Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/27FF72D68CAA11ED9E29993BC4F9AE02.roa
File: 27FF72D68CAA11ED9E29993BC4F9AE02.roa (raw, json)
Hash identifier: tk/GJMgoybTDLEU/HJDqB02ioFqFwNPk64Fw0K2diYU=
Subject key identifier: DE:54:F0:CB:F7:10:49:71:63:7B:00:93:B8:33:49:2D:46:7E:68:58
Certificate issuer: /CN=A91C1DF8/serialNumber=5C436B916156B8B85267C48FB8973B89B493F581
Certificate serial: 06A8
Authority key identifier: 5C:43:6B:91:61:56:B8:B8:52:67:C4:8F:B8:97:3B:89:B4:93:F5:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XENrkWFWuLhSZ8SPuJc7ibST9YE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/27FF72D68CAA11ED9E29993BC4F9AE02.roa
Signing time: Sat 11 Feb 2023 17:07:06 +0000
ROA not before: Sat 11 Feb 2023 17:07:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135045
IP address blocks: 103.112.164.0/23 maxlen: 23
103.112.164.0/24 maxlen: 24
103.112.165.0/24 maxlen: 24
103.112.166.0/23 maxlen: 23
103.112.166.0/24 maxlen: 24
103.112.167.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1704 (0x6a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1DF8/serialNumber=5C436B916156B8B85267C48FB8973B89B493F581
Validity
Not Before: Feb 11 17:07:06 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63e7cb39-f90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:40:7a:da:47:47:d2:78:4e:17:5c:8c:ed:d0:
69:59:e6:08:46:0d:f7:43:a3:9d:67:3a:7b:87:95:
f0:05:27:6d:e9:ce:12:d5:f9:5d:18:6f:f6:59:14:
88:1c:00:af:23:41:34:41:d6:ca:39:a7:a8:b0:4a:
fb:30:6e:66:b0:fa:43:ae:58:fc:67:7f:79:b5:54:
a6:b9:57:27:78:54:26:f2:9c:e3:4f:2f:cd:89:a6:
08:a8:0f:25:64:d1:84:a8:7c:d5:7c:0e:48:e3:e9:
1e:e5:a2:c4:d6:14:e3:cf:0d:91:86:d0:46:0f:ff:
a7:0e:d8:7d:05:1e:f8:1e:99:e1:ec:10:c6:65:21:
7a:9f:ca:c4:dc:0b:f8:18:2a:15:dc:b6:a1:b4:87:
b6:11:00:a0:72:d7:be:07:32:b1:8a:60:1e:fa:11:
71:d8:e1:35:07:7d:9a:99:b8:cc:d2:40:cd:b9:c7:
da:5a:d6:ef:30:a9:ef:f8:0b:55:57:c4:c6:6e:77:
39:93:af:78:9d:47:28:9e:94:87:75:28:4e:b5:0c:
b4:30:0c:af:77:ed:0d:a4:93:62:3b:1a:24:fa:0c:
0c:f8:52:c1:b3:e2:3c:b9:4a:fc:23:eb:eb:83:bc:
aa:2f:74:30:a1:ec:53:e7:d7:d6:ec:1d:ee:9c:31:
23:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:54:F0:CB:F7:10:49:71:63:7B:00:93:B8:33:49:2D:46:7E:68:58
X509v3 Authority Key Identifier:
keyid:5C:43:6B:91:61:56:B8:B8:52:67:C4:8F:B8:97:3B:89:B4:93:F5:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/XENrkWFWuLhSZ8SPuJc7ibST9YE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XENrkWFWuLhSZ8SPuJc7ibST9YE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/27FF72D68CAA11ED9E29993BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.164.0/22
