Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/7195BE88C2B611EB9BF18A81C4F9AE02.roa
File: 7195BE88C2B611EB9BF18A81C4F9AE02.roa (raw, json)
Hash identifier: K1H449sMh4KpFbspduZFCYAF1UcKV+8HVliZQAZdJio=
Subject key identifier: 04:C5:9A:2D:F2:1F:E3:2A:89:D3:FF:C4:75:73:7A:7A:6F:8B:8B:D5
Certificate issuer: /CN=A91C1DF8/serialNumber=5C436B916156B8B85267C48FB8973B89B493F581
Certificate serial: 0668
Authority key identifier: 5C:43:6B:91:61:56:B8:B8:52:67:C4:8F:B8:97:3B:89:B4:93:F5:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XENrkWFWuLhSZ8SPuJc7ibST9YE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/7195BE88C2B611EB9BF18A81C4F9AE02.roa
Signing time: Sun 30 Oct 2022 11:26:25 +0000
ROA not before: Sun 30 Oct 2022 11:26:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135045
IP address blocks: 103.112.164.0/22 maxlen: 22
103.112.164.0/23 maxlen: 23
103.112.164.0/24 maxlen: 24
103.112.165.0/24 maxlen: 24
103.112.166.0/23 maxlen: 23
103.112.166.0/24 maxlen: 24
103.112.167.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1640 (0x668)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1DF8/serialNumber=5C436B916156B8B85267C48FB8973B89B493F581
Validity
Not Before: Oct 30 11:26:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=635e5f61-2165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:75:40:df:d2:f0:7d:ae:8f:90:4c:24:c3:fe:
b8:e4:21:be:f6:b5:7b:39:a5:f0:13:cc:d0:d9:77:
4e:ca:88:7f:29:d5:92:b2:8d:8f:d8:49:d8:fc:62:
45:c8:9e:0b:b0:fd:ac:5b:26:b5:85:0c:3f:79:66:
2e:db:e6:c2:18:f2:7e:42:77:a0:80:89:7f:54:c8:
78:77:cc:4f:4d:a8:08:9f:61:60:14:b1:d7:c6:44:
e1:13:5e:b2:12:2c:36:11:c9:eb:45:22:8a:78:4e:
c8:bb:d2:2b:28:88:31:99:8a:66:f9:24:77:57:56:
6d:ea:49:f4:35:a2:75:b1:09:02:88:16:ab:56:af:
a1:a9:66:8c:25:15:05:89:65:60:f5:90:80:f3:c0:
7f:3e:8d:2f:a4:d3:21:11:e8:9f:b9:f3:75:8b:cf:
7b:ba:f6:63:95:76:b8:d2:a0:21:0d:e4:50:c8:9a:
87:a1:74:e1:1f:c9:8f:18:4c:95:11:94:8a:0f:93:
76:9d:86:5b:23:d1:70:a0:6e:ee:f7:d8:2e:33:cb:
95:3f:b3:ba:bb:24:05:a0:e6:e1:9f:fd:a4:bd:62:
41:dc:b6:a9:7b:61:58:cd:5f:bd:40:47:67:dc:67:
f8:00:25:95:ae:8a:d0:60:f2:7f:46:5c:dd:70:59:
46:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C5:9A:2D:F2:1F:E3:2A:89:D3:FF:C4:75:73:7A:7A:6F:8B:8B:D5
X509v3 Authority Key Identifier:
keyid:5C:43:6B:91:61:56:B8:B8:52:67:C4:8F:B8:97:3B:89:B4:93:F5:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/XENrkWFWuLhSZ8SPuJc7ibST9YE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XENrkWFWuLhSZ8SPuJc7ibST9YE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1DF8/EB831BD8013711EAB94D7D3CC4F9AE02/7195BE88C2B611EB9BF18A81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.164.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:be:f9:23:f4:ca:b4:45:34:c1:f5:b4:30:48:1c:16:35:e6:
