7:f7:40:cd:
68:83:4b:fd:78:49:e7:95:bc:2d:35:c8:22:cd:fd:
3c:24:65:0a:4e:a2:0c:1c:f0:d0:ef:9d:ce:fe:ba:
a4:b3:a4:e8:eb:47:5d:72:0c:a7:e4:d8:0d:39:17:
fc:45:fe:0f:a7:22:2f:c2:fb:9f:e9:64:da:19:61:
c4:2b:c2:d0:d5:50:3a:59:5e:63:7f:5a:93:1f:e1:
a0:5f:ef:49:e6:e8:a6:c4:0f:ed:c3:10:a0:8f:e1:
74:4d:66:b6:2d:98:09:d8:0f:a3:2d:b3:e5:0f:a3:
80:4b:19:0c:1e:70:0c:89:3a:5a:e0:5d:79:77:9c:
06:cb:f7:fd:3b:d3:c2:e4:4c:4d:19:5b:ab:df:e9:
95:5d:e0:8f:5f:5e:6a:6b:da:b8:27:ce:a0:e5:1f:
49:6c:36:9e:7d:9f:4b:75:80:1b:bd:48:36:10:c5:
31:e3:2f:bb:40:41:6a:3a:04:8f:25:f9:ed:dc:3c:
d7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BE:87:56:2B:F2:71:57:75:B9:6F:6A:AC:09:6C:30:41:1B:64:B0
X509v3 Authority Key Identifier:
keyid:63:4E:28:B1:00:2E:55:6E:8E:B1:4F:95:3E:AD:63:B6:D6:77:58:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/Y04osQAuVW6OsU-VPq1jttZ3WAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y04osQAuVW6OsU-VPq1jttZ3WAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/1C55C4A860AD11EE8E255631C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.116.0/22
103.51.112.0/22
103.85.36.0/22
103.95.112.0/22
103.106.88.0/22
123.253.188.0/22
202.128.112.0/20
202.179.128.0/22
IPv6:
2400:a840::/32
2400:a842::-2400:a845:ffff:ffff:ffff:ffff:ffff:ffff
2402:2c80::/32
2402:3fc0::/32
Signature Algorithm: sha256WithRSAEncryption
ba:a2:cd:ad:62:23:b3:15:69:b2:3f:49:cb:4a:42:c5:96:cc:
39:1d:13:3c:a7:da:ab:d4:a3:e5:71:21:90:84:00:a8:91:4b:
19:7a:08:2e:2c:b7:4d:07:15:f1:fc:b5:3b:61:b0:9e:f7:77:
87:88:16:99:11:cb:32:99:b7:a2:02:e9:1f:d8:b0:ba:ff:ba:
0c:c7:58:3c:7b:95:72:1c:a5:78:4d:18:00:04:83:89:c2:0d:
86:36:65:15:8f:52:12:25:29:f3:38:9c:43:5e:ed:0a:b4:9c:
9a:19:eb:df:6b:96:2d:33:2f:ee:60:1e:d4:69:d6:ae:ad:db:
cf:a6:0e:fe:4b:4e:de:72:bf:12:6d:76:20:b7:bc:8b:e6:16:
e9:b8:c9:c9:5e:40:1a:bc:49:bb:6d:e0:85:20:57:0a:16:74:
22:e1:3d:c0:6a:b9:c2:13:35:2f:2c:63:dc:a7:00:27:fa:8a:
f9:c2:1a:d0:4d:42:eb:a0:39:55:8d:b6:2a:ac:95:b2:47:49:
00:ad:e6:a9:56:e3:97:1a:fc:a4:f3:5c:8c:1f:e1:3a:7f:b2:
f0:22:9c:94:bb:95:33:02:68:4d:9c:73:01:85:0b:7d:5d:23:
48:80:20:e1:82:cd:2b:40:6f:82:fc:c0:6a:90:df:85:06:55:
b6:54:5f:05
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NEMwRDExMC8GA1UEBRMoNjM0RTI4QjEwMDJFNTU2RThFQjE0Rjk1M0VBRDYzQjZE
Njc3NTgwOTAeFw0yMzEwMDEyMjUxNTJaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTlmODA3LWZlM2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8bQSf0nmGExTvxhfybc06Fqz28ffWav3e+/2hyBzTg4wUIjemHbk2Ra6rxJ2N
qViCdC9kTcxD28HQuCqWk6zQFyaq1OE5t/dAzWiDS/14SeeVvC01yCLN/TwkZQpO
ogwc8NDvnc7+uqSzpOjrR11yDKfk2A05F/xF/g+nIi/C+5/pZNoZYcQrwtDVUDpZ
XmN/WpMf4aBf70nm6KbED+3DEKCP4XRNZrYtmAnYD6Mts+UPo4BLGQwecAyJOlrg
XXl3nAbL9/0708LkTE0ZW6vf6ZVd4I9fXmpr2rgnzqDlH0lsNp59n0t1gBu9SDYQ
xTHjL7tAQWo6BI8l+e3cPNcpAgMBAAGjggLsMIIC6DAdBgNVHQ4EFgQUAb6HVivy
cVd1uW9qrAlsMEEbZLAwHwYDVR0jBBgwFoAUY04osQAuVW6OsU+VPq1jttZ3WAkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk0QzBEL0FEMjU4ODkwNTc1
NDExRUU5NDBDRDk1NEM0RjlBRTAyL1kwNG9zUUF1Vlc2T3NVLVZQcTFqdHRaM1dB
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWTA0b3NRQXVWVzZPc1UtVlBxMWp0dFozV0FrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NEMwRC9BRDI1ODg5MDU3NTQxMUVFOTQwQ0Q5NTRDNEY5QUUwMi8xQzU1QzRBODYw
QUQxMUVFOEUyNTU2MzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDB2BggrBgEFBQcBBwEB/wRn
MGUwNgQCAAEwMAMEAi35dAMEAmczcAMEAmdVJAMEAmdfcAMEAmdqWAMEAnv9vAME
BMqAcAMEAsqzgDArBAIAAjAlAwUAJACoQDAOAwUBJACoQgMFASQAqEQDBQAkAiyA
AwUAJAI/wDANBgkqhkiG9w0BAQsFAAOCAQEAuqLNrWIjsxVpsj9Jy0pCxZbMOR0T
PKfaq9Sj5XEhkIQAqJFLGXoILiy3TQcV8fy1O2Gwnvd3h4gWmRHLMpm3ogLpH9iw
uv+6DMdYPHuVchyleE0YAASDicINhjZlFY9SEiUp8zicQ17tCrScmhnr32uWLTMv
7mAe1GnWrq3bz6YO/ktO3nK/Em12ILe8i+YW6bjJyV5AGrxJu23ghSBXChZ0IuE9
wGq5whM1Lyxj3KcAJ/qK+cIa0E1C66A5VY22KqyVskdJAK3mqVbjlxr8pPNcjB/h
On+y8CKclLuVMwJoTZxzAYULfV0jSIAg4YLNK0BvgvzAapDfhQZVtlRfBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org