Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91976C9/0F9615B8E34D11E6B6B7021FC4F9AE02/55B7AC10DA4111EB9D6D0331C4F9AE02.roa
File: 55B7AC10DA4111EB9D6D0331C4F9AE02.roa (raw, json)
Hash identifier: n76cF5oVFiprhT1IT20IQf6UPcorP1o2bkCebdX2zH8=
Subject key identifier: 67:E1:72:1D:6F:F5:8D:93:37:78:F6:03:63:F6:4A:3E:FA:71:50:98
Certificate issuer: /CN=A91976C9/serialNumber=DFE46B3DB22E9F855384709ACCA8494EFF793146
Certificate serial: 18A5
Authority key identifier: DF:E4:6B:3D:B2:2E:9F:85:53:84:70:9A:CC:A8:49:4E:FF:79:31:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3-RrPbIun4VThHCazKhJTv95MUY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91976C9/0F9615B8E34D11E6B6B7021FC4F9AE02/55B7AC10DA4111EB9D6D0331C4F9AE02.roa
Signing time: Fri 11 Mar 2022 17:23:11 +0000
ROA not before: Fri 11 Mar 2022 17:23:11 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 131111
IP address blocks: 103.83.7.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6309 (0x18a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91976C9/serialNumber=DFE46B3DB22E9F855384709ACCA8494EFF793146
Validity
Not Before: Mar 11 17:23:11 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=622b857e-ea14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:87:a2:70:9e:6f:9a:92:32:00:a0:bc:a7:16:
06:be:4f:44:c3:72:6b:32:5f:9b:1d:00:0e:7d:b3:
8d:d9:82:7c:b1:5f:6e:47:b2:96:22:5e:38:f1:43:
a1:d6:3d:29:e9:71:fb:cd:9e:25:26:99:0f:da:fa:
02:ad:4c:32:c0:48:9a:4a:68:20:19:2f:2f:c6:42:
75:e6:46:d7:4c:c9:a1:45:a8:f3:f0:28:c0:7b:2f:
79:a8:94:92:5d:78:dc:49:c2:5a:82:5d:f7:ac:20:
f6:53:42:63:fb:18:01:4c:b0:1b:43:a8:0c:ab:0c:
9c:96:e7:1c:2f:67:f0:f5:cf:a5:86:53:37:04:a2:
5e:c6:c2:2b:d6:06:65:5a:cd:1a:df:9f:bb:ba:7d:
b7:bf:67:7e:e2:ac:42:a4:bf:6f:e3:6b:26:37:0e:
fe:a0:48:55:cb:cf:eb:fa:6e:d0:33:2e:01:b9:5f:
2a:a6:87:d8:c6:f5:8b:80:82:a0:72:ef:57:86:ee:
6c:db:7a:05:51:a1:2f:12:e5:cc:05:d9:5c:c9:21:
42:7d:0a:55:63:de:21:10:5d:8c:0f:f6:7f:46:be:
da:06:dc:96:63:e8:83:9c:88:16:5a:44:a8:12:1a:
27:37:bc:f7:0c:5e:5b:3d:88:69:c2:e4:1b:f3:d0:
30:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E1:72:1D:6F:F5:8D:93:37:78:F6:03:63:F6:4A:3E:FA:71:50:98
X509v3 Authority Key Identifier:
keyid:DF:E4:6B:3D:B2:2E:9F:85:53:84:70:9A:CC:A8:49:4E:FF:79:31:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91976C9/0F9615B8E34D11E6B6B7021FC4F9AE02/3-RrPbIun4VThHCazKhJTv95MUY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3-RrPbIun4VThHCazKhJTv95MUY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91976C9/0F9615B8E34D11E6B6B7021FC4F9AE02/55B7AC10DA4111EB9D6D0331C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.7.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:fd:c0:ea:86:f1:f0:3b:da:69:0c:0e:ec:64:c7:c0:52:79:
