Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD829/99D7C6A46FEF11EAAF227483C4F9AE02/DE3BDFAA7DBE11EBBEB88E0AC4F9AE02.roa
File: DE3BDFAA7DBE11EBBEB88E0AC4F9AE02.roa (raw, json)
Hash identifier: TQtrQDR5nRTnTVyMq+6wHy05VOKKyPuLR9UjvDUA3k0=
Subject key identifier: 1F:FD:F5:53:D4:44:3D:0C:69:A1:0C:D2:E7:01:42:C7:DF:A1:94:84
Certificate issuer: /CN=A91BD829/serialNumber=DCCD553552BAF8A65C1A066B3347F793244F575E
Certificate serial: 044F
Authority key identifier: DC:CD:55:35:52:BA:F8:A6:5C:1A:06:6B:33:47:F7:93:24:4F:57:5E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3M1VNVK6-KZcGgZrM0f3kyRPV14.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BD829/99D7C6A46FEF11EAAF227483C4F9AE02/DE3BDFAA7DBE11EBBEB88E0AC4F9AE02.roa
Signing time: Thu 20 May 2021 09:45:59 +0000
ROA not before: Thu 20 May 2021 09:45:59 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 6939
IP address blocks: 103.150.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1103 (0x44f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BD829/serialNumber=DCCD553552BAF8A65C1A066B3347F793244F575E
Validity
Not Before: May 20 09:45:59 2021 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=60a62fd7-2f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:27:bb:d5:9c:2c:5f:fe:bb:bc:6e:18:78:64:
73:75:c2:86:66:bd:f4:46:eb:e1:25:c5:c7:01:6a:
f1:96:41:9a:3a:1c:f8:62:bd:d5:78:17:3a:74:bb:
47:bd:e4:15:0d:6a:34:3c:d5:45:5b:98:23:dc:88:
ec:1a:1c:96:8a:99:1b:48:23:cd:6b:32:cc:36:37:
36:a2:ec:f3:eb:d5:0a:5e:e8:28:5f:be:8a:08:5b:
a8:99:68:15:85:b9:73:f9:dc:03:d0:71:86:41:6f:
09:6a:59:95:2d:70:37:d3:4b:d6:a1:57:59:a9:78:
93:cc:46:c7:86:05:10:a0:80:19:61:92:82:12:c8:
f8:ac:43:e5:14:84:37:1c:c6:18:ca:a2:4b:cf:03:
33:a2:97:0d:76:7b:fc:b4:e7:87:8c:48:ff:26:80:
4d:bd:5d:63:b0:86:d1:a4:40:a8:ec:88:14:03:27:
80:e9:21:09:af:1d:95:25:90:74:10:5d:6f:91:4c:
0b:ae:e4:d3:20:a2:a6:9b:b6:fd:99:68:57:4c:ac:
22:4d:c5:65:81:39:2d:ef:57:22:73:36:6e:f6:8d:
98:99:72:7d:a7:96:ac:4f:96:8a:fc:b8:ee:20:5f:
b4:0a:03:7c:ea:58:3e:f0:bd:0c:d1:ac:73:b7:08:
f6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FD:F5:53:D4:44:3D:0C:69:A1:0C:D2:E7:01:42:C7:DF:A1:94:84
X509v3 Authority Key Identifier:
keyid:DC:CD:55:35:52:BA:F8:A6:5C:1A:06:6B:33:47:F7:93:24:4F:57:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BD829/99D7C6A46FEF11EAAF227483C4F9AE02/3M1VNVK6-KZcGgZrM0f3kyRPV14.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3M1VNVK6-KZcGgZrM0f3kyRPV14.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD829/99D7C6A46FEF11EAAF227483C4F9AE02/DE3BDFAA7DBE11EBBEB88E0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.150.253.0/24