Signature Algorithm: sha256WithRSAEncryption
53:2c:37:36:30:8f:6b:e6:21:d7:82:65:83:15:cd:b0:58:ca:
c6:20:87:d7:86:17:06:0e:0b:38:6d:52:6e:91:5e:30:ac:49:
7d:1c:5a:5e:61:03:35:cc:94:1d:61:7c:d8:c6:af:b8:be:f8:
e2:27:ea:b9:82:3b:61:6c:22:9a:d4:6d:1b:71:24:c8:8b:67:
0d:fd:f1:64:05:04:18:46:b5:81:0a:6b:70:10:fa:b8:be:42:
9c:70:e2:83:5c:a0:b9:57:69:2b:3d:ab:5c:b7:e7:bd:bf:d2:
cc:0d:4b:86:87:b5:77:08:95:56:34:49:71:0f:27:c6:6e:a3:
ce:14:14:af:31:da:b9:86:12:be:f3:7a:d2:01:eb:31:df:0b:
e1:97:98:79:3a:2c:68:00:64:8e:77:83:e5:30:52:84:97:23:
85:82:49:1e:e9:4c:36:dc:be:a2:ff:78:df:e3:23:29:69:ee:
77:14:bc:26:42:60:25:b2:60:91:12:d9:dd:d0:54:cf:a6:28:
e7:1a:b1:8b:de:40:8b:4e:45:eb:a4:3a:41:e7:4a:60:d5:5f:
2a:d9:c4:40:52:ff:f2:9c:1c:34:ac:e3:db:bf:44:fd:12:b7:
ab:e2:92:f0:5d:bd:f4:e4:f4:9b:94:58:15:71:7e:9e:e8:f9:
ec:ad:d1:c7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFERjgxMTAvBgNVBAUTKDVDNDM2QjkxNjE1NkI4Qjg1MjY3QzQ4RkI4OTczQjg5
QjQ5M0Y1ODEwHhcNMjMwMjExMTcwNzA2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2U3Y2IzOS1mOTBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0UB62kdH0nhOF1yM7dBpWeYIRg33Q6OdZzp7h5XwBSdt6c4S1fldGG/2WRSI
HACvI0E0QdbKOaeosEr7MG5msPpDrlj8Z395tVSmuVcneFQm8pzjTy/NiaYIqA8l
ZNGEqHzVfA5I4+ke5aLE1hTjzw2RhtBGD/+nDth9BR74Hpnh7BDGZSF6n8rE3Av4
GCoV3LahtIe2EQCgcte+BzKximAe+hFx2OE1B32ambjM0kDNucfaWtbvMKnv+AtV
V8TGbnc5k694nUconpSHdShOtQy0MAyvd+0NpJNiOxok+gwM+FLBs+I8uUr8I+vr
g7yqL3QwoexT59fW7B3unDEj+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFN5U8Mv3
EElxY3sAk7gzSS1GfmhYMB8GA1UdIwQYMBaAFFxDa5FhVri4UmfEj7iXO4m0k/WB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMURGOC9FQjgzMUJEODAx
MzcxMUVBQjk0RDdEM0NDNEY5QUUwMi9YRU5ya1dGV3VMaFNaOFNQdUpjN2liU1Q5
WUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hFTnJrV0ZXdUxoU1o4U1B1SmM3aWJTVDlZRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFERjgvRUI4MzFCRDgwMTM3MTFFQUI5NEQ3RDNDQzRGOUFFMDIvMjdGRjcyRDY4
Q0FBMTFFRDlFMjk5OTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJncKQwDQYJKoZIhvcNAQELBQADggEBAFMsNzYwj2vmIdeC
ZYMVzbBYysYgh9eGFwYOCzhtUm6RXjCsSX0cWl5hAzXMlB1hfNjGr7i++OIn6rmC
O2FsIprUbRtxJMiLZw398WQFBBhGtYEKa3AQ+ri+Qpxw4oNcoLlXaSs9q1y3572/
0swNS4aHtXcIlVY0SXEPJ8Zuo84UFK8x2rmGEr7zetIB6zHfC+GXmHk6LGgAZI53
g+UwUoSXI4WCSR7pTDbcvqL/eN/jIylp7ncUvCZCYCWyYJES2d3QVM+mKOcasYve
QItOReukOkHnSmDVXyrZxEBS//KcHDSs49u/RP0St6vikvBdvfTk9JuUWBVxfp7o
+eyt0cc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org