55:79:7b:5c:2d:8c:d2:4a:7e:4d:d6:96:a9:ea:63:9c:75:d4:
30:19:fe:40:eb:34:03:54:f5:a1:ca:e8:70:9a:0b:5e:fc:13:
c3:57:74:48:d6:1b:4f:c2:ff:90:2b:0c:78:18:5a:9a:da:ad:
13:3b:19:84:93:56:87:4c:43:d2:79:04:5c:f3:1f:60:f4:45:
03:98:af:90:68:72:67:a8:ca:c8:45:14:4a:af:27:e5:a0:44:
9c:ac:d4:fe:69:3f:fc:66:f4:70:28:ab:f2:52:c8:74:c1:bb:
e3:b8:fe:51:f1:b6:1f:e8:ee:03:28:68:4f:05:c6:cb:ea:28:
09:3c:b6:47:a4:a6:46:19:b9:11:5b:6d:45:2e:9c:27:bd:b2:
aa:39:aa:bd:b9:07:d7:fd:35:13:71:67:76:b5:e2:0b:25:fe:
50:9d:25:de:6d:9a:3c:28:e6:27:a9:53:37:4c:ef:97:a1:f4:
1e:dc:ba:fd:e3:a8:b2:8a:90:ca:69:0d:41:b8:dd:ec:63:32:
fe:18:b1:b9:8b:93:f4:8a:c1:cf:08:df:9e:97:b6:91:30:c9:
1d:90:6a:51:fb:ac:f3:e6:aa:b8:27:a3:f6:cd:bd:30:dc:4d:
75:da:14:19
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTc2QzkxMTAvBgNVBAUTKERGRTQ2QjNEQjIyRTlGODU1Mzg0NzA5QUNDQTg0OTRF
RkY3OTMxNDYwHhcNMjIwMzExMTcyMzExWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjJiODU3ZS1lYTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlIeicJ5vmpIyAKC8pxYGvk9Ew3JrMl+bHQAOfbON2YJ8sV9uR7KWIl448UOh
1j0p6XH7zZ4lJpkP2voCrUwywEiaSmggGS8vxkJ15kbXTMmhRajz8CjAey95qJSS
XXjcScJagl33rCD2U0Jj+xgBTLAbQ6gMqwycluccL2fw9c+lhlM3BKJexsIr1gZl
Ws0a35+7un23v2d+4qxCpL9v42smNw7+oEhVy8/r+m7QMy4BuV8qpofYxvWLgIKg
cu9Xhu5s23oFUaEvEuXMBdlcySFCfQpVY94hEF2MD/Z/Rr7aBtyWY+iDnIgWWkSo
EhonN7z3DF5bPYhpwuQb89AwTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGfhch1v
9Y2TN3j2A2P2Sj76cVCYMB8GA1UdIwQYMBaAFN/kaz2yLp+FU4RwmsyoSU7/eTFG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzZDOS8wRjk2MTVCOEUz
NEQxMUU2QjZCNzAyMUZDNEY5QUUwMi8zLVJyUGJJdW40VlRoSENhektoSlR2OTVN
VVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzMtUnJQYkl1bjRWVGhIQ2F6S2hKVHY5NU1VWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTc2QzkvMEY5NjE1QjhFMzREMTFFNkI2QjcwMjFGQzRGOUFFMDIvNTVCN0FDMTBE
QTQxMTFFQjlENkQwMzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnUwcwDQYJKoZIhvcNAQELBQADggEBAKf9wOqG8fA72mkM
Duxkx8BSeVV5e1wtjNJKfk3WlqnqY5x11DAZ/kDrNANU9aHK6HCaC178E8NXdEjW
G0/C/5ArDHgYWprarRM7GYSTVodMQ9J5BFzzH2D0RQOYr5BocmeoyshFFEqvJ+Wg
RJys1P5pP/xm9HAoq/JSyHTBu+O4/lHxth/o7gMoaE8FxsvqKAk8tkekpkYZuRFb
bUUunCe9sqo5qr25B9f9NRNxZ3a14gsl/lCdJd5tmjwo5iepUzdM75eh9B7cuv3j
qLKKkMppDUG43exjMv4YsbmLk/SKwc8I356XtpEwyR2QalH7rPPmqrgno/bNvTDc
TXXaFBk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:00 2023 by rpki-client on console-fra.rpki-client.org