Signature Algorithm: sha256WithRSAEncryption
53:21:36:3e:fc:99:49:7b:49:f3:6e:50:75:aa:7e:ad:10:dc:
68:a9:05:55:1c:03:d0:58:d4:94:fb:e5:95:84:28:b2:0f:28:
1e:a8:a2:02:cb:3a:65:1e:fa:1b:db:b4:a6:6d:f1:ca:fe:52:
02:49:22:f5:f1:9c:2d:27:45:f6:56:13:0f:e8:2f:1c:9c:fa:
9e:dc:e1:2f:c5:a9:57:b6:54:a0:fb:c8:5c:03:28:4b:17:c8:
de:57:b7:4c:93:77:6c:6e:06:d7:c4:8e:09:fe:3d:56:78:13:
2f:cf:89:85:7d:b0:94:83:cc:96:65:c4:87:db:56:51:33:9e:
f8:81:67:5e:55:8c:36:ad:dc:65:08:9e:e2:bb:0a:c0:3c:2b:
1f:86:1c:41:65:94:8f:0e:23:53:f5:43:3c:ee:f8:5a:07:a7:
00:da:fd:2f:37:af:61:38:27:00:f4:92:eb:f7:eb:68:4a:cd:
04:6a:dc:12:84:c6:52:9a:d0:0f:c1:2e:7a:8b:a9:05:76:8b:
10:03:72:b2:1a:1e:d4:71:26:db:52:d6:5f:56:51:ca:6d:ef:
aa:21:6d:53:14:2d:e9:42:d8:53:9a:d2:a4:d7:01:c2:73:64:
b2:fc:1d:01:2e:eb:7b:68:a6:c3:41:97:f5:0b:e4:aa:70:42:
45:21:18:e1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBE8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkQ4MjkxMTAvBgNVBAUTKERDQ0Q1NTM1NTJCQUY4QTY1QzFBMDY2QjMzNDdGNzkz
MjQ0RjU3NUUwHhcNMjEwNTIwMDk0NTU5WhcNMjIwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGE2MmZkNy0yZjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlye71ZwsX/67vG4YeGRzdcKGZr30RuvhJcXHAWrxlkGaOhz4Yr3VeBc6dLtH
veQVDWo0PNVFW5gj3IjsGhyWipkbSCPNazLMNjc2ouzz69UKXugoX76KCFuomWgV
hblz+dwD0HGGQW8JalmVLXA300vWoVdZqXiTzEbHhgUQoIAZYZKCEsj4rEPlFIQ3
HMYYyqJLzwMzopcNdnv8tOeHjEj/JoBNvV1jsIbRpECo7IgUAyeA6SEJrx2VJZB0
EF1vkUwLruTTIKKmm7b9mWhXTKwiTcVlgTkt71ciczZu9o2YmXJ9p5asT5aK/Lju
IF+0CgN86lg+8L0M0axztwj2xQIDAQABo4IClTCCApEwHQYDVR0OBBYEFB/99VPU
RD0MaaEM0ucBQsffoZSEMB8GA1UdIwQYMBaAFNzNVTVSuvimXBoGazNH95MkT1de
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRDgyOS85OUQ3QzZBNDZG
RUYxMUVBQUYyMjc0ODNDNEY5QUUwMi8zTTFWTlZLNi1LWmNHZ1pyTTBmM2t5UlBW
MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNNMVZOVks2LUtaY0dnWnJNMGYza3lSUFYxNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkQ4MjkvOTlEN0M2QTQ2RkVGMTFFQUFGMjI3NDgzQzRGOUFFMDIvREUzQkRGQUE3
REJFMTFFQkJFQjg4RTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlv0wDQYJKoZIhvcNAQELBQADggEBAFMhNj78mUl7SfNu
UHWqfq0Q3GipBVUcA9BY1JT75ZWEKLIPKB6oogLLOmUe+hvbtKZt8cr+UgJJIvXx
nC0nRfZWEw/oLxyc+p7c4S/FqVe2VKD7yFwDKEsXyN5Xt0yTd2xuBtfEjgn+PVZ4
Ey/PiYV9sJSDzJZlxIfbVlEznviBZ15VjDat3GUInuK7CsA8Kx+GHEFllI8OI1P1
Qzzu+FoHpwDa/S83r2E4JwD0kuv362hKzQRq3BKExlKa0A/BLnqLqQV2ixADcrIa
HtRxJttS1l9WUcpt76ohbVMULelC2FOa0qTXAcJzZLL8HQEu63topsNBl/UL5Kpw
QkUhGOE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-fra.rpki-client.org