42:2f:d6:3a:cf:8a:d3:15:1a:a2:7b:2d:bb:e0:8c:b2:53:a4:
f1:81:1a:d1:11:7b:6f:7c:0d:e9:58:94:3d:ed:16:77:9c:95:
ea:10:12:63:f0:7d:dd:4e:8a:8f:0f:5e:92:42:b8:f6:bb:e5:
19:ba:3d:17:6a:5e:4c:d0:49:c0:7b:45:3f:38:da:f2:90:45:
be:70:93:05:66:2c:d5:8c:32:51:8b:6c:28:76:03:3b:2c:1f:
83:e5:84:12:18:2c:4f:0c:be:0d:50:b0:a0:91:35:bc:2e:90:
5b:18:1c:17:97:34:c1:1c:cd:13:7a:3d:ed:14:a6:09:83:bf:
f1:42:d0:9e:2e:ed:25:47:45:97:c7:7c:5b:fd:7b:42:05:31:
bd:b1:e4:8f:40:df:dd:6c:c7:87:ae:35:6a:df:7d:eb:eb:f9:
5e:37:b2:4c:62:74:8d:fc:d6:d8:13:3d:49:05:ea:d7:42:3a:
91:23:77:3a:74:1b:fd:0f:c3:b3:5e:88:20:6f:7a:fd:ad:8c:
d3:f4:aa:29:52:52:35:71:22:b2:9d:68:d0:b8:7c:dc:bd:fc:
26:59:bf:52:10:61:cc:2f:3d:ad:cb:66:fb:9e:6b:76:f5:ae:
ed:7c:1e:17
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFERjgxMTAvBgNVBAUTKDVDNDM2QjkxNjE1NkI4Qjg1MjY3QzQ4RkI4OTczQjg5
QjQ5M0Y1ODEwHhcNMjIxMDMwMTEyNjI1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVlNWY2MS0yMTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA23VA39Lwfa6PkEwkw/645CG+9rV7OaXwE8zQ2XdOyoh/KdWSso2P2EnY/GJF
yJ4LsP2sWya1hQw/eWYu2+bCGPJ+QneggIl/VMh4d8xPTagIn2FgFLHXxkThE16y
Eiw2EcnrRSKKeE7Iu9IrKIgxmYpm+SR3V1Zt6kn0NaJ1sQkCiBarVq+hqWaMJRUF
iWVg9ZCA88B/Po0vpNMhEeifufN1i897uvZjlXa40qAhDeRQyJqHoXThH8mPGEyV
EZSKD5N2nYZbI9FwoG7u99guM8uVP7O6uyQFoObhn/2kvWJB3Lape2FYzV+9QEdn
3Gf4ACWVrorQYPJ/RlzdcFlGYQIDAQABo4IClTCCApEwHQYDVR0OBBYEFATFmi3y
H+MqidP/xHVzenpvi4vVMB8GA1UdIwQYMBaAFFxDa5FhVri4UmfEj7iXO4m0k/WB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMURGOC9FQjgzMUJEODAx
MzcxMUVBQjk0RDdEM0NDNEY5QUUwMi9YRU5ya1dGV3VMaFNaOFNQdUpjN2liU1Q5
WUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hFTnJrV0ZXdUxoU1o4U1B1SmM3aWJTVDlZRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFERjgvRUI4MzFCRDgwMTM3MTFFQUI5NEQ3RDNDQzRGOUFFMDIvNzE5NUJFODhD
MkI2MTFFQjlCRjE4QTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJncKQwDQYJKoZIhvcNAQELBQADggEBABq++SP0yrRFNMH1
tDBIHBY15kIv1jrPitMVGqJ7LbvgjLJTpPGBGtERe298DelYlD3tFnecleoQEmPw
fd1Oio8PXpJCuPa75Rm6PRdqXkzQScB7RT842vKQRb5wkwVmLNWMMlGLbCh2Azss
H4PlhBIYLE8Mvg1QsKCRNbwukFsYHBeXNMEczRN6Pe0UpgmDv/FC0J4u7SVHRZfH
fFv9e0IFMb2x5I9A391sx4euNWrffevr+V43skxidI381tgTPUkF6tdCOpEjdzp0
G/0Pw7NeiCBvev2tjNP0qilSUjVxIrKdaNC4fNy9/CZZv1IQYcwvPa3LZvuea3b1
ru18Hhc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:04 2023 by rpki-client on console-ams.rpki-